Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/ze67O_Kp40UXIbf3msNteGus6fI.roa
File: ze67O_Kp40UXIbf3msNteGus6fI.roa (raw, json)
Hash identifier: CDhXdSn9OGpCciKcGj7eXa8OsvB+aFDx66wIZPHYnPY=
Subject key identifier: CD:EE:BB:3B:F2:A9:E3:45:17:21:B7:F7:9A:C3:6D:78:6B:AC:E9:F2
Certificate issuer: /CN=496b0058971d2993a57a5b1cb6cdff5d2eb44e3f
Certificate serial: 307EE3B9
Authority key identifier: 49:6B:00:58:97:1D:29:93:A5:7A:5B:1C:B6:CD:FF:5D:2E:B4:4E:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SWsAWJcdKZOlelscts3_XS60Tj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/ze67O_Kp40UXIbf3msNteGus6fI.roa
Signing time: Sat 01 Jan 2022 11:04:24 +0000
ROA not before: Sat 01 Jan 2022 11:04:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59472
IP address blocks: 5.152.160.0/21 maxlen: 24
185.94.68.0/22 maxlen: 24
2a01:8f40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 813622201 (0x307ee3b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=496b0058971d2993a57a5b1cb6cdff5d2eb44e3f
Validity
Not Before: Jan 1 11:04:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdeebb3bf2a9e3451721b7f79ac36d786bace9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:19:a7:f8:ca:f4:66:df:52:03:3f:6d:59:a4:
0d:47:46:14:86:63:49:2c:e9:be:20:0c:70:d2:f7:
0d:79:49:51:22:ae:20:76:f1:2c:e5:1c:30:79:30:
86:ba:07:58:6b:ae:1f:cd:91:9e:50:41:8d:76:5f:
57:3e:35:15:e0:b2:f8:b1:2f:e7:5a:99:2f:53:e0:
e5:22:73:3d:ce:38:0f:8f:23:f9:56:d9:a6:36:f0:
39:2e:3d:a7:c8:fd:4f:ed:f1:73:4b:6f:80:20:9d:
a8:d6:c4:15:ba:82:c3:36:80:c2:68:14:b8:54:41:
73:0d:7b:fa:4c:13:d3:2d:a9:19:27:8e:7b:4b:e4:
b5:3b:0e:2e:1c:36:89:12:98:2b:ce:7c:61:ce:4f:
6a:a5:4d:e3:4f:85:39:52:28:81:f7:4a:df:83:11:
c6:91:c7:8a:9f:25:37:05:12:45:cb:ba:60:06:22:
76:57:3d:fc:4b:79:b1:c2:d8:96:84:b9:90:13:6a:
17:62:cb:1e:5b:e1:a4:17:f6:35:28:f7:fa:5d:a6:
a7:fc:bc:cc:14:64:ad:f2:79:ba:88:c1:16:06:a8:
99:32:cf:f5:bb:58:cd:d3:c5:ea:49:74:39:b1:95:
20:ac:eb:d0:ef:64:ad:5b:a6:26:4c:55:af:4a:2c:
6b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:EE:BB:3B:F2:A9:E3:45:17:21:B7:F7:9A:C3:6D:78:6B:AC:E9:F2
X509v3 Authority Key Identifier:
keyid:49:6B:00:58:97:1D:29:93:A5:7A:5B:1C:B6:CD:FF:5D:2E:B4:4E:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SWsAWJcdKZOlelscts3_XS60Tj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/ze67O_Kp40UXIbf3msNteGus6fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/SWsAWJcdKZOlelscts3_XS60Tj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.160.0/21
185.94.68.0/22
IPv6:
2a01:8f40::/32
Signature Algorithm: sha256WithRSAEncryption
7f:26:90:4a:1e:25:bf:b0:75:be:5e:49:dd:b6:54:d1:6e:8f:
1c:75:a0:0e:af:37:f2:43:c8:31:34:db:2c:97:42:d0:45:98:
71:36:13:39:8b:c7:3a:da:fa:6c:d5:f6:13:33:cd:ef:16:8d:
b6:8f:62:e3:16:2c:81:50:5c:e5:7e:ec:b7:6d:52:b0:97:cb:
bc:c4:eb:e7:1e:39:99:31:f8:d4:ef:91:09:71:40:4f:85:18:
3d:c1:a2:49:89:12:5f:91:d9:81:09:57:77:50:7e:9d:9f:b4:
10:b7:f0:a5:4c:5a:f5:5f:be:9b:c5:42:13:1c:de:e8:12:e9:
21:ea:65:bd:78:29:51:4c:4d:c7:1a:49:fa:23:83:6b:ec:bf:
8c:0e:e0:1d:06:bd:37:8b:fd:dc:c0:03:14:55:3b:56:96:ee:
76:50:21:82:cf:0c:62:51:16:1f:bf:84:d2:5c:f3:f1:34:2c:
88:56:28:7a:5f:54:51:c4:d9:b2:d6:be:78:a3:6c:fc:49:dc:
8f:e4:12:da:aa:9c:a0:cd:68:60:16:6e:ef:c2:5d:0b:0b:24:
f6:76:81:17:d3:a8:c8:b1:fd:13:79:c7:09:cc:33:9b:2a:25:
a5:d3:75:ea:90:9c:5e:1e:d1:6a:1a:c4:e4:ab:25:3e:ed:55:
97:f4:50:b7
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEMH7juTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTZiMDA1ODk3MWQyOTkzYTU3YTViMWNiNmNkZmY1ZDJlYjQ0ZTNmMB4XDTIyMDEw
MTExMDQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RlZWJiM2JmMmE5
ZTM0NTE3MjFiN2Y3OWFjMzZkNzg2YmFjZTlmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUZp/jK9GbfUgM/bVmkDUdGFIZjSSzpviAMcNL3DXlJUSKu
IHbxLOUcMHkwhroHWGuuH82RnlBBjXZfVz41FeCy+LEv51qZL1Pg5SJzPc44D48j
+VbZpjbwOS49p8j9T+3xc0tvgCCdqNbEFbqCwzaAwmgUuFRBcw17+kwT0y2pGSeO
e0vktTsOLhw2iRKYK858Yc5PaqVN40+FOVIogfdK34MRxpHHip8lNwUSRcu6YAYi
dlc9/Et5scLYloS5kBNqF2LLHlvhpBf2NSj3+l2mp/y8zBRkrfJ5uojBFgaomTLP
9btYzdPF6kl0ObGVIKzr0O9krVumJkxVr0osa50CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTN7rs78qnjRRcht/eaw214a6zp8jAfBgNVHSMEGDAWgBRJawBYlx0pk6V6
Wxy2zf9dLrROPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NXc0FXSmNkS1pPbGVsc2N0czNfWFM2MFRqOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvZDU1ZGMxLTc2MDQtNGM4ZC1hMWI0LTM5ZjhlMmI0Njc1ZC8x
L3plNjdPX0twNDBVWEliZjNtc050ZUd1czZmSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
ZDU1ZGMxLTc2MDQtNGM4ZC1hMWI0LTM5ZjhlMmI0Njc1ZC8xL1NXc0FXSmNkS1pP
bGVsc2N0czNfWFM2MFRqOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAwWYoAMEArleRDANBAIAAjAHAwUA
KgGPQDANBgkqhkiG9w0BAQsFAAOCAQEAfyaQSh4lv7B1vl5J3bZU0W6PHHWgDq83
8kPIMTTbLJdC0EWYcTYTOYvHOtr6bNX2EzPN7xaNto9i4xYsgVBc5X7st21SsJfL
vMTr5x45mTH41O+RCXFAT4UYPcGiSYkSX5HZgQlXd1B+nZ+0ELfwpUxa9V++m8VC
Exze6BLpIeplvXgpUUxNxxpJ+iODa+y/jA7gHQa9N4v93MADFFU7VpbudlAhgs8M
YlEWH7+E0lzz8TQsiFYoel9UUcTZsta+eKNs/Encj+QS2qqcoM1oYBZu78JdCwsk
9naBF9OoyLH9E3nHCcwzmyolpdN16pCcXh7RahrE5KslPu1Vl/RQtw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:36 2024 by rpki-client on console-fra.rpki-client.org