Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/ZDvNsW0go2vGX32fMbHFxdrfDTs.roa
File: ZDvNsW0go2vGX32fMbHFxdrfDTs.roa (raw, json)
Hash identifier: GUFYQrR34Dy3WbYVkP0emnEPt6PBWaFQz7P9v2OFFKo=
Subject key identifier: 64:3B:CD:B1:6D:20:A3:6B:C6:5F:7D:9F:31:B1:C5:C5:DA:DF:0D:3B
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 01828CE2B048FC7F1606A87D344CE0589970
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/ZDvNsW0go2vGX32fMbHFxdrfDTs.roa
Signing time: Thu 11 Aug 2022 12:30:42 +0000
ROA not before: Thu 11 Aug 2022 12:30:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 193.46.81.0/24 maxlen: 24
195.242.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8c:e2:b0:48:fc:7f:16:06:a8:7d:34:4c:e0:58:99:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Aug 11 12:30:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=643bcdb16d20a36bc65f7d9f31b1c5c5dadf0d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:26:af:ad:d3:a3:32:7d:a4:45:ee:12:32:c5:
89:d5:f3:fd:c2:3e:e3:71:6d:59:86:be:ba:cb:c1:
fa:22:9d:f1:56:ef:83:d8:b0:3c:8b:39:21:ee:fb:
fa:cf:ba:a2:22:a5:9e:56:90:a5:f8:35:32:e6:eb:
5c:67:f1:57:32:51:da:d2:99:73:92:fa:ac:84:15:
58:7e:41:67:c1:c6:9b:97:8d:0e:6e:20:2d:5c:b7:
db:b6:e5:6d:6d:e9:44:18:a7:c8:3e:2c:ff:5c:51:
0c:33:ee:db:31:f6:47:04:d9:67:b5:4c:d0:0d:49:
63:ac:d3:0f:55:26:3f:b8:10:e4:8d:cc:34:71:c3:
67:df:93:84:fa:67:88:b9:f3:74:e0:7d:2d:c5:2e:
ff:68:6a:e0:fc:47:bd:8d:de:04:ec:f6:83:18:a2:
a3:78:6b:3d:f2:93:d8:d6:99:63:ad:ef:25:4d:3f:
b2:eb:b2:ae:90:83:03:08:2a:71:fe:22:2a:ce:60:
91:0b:93:03:51:fc:74:b1:5c:aa:d6:04:8e:da:65:
e2:d0:19:b6:af:e7:78:7d:cc:44:15:99:c7:5c:d8:
2b:d0:69:a5:70:7e:17:2c:81:04:9a:61:3a:64:33:
8b:fd:bb:0d:c3:e6:c0:f5:31:55:1a:ec:a3:1d:c0:
c1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3B:CD:B1:6D:20:A3:6B:C6:5F:7D:9F:31:B1:C5:C5:DA:DF:0D:3B
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/ZDvNsW0go2vGX32fMbHFxdrfDTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.81.0/24
195.242.242.0/24
Signature Algorithm: sha256WithRSAEncryption
26:05:bd:04:86:e9:3c:11:e6:d2:c2:17:c1:f0:b6:2a:cc:17:
6c:de:02:e4:87:6a:01:38:ac:65:6f:f9:c7:1e:55:16:ed:86:
5b:86:8d:df:95:79:88:ba:ea:b3:f1:fb:64:b2:de:00:7e:a1:
bb:16:a6:ca:f3:5e:48:f6:5c:65:ef:2f:7a:b5:b0:89:6e:3a:
84:6a:b9:72:d5:ac:60:c1:89:ea:fc:cf:5d:76:08:23:7b:b9:
1f:7d:2f:ca:08:f2:e4:6b:da:f5:ca:20:e4:5d:e2:bd:f8:78:
26:95:a5:a6:08:1c:64:20:27:91:44:ed:4e:49:94:bc:3c:d1:
41:1d:50:2a:a9:26:0a:e4:eb:68:4b:ee:a2:35:74:4f:da:3a:
e0:5c:3a:43:0d:93:91:60:c5:06:e6:e6:ce:d7:66:2d:58:4c:
85:63:e3:33:2c:af:7b:72:af:32:7d:31:53:d8:4e:d9:7e:da:
f0:41:6a:3c:9a:60:7b:44:2d:01:23:41:29:d3:4c:43:f7:3d:
8a:3a:9c:ff:ee:c6:f2:59:28:a7:36:67:2c:3e:f8:66:2b:62:
a6:4d:4d:08:cf:69:80:a9:1d:57:54:c2:63:86:c7:5c:fa:8c:
a2:a8:2d:48:8c:e8:0b:35:60:b6:09:0d:86:91:a1:07:85:a5:
22:c6:4c:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKM4rBI/H8WBqh9NEzgWJlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjIwODExMTIzMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDNiY2RiMTZkMjBhMzZiYzY1ZjdkOWYzMWIxYzVjNWRhZGYwZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSavrdOjMn2kRe4SMsWJ1fP9wj7j
cW1Zhr66y8H6Ip3xVu+D2LA8izkh7vv6z7qiIqWeVpCl+DUy5utcZ/FXMlHa0plz
kvqshBVYfkFnwcabl40ObiAtXLfbtuVtbelEGKfIPiz/XFEMM+7bMfZHBNlntUzQ
DUljrNMPVSY/uBDkjcw0ccNn35OE+meIufN04H0txS7/aGrg/Ee9jd4E7PaDGKKj
eGs98pPY1pljre8lTT+y67KukIMDCCpx/iIqzmCRC5MDUfx0sVyq1gSO2mXi0Bm2
r+d4fcxEFZnHXNgr0GmlcH4XLIEEmmE6ZDOL/bsNw+bA9TFVGuyjHcDB8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGQ7zbFtIKNrxl99nzGxxcXa3w07MB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvWkR2TnNXMGdvMnZHWDMyZk1iSEZ4ZHJmRFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwS5RAwQA
w/LyMA0GCSqGSIb3DQEBCwUAA4IBAQAmBb0Ehuk8EebSwhfB8LYqzBds3gLkh2oB
OKxlb/nHHlUW7YZbho3flXmIuuqz8ftkst4AfqG7FqbK815I9lxl7y96tbCJbjqE
arly1axgwYnq/M9ddggje7kffS/KCPLka9r1yiDkXeK9+HgmlaWmCBxkICeRRO1O
SZS8PNFBHVAqqSYK5OtoS+6iNXRP2jrgXDpDDZORYMUG5ubO12YtWEyFY+MzLK97
cq8yfTFT2E7ZftrwQWo8mmB7RC0BI0Ep00xD9z2KOpz/7sbyWSinNmcsPvhmK2Km
TU0Iz2mAqR1XVMJjhsdc+oyiqC1IjOgLNWC2CQ2GkaEHhaUixkyy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:19 2023 by rpki-client on console-fra.rpki-client.org