Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/ZyImnOxAGoPOahST5McqGeDeat8.roa
File: ZyImnOxAGoPOahST5McqGeDeat8.roa (raw, json)
Hash identifier: aJtKk36qTsrkon5yGqwq8094JNCRG7rqXV3uPfmIqMQ=
Subject key identifier: 67:22:26:9C:EC:40:1A:83:CE:6A:14:93:E4:C7:2A:19:E0:DE:6A:DF
Certificate issuer: /CN=9a4fa9a60a5a24ffe614b6dfb58813d925a3b318
Certificate serial: 01843DF0EB7B315A3952F5DDCD7B7272E3F6
Authority key identifier: 9A:4F:A9:A6:0A:5A:24:FF:E6:14:B6:DF:B5:88:13:D9:25:A3:B3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mk-ppgpaJP_mFLbftYgT2SWjsxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/ZyImnOxAGoPOahST5McqGeDeat8.roa
Signing time: Thu 03 Nov 2022 14:41:49 +0000
ROA not before: Thu 03 Nov 2022 14:41:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56515
IP address blocks: 185.24.164.0/22 maxlen: 24
176.110.144.0/20 maxlen: 24
31.128.0.0/19 maxlen: 24
2a04:2b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:f0:eb:7b:31:5a:39:52:f5:dd:cd:7b:72:72:e3:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a4fa9a60a5a24ffe614b6dfb58813d925a3b318
Validity
Not Before: Nov 3 14:41:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6722269cec401a83ce6a1493e4c72a19e0de6adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d1:fd:0e:df:ab:da:5c:12:89:eb:63:f8:f6:
45:54:40:76:98:cd:41:73:0a:c9:f1:97:7c:13:66:
ac:b0:92:c2:fc:82:08:0d:68:7d:b0:25:4a:05:23:
ae:79:45:7d:fd:9d:54:cd:9f:21:8f:78:ee:d4:04:
9e:65:f0:b3:05:e9:61:a0:61:f0:c3:2a:f3:11:65:
40:a2:b7:c3:38:a8:63:06:10:75:d9:41:4b:0f:89:
6e:17:4b:e9:9c:09:72:0c:01:f8:46:c2:b4:94:da:
2c:81:a7:59:71:11:f1:65:ec:28:e9:d6:2e:03:93:
78:02:a4:4e:0a:12:63:cb:ab:b4:dc:0e:dd:a1:3d:
d4:36:0b:86:eb:5f:4a:71:3e:ac:2f:ba:c2:3d:97:
c5:e6:48:41:a6:49:ba:46:c5:40:36:a0:39:65:fe:
df:6d:1b:9c:9c:62:92:4d:10:0b:32:ec:7f:bc:87:
8e:56:ba:e1:74:95:e2:48:0e:6e:bc:09:71:b8:f5:
3c:23:a3:06:02:c6:c2:43:8d:ff:f4:fc:87:b4:f0:
8a:99:0c:1a:1d:92:2d:e3:63:f9:f7:dc:69:f5:9d:
8c:0f:35:dd:23:6b:5f:f4:fc:c4:c0:65:3d:0c:70:
cb:24:22:50:a1:d2:06:68:7a:0e:b3:e3:77:56:1e:
4d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:22:26:9C:EC:40:1A:83:CE:6A:14:93:E4:C7:2A:19:E0:DE:6A:DF
X509v3 Authority Key Identifier:
keyid:9A:4F:A9:A6:0A:5A:24:FF:E6:14:B6:DF:B5:88:13:D9:25:A3:B3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mk-ppgpaJP_mFLbftYgT2SWjsxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/ZyImnOxAGoPOahST5McqGeDeat8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/mk-ppgpaJP_mFLbftYgT2SWjsxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.0.0/19
176.110.144.0/20
185.24.164.0/22
IPv6:
2a04:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
a0:fa:af:bb:05:67:26:7b:46:29:3c:bf:e1:db:09:54:af:96:
ff:a6:9e:b2:56:cc:6e:d2:30:f8:e8:22:ed:69:49:76:db:89:
ec:bd:33:da:a2:64:85:79:0a:cf:e8:53:2a:cc:ec:7d:0c:fd:
79:ed:8a:b4:bd:42:da:f6:8f:34:8e:7b:34:1d:50:35:64:e9:
0e:79:f9:91:72:a5:ac:83:7f:1c:d8:0e:e4:86:f0:bc:2f:76:
49:c1:ec:0b:a3:0a:07:dc:f9:c8:c8:13:2d:9d:ff:65:65:b4:
d0:58:45:c0:0a:47:25:1b:62:da:dd:cb:e2:9f:ff:1f:0b:d4:
e8:27:ec:40:b0:51:56:1f:0f:cc:ae:e2:36:6c:55:d8:e8:21:
a5:e5:34:dc:1f:4d:e2:62:0b:c0:39:8e:9d:79:7c:38:49:69:
84:3e:3f:e7:3d:d9:34:8f:c3:8d:4a:b1:1b:a2:13:e3:f7:ce:
a9:83:13:a9:12:fa:62:04:2c:de:3e:33:8c:67:70:71:86:0b:
36:bc:d6:d1:92:e4:cc:ba:fd:7e:d6:ce:68:cc:c9:7d:f9:f9:
9f:02:d3:87:d1:c4:69:ca:37:a1:34:73:54:18:e4:a1:4c:4e:
63:fe:66:3d:1a:ba:b4:cd:b9:37:13:72:fe:41:b3:bc:2f:bc:
4e:04:e0:1c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYQ98Ot7MVo5UvXdzXtycuP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNGZhOWE2MGE1YTI0ZmZlNjE0YjZkZmI1ODgxM2Q5MjVh
M2IzMTgwHhcNMjIxMTAzMTQ0MTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzIyMjY5Y2VjNDAxYTgzY2U2YTE0OTNlNGM3MmExOWUwZGU2YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtH9Dt+r2lwSietj+PZFVEB2mM1B
cwrJ8Zd8E2assJLC/IIIDWh9sCVKBSOueUV9/Z1UzZ8hj3ju1ASeZfCzBelhoGHw
wyrzEWVAorfDOKhjBhB12UFLD4luF0vpnAlyDAH4RsK0lNosgadZcRHxZewo6dYu
A5N4AqROChJjy6u03A7doT3UNguG619KcT6sL7rCPZfF5khBpkm6RsVANqA5Zf7f
bRucnGKSTRALMux/vIeOVrrhdJXiSA5uvAlxuPU8I6MGAsbCQ43/9PyHtPCKmQwa
HZIt42P599xp9Z2MDzXdI2tf9PzEwGU9DHDLJCJQodIGaHoOs+N3Vh5NZQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGciJpzsQBqDzmoUk+THKhng3mrfMB8GA1UdIwQY
MBaAFJpPqaYKWiT/5hS237WIE9klo7MYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWstcHBncGFKUF9tRkxiZnRZZ1QyU1dqc3hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC81YjA0OTQtNWFkNi00ZWE0LTk1ZmEt
YTgzZDlkOTIwZDMxLzEvWnlJbW5PeEFHb1BPYWhTVDVNY3FHZURlYXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC81YjA0OTQtNWFkNi00ZWE0LTk1ZmEtYTgzZDlkOTIwZDMx
LzEvbWstcHBncGFKUF9tRkxiZnRZZ1QyU1dqc3hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFH4AAAwQE
sG6QAwQCuRikMA0EAgACMAcDBQMqBCtAMA0GCSqGSIb3DQEBCwUAA4IBAQCg+q+7
BWcme0YpPL/h2wlUr5b/pp6yVsxu0jD46CLtaUl224nsvTPaomSFeQrP6FMqzOx9
DP157Yq0vULa9o80jns0HVA1ZOkOefmRcqWsg38c2A7khvC8L3ZJwewLowoH3PnI
yBMtnf9lZbTQWEXACkclG2La3cvin/8fC9ToJ+xAsFFWHw/MruI2bFXY6CGl5TTc
H03iYgvAOY6deXw4SWmEPj/nPdk0j8ONSrEbohPj986pgxOpEvpiBCzePjOMZ3Bx
hgs2vNbRkuTMuv1+1s5ozMl9+fmfAtOH0cRpyjehNHNUGOShTE5j/mY9Grq0zbk3
E3L+QbO8L7xOBOAc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:32 2024 by rpki-client on console-ams.rpki-client.org