Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/zwZq83ozoexxTP5D-bVoid2nrmw.roa
File: zwZq83ozoexxTP5D-bVoid2nrmw.roa (raw, json)
Hash identifier: O4pkvdGCtexK7ghF9q7wKJtEvcjtotzmIVZeibGurMw=
Subject key identifier: CF:06:6A:F3:7A:33:A1:EC:71:4C:FE:43:F9:B5:68:89:DD:A7:AE:6C
Certificate issuer: /CN=40f872e4cdb07d6839147e43a4a419bc84ba3214
Certificate serial: 706D5B
Authority key identifier: 40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/zwZq83ozoexxTP5D-bVoid2nrmw.roa
Signing time: Sat 01 Jan 2022 03:52:05 +0000
ROA not before: Sat 01 Jan 2022 03:52:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31126
IP address blocks: 185.91.96.0/24 maxlen: 24
185.91.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7368027 (0x706d5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40f872e4cdb07d6839147e43a4a419bc84ba3214
Validity
Not Before: Jan 1 03:52:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf066af37a33a1ec714cfe43f9b56889dda7ae6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9c:01:b9:52:56:3c:b1:1f:f0:d2:27:59:85:
5c:3b:d3:d9:19:90:3f:93:c5:a6:ca:4d:d8:b6:6d:
e8:7c:29:4a:e8:7d:e0:ae:82:1d:f6:ce:fb:2c:dd:
f7:d6:c6:7d:da:21:8f:c2:b9:ae:20:92:72:e6:78:
9c:9c:08:39:22:58:8c:fd:59:8f:a5:01:79:4b:e7:
9d:c3:b6:c5:f1:13:19:fa:84:15:cb:65:96:b1:b6:
b6:6c:7f:53:bf:4f:3f:0f:6f:c8:d2:2d:97:06:71:
3e:df:fc:37:ef:36:cd:bc:d9:98:91:7b:0d:b4:4c:
a6:69:c1:7f:04:8a:8a:68:04:b0:64:ea:57:78:f0:
bb:a1:7b:0d:93:ee:3d:43:10:40:e9:e7:c9:23:dc:
f7:7d:da:f9:11:f2:80:fb:da:f4:c9:0a:dc:83:ca:
7f:36:01:d0:8e:f3:f4:f9:90:32:de:eb:f6:8d:9e:
15:c1:5b:40:54:c9:3c:31:86:b3:d5:dd:d7:bb:d5:
11:4f:0c:25:ef:15:73:43:85:17:c9:8f:85:24:7c:
22:a5:dc:48:6f:c1:72:b1:86:bd:bb:de:2a:3e:d4:
94:58:f2:8f:3d:9a:bf:ef:b8:d6:bd:41:a7:2a:c2:
c3:54:5c:f3:bc:42:45:c2:29:59:ea:e9:48:9c:bb:
93:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:06:6A:F3:7A:33:A1:EC:71:4C:FE:43:F9:B5:68:89:DD:A7:AE:6C
X509v3 Authority Key Identifier:
keyid:40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/zwZq83ozoexxTP5D-bVoid2nrmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.96.0/24
185.91.99.0/24
Signature Algorithm: sha256WithRSAEncryption
84:cf:10:a1:2b:fa:48:1c:8b:40:1b:42:05:57:e5:b0:47:49:
eb:58:dd:66:a7:5c:11:fe:99:49:23:f2:70:0f:9d:da:9f:eb:
b5:b3:10:95:f1:76:bb:31:f6:ce:7a:88:26:12:03:67:cf:ff:
2a:08:f2:3e:f8:6c:95:c3:5e:50:9b:95:f5:b4:0e:17:e2:d4:
8d:90:59:01:8b:6b:3f:a7:b7:17:ad:56:2d:f9:5d:27:d0:4e:
ad:71:9c:ad:78:4f:b8:0a:33:1e:32:29:7b:18:bb:81:e2:5b:
0a:a1:a3:86:5e:d3:40:bc:68:70:1a:f0:18:62:33:ae:05:51:
6b:82:49:2f:cf:4d:d6:25:ad:b1:fd:7b:33:5d:88:c8:b1:63:
6a:ca:5c:73:8b:65:d1:b7:e6:75:a1:97:b8:de:3a:d6:b3:1f:
5a:9f:4e:e2:36:24:38:97:76:1f:f7:ce:70:1f:77:7a:d1:9f:
88:5f:67:a4:a4:c0:b7:25:f7:4f:df:5b:b1:bc:e3:ae:61:52:
be:69:7e:80:92:ba:bf:4f:d6:cb:73:e5:21:59:8d:88:04:5e:
3c:20:c8:e6:80:91:79:01:06:e0:51:a8:ab:c5:eb:ad:f7:05:
f6:f4:00:8e:8e:5f:97:3d:82:7e:81:7e:e7:8c:73:33:21:14:
8c:2c:25:bc
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDcG1bMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQw
Zjg3MmU0Y2RiMDdkNjgzOTE0N2U0M2E0YTQxOWJjODRiYTMyMTQwHhcNMjIwMTAx
MDM1MjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZjA2NmFmMzdhMzNh
MWVjNzE0Y2ZlNDNmOWI1Njg4OWRkYTdhZTZjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArZwBuVJWPLEf8NInWYVcO9PZGZA/k8Wmyk3Ytm3ofClK6H3g
roId9s77LN331sZ92iGPwrmuIJJy5nicnAg5IliM/VmPpQF5S+edw7bF8RMZ+oQV
y2WWsba2bH9Tv08/D2/I0i2XBnE+3/w37zbNvNmYkXsNtEymacF/BIqKaASwZOpX
ePC7oXsNk+49QxBA6efJI9z3fdr5EfKA+9r0yQrcg8p/NgHQjvP0+ZAy3uv2jZ4V
wVtAVMk8MYaz1d3Xu9URTwwl7xVzQ4UXyY+FJHwipdxIb8FysYa9u94qPtSUWPKP
PZq/77jWvUGnKsLDVFzzvEJFwilZ6ulInLuT/wIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFM8GavN6M6HscUz+Q/m1aIndp65sMB8GA1UdIwQYMBaAFED4cuTNsH1oORR+
Q6SkGbyEujIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UVBoeTVNMndmV2c1Rkg1RHBLUVp2SVM2TWhRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81OC81YzkyZDUtYTdlYi00OTI5LWFlMTktZGExMzhhZGUyMjJiLzEv
endacTgzb3pvZXh4VFA1RC1iVm9pZDJucm13LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81
YzkyZDUtYTdlYi00OTI5LWFlMTktZGExMzhhZGUyMjJiLzEvUVBoeTVNMndmV2c1
Rkg1RHBLUVp2SVM2TWhRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVtgAwQAuVtjMA0GCSqGSIb3DQEB
CwUAA4IBAQCEzxChK/pIHItAG0IFV+WwR0nrWN1mp1wR/plJI/JwD53an+u1sxCV
8Xa7MfbOeogmEgNnz/8qCPI++GyVw15Qm5X1tA4X4tSNkFkBi2s/p7cXrVYt+V0n
0E6tcZyteE+4CjMeMil7GLuB4lsKoaOGXtNAvGhwGvAYYjOuBVFrgkkvz03WJa2x
/XszXYjIsWNqylxzi2XRt+Z1oZe43jrWsx9an07iNiQ4l3Yf985wH3d60Z+IX2ek
pMC3JfdP31uxvOOuYVK+aX6Akrq/T9bLc+UhWY2IBF48IMjmgJF5AQbgUairxeut
9wX29ACOjl+XPYJ+gX7njHMzIRSMLCW8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:54 2024 by rpki-client on console-ams.rpki-client.org