Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/zpToSOCuRXoZwgwuPq8LfnSyNjs.roa
File: zpToSOCuRXoZwgwuPq8LfnSyNjs.roa (raw, json)
Hash identifier: 6aGEH9LpBIMBVsMe3jRcYJMGMW/CfpKAj3jWHUOG5jA=
Subject key identifier: CE:94:E8:48:E0:AE:45:7A:19:C2:0C:2E:3E:AF:0B:7E:74:B2:36:3B
Certificate issuer: /CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Certificate serial: 01835A54305CD8D58619BFE82B1FE86FB35F
Authority key identifier: 8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/zpToSOCuRXoZwgwuPq8LfnSyNjs.roa
Signing time: Tue 20 Sep 2022 09:56:50 +0000
ROA not before: Tue 20 Sep 2022 09:56:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203501
IP address blocks: 194.113.27.0/24 maxlen: 24
194.113.26.0/24 maxlen: 24
89.37.88.0/22 maxlen: 24
45.86.116.0/22 maxlen: 24
45.87.197.0/24 maxlen: 24
45.87.196.0/24 maxlen: 24
2a02:7040:ff00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:54:30:5c:d8:d5:86:19:bf:e8:2b:1f:e8:6f:b3:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Validity
Not Before: Sep 20 09:56:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce94e848e0ae457a19c20c2e3eaf0b7e74b2363b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ba:31:b2:e1:b4:fa:8a:64:a3:00:97:cb:7c:
69:f0:0b:81:e9:56:73:b8:4e:ff:05:8c:f2:be:3c:
c1:14:0b:4d:4a:9e:d2:1b:07:e5:0d:04:22:61:21:
ef:4a:57:5e:d4:7c:39:95:b0:88:91:6f:70:11:4f:
47:e5:41:d9:33:9f:48:08:55:c5:d9:bb:52:9e:21:
00:ac:82:d8:6c:31:77:af:f9:89:ed:08:04:b2:fe:
81:58:01:db:60:1d:c2:7b:8d:bb:07:f0:a6:2f:c7:
70:b5:79:c9:e9:01:ad:7f:bc:88:a6:8b:f1:ac:69:
5e:e4:a1:6d:c4:58:1d:b6:b9:7e:d4:c9:4c:26:55:
ac:9e:d9:e6:c4:26:ca:f6:8e:06:20:36:84:f8:8e:
72:0b:9f:b0:17:d7:70:77:86:7c:32:9e:92:97:bd:
a1:3c:b6:cb:98:4e:3b:5b:81:67:a0:36:14:56:86:
a7:f8:ba:aa:9b:51:0b:71:db:b3:04:46:ea:d2:6d:
22:6d:d2:69:c5:c1:b0:87:cb:c5:a8:bb:17:a1:45:
00:6f:9f:58:d6:49:28:c5:99:d5:90:ba:ef:83:87:
23:d8:af:bd:35:df:0f:c7:01:13:e2:00:44:38:24:
72:5c:bb:f2:34:00:7a:ab:70:3c:d9:4d:8b:2b:30:
85:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:94:E8:48:E0:AE:45:7A:19:C2:0C:2E:3E:AF:0B:7E:74:B2:36:3B
X509v3 Authority Key Identifier:
keyid:8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/zpToSOCuRXoZwgwuPq8LfnSyNjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.116.0/22
45.87.196.0/23
89.37.88.0/22
194.113.26.0/23
IPv6:
2a02:7040:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
2f:28:40:fb:f2:32:81:ac:4c:cd:b9:48:81:fa:56:36:39:1d:
5a:ce:d8:ec:57:d1:65:8a:77:10:28:fd:b4:53:d5:6f:8c:4a:
92:ad:0e:8f:ad:9e:7b:17:bb:f3:4f:52:09:da:65:47:68:69:
4f:9d:33:57:45:d7:a1:1a:5a:e9:a0:43:93:99:ef:b8:a4:b0:
cd:97:7f:b3:f4:db:de:da:87:3a:02:ca:4d:d0:c8:cb:2d:05:
b2:3b:a6:f8:58:14:06:9e:88:0a:5c:f4:14:74:96:1b:62:51:
be:a2:c2:6b:59:83:1f:66:74:1a:fb:e8:b8:fa:cf:ae:15:81:
1c:64:af:a7:b3:de:59:a7:f7:a7:a4:61:54:ef:18:7a:94:e2:
7e:d7:38:cf:80:ad:3d:d7:45:82:cf:92:5c:0a:58:2d:1c:1b:
64:ef:34:fa:22:f8:79:b4:2b:52:80:0b:21:d3:cc:27:3f:55:
ba:a6:3d:82:f6:86:92:40:da:a9:ee:42:d2:21:2d:06:7f:c0:
69:a9:44:07:f3:0c:47:a0:23:d1:45:62:66:0b:2f:7f:b7:6d:
b3:7a:72:9f:91:b9:9e:30:2e:d9:4c:65:cd:77:be:2f:62:92:
63:1e:0a:22:b3:cc:70:71:31:e3:09:96:15:c0:0b:30:0f:26:
5c:ff:52:1e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYNaVDBc2NWGGb/oKx/ob7NfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiN2Y4MWE2ZTc4MmUyMTExODljNGYzNGU0NTliNDIyNmM3
NWY0YTYwHhcNMjIwOTIwMDk1NjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTk0ZTg0OGUwYWU0NTdhMTljMjBjMmUzZWFmMGI3ZTc0YjIzNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7oxsuG0+opkowCXy3xp8AuB6VZz
uE7/BYzyvjzBFAtNSp7SGwflDQQiYSHvSlde1Hw5lbCIkW9wEU9H5UHZM59ICFXF
2btSniEArILYbDF3r/mJ7QgEsv6BWAHbYB3Ce427B/CmL8dwtXnJ6QGtf7yIpovx
rGle5KFtxFgdtrl+1MlMJlWsntnmxCbK9o4GIDaE+I5yC5+wF9dwd4Z8Mp6Sl72h
PLbLmE47W4FnoDYUVoan+Lqqm1ELcduzBEbq0m0ibdJpxcGwh8vFqLsXoUUAb59Y
1kkoxZnVkLrvg4cj2K+9Nd8PxwET4gBEOCRyXLvyNAB6q3A82U2LKzCFwwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFM6U6EjgrkV6GcIMLj6vC350sjY7MB8GA1UdIwQY
MBaAFIt/gabnguIRGJxPNORZtCJsdfSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUt
ZjJmNDI2ZWZlMDM5LzEvenBUb1NPQ3VSWG9ad2d3dVBxOExmblN5TmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUtZjJmNDI2ZWZlMDM5
LzEvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCLVZ0AwQB
LVfEAwQCWSVYAwQBwnEaMA4EAgACMAgDBgAqAnBA/zANBgkqhkiG9w0BAQsFAAOC
AQEALyhA+/IygaxMzblIgfpWNjkdWs7Y7FfRZYp3ECj9tFPVb4xKkq0Oj62eexe7
809SCdplR2hpT50zV0XXoRpa6aBDk5nvuKSwzZd/s/Tb3tqHOgLKTdDIyy0Fsjum
+FgUBp6IClz0FHSWG2JRvqLCa1mDH2Z0GvvouPrPrhWBHGSvp7PeWaf3p6RhVO8Y
epTiftc4z4CtPddFgs+SXApYLRwbZO80+iL4ebQrUoALIdPMJz9VuqY9gvaGkkDa
qe5C0iEtBn/AaalEB/MMR6Aj0UViZgsvf7dts3pyn5G5njAu2UxlzXe+L2KSYx4K
IrPMcHEx4wmWFcALMA8mXP9SHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:53 2024 by rpki-client on console-ams.rpki-client.org