Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/ZW4kcaV7oVA-CycSaXM7R30LinM.roa
File: ZW4kcaV7oVA-CycSaXM7R30LinM.roa (raw, json)
Hash identifier: JD6wTt+Bl/A5KHLFg+Kwh9sQGJz0FpxE46envVhmqjw=
Subject key identifier: 65:6E:24:71:A5:7B:A1:50:3E:0B:27:12:69:73:3B:47:7D:0B:8A:73
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 086E8D4A
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/ZW4kcaV7oVA-CycSaXM7R30LinM.roa
Signing time: Fri 25 Mar 2022 17:50:11 +0000
ROA not before: Fri 25 Mar 2022 17:50:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35830
IP address blocks: 212.119.40.0/23 maxlen: 23
45.140.204.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141462858 (0x86e8d4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Mar 25 17:50:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=656e2471a57ba1503e0b271269733b477d0b8a73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:1e:16:9f:a4:7a:fd:39:3b:50:e4:0d:5a:b2:
f1:64:b7:d5:53:a0:fa:ca:f0:43:f1:d1:a9:3a:4e:
3c:ae:ad:05:c4:ca:f9:46:dd:e9:a3:00:fa:27:08:
73:57:89:bd:da:b7:cd:9f:a8:ea:9f:6b:6d:7a:3c:
e7:a9:9e:94:21:e7:ef:b1:2c:aa:dc:63:70:e6:17:
49:63:e8:22:63:63:59:7a:e1:64:81:37:02:d9:8e:
47:7d:0b:ce:5d:cd:11:bf:30:1e:b8:f9:ba:bf:01:
66:b9:7b:c6:fb:9a:a0:44:79:26:74:eb:dd:41:ed:
46:f6:f4:9a:4d:62:18:d0:bb:29:cf:df:22:b2:1f:
9d:34:43:44:10:f2:64:5d:27:6d:d9:dc:7f:21:1f:
ac:93:08:1b:1c:b9:6c:c1:28:8f:ea:58:8f:ef:37:
d9:f7:a6:3e:87:55:b9:4f:10:40:01:e4:a9:80:07:
aa:e5:13:f2:c0:cf:73:63:f9:62:b2:54:23:dd:95:
e5:a8:6b:96:74:dc:46:01:af:64:7d:aa:71:6a:58:
65:84:dc:5d:7c:90:21:7b:37:61:63:86:13:33:db:
de:f0:67:38:db:83:a4:3e:c1:37:16:d1:8a:a3:b0:
0f:da:b7:45:95:83:1a:1c:1f:74:ea:52:67:ad:dd:
3c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:6E:24:71:A5:7B:A1:50:3E:0B:27:12:69:73:3B:47:7D:0B:8A:73
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/ZW4kcaV7oVA-CycSaXM7R30LinM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.204.0/23
212.119.40.0/23
Signature Algorithm: sha256WithRSAEncryption
69:2b:66:23:cf:a8:41:c4:d0:ad:70:b4:73:54:ac:e9:b1:85:
5b:2e:66:ab:6b:00:e5:b4:e8:e8:34:db:93:73:7a:35:74:2c:
08:3b:b5:9c:09:fd:32:a8:65:56:5a:37:d5:a3:20:18:da:65:
ee:32:62:8f:60:03:ca:f6:a4:f4:99:1e:c8:3f:46:ad:5e:c7:
88:65:6f:35:f0:8b:e5:07:cc:9d:32:2d:13:3f:53:b0:20:a5:
73:dc:9c:a1:da:d1:ae:b2:4c:06:1f:c5:9a:46:c2:9f:bf:1d:
43:f2:bb:b5:da:e8:76:ed:03:dd:ec:40:d4:5f:52:df:c4:fd:
3b:91:7b:d2:38:8f:86:08:b9:05:5f:94:db:d3:ef:27:a7:a5:
5f:b1:0e:1a:cb:7d:87:46:27:a5:73:d4:96:4e:5d:f0:26:e4:
af:f1:6d:f0:c3:64:25:58:a2:1f:b8:61:70:58:60:4d:9a:d0:
22:8d:87:dc:bd:b8:2a:f2:9d:11:92:8d:70:8a:fd:99:ca:3e:
8a:e1:96:67:61:e5:ec:08:38:25:eb:03:45:e8:49:06:4a:57:
9c:e8:5d:2c:47:aa:be:37:dc:db:4a:bb:11:e9:1b:1c:9c:03:
ad:86:be:ec:20:51:9c:60:46:b1:47:6e:98:e4:e2:8b:cc:2c:
f7:f2:a0:09
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECG6NSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODY1MWIxMTk0ZjEyZTk4ZTcwZDNkYTc4ZWZlNGRkMjQ2N2NkNDIzMB4XDTIyMDMy
NTE3NTAxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjU2ZTI0NzFhNTdi
YTE1MDNlMGIyNzEyNjk3MzNiNDc3ZDBiOGE3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPkeFp+kev05O1DkDVqy8WS31VOg+srwQ/HRqTpOPK6tBcTK
+Ubd6aMA+icIc1eJvdq3zZ+o6p9rbXo856melCHn77EsqtxjcOYXSWPoImNjWXrh
ZIE3AtmOR30Lzl3NEb8wHrj5ur8BZrl7xvuaoER5JnTr3UHtRvb0mk1iGNC7Kc/f
IrIfnTRDRBDyZF0nbdncfyEfrJMIGxy5bMEoj+pYj+832femPodVuU8QQAHkqYAH
quUT8sDPc2P5YrJUI92V5ahrlnTcRgGvZH2qcWpYZYTcXXyQIXs3YWOGEzPb3vBn
ONuDpD7BNxbRiqOwD9q3RZWDGhwfdOpSZ63dPHUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRlbiRxpXuhUD4LJxJpcztHfQuKczAfBgNVHSMEGDAWgBT4ZRsRlPEumOcN
PaeO/k3SRnzUIzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzRlLzgyMjQwMC0zMjQ4LTQ3MDItYjI5Yi1hMWI3Y2VlZmExNmMv
MS9aVzRrY2FWN29WQS1DeWNTYVhNN1IzMExpbk0ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRl
LzgyMjQwMC0zMjQ4LTQ3MDItYjI5Yi1hMWI3Y2VlZmExNmMvMS8xLUdVYkVaVHhM
cGpuRFQybmp2NU4wa1o4MUNNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYzMAwQB1HcoMA0GCSqGSIb3
DQEBCwUAA4IBAQBpK2Yjz6hBxNCtcLRzVKzpsYVbLmarawDltOjoNNuTc3o1dCwI
O7WcCf0yqGVWWjfVoyAY2mXuMmKPYAPK9qT0mR7IP0atXseIZW818IvlB8ydMi0T
P1OwIKVz3Jyh2tGuskwGH8WaRsKfvx1D8ru12uh27QPd7EDUX1LfxP07kXvSOI+G
CLkFX5Tb0+8np6VfsQ4ay32HRielc9SWTl3wJuSv8W3ww2QlWKIfuGFwWGBNmtAi
jYfcvbgq8p0Rko1wiv2Zyj6K4ZZnYeXsCDgl6wNF6EkGSlec6F0sR6q+N9zbSrsR
6RscnAOthr7sIFGcYEaxR26Y5OKLzCz38qAJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:42 2023 by rpki-client on console-ams.rpki-client.org