Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ZAfqcPNymDVhRr_q0JwF00IhrCs.roa
File: ZAfqcPNymDVhRr_q0JwF00IhrCs.roa (raw, json)
Hash identifier: Bgnscifqbs7Vn1omqeEnSlpUaBE/E3bvgHJm7/F4NEs=
Subject key identifier: 64:07:EA:70:F3:72:98:35:61:46:BF:EA:D0:9C:05:D3:42:21:AC:2B
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0182D57F5A8EDE9549FBEE79764E86D0D4F8
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ZAfqcPNymDVhRr_q0JwF00IhrCs.roa
Signing time: Thu 25 Aug 2022 14:54:29 +0000
ROA not before: Thu 25 Aug 2022 14:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206150
IP address blocks: 91.245.90.0/23 maxlen: 23
176.103.121.0/24 maxlen: 24
91.234.120.0/24 maxlen: 24
91.234.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d5:7f:5a:8e:de:95:49:fb:ee:79:76:4e:86:d0:d4:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 25 14:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6407ea70f37298356146bfead09c05d34221ac2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:66:48:55:c5:06:a3:10:51:d9:eb:b1:fb:a8:
3f:ff:6e:d9:55:23:ff:26:e3:3e:93:f7:10:7f:59:
06:d7:f5:1b:b1:91:fc:e4:58:91:f5:01:a1:81:27:
f9:a3:30:fa:16:ab:0b:68:75:d1:59:fd:89:83:b6:
86:8f:fe:c1:4e:8d:01:6b:82:d2:e9:ec:ba:76:2c:
de:91:5d:73:92:81:a5:9b:9f:f9:9f:54:9b:98:fb:
78:b2:f5:25:34:54:c2:d0:15:54:1d:22:d7:fb:4d:
00:08:d3:3e:95:e3:5f:79:36:fd:a0:34:94:52:36:
6b:9a:9f:c9:b3:a1:1e:54:11:ad:b4:68:b6:c7:48:
0a:2c:73:ad:4b:7f:9b:22:a8:ad:35:5b:8e:62:49:
0b:fe:5a:9f:f1:e7:a1:4f:79:2e:1f:93:59:25:de:
23:29:d0:9c:01:19:17:20:0f:b3:11:2f:5d:4c:a2:
95:b5:d1:a9:04:5c:27:30:1a:aa:5f:c8:be:5e:ae:
40:e8:3d:6d:53:66:7a:a9:44:1b:66:60:98:4f:32:
eb:02:ca:b8:56:0e:95:83:f3:9e:ae:6c:1c:e6:af:
ec:11:48:dd:5b:e1:1e:41:b0:76:53:30:57:10:d3:
c1:9f:da:be:07:bb:7c:ea:e2:9d:da:65:2a:ae:a0:
c4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:07:EA:70:F3:72:98:35:61:46:BF:EA:D0:9C:05:D3:42:21:AC:2B
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ZAfqcPNymDVhRr_q0JwF00IhrCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.120.0/23
91.245.90.0/23
176.103.121.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b5:75:0b:46:d8:fe:53:67:dc:90:86:da:6c:e8:66:c3:67:
c2:e9:37:54:18:6e:4c:4d:4d:16:08:15:6d:41:73:ae:eb:93:
53:82:7d:43:12:06:ad:9d:2d:f8:c4:d1:fe:49:87:ed:58:17:
62:c5:2a:2a:49:7c:10:e6:d6:1e:63:90:b3:b0:1f:61:8c:34:
7c:20:5b:8d:63:b0:3c:b5:0f:bc:ae:be:1f:b9:c5:9d:46:76:
7a:13:2c:8d:dd:43:64:2a:34:ee:6e:07:18:9b:ed:77:d9:ba:
8e:2d:d9:e2:65:4e:e8:00:8c:96:6e:48:f6:5e:0b:1e:d0:21:
13:e0:f9:a1:ab:42:85:66:eb:cb:7f:7a:fd:14:90:87:92:9a:
b2:63:2a:1c:0c:1e:ef:a7:d2:fd:af:b2:99:ab:c9:8b:3e:d1:
0e:56:f7:a9:3f:1f:33:52:43:ed:97:76:f6:ec:cf:6e:f0:e5:
29:91:57:01:1e:60:9e:49:c1:e1:fd:05:87:96:13:4d:b3:2f:
6a:62:8f:00:45:58:47:2a:a7:1f:40:88:06:3c:9f:64:8c:14:
04:3b:50:13:a1:7a:b9:8e:cb:ce:c8:33:ec:91:b1:55:49:bb:
1b:05:46:18:bf:0c:25:74:bf:5e:5e:1a:76:ab:bd:ae:9b:3a:
c1:5d:26:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLVf1qO3pVJ++55dk6G0NT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwODI1MTQ1NDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDA3ZWE3MGYzNzI5ODM1NjE0NmJmZWFkMDljMDVkMzQyMjFhYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2ZIVcUGoxBR2eux+6g//27ZVSP/
JuM+k/cQf1kG1/UbsZH85FiR9QGhgSf5ozD6FqsLaHXRWf2Jg7aGj/7BTo0Ba4LS
6ey6dizekV1zkoGlm5/5n1SbmPt4svUlNFTC0BVUHSLX+00ACNM+leNfeTb9oDSU
UjZrmp/Js6EeVBGttGi2x0gKLHOtS3+bIqitNVuOYkkL/lqf8eehT3kuH5NZJd4j
KdCcARkXIA+zES9dTKKVtdGpBFwnMBqqX8i+Xq5A6D1tU2Z6qUQbZmCYTzLrAsq4
Vg6Vg/Oermwc5q/sEUjdW+EeQbB2UzBXENPBn9q+B7t86uKd2mUqrqDEcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGQH6nDzcpg1YUa/6tCcBdNCIawrMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvWkFmcWNQTnltRFZoUnJfcTBKd0YwMElockNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+p4AwQB
W/VaAwQAsGd5MA0GCSqGSIb3DQEBCwUAA4IBAQAOtXULRtj+U2fckIbabOhmw2fC
6TdUGG5MTU0WCBVtQXOu65NTgn1DEgatnS34xNH+SYftWBdixSoqSXwQ5tYeY5Cz
sB9hjDR8IFuNY7A8tQ+8rr4fucWdRnZ6EyyN3UNkKjTubgcYm+132bqOLdniZU7o
AIyWbkj2Xgse0CET4Pmhq0KFZuvLf3r9FJCHkpqyYyocDB7vp9L9r7KZq8mLPtEO
VvepPx8zUkPtl3b27M9u8OUpkVcBHmCeScHh/QWHlhNNsy9qYo8ARVhHKqcfQIgG
PJ9kjBQEO1AToXq5jsvOyDPskbFVSbsbBUYYvwwldL9eXhp2q72umzrBXSaz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org