Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/mzxyKDjsu2n6YqDbMRNGh0RSEcI.roa
File: mzxyKDjsu2n6YqDbMRNGh0RSEcI.roa (raw, json)
Hash identifier: yB7sqaRhdLCO3Di0lxly7MnGN1K3lqdfrzsRGyXExG4=
Subject key identifier: 9B:3C:72:28:38:EC:BB:69:FA:62:A0:DB:31:13:46:87:44:52:11:C2
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 0B39B65B
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/mzxyKDjsu2n6YqDbMRNGh0RSEcI.roa
Signing time: Fri 20 May 2022 11:52:12 +0000
ROA not before: Fri 20 May 2022 11:52:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212953
IP address blocks: 176.98.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188331611 (0xb39b65b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: May 20 11:52:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b3c722838ecbb69fa62a0db31134687445211c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c7:9b:f1:2a:8e:45:95:54:8f:37:48:06:3c:
b2:e8:f1:8f:6e:28:49:96:d4:25:a7:3d:62:f0:4d:
66:54:d1:8d:64:ef:77:a9:f3:8b:c2:3d:1c:e3:35:
8b:f1:c7:02:1c:6c:52:e6:99:85:94:ec:7d:69:1d:
6f:c1:e7:59:b5:5e:c9:ba:eb:4d:54:76:23:af:4e:
49:89:47:b4:62:6c:58:79:6c:4e:31:26:80:b6:92:
1f:8c:f9:c2:6f:99:63:a5:ce:0e:53:c2:de:0f:24:
bc:4d:89:66:c2:0b:eb:c2:af:92:e5:93:df:0b:9b:
d3:e7:80:7e:ad:2e:af:8c:4b:77:f8:ec:47:ef:d6:
a6:c5:88:e5:95:70:34:e1:4c:bb:a5:64:55:40:24:
64:53:e9:29:4c:0e:e9:f0:49:53:7a:37:bf:45:f1:
d6:44:2c:75:65:3c:1a:7e:15:9d:1e:bc:ef:4d:1b:
ba:d3:43:5a:c0:22:15:d9:d3:30:db:ff:dd:a3:c8:
a0:44:9d:8c:34:bc:27:6e:fc:f5:e6:9e:45:98:51:
a8:e2:5c:a9:d4:2b:a5:01:b9:92:29:4e:ef:4a:1d:
f9:59:2f:75:30:ae:0c:c0:aa:3c:c0:ef:f0:f2:7a:
5a:0c:90:11:a7:d6:55:47:0e:0b:67:23:41:e3:63:
7f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3C:72:28:38:EC:BB:69:FA:62:A0:DB:31:13:46:87:44:52:11:C2
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/mzxyKDjsu2n6YqDbMRNGh0RSEcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.41.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:91:0b:cf:7c:7a:b6:11:92:4f:10:bb:a3:6b:3a:22:7f:16:
3f:f3:bd:15:2f:9f:b8:79:bc:4e:0c:8b:38:77:96:de:13:17:
37:bd:d5:8e:2e:70:02:68:c4:d4:ed:55:b7:11:44:ae:40:70:
3e:38:53:40:2d:a6:0c:dd:47:18:13:3a:d5:76:75:ab:12:a4:
4f:e3:27:32:a7:9d:42:78:50:f0:82:0a:5d:fd:62:06:2c:94:
b3:34:4c:3c:d0:21:16:3e:31:bc:7a:0f:73:fe:03:f3:be:3b:
4a:12:6f:97:13:e8:d6:6e:5b:da:a7:77:00:81:1b:c4:5d:8d:
90:62:8f:91:06:d6:7e:96:fa:3d:a8:e9:ad:6f:c5:4b:6f:8c:
72:ff:1d:10:20:7c:76:f9:da:e9:a3:26:af:43:1c:19:83:67:
80:6e:b2:4e:25:84:74:3c:99:c1:29:d3:5a:25:5e:0a:e7:55:
e1:78:1a:af:3e:f7:69:5e:e9:b7:e6:e6:fb:90:9e:f5:f6:4c:
40:c3:5f:bc:a0:ca:5e:ba:df:f0:5e:e2:02:25:ef:f1:fb:05:
bf:13:3a:49:eb:a3:79:ec:1e:c1:35:21:ed:a3:29:83:0d:31:
25:f2:fe:10:b6:5d:57:64:a9:01:04:e6:20:5a:ad:42:cc:70:
a4:d8:6a:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECzm2WzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGIzNDc3NGIwMTk3OTI4NGZkOWU3NTRmZWE2OGZhM2M2MTc4M2QwMB4XDTIyMDUy
MDExNTIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWIzYzcyMjgzOGVj
YmI2OWZhNjJhMGRiMzExMzQ2ODc0NDUyMTFjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzHm/EqjkWVVI83SAY8sujxj24oSZbUJac9YvBNZlTRjWTv
d6nzi8I9HOM1i/HHAhxsUuaZhZTsfWkdb8HnWbVeybrrTVR2I69OSYlHtGJsWHls
TjEmgLaSH4z5wm+ZY6XODlPC3g8kvE2JZsIL68KvkuWT3wub0+eAfq0ur4xLd/js
R+/WpsWI5ZVwNOFMu6VkVUAkZFPpKUwO6fBJU3o3v0Xx1kQsdWU8Gn4VnR68700b
utNDWsAiFdnTMNv/3aPIoESdjDS8J2789eaeRZhRqOJcqdQrpQG5kilO70od+Vkv
dTCuDMCqPMDv8PJ6WgyQEafWVUcOC2cjQeNjf6ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSbPHIoOOy7afpioNsxE0aHRFIRwjAfBgNVHSMEGDAWgBSNs0d0sBl5KE/Z
51T+po+jxheD0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2piTkhkTEFaZVNoUDJlZFVfcWFQbzhZWGc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvNzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8x
L216eHlLRGpzdTJuNllxRGJNUk5HaDBSU0VjSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
NzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8xL2piTkhkTEFaZVNo
UDJlZFVfcWFQbzhZWGc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALBiKTANBgkqhkiG9w0BAQsFAAOC
AQEAS5ELz3x6thGSTxC7o2s6In8WP/O9FS+fuHm8TgyLOHeW3hMXN73Vji5wAmjE
1O1VtxFErkBwPjhTQC2mDN1HGBM61XZ1qxKkT+MnMqedQnhQ8IIKXf1iBiyUszRM
PNAhFj4xvHoPc/4D8747ShJvlxPo1m5b2qd3AIEbxF2NkGKPkQbWfpb6PajprW/F
S2+Mcv8dECB8dvna6aMmr0McGYNngG6yTiWEdDyZwSnTWiVeCudV4Xgarz73aV7p
t+bm+5Ce9fZMQMNfvKDKXrrf8F7iAiXv8fsFvxM6SeujeewewTUh7aMpgw0xJfL+
ELZdV2SpAQTmIFqtQsxwpNhqSg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-fra.rpki-client.org