Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/Zj_3iG589K2_3yqgFxrpj-YI0CY.roa
File: Zj_3iG589K2_3yqgFxrpj-YI0CY.roa (raw, json)
Hash identifier: 76g2XoA380e4+bDRhRQjbvuqJB286QAivUnfk/3qG6E=
Subject key identifier: 66:3F:F7:88:6E:7C:F4:AD:BF:DF:2A:A0:17:1A:E9:8F:E6:08:D0:26
Certificate issuer: /CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Certificate serial: 3604FA92
Authority key identifier: 25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/Zj_3iG589K2_3yqgFxrpj-YI0CY.roa
Signing time: Wed 09 Feb 2022 16:04:54 +0000
ROA not before: Wed 09 Feb 2022 16:04:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198013
IP address blocks: 94.185.97.0/24 maxlen: 24
94.185.96.0/19 maxlen: 19
94.185.98.0/24 maxlen: 24
94.185.104.0/22 maxlen: 22
94.185.103.0/24 maxlen: 24
94.185.102.0/24 maxlen: 24
94.185.101.0/24 maxlen: 24
94.185.100.0/24 maxlen: 24
94.185.99.0/24 maxlen: 24
94.185.109.0/24 maxlen: 24
94.185.108.0/24 maxlen: 24
94.185.112.0/24 maxlen: 24
94.185.113.0/24 maxlen: 24
2a03:4580::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 906295954 (0x3604fa92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Validity
Not Before: Feb 9 16:04:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=663ff7886e7cf4adbfdf2aa0171ae98fe608d026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:83:da:3f:5a:f8:95:8a:47:7e:4d:14:6e:60:
f7:d1:7d:df:7d:5e:0d:05:31:2f:73:81:ac:3d:66:
bf:d7:d9:c5:bd:e6:62:46:fc:8a:d3:9a:80:59:5b:
16:8a:eb:5c:ae:6d:68:f5:80:70:42:86:a2:bf:46:
90:d7:41:d5:1e:92:fe:0d:83:db:c5:74:a7:b6:0e:
b3:fd:9b:91:71:ab:aa:73:55:9b:ad:d8:b3:cf:f9:
58:50:de:f1:ce:7c:3d:c5:7c:05:85:5d:e8:37:cd:
b1:e3:fc:f2:89:b9:ad:5f:a1:92:af:8c:df:fd:90:
d9:4f:fa:58:65:66:24:32:34:19:af:7d:5b:b6:78:
e6:d3:fc:64:22:3c:99:bf:64:8d:81:07:90:8c:24:
60:c1:37:13:45:3d:c2:e4:e4:09:8b:93:56:7f:ad:
a0:9e:fa:44:d6:ee:80:da:ed:98:91:9e:6f:ed:8b:
2e:0f:7b:de:e9:46:53:cc:8f:a4:e6:23:ab:17:32:
3e:54:3e:72:60:ab:c8:73:0e:e7:12:f5:37:3f:0c:
cd:ea:17:51:67:7f:5d:ac:e6:b5:1d:6b:b8:90:cb:
1d:ed:ac:b1:bb:79:a5:06:9e:6c:c0:be:20:c9:b6:
8d:a3:51:93:b1:7b:e6:10:2a:5f:04:ba:d6:d9:c1:
c6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:3F:F7:88:6E:7C:F4:AD:BF:DF:2A:A0:17:1A:E9:8F:E6:08:D0:26
X509v3 Authority Key Identifier:
keyid:25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/Zj_3iG589K2_3yqgFxrpj-YI0CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.185.96.0/19
IPv6:
2a03:4580::/32
Signature Algorithm: sha256WithRSAEncryption
63:80:64:4b:06:ca:67:a2:6c:d5:c1:33:c4:43:52:83:89:46:
a7:14:4e:56:55:02:65:68:e8:f8:5b:d1:a2:3c:22:bd:3f:7c:
41:fe:86:5e:c2:fd:13:e7:37:18:c9:23:68:ee:a0:42:03:66:
4b:cd:13:a7:a3:84:8a:f3:ba:f9:97:16:c3:60:a4:01:20:94:
e6:8b:61:8b:61:0c:34:00:19:a4:86:af:a4:db:37:8e:bf:41:
30:ac:c6:c8:06:95:82:68:d8:29:61:ec:01:d9:51:23:45:83:
8f:62:6d:33:fe:c2:7c:2b:63:a4:b4:68:db:b1:0f:20:45:d7:
e9:58:a3:cd:82:d8:e7:9f:2c:58:23:de:93:51:84:07:33:09:
f7:11:fd:20:8f:6d:bd:93:19:ba:b9:e0:2c:8b:43:8d:3b:d9:
bb:82:4a:83:d4:29:53:15:40:50:7a:fd:40:15:34:56:d4:3e:
34:30:d8:fd:23:7b:46:7b:de:ff:fb:72:e9:b1:ef:d4:f6:2d:
57:ba:7b:09:9a:19:fb:25:d1:9e:81:54:d8:02:d0:81:fd:a7:
7b:62:b1:42:ef:a2:d4:52:ea:f8:8a:03:49:2c:ca:28:b7:c2:
bd:7b:2c:a0:a4:01:03:63:c0:92:61:fb:79:a8:87:0d:00:a7:
ed:7c:72:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENgT6kjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NTg4YjFiNTYwZjk5OGVjY2QzYTZlZmY0MDU0M2I1OTIwNGQ2N2I4MB4XDTIyMDIw
OTE2MDQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjYzZmY3ODg2ZTdj
ZjRhZGJmZGYyYWEwMTcxYWU5OGZlNjA4ZDAyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKD2j9a+JWKR35NFG5g99F9331eDQUxL3OBrD1mv9fZxb3m
Ykb8itOagFlbForrXK5taPWAcEKGor9GkNdB1R6S/g2D28V0p7YOs/2bkXGrqnNV
m63Ys8/5WFDe8c58PcV8BYVd6DfNseP88om5rV+hkq+M3/2Q2U/6WGVmJDI0Ga99
W7Z45tP8ZCI8mb9kjYEHkIwkYME3E0U9wuTkCYuTVn+toJ76RNbugNrtmJGeb+2L
Lg973ulGU8yPpOYjqxcyPlQ+cmCryHMO5xL1Nz8MzeoXUWd/XazmtR1ruJDLHe2s
sbt5pQaebMC+IMm2jaNRk7F75hAqXwS61tnBxokCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRmP/eIbnz0rb/fKqAXGumP5gjQJjAfBgNVHSMEGDAWgBQliLG1YPmY7M06
bv9AVDtZIE1nuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pZaXh0V0Q1bU96Tk9tN19RRlE3V1NCTlo3Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvMThkNmQ1LTZjODYtNDJjMS04NGYxLTk5YTAxODk4ODhiNS8x
L1pqXzNpRzU4OUsyXzN5cWdGeHJwai1ZSTBDWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
MThkNmQ1LTZjODYtNDJjMS04NGYxLTk5YTAxODk4ODhiNS8xL0pZaXh0V0Q1bU96
Tk9tN19RRlE3V1NCTlo3Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBV65YDANBAIAAjAHAwUAKgNFgDAN
BgkqhkiG9w0BAQsFAAOCAQEAY4BkSwbKZ6Js1cEzxENSg4lGpxROVlUCZWjo+FvR
ojwivT98Qf6GXsL9E+c3GMkjaO6gQgNmS80Tp6OEivO6+ZcWw2CkASCU5othi2EM
NAAZpIavpNs3jr9BMKzGyAaVgmjYKWHsAdlRI0WDj2JtM/7CfCtjpLRo27EPIEXX
6VijzYLY558sWCPek1GEBzMJ9xH9II9tvZMZurngLItDjTvZu4JKg9QpUxVAUHr9
QBU0VtQ+NDDY/SN7Rnve//ty6bHv1PYtV7p7CZoZ+yXRnoFU2ALQgf2ne2KxQu+i
1FLq+IoDSSzKKLfCvXssoKQBA2PAkmH7eaiHDQCn7Xxycw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:06 2023 by rpki-client on console-fra.rpki-client.org