Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zpa1-mUMhvJzj9DXR5ZaXp0-oeE.roa
File: zpa1-mUMhvJzj9DXR5ZaXp0-oeE.roa (raw, json)
Hash identifier: ztUJ73gftTCDx3zaOIBahEIkK6UukdVifbPmwwk1whE=
Subject key identifier: CE:96:B5:FA:65:0C:86:F2:73:8F:D0:D7:47:96:5A:5E:9D:3E:A1:E1
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184AA4DBD45CC8691BBDE241624DE1F61CC
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zpa1-mUMhvJzj9DXR5ZaXp0-oeE.roa
Signing time: Thu 24 Nov 2022 15:42:12 +0000
ROA not before: Thu 24 Nov 2022 15:42:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15083
IP address blocks: 5.105.128.0/24 maxlen: 24
5.105.133.0/24 maxlen: 24
5.105.140.0/24 maxlen: 24
5.105.163.0/24 maxlen: 24
5.105.161.0/24 maxlen: 24
5.105.70.0/24 maxlen: 24
5.105.78.0/24 maxlen: 24
5.105.85.0/24 maxlen: 24
5.105.99.0/24 maxlen: 24
5.105.109.0/24 maxlen: 24
5.105.58.0/24 maxlen: 24
5.105.56.0/24 maxlen: 24
5.105.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:4d:bd:45:cc:86:91:bb:de:24:16:24:de:1f:61:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Nov 24 15:42:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce96b5fa650c86f2738fd0d747965a5e9d3ea1e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:23:b1:bf:91:20:eb:ae:51:bb:6a:f8:10:6f:
90:1f:61:67:b7:48:ed:02:60:d0:db:96:b6:42:0e:
79:23:a2:51:5b:89:16:f1:cb:9e:f5:8f:1b:12:31:
bb:8e:25:30:3d:a0:46:a8:2e:0f:a3:f6:8f:b0:2a:
cf:7f:e6:dd:86:c5:e7:dc:51:54:b4:b8:b2:66:50:
42:2b:38:96:88:a0:54:b6:af:a1:44:9b:da:d7:f4:
2a:11:c5:27:fd:e0:20:3e:20:db:36:f4:38:01:33:
47:fa:f1:95:f9:bd:44:d7:5d:ba:c7:a5:25:55:9c:
f6:37:66:5f:75:e5:b6:9f:fd:75:cb:30:17:76:a5:
f8:a1:69:ef:7a:ec:5a:f2:14:16:4b:47:dd:e5:cd:
cf:29:8b:a4:b7:c3:c9:01:51:c4:24:35:71:4c:29:
e0:94:a5:28:fa:73:8e:96:61:ff:26:5b:82:ad:f3:
32:5f:ad:02:fc:c6:67:06:8f:d5:30:30:37:ec:f9:
79:50:5a:6f:f4:c6:74:92:8c:00:9c:69:90:96:1f:
c6:fb:80:c1:43:b1:8f:5e:da:07:df:9a:e6:b1:42:
82:06:24:45:00:7b:b4:99:6f:5a:2a:7d:12:f2:4b:
15:5b:1a:40:8e:d0:d2:e0:7e:0d:61:eb:41:6d:fb:
07:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:96:B5:FA:65:0C:86:F2:73:8F:D0:D7:47:96:5A:5E:9D:3E:A1:E1
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zpa1-mUMhvJzj9DXR5ZaXp0-oeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.56.0/24
5.105.58.0/24
5.105.60.0/24
5.105.70.0/24
5.105.78.0/24
5.105.85.0/24
5.105.99.0/24
5.105.109.0/24
5.105.128.0/24
5.105.133.0/24
5.105.140.0/24
5.105.161.0/24
5.105.163.0/24
Signature Algorithm: sha256WithRSAEncryption
25:0e:3d:cd:e3:95:24:8b:54:3b:e1:5d:a9:47:34:4e:c6:0b:
99:d6:ca:76:de:ac:a9:f8:c0:69:50:5e:03:63:59:41:14:0e:
fb:8a:a7:da:7e:2d:51:06:49:33:df:e9:f9:d9:e2:82:13:a4:
23:78:d7:7f:9c:19:ab:b9:86:a1:e4:73:dd:c5:c7:fe:4a:8c:
9f:2e:78:e0:8e:e1:5d:68:b2:1a:69:8a:1f:86:32:92:d8:b0:
e9:c2:32:a3:05:21:cb:54:3a:74:70:ea:d4:b3:10:82:4e:39:
b5:6e:96:2e:42:32:07:8f:10:54:00:0e:d9:f6:63:27:63:de:
92:ea:d6:6f:67:14:49:c8:30:66:57:d0:5d:3a:90:74:47:fb:
a8:7d:d1:44:d6:c1:c9:4e:ea:f0:57:65:bb:eb:97:33:9b:6e:
3f:c3:46:93:00:65:da:18:a5:a2:1d:1b:40:de:c1:3e:93:20:
c8:6e:67:69:c0:e5:a3:b2:48:7f:32:8f:19:c4:86:2a:4e:d7:
80:43:d5:f0:e8:ce:24:eb:16:96:51:c7:29:63:70:62:6f:f9:
f9:82:7d:2b:73:54:4d:dd:bf:68:18:a6:b2:13:9f:8b:32:73:
33:c3:57:75:49:8e:cb:55:34:8c:ac:3c:18:ae:e1:99:36:db:
8b:56:ba:25
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYSqTb1FzIaRu94kFiTeH2HMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTI0MTU0MjEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTk2YjVmYTY1MGM4NmYyNzM4ZmQwZDc0Nzk2NWE1ZTlkM2VhMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyOxv5Eg665Ru2r4EG+QH2Fnt0jt
AmDQ25a2Qg55I6JRW4kW8cue9Y8bEjG7jiUwPaBGqC4Po/aPsCrPf+bdhsXn3FFU
tLiyZlBCKziWiKBUtq+hRJva1/QqEcUn/eAgPiDbNvQ4ATNH+vGV+b1E1126x6Ul
VZz2N2ZfdeW2n/11yzAXdqX4oWnveuxa8hQWS0fd5c3PKYukt8PJAVHEJDVxTCng
lKUo+nOOlmH/JluCrfMyX60C/MZnBo/VMDA37Pl5UFpv9MZ0kowAnGmQlh/G+4DB
Q7GPXtoH35rmsUKCBiRFAHu0mW9aKn0S8ksVWxpAjtDS4H4NYetBbfsHiwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFM6WtfplDIbyc4/Q10eWWl6dPqHhMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvenBhMS1tVU1odkp6ajlEWFI1WmFYcDAtb2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABWk4AwQA
BWk6AwQABWk8AwQABWlGAwQABWlOAwQABWlVAwQABWljAwQABWltAwQABWmAAwQA
BWmFAwQABWmMAwQABWmhAwQABWmjMA0GCSqGSIb3DQEBCwUAA4IBAQAlDj3N45Uk
i1Q74V2pRzROxguZ1sp23qyp+MBpUF4DY1lBFA77iqfafi1RBkkz3+n52eKCE6Qj
eNd/nBmruYah5HPdxcf+SoyfLnjgjuFdaLIaaYofhjKS2LDpwjKjBSHLVDp0cOrU
sxCCTjm1bpYuQjIHjxBUAA7Z9mMnY96S6tZvZxRJyDBmV9BdOpB0R/uofdFE1sHJ
TurwV2W765czm24/w0aTAGXaGKWiHRtA3sE+kyDIbmdpwOWjskh/Mo8ZxIYqTteA
Q9Xw6M4k6xaWUccpY3Bib/n5gn0rc1RN3b9oGKayE5+LMnMzw1d1SY7LVTSMrDwY
ruGZNtuLVrol
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:01 2023 by rpki-client on console-ams.rpki-client.org