Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ZFrzeJOiC_5S9mPOLrZNzchGChI.roa
File: ZFrzeJOiC_5S9mPOLrZNzchGChI.roa (raw, json)
Hash identifier: i5hxnWSg8lFK7KDfeAawWS6nrbEWP4+hHcR4v5qiEGc=
Subject key identifier: 64:5A:F3:78:93:A2:0B:FE:52:F6:63:CE:2E:B6:4D:CD:C8:46:0A:12
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01842FD6FF69750D1BA0567F12091F278609
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ZFrzeJOiC_5S9mPOLrZNzchGChI.roa
Signing time: Mon 31 Oct 2022 20:58:50 +0000
ROA not before: Mon 31 Oct 2022 20:58:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6282
IP address blocks: 77.36.24.0/22 maxlen: 22
64.43.100.0/22 maxlen: 22
64.43.104.0/22 maxlen: 22
64.43.108.0/22 maxlen: 22
64.43.112.0/22 maxlen: 22
64.43.116.0/22 maxlen: 22
64.43.124.0/22 maxlen: 22
193.36.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2f:d6:ff:69:75:0d:1b:a0:56:7f:12:09:1f:27:86:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 31 20:58:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=645af37893a20bfe52f663ce2eb64dcdc8460a12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8a:e0:76:4f:94:6a:b7:45:f3:fb:3d:bb:eb:
9b:eb:34:13:45:f0:8d:8f:6f:37:8c:ab:1a:20:ab:
c1:fd:ac:bc:2d:10:71:7d:fe:00:4e:79:45:2f:27:
95:c2:f9:20:d2:4a:1b:bb:d6:ee:b9:aa:16:35:f9:
1e:8d:d3:5c:d2:9c:a3:1d:3c:f7:dc:b8:96:ef:c9:
a8:4a:98:21:e7:60:14:96:b5:1a:76:d5:32:40:1b:
47:8d:9a:3d:4d:e5:46:9d:9e:cb:8d:68:d4:f3:4f:
59:79:65:34:86:f6:d1:8e:d4:a1:31:d7:37:8a:c6:
82:7e:80:7f:94:b3:7c:cc:fa:fe:e9:6f:5e:c3:4a:
bc:7b:69:9c:60:96:42:61:6a:52:46:98:4a:06:79:
7b:0c:c5:b6:08:61:37:ac:c1:00:20:94:b9:c2:27:
ff:ff:ea:44:67:94:45:6e:df:2a:3c:0e:8b:40:f8:
75:e8:e9:ef:3a:41:7b:e6:8a:b6:c5:17:5e:6b:15:
86:b7:f1:68:6a:ce:1b:d9:34:8a:dd:41:97:fa:0d:
cc:c1:2c:97:7a:60:45:fb:5e:e0:8e:1c:83:21:a2:
22:73:ab:16:8c:db:06:24:93:a3:2b:7a:43:67:d3:
c9:10:7a:01:65:00:73:11:c1:3f:ae:96:ad:b3:54:
68:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5A:F3:78:93:A2:0B:FE:52:F6:63:CE:2E:B6:4D:CD:C8:46:0A:12
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ZFrzeJOiC_5S9mPOLrZNzchGChI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.100.0-64.43.119.255
64.43.124.0/22
77.36.24.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
14:c4:b8:3e:3c:cd:a1:74:9a:6e:fb:b7:d6:f2:ba:80:1c:0a:
4b:83:8b:ad:cb:2e:8a:14:df:8a:f3:16:0f:01:ba:6b:96:b7:
e8:e0:42:58:ac:6d:2a:7f:49:b3:29:ac:26:e3:a9:77:c1:4e:
7f:bd:1c:00:8a:f6:68:25:65:5d:ff:23:f3:9a:6a:8b:53:04:
4e:03:8f:79:47:02:0d:4d:84:75:b3:28:8b:72:13:71:6c:9c:
71:b4:a5:3b:88:ab:2e:fd:5a:d2:35:d8:1b:73:56:b8:ad:63:
d7:ca:a0:25:ac:84:74:ae:b7:da:e3:1f:24:cd:27:88:e1:a8:
28:a8:d7:36:22:d8:b8:16:b7:57:82:2d:34:60:45:59:a1:0b:
6d:4d:85:c7:f6:61:df:04:a7:a4:51:a7:09:62:74:8c:6d:bd:
25:86:4d:c0:74:67:e4:56:35:f0:c4:3e:88:17:fe:b0:bc:80:
8b:05:d2:71:69:d7:db:7c:81:92:35:8d:f0:eb:f9:d3:c3:60:
b8:dc:23:31:62:41:89:d8:5b:2a:9a:1c:60:d5:59:bf:27:da:
fc:de:cb:fc:b6:cc:ee:3e:09:4e:54:3c:1e:06:06:ea:b6:0c:
51:73:9b:54:88:a3:14:3c:d7:7e:92:2c:19:4e:62:02:79:cb:
bc:5e:56:61
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYQv1v9pdQ0boFZ/EgkfJ4YJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMDMxMjA1ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDVhZjM3ODkzYTIwYmZlNTJmNjYzY2UyZWI2NGRjZGM4NDYwYTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIrgdk+UardF8/s9u+ub6zQTRfCN
j283jKsaIKvB/ay8LRBxff4ATnlFLyeVwvkg0kobu9buuaoWNfkejdNc0pyjHTz3
3LiW78moSpgh52AUlrUadtUyQBtHjZo9TeVGnZ7LjWjU809ZeWU0hvbRjtShMdc3
isaCfoB/lLN8zPr+6W9ew0q8e2mcYJZCYWpSRphKBnl7DMW2CGE3rMEAIJS5wif/
/+pEZ5RFbt8qPA6LQPh16OnvOkF75oq2xRdeaxWGt/Foas4b2TSK3UGX+g3MwSyX
emBF+17gjhyDIaIic6sWjNsGJJOjK3pDZ9PJEHoBZQBzEcE/rpats1RoswIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGRa83iTogv+UvZjzi62Tc3IRgoSMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvWkZyemVKT2lDXzVTOW1QT0xyWk56Y2hHQ2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAJAK2QD
BANAK3ADBAJAK3wDBAJNJBgDBALBJMwwDQYJKoZIhvcNAQELBQADggEBABTEuD48
zaF0mm77t9byuoAcCkuDi63LLooU34rzFg8BumuWt+jgQlisbSp/SbMprCbjqXfB
Tn+9HACK9mglZV3/I/OaaotTBE4Dj3lHAg1NhHWzKItyE3FsnHG0pTuIqy79WtI1
2BtzVritY9fKoCWshHSut9rjHyTNJ4jhqCio1zYi2LgWt1eCLTRgRVmhC21Nhcf2
Yd8Ep6RRpwlidIxtvSWGTcB0Z+RWNfDEPogX/rC8gIsF0nFp19t8gZI1jfDr+dPD
YLjcIzFiQYnYWyqaHGDVWb8n2vzey/y2zO4+CU5UPB4GBuq2DFFzm1SIoxQ8136S
LBlOYgJ5y7xeVmE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org