Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/Z48yJgFe6cBu4BD35zXtgLTbOIA.roa
File: Z48yJgFe6cBu4BD35zXtgLTbOIA.roa (raw, json)
Hash identifier: CsarlYs3zvx1iowMh1E10nBTprEchgkVVha0eQ4sPjw=
Subject key identifier: 67:8F:32:26:01:5E:E9:C0:6E:E0:10:F7:E7:35:ED:80:B4:DB:38:80
Certificate issuer: /CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Certificate serial: 3756C227
Authority key identifier: 05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/Z48yJgFe6cBu4BD35zXtgLTbOIA.roa
Signing time: Sat 01 Jan 2022 10:59:57 +0000
ROA not before: Sat 01 Jan 2022 10:59:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24935
IP address blocks: 185.161.45.0/24 maxlen: 24
185.161.47.0/24 maxlen: 24
185.252.156.0/24 maxlen: 24
185.252.159.0/24 maxlen: 24
185.252.158.0/24 maxlen: 24
37.235.92.0/24 maxlen: 24
46.29.122.0/24 maxlen: 24
37.235.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 928432679 (0x3756c227)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Validity
Not Before: Jan 1 10:59:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=678f3226015ee9c06ee010f7e735ed80b4db3880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:69:ef:61:55:5b:24:76:66:ec:0c:0c:b5:0a:
3b:2a:f9:66:bc:98:a6:65:73:a1:b4:eb:61:f8:0e:
36:ba:ad:c9:d1:25:7c:05:86:78:8c:69:bb:f7:78:
d8:cc:31:fb:a2:25:1a:73:c4:01:49:0d:5d:b9:a8:
10:4c:d1:3b:56:6e:e6:67:89:7d:17:a6:a4:95:5b:
8f:52:9c:84:ce:45:21:14:38:64:48:a8:d4:86:49:
a0:67:30:56:c4:9b:1d:fa:63:3b:72:df:1e:fc:73:
e3:c5:d5:16:82:5a:a8:82:bb:4d:1c:38:67:3e:94:
32:e1:7a:48:3d:47:b0:83:bc:12:1d:84:f9:24:3b:
a4:09:1b:0f:b5:e4:55:87:c4:8a:ef:aa:fd:4d:2d:
8b:65:38:08:02:74:21:ef:7b:4c:5d:05:95:c1:4a:
5b:d5:c8:fc:c1:4a:bc:5b:a4:ce:5d:ad:f0:a1:4d:
a0:ef:3b:5b:d5:6e:2c:dd:f6:4d:7d:4f:d6:58:d1:
b2:0c:d9:2f:aa:bc:bc:a1:32:78:7d:bc:39:20:01:
9d:a1:2d:a2:49:96:2f:f4:89:25:14:04:33:ad:d7:
f7:e5:5e:b4:e0:cc:4b:60:b4:9c:f5:bd:54:ab:43:
c0:cb:b0:4b:7e:61:24:b0:d2:cd:fe:99:4c:65:c4:
60:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8F:32:26:01:5E:E9:C0:6E:E0:10:F7:E7:35:ED:80:B4:DB:38:80
X509v3 Authority Key Identifier:
keyid:05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/Z48yJgFe6cBu4BD35zXtgLTbOIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/BdZYWUtlNkssLlampF67BoR7OEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.92.0/23
46.29.122.0/24
185.161.45.0/24
185.161.47.0/24
185.252.156.0/24
185.252.158.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:3b:43:5a:c4:c7:18:e0:bb:e3:50:3d:ba:31:ee:f4:f2:09:
b9:91:fe:2f:07:1c:5b:a2:ae:a1:5a:4f:f4:4c:11:ef:55:7c:
54:0e:4f:32:3a:8a:34:78:01:32:fa:76:8d:cb:de:b2:5f:99:
87:0c:d3:10:5c:d6:4a:ea:1c:e5:7b:e0:9a:37:a7:4f:b0:93:
db:9d:8d:cb:18:ea:80:9f:3a:b5:71:d9:85:cc:fc:64:f0:10:
30:b5:ea:ad:4c:10:6e:8f:a3:e1:bc:f6:23:65:b5:61:b9:84:
36:e1:73:e1:94:2b:5c:3d:80:03:3d:b7:06:6b:6f:3a:16:66:
e6:ed:b8:5e:93:27:a4:74:3b:78:6a:fe:61:0e:79:1b:ec:37:
9d:33:1b:ff:8e:12:3c:ce:28:19:f4:08:da:fa:a5:58:12:bd:
7d:40:6b:d4:81:47:80:46:21:64:6b:df:d9:fd:a6:11:db:21:
b6:cd:1a:04:ed:d6:e2:9e:34:88:ea:f7:4e:ea:85:77:82:fe:
40:47:f1:68:10:4f:bc:37:f7:bc:5b:31:ad:b4:f2:ab:d4:52:
5d:87:01:05:40:7d:6c:6f:62:86:cc:8d:d9:23:63:df:e8:f5:
49:74:b2:a7:75:37:a0:53:80:1e:7e:8c:14:96:8c:af:1d:9e:
ce:89:cc:63
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEN1bCJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWQ2NTg1OTRiNjUzNjRiMmMyZTU2YTZhNDVlYmIwNjg0N2IzODQ5MB4XDTIyMDEw
MTEwNTk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc4ZjMyMjYwMTVl
ZTljMDZlZTAxMGY3ZTczNWVkODBiNGRiMzg4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANVp72FVWyR2ZuwMDLUKOyr5ZryYpmVzobTrYfgONrqtydEl
fAWGeIxpu/d42Mwx+6IlGnPEAUkNXbmoEEzRO1Zu5meJfRempJVbj1KchM5FIRQ4
ZEio1IZJoGcwVsSbHfpjO3LfHvxz48XVFoJaqIK7TRw4Zz6UMuF6SD1HsIO8Eh2E
+SQ7pAkbD7XkVYfEiu+q/U0ti2U4CAJ0Ie97TF0FlcFKW9XI/MFKvFukzl2t8KFN
oO87W9VuLN32TX1P1ljRsgzZL6q8vKEyeH28OSABnaEtokmWL/SJJRQEM63X9+Ve
tODMS2C0nPW9VKtDwMuwS35hJLDSzf6ZTGXEYMECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRnjzImAV7pwG7gEPfnNe2AtNs4gDAfBgNVHSMEGDAWgBQF1lhZS2U2Sywu
VqakXrsGhHs4STAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JkWllXVXRsTmtzc0xsYW1wRjY3Qm9SN09Fay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvOWIxZjk1LTNiMTgtNDgxMi05MjRlLTdiZmRhNjI1NDRjZS8x
L1o0OHlKZ0ZlNmNCdTRCRDM1elh0Z0xUYk9JQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
OWIxZjk1LTNiMTgtNDgxMi05MjRlLTdiZmRhNjI1NDRjZS8xL0JkWllXVXRsTmtz
c0xsYW1wRjY3Qm9SN09Fay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEASXrXAMEAC4degMEALmhLQMEALmh
LwMEALn8nAMEAbn8njANBgkqhkiG9w0BAQsFAAOCAQEAtztDWsTHGOC741A9ujHu
9PIJuZH+LwccW6KuoVpP9EwR71V8VA5PMjqKNHgBMvp2jcvesl+ZhwzTEFzWSuoc
5XvgmjenT7CT252NyxjqgJ86tXHZhcz8ZPAQMLXqrUwQbo+j4bz2I2W1YbmENuFz
4ZQrXD2AAz23BmtvOhZm5u24XpMnpHQ7eGr+YQ55G+w3nTMb/44SPM4oGfQI2vql
WBK9fUBr1IFHgEYhZGvf2f2mEdshts0aBO3W4p40iOr3TuqFd4L+QEfxaBBPvDf3
vFsxrbTyq9RSXYcBBUB9bG9ihsyN2SNj3+j1SXSyp3U3oFOAHn6MFJaMrx2ezonM
Yw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:20 2023 by rpki-client on console-ams.rpki-client.org