Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/zv4ca9x0iIdFB52ER29SJ8BXS04.roa
File: zv4ca9x0iIdFB52ER29SJ8BXS04.roa (raw, json)
Hash identifier: K7wJupIXt7LuMabHFRX2QxBbwtUPN0KL4VTbV8CNX64=
Subject key identifier: CE:FE:1C:6B:DC:74:88:87:45:07:9D:84:47:6F:52:27:C0:57:4B:4E
Certificate issuer: /CN=c9a7ff012cb72ea84d1b83c002c3203cc024e6a6
Certificate serial: 02322AFB
Authority key identifier: C9:A7:FF:01:2C:B7:2E:A8:4D:1B:83:C0:02:C3:20:3C:C0:24:E6:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yaf_ASy3LqhNG4PAAsMgPMAk5qY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/zv4ca9x0iIdFB52ER29SJ8BXS04.roa
Signing time: Sat 01 Jan 2022 07:53:19 +0000
ROA not before: Sat 01 Jan 2022 07:53:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212426
IP address blocks: 193.28.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36842235 (0x2322afb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a7ff012cb72ea84d1b83c002c3203cc024e6a6
Validity
Not Before: Jan 1 07:53:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cefe1c6bdc74888745079d84476f5227c0574b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:71:6a:41:70:7a:f0:70:84:38:c1:b2:26:ac:
4b:30:b6:f4:31:8a:95:ac:8d:38:f0:40:96:a0:c4:
6b:93:16:da:fb:94:e6:d8:af:14:64:92:72:0a:97:
a9:42:7f:72:46:8e:8e:08:a7:c8:44:1b:9b:da:9f:
fe:93:67:ea:ba:cb:63:f8:c2:e2:18:3b:8e:b8:39:
02:3c:ac:84:22:4d:b2:10:24:cf:6c:c2:6c:9b:32:
4e:fb:fb:70:38:cc:35:53:c6:71:80:62:8a:7b:93:
55:c5:76:79:09:8b:1a:f0:a8:34:0c:6d:fc:24:9b:
69:48:b4:a5:83:39:91:d9:05:c2:cf:df:ad:60:09:
9e:58:32:54:b7:fd:03:73:38:53:47:7c:7a:7d:dd:
27:64:ee:dd:a7:a4:2d:f4:f7:6e:8b:4f:8d:a1:69:
47:3b:82:61:1d:78:87:07:58:a6:3d:a0:0a:b8:29:
7d:74:47:d8:1c:99:bd:fe:58:4e:37:c6:16:9a:24:
e4:4d:2d:e3:92:48:f9:b5:ad:f2:aa:19:df:1a:f5:
62:ec:99:98:38:a8:36:29:eb:37:01:8d:fe:39:b4:
2b:97:70:a6:15:9e:45:9c:90:d7:db:da:24:77:d4:
91:c8:84:a6:3c:62:67:d2:a7:a0:11:dc:c6:b6:03:
1e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:FE:1C:6B:DC:74:88:87:45:07:9D:84:47:6F:52:27:C0:57:4B:4E
X509v3 Authority Key Identifier:
keyid:C9:A7:FF:01:2C:B7:2E:A8:4D:1B:83:C0:02:C3:20:3C:C0:24:E6:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yaf_ASy3LqhNG4PAAsMgPMAk5qY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/zv4ca9x0iIdFB52ER29SJ8BXS04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/yaf_ASy3LqhNG4PAAsMgPMAk5qY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:a0:9b:0d:e8:0d:44:2e:62:0d:bc:66:a4:58:32:5b:9d:a2:
96:fe:93:e6:f8:3e:71:94:57:a6:38:db:60:3e:05:b7:55:a3:
4b:06:43:aa:7c:17:01:43:45:ed:78:9d:f0:de:d2:1e:0d:55:
f7:de:68:3f:a2:ff:67:42:86:df:2a:87:93:31:2b:63:19:ed:
25:e7:33:ff:d1:bb:ba:c5:dd:70:83:68:8d:d8:a5:8d:53:3e:
23:44:3d:01:6a:2a:6f:d1:e9:c6:ed:b7:0a:f2:fd:9b:f2:98:
b6:53:a1:fc:bf:4a:c4:72:73:f2:f5:f8:e2:57:1d:f7:81:c1:
fa:6b:fd:eb:82:9b:16:36:90:81:de:59:2c:02:05:8e:97:1b:
ea:2b:e1:e4:97:c2:fd:4c:bd:8d:ee:9c:36:3e:b2:38:d2:2d:
d6:be:e9:cc:fe:ec:ad:eb:4e:1a:d0:6d:59:a6:dc:4f:c1:09:
a1:07:42:50:3a:89:d7:ea:1e:80:a0:47:20:cf:30:da:03:2e:
5e:15:d0:19:d6:dd:d6:fb:ba:75:2e:18:32:fd:90:c1:26:b7:
b0:dd:49:04:8f:43:40:08:22:2a:13:f9:cc:32:99:38:9d:3a:
da:9f:fa:52:0f:30:a0:ba:a4:64:7f:7f:95:b6:26:71:d8:77:
a5:ef:d8:46
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAjIq+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWE3ZmYwMTJjYjcyZWE4NGQxYjgzYzAwMmMzMjAzY2MwMjRlNmE2MB4XDTIyMDEw
MTA3NTMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2VmZTFjNmJkYzc0
ODg4NzQ1MDc5ZDg0NDc2ZjUyMjdjMDU3NGI0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJxakFwevBwhDjBsiasSzC29DGKlayNOPBAlqDEa5MW2vuU
5tivFGSScgqXqUJ/ckaOjginyEQbm9qf/pNn6rrLY/jC4hg7jrg5AjyshCJNshAk
z2zCbJsyTvv7cDjMNVPGcYBiinuTVcV2eQmLGvCoNAxt/CSbaUi0pYM5kdkFws/f
rWAJnlgyVLf9A3M4U0d8en3dJ2Tu3aekLfT3botPjaFpRzuCYR14hwdYpj2gCrgp
fXRH2ByZvf5YTjfGFpok5E0t45JI+bWt8qoZ3xr1YuyZmDioNinrNwGN/jm0K5dw
phWeRZyQ19vaJHfUkciEpjxiZ9KnoBHcxrYDHp0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTO/hxr3HSIh0UHnYRHb1InwFdLTjAfBgNVHSMEGDAWgBTJp/8BLLcuqE0b
g8ACwyA8wCTmpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lhZl9BU3kzTHFoTkc0UEFBc01nUE1BazVxWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNDJmYjNjLTYxYTYtNDVjYS1hNDdlLWQyZDEyMDljNDgyNS8x
L3p2NGNhOXgwaUlkRkI1MkVSMjlTSjhCWFMwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NDJmYjNjLTYxYTYtNDVjYS1hNDdlLWQyZDEyMDljNDgyNS8xL3lhZl9BU3kzTHFo
Tkc0UEFBc01nUE1BazVxWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEcCzANBgkqhkiG9w0BAQsFAAOC
AQEAKqCbDegNRC5iDbxmpFgyW52ilv6T5vg+cZRXpjjbYD4Ft1WjSwZDqnwXAUNF
7Xid8N7SHg1V995oP6L/Z0KG3yqHkzErYxntJecz/9G7usXdcINojdiljVM+I0Q9
AWoqb9Hpxu23CvL9m/KYtlOh/L9KxHJz8vX44lcd94HB+mv964KbFjaQgd5ZLAIF
jpcb6ivh5JfC/Uy9je6cNj6yONIt1r7pzP7sretOGtBtWabcT8EJoQdCUDqJ1+oe
gKBHIM8w2gMuXhXQGdbd1vu6dS4YMv2QwSa3sN1JBI9DQAgiKhP5zDKZOJ062p/6
Ug8woLqkZH9/lbYmcdh3pe/YRg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:35 2023 by rpki-client on console-ams.rpki-client.org