Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ZzIy4MmzmEYWldBxPCCdbNmouKQ.roa
File: ZzIy4MmzmEYWldBxPCCdbNmouKQ.roa (raw, json)
Hash identifier: vPVsZHnNPLTXuvEF6gz6L3kRnZgVWMuqzpz/t+op/gU=
Subject key identifier: 67:32:32:E0:C9:B3:98:46:16:95:D0:71:3C:20:9D:6C:D9:A8:B8:A4
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 6F3918
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ZzIy4MmzmEYWldBxPCCdbNmouKQ.roa
Signing time: Sat 01 Jan 2022 03:01:01 +0000
ROA not before: Sat 01 Jan 2022 03:01:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397219
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7289112 (0x6f3918)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 03:01:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=673232e0c9b398461695d0713c209d6cd9a8b8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b8:bf:85:ac:76:4d:f1:c0:90:53:00:41:21:
8d:1b:11:7e:66:98:1a:01:50:4f:f1:ae:b7:01:00:
fd:63:5f:d8:be:68:4d:53:11:8b:75:7f:81:85:5c:
88:98:9d:c8:a2:58:21:06:c3:5b:48:52:e7:4f:2b:
a2:57:48:ce:b8:80:b3:a9:3b:fb:9b:ba:b7:23:3c:
9d:a2:41:b3:90:0d:ac:be:76:41:7f:87:1d:90:c3:
7b:5f:49:4f:70:ab:7d:d2:5d:00:12:ae:63:a4:ad:
9b:18:b7:74:60:5c:dd:bb:d2:58:87:57:58:b1:0a:
d7:08:e7:bd:54:9d:57:7e:9f:cd:e1:0a:33:81:62:
b7:13:ec:fb:d7:14:5d:b1:6b:46:ad:74:2f:ce:c9:
9b:13:cf:1b:46:42:08:a6:64:f7:f9:c6:24:4a:0a:
53:ad:38:a8:5d:9f:06:e6:e6:c5:ac:70:9a:79:ea:
ae:cf:67:8e:3d:24:fe:77:fb:c7:60:17:46:dc:03:
90:b7:c2:e4:c5:da:24:75:11:92:6c:b9:be:21:9f:
7b:72:27:68:4c:22:bc:dd:86:a9:7d:1f:4f:49:ff:
26:d1:fa:f3:1c:22:0e:f2:9e:5f:42:a5:c1:91:a2:
70:76:9e:68:90:de:ff:b1:aa:dd:bd:98:74:10:6d:
14:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:32:32:E0:C9:B3:98:46:16:95:D0:71:3C:20:9D:6C:D9:A8:B8:A4
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ZzIy4MmzmEYWldBxPCCdbNmouKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:2d:48:88:7f:2e:20:8b:44:8d:71:67:a2:a8:67:0b:54:8f:
2c:3b:88:57:dd:f8:b2:67:c4:96:2f:5c:7e:df:55:5b:00:39:
51:7c:52:2b:63:33:1d:1c:36:58:84:e1:7e:e1:33:34:e5:07:
1d:52:8a:62:80:0d:a4:48:22:ad:a9:c7:cd:cb:eb:1d:43:44:
10:fc:58:49:4a:a7:83:dc:74:3c:15:d3:7b:3c:f4:6a:68:42:
48:ba:10:da:ed:26:3f:c9:73:82:ce:ab:e9:0e:97:5b:21:ab:
a2:6e:eb:f4:7e:ba:1a:9a:e0:21:c7:1a:9e:b4:9e:8d:58:74:
e0:56:8b:5a:6f:d8:3d:72:0f:74:68:34:46:31:91:9f:f2:b9:
f1:3a:e7:1e:30:2b:6d:f2:cb:4c:03:db:e1:46:36:72:c0:36:
d8:a0:55:a2:82:64:24:a3:ff:76:c3:7d:15:6a:b9:35:5a:3f:
d2:23:29:19:03:f7:1c:36:31:61:e5:5e:f1:93:cb:04:92:15:
15:7a:a0:73:29:2d:c2:26:c2:74:3c:01:ca:20:a8:7f:3f:f3:
78:aa:e0:e6:c7:f1:3d:cd:15:89:22:ea:3a:13:59:3c:eb:77:
ba:64:26:f6:5c:c4:2c:fd:09:0f:05:4c:5a:4c:b0:6f:95:1b:
42:9f:ad:3b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDbzkYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2NzMyMzJlMGM5YjM5
ODQ2MTY5NWQwNzEzYzIwOWQ2Y2Q5YThiOGE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA6Li/hax2TfHAkFMAQSGNGxF+ZpgaAVBP8a63AQD9Y1/YvmhN
UxGLdX+BhVyImJ3IolghBsNbSFLnTyuiV0jOuICzqTv7m7q3IzydokGzkA2svnZB
f4cdkMN7X0lPcKt90l0AEq5jpK2bGLd0YFzdu9JYh1dYsQrXCOe9VJ1Xfp/N4Qoz
gWK3E+z71xRdsWtGrXQvzsmbE88bRkIIpmT3+cYkSgpTrTioXZ8G5ubFrHCaeequ
z2eOPST+d/vHYBdG3AOQt8LkxdokdRGSbLm+IZ97cidoTCK83YapfR9PSf8m0frz
HCIO8p5fQqXBkaJwdp5okN7/sardvZh0EG0UUQIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFGcyMuDJs5hGFpXQcTwgnWzZqLikMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
WnpJeTRNbXptRVlXbGRCeFBDQ2RiTm1vdUtRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQBbLUiIfy4gi0SNcWeiqGcLVI8sO4hX3fiyZ8SW
L1x+31VbADlRfFIrYzMdHDZYhOF+4TM05QcdUopigA2kSCKtqcfNy+sdQ0QQ/FhJ
SqeD3HQ8FdN7PPRqaEJIuhDa7SY/yXOCzqvpDpdbIauibuv0froamuAhxxqetJ6N
WHTgVotab9g9cg90aDRGMZGf8rnxOuceMCtt8stMA9vhRjZywDbYoFWigmQko/92
w30Vark1Wj/SIykZA/ccNjFh5V7xk8sEkhUVeqBzKS3CJsJ0PAHKIKh/P/N4quDm
x/E9zRWJIuo6E1k863e6ZCb2XMQs/QkPBUxaTLBvlRtCn607
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-fra.rpki-client.org