Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/ZdMjj2asDE6rvtQaLGczvVJZN6k.roa
File: ZdMjj2asDE6rvtQaLGczvVJZN6k.roa (raw, json)
Hash identifier: pMobqNTLCw0XLPhccckh7CfMP7AWin/10qfExWjxbSc=
Subject key identifier: 65:D3:23:8F:66:AC:0C:4E:AB:BE:D4:1A:2C:67:33:BD:52:59:37:A9
Certificate issuer: /CN=5a68d699d1a9457c78acfbec004f98677aa4cc16
Certificate serial: 0A634AC4
Authority key identifier: 5A:68:D6:99:D1:A9:45:7C:78:AC:FB:EC:00:4F:98:67:7A:A4:CC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/ZdMjj2asDE6rvtQaLGczvVJZN6k.roa
Signing time: Fri 11 Mar 2022 11:43:29 +0000
ROA not before: Fri 11 Mar 2022 11:43:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12676
IP address blocks: 88.205.96.0/19 maxlen: 24
185.90.228.0/22 maxlen: 22
88.205.0.0/20 maxlen: 21
212.46.96.0/19 maxlen: 24
213.9.0.0/17 maxlen: 17
2a02:4c07:8000::/34 maxlen: 34
2a02:4c07:4000::/34 maxlen: 34
2a02:4c00:100::/40 maxlen: 40
2a02:4c00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174279364 (0xa634ac4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a68d699d1a9457c78acfbec004f98677aa4cc16
Validity
Not Before: Mar 11 11:43:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65d3238f66ac0c4eabbed41a2c6733bd525937a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a0:4a:91:51:9d:ba:ba:b6:b9:75:51:04:bf:
55:9e:95:da:76:e1:f9:49:4b:b1:26:63:e3:96:56:
7f:e3:5a:97:df:3d:bf:d9:c1:c6:f3:ce:6c:e1:85:
4b:b8:3a:d9:e2:e6:61:dd:6d:40:90:02:7a:67:a9:
e6:0b:d1:e4:fa:81:d2:88:c3:71:c7:ef:84:84:02:
63:5d:79:1c:10:9e:03:57:ce:60:5a:8b:a8:eb:07:
0d:3d:a9:d7:e0:90:60:28:5b:0a:89:df:8e:12:56:
0d:9b:63:11:cb:f9:04:7e:31:8c:fe:e6:5d:fe:47:
d1:45:cf:40:45:67:4d:da:0d:c0:5e:95:75:8d:45:
1f:b0:9e:75:62:99:9d:35:4a:a6:1f:30:9c:c4:89:
48:ab:70:68:d7:9d:61:71:e9:2e:83:2f:75:9b:e7:
32:a3:46:32:e2:94:d7:c4:00:95:a7:76:88:3a:79:
ed:64:70:7c:0e:05:e0:40:91:06:94:fb:23:9e:ad:
88:db:1c:9a:c3:e3:7c:aa:ae:46:4c:57:ad:06:3d:
4a:3f:f9:2b:d6:44:a5:da:2b:c6:2f:64:4e:e5:4c:
e4:39:c7:7c:18:b3:95:b6:3b:fa:92:74:64:c9:66:
4f:fb:91:0b:d7:c8:06:44:1d:ea:76:0b:22:77:dc:
61:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D3:23:8F:66:AC:0C:4E:AB:BE:D4:1A:2C:67:33:BD:52:59:37:A9
X509v3 Authority Key Identifier:
keyid:5A:68:D6:99:D1:A9:45:7C:78:AC:FB:EC:00:4F:98:67:7A:A4:CC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/ZdMjj2asDE6rvtQaLGczvVJZN6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.205.0.0/20
88.205.96.0/19
185.90.228.0/22
212.46.96.0/19
213.9.0.0/17
IPv6:
2a02:4c00::/39
2a02:4c07:4000::-2a02:4c07:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
92:2d:bf:a2:1d:b0:28:66:fe:64:04:74:2f:da:1c:ef:8a:f3:
8e:bc:86:bc:db:aa:b2:15:3b:96:4c:25:b8:e6:b8:5d:36:a6:
a3:5f:23:8c:e5:56:b6:f3:2f:3f:f2:c4:b9:ca:a1:45:b4:ff:
26:0f:fa:1c:40:ed:31:1c:42:15:68:65:d5:8d:21:2a:32:b7:
5e:44:d3:f1:88:fd:d5:8f:51:d2:d4:66:17:c0:10:5b:fd:05:
9e:e9:0e:24:d0:2c:ca:3d:0c:72:22:2b:e2:bd:db:93:ed:53:
85:26:eb:b4:8b:e2:54:69:3d:72:66:46:f6:91:13:af:ac:c0:
e3:2b:55:fa:6f:34:8e:fd:a8:02:87:00:1a:42:56:0d:1d:43:
1a:65:d0:59:92:82:d8:15:10:ea:38:91:a4:89:74:c9:90:57:
8f:42:51:18:d5:de:05:ba:94:cb:24:a7:8f:52:29:2b:91:3d:
65:fd:6c:7a:07:13:4f:72:3e:d7:69:9c:1b:21:7f:e2:db:2b:
aa:1a:65:3d:ee:b5:b0:fb:ea:8e:69:27:73:c1:26:f3:d7:ed:
5b:51:9b:45:7b:0b:95:8e:ae:c0:77:43:09:44:c0:67:51:6d:
29:3e:1e:20:f2:38:05:0b:b8:ec:43:25:ae:7d:92:60:0e:d0:
48:de:ba:45
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIECmNKxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTY4ZDY5OWQxYTk0NTdjNzhhY2ZiZWMwMDRmOTg2NzdhYTRjYzE2MB4XDTIyMDMx
MTExNDMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjVkMzIzOGY2NmFj
MGM0ZWFiYmVkNDFhMmM2NzMzYmQ1MjU5MzdhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSgSpFRnbq6trl1UQS/VZ6V2nbh+UlLsSZj45ZWf+Nal989
v9nBxvPObOGFS7g62eLmYd1tQJACemep5gvR5PqB0ojDccfvhIQCY115HBCeA1fO
YFqLqOsHDT2p1+CQYChbConfjhJWDZtjEcv5BH4xjP7mXf5H0UXPQEVnTdoNwF6V
dY1FH7CedWKZnTVKph8wnMSJSKtwaNedYXHpLoMvdZvnMqNGMuKU18QAlad2iDp5
7WRwfA4F4ECRBpT7I56tiNscmsPjfKquRkxXrQY9Sj/5K9ZEpdorxi9kTuVM5DnH
fBizlbY7+pJ0ZMlmT/uRC9fIBkQd6nYLInfcYb0CAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBRl0yOPZqwMTqu+1BosZzO9Ulk3qTAfBgNVHSMEGDAWgBRaaNaZ0alFfHis
++wAT5hneqTMFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtaldtZEdwUlh4NHJQdnNBRS1ZWjNxa3pCWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvZTI4YmE2LWFhYWYtNGQzMy1iOGRjLTBhZWUzNjBiMGJhNC8x
L1pkTWpqMmFzREU2cnZ0UWFMR2N6dlZKWk42ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
ZTI4YmE2LWFhYWYtNGQzMy1iOGRjLTBhZWUzNjBiMGJhNC8xL1dtaldtZEdwUlh4
NHJQdnNBRS1ZWjNxa3pCWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwJAQCAAEwHgMEBFjNAAMEBVjNYAMEArla5AMEBdQu
YAMEB9UJADAgBAIAAjAaAwYBKgJMAAAwEAMGBioCTAdAAwYGKgJMB4AwDQYJKoZI
hvcNAQELBQADggEBAJItv6IdsChm/mQEdC/aHO+K8468hrzbqrIVO5ZMJbjmuF02
pqNfI4zlVrbzLz/yxLnKoUW0/yYP+hxA7TEcQhVoZdWNISoyt15E0/GI/dWPUdLU
ZhfAEFv9BZ7pDiTQLMo9DHIiK+K925PtU4Um67SL4lRpPXJmRvaRE6+swOMrVfpv
NI79qAKHABpCVg0dQxpl0FmSgtgVEOo4kaSJdMmQV49CURjV3gW6lMskp49SKSuR
PWX9bHoHE09yPtdpnBshf+LbK6oaZT3utbD76o5pJ3PBJvPX7VtRm0V7C5WOrsB3
QwlEwGdRbSk+HiDyOAULuOxDJa59kmAO0EjeukU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:47 2024 by rpki-client on console-ams.rpki-client.org