Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zm_iFl4ipU9yyCNRR3ju55gFOZI.roa
File: zm_iFl4ipU9yyCNRR3ju55gFOZI.roa (raw, json)
Hash identifier: I5Q5iDUuXDx2qUnLS4KL3b+cnWhtKLabegSBhCsqFjw=
Subject key identifier: CE:6F:E2:16:5E:22:A5:4F:72:C8:23:51:47:78:EE:E7:98:05:39:92
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0182F87CC52CA64DB5EB1F10D6CDA3006DC4
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zm_iFl4ipU9yyCNRR3ju55gFOZI.roa
Signing time: Thu 01 Sep 2022 09:58:22 +0000
ROA not before: Thu 01 Sep 2022 09:58:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202561
IP address blocks: 188.132.221.0/24 maxlen: 24
188.132.222.0/24 maxlen: 24
188.132.152.0/24 maxlen: 24
188.132.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f8:7c:c5:2c:a6:4d:b5:eb:1f:10:d6:cd:a3:00:6d:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Sep 1 09:58:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce6fe2165e22a54f72c823514778eee798053992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:99:9c:e7:5c:15:3d:3f:7f:bf:ea:6e:4e:0d:
a7:0a:9e:49:e3:74:15:21:a1:fa:a6:5b:2c:9d:96:
2f:20:fc:76:e6:3b:cb:ce:81:6d:a3:21:b7:a5:bf:
bd:d3:ad:1a:e5:f0:c0:6e:ff:7f:4f:e5:f2:9a:35:
aa:04:d9:65:82:a3:38:3b:77:7a:73:0d:97:2d:78:
8a:c2:53:a0:86:ee:0c:da:c5:8c:10:95:83:f6:bc:
4b:7e:1c:fe:7f:e2:57:5e:ca:f7:82:ec:c3:d3:b7:
d1:dd:37:1e:bf:8f:82:29:c1:a6:f0:b4:c1:e8:61:
48:95:e2:de:b3:92:17:f9:f9:68:dc:48:d1:bf:f6:
a8:d1:9e:30:83:6b:e0:92:92:d8:f5:65:f9:a9:b4:
d5:56:b3:56:a4:21:aa:74:45:32:2e:6a:0b:87:a3:
c6:b1:a4:da:05:25:39:99:cc:a7:41:f3:7f:e2:83:
91:bf:0c:1d:71:06:ad:4e:85:d0:10:82:f4:83:43:
0b:4f:e0:52:27:16:46:19:d1:04:c8:3a:b8:12:39:
47:b4:b5:0e:c5:f7:a4:e3:73:2f:e2:55:19:a1:6a:
6d:93:85:f3:17:66:64:cb:01:7f:f7:01:8a:99:b9:
39:4a:06:39:49:af:96:fd:b8:f4:7b:b6:f2:ec:53:
c0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6F:E2:16:5E:22:A5:4F:72:C8:23:51:47:78:EE:E7:98:05:39:92
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zm_iFl4ipU9yyCNRR3ju55gFOZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.152.0/24
188.132.203.0/24
188.132.221.0-188.132.222.255
Signature Algorithm: sha256WithRSAEncryption
50:cf:48:cf:ef:8d:6a:3d:63:24:87:4f:7a:3c:cb:43:b5:ff:
5a:93:bf:79:20:d2:89:f7:e0:eb:d5:99:07:10:79:ea:e8:10:
3d:42:48:6a:61:7b:00:76:8b:91:c4:3f:fc:c2:10:56:c8:d5:
fa:6c:24:a6:fe:45:42:4e:4b:9a:aa:cb:1d:56:ae:70:ba:57:
08:0d:2f:4d:f3:7b:88:ed:21:85:c9:f0:15:54:0f:0c:28:ec:
30:22:55:7d:f6:7f:f3:fb:68:98:95:0c:5b:82:7e:9c:82:d3:
3d:dc:2b:15:d0:e2:b1:91:db:6a:80:de:c3:89:be:79:3c:b2:
1a:44:48:5a:d2:c0:f7:d2:a2:a4:7a:1d:7a:49:91:b3:02:dc:
ee:ad:16:e1:c0:e3:14:85:f9:0f:f3:99:28:e7:d8:1a:98:3d:
13:96:f9:5e:a0:24:6a:17:3e:93:e7:6f:70:15:12:b6:be:d7:
d9:d9:07:c4:aa:58:b6:a3:00:9d:91:78:f6:f1:a3:cf:d6:4e:
9c:68:d1:27:7b:79:fe:f7:d3:9a:56:96:30:74:75:73:98:6d:
29:ad:33:f3:c2:b9:95:a6:64:0c:14:97:ad:44:68:a3:56:47:
4f:9c:bf:29:71:77:a4:6b:fd:cc:90:a2:00:0d:b2:8a:74:a4:
92:87:cb:8d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYL4fMUspk216x8Q1s2jAG3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjIwOTAxMDk1ODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTZmZTIxNjVlMjJhNTRmNzJjODIzNTE0Nzc4ZWVlNzk4MDUzOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpmc51wVPT9/v+puTg2nCp5J43QV
IaH6plssnZYvIPx25jvLzoFtoyG3pb+9060a5fDAbv9/T+XymjWqBNllgqM4O3d6
cw2XLXiKwlOghu4M2sWMEJWD9rxLfhz+f+JXXsr3guzD07fR3Tcev4+CKcGm8LTB
6GFIleLes5IX+flo3EjRv/ao0Z4wg2vgkpLY9WX5qbTVVrNWpCGqdEUyLmoLh6PG
saTaBSU5mcynQfN/4oORvwwdcQatToXQEIL0g0MLT+BSJxZGGdEEyDq4EjlHtLUO
xfek43Mv4lUZoWptk4XzF2ZkywF/9wGKmbk5SgY5Sa+W/bj0e7by7FPAQQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFM5v4hZeIqVPcsgjUUd47ueYBTmSMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvem1faUZsNGlwVTl5eUNOUlIzanU1NWdGT1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAvISYAwQA
vITLMAwDBAC8hN0DBAC8hN4wDQYJKoZIhvcNAQELBQADggEBAFDPSM/vjWo9YySH
T3o8y0O1/1qTv3kg0on34OvVmQcQeeroED1CSGphewB2i5HEP/zCEFbI1fpsJKb+
RUJOS5qqyx1WrnC6VwgNL03ze4jtIYXJ8BVUDwwo7DAiVX32f/P7aJiVDFuCfpyC
0z3cKxXQ4rGR22qA3sOJvnk8shpESFrSwPfSoqR6HXpJkbMC3O6tFuHA4xSF+Q/z
mSjn2BqYPROW+V6gJGoXPpPnb3AVEra+19nZB8SqWLajAJ2RePbxo8/WTpxo0Sd7
ef7305pWljB0dXOYbSmtM/PCuZWmZAwUl61EaKNWR0+cvylxd6Rr/cyQogANsop0
pJKHy40=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:59 2024 by rpki-client on console-ams.rpki-client.org