Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/zxJKwfCGfNPPZFgLAoCGZQfARGI.roa
File: zxJKwfCGfNPPZFgLAoCGZQfARGI.roa (raw, json)
Hash identifier: Qzbqd9pJCpWYuGF1qCfz6dqAav2Osl5NJGwFKV3DAhs=
Subject key identifier: CF:12:4A:C1:F0:86:7C:D3:CF:64:58:0B:02:80:86:65:07:C0:44:62
Certificate issuer: /CN=b4425cf5501344ac5acc307abd0af013fac67073
Certificate serial: 02E62365
Authority key identifier: B4:42:5C:F5:50:13:44:AC:5A:CC:30:7A:BD:0A:F0:13:FA:C6:70:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/zxJKwfCGfNPPZFgLAoCGZQfARGI.roa
Signing time: Sat 01 Jan 2022 06:58:44 +0000
ROA not before: Sat 01 Jan 2022 06:58:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202709
IP address blocks: 194.48.180.0/22 maxlen: 22
193.26.2.0/24 maxlen: 24
193.25.255.0/24 maxlen: 24
185.119.228.0/22 maxlen: 22
193.26.0.0/24 maxlen: 24
193.26.12.0/24 maxlen: 24
5.61.216.0/21 maxlen: 21
45.82.132.0/22 maxlen: 22
185.58.132.0/22 maxlen: 22
2a02:63e0::/32 maxlen: 32
2a0e:6b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48636773 (0x2e62365)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4425cf5501344ac5acc307abd0af013fac67073
Validity
Not Before: Jan 1 06:58:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf124ac1f0867cd3cf64580b0280866507c04462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:22:10:a8:c8:b9:aa:3a:a7:27:a8:a3:e8:3a:
f4:52:41:92:fd:db:8c:1c:72:b3:88:ef:7c:6d:76:
7c:b0:f7:83:1e:3c:5e:66:3d:f1:42:3f:5e:a7:23:
e2:4f:cd:68:f7:4c:5a:97:6d:f4:53:f6:2c:2f:33:
66:c1:91:56:09:af:5f:8b:d0:af:95:2a:9c:03:1c:
8d:b8:81:7f:1e:50:8b:9a:35:79:90:99:6d:43:fd:
bb:d0:3b:5c:f7:72:77:9b:30:cc:40:65:0e:b1:15:
fa:8c:c6:6c:b9:a5:31:88:30:0a:91:49:3c:ec:f7:
7d:00:58:d5:d1:7c:a4:c0:e8:46:30:4e:6f:6c:fa:
77:33:20:b4:77:92:5c:14:21:d7:de:9d:a7:5f:9f:
94:dd:8c:67:e2:2d:c5:24:67:7b:b4:d4:7e:dd:c2:
0f:22:04:87:b5:bf:0a:43:2f:1a:95:19:c3:20:52:
b3:12:fb:1e:2c:5a:91:c4:c1:7b:36:1d:5c:fe:86:
c3:81:30:45:b5:ec:e3:24:d1:8f:32:e9:fe:72:65:
72:0f:97:c0:38:40:53:3b:35:0a:e5:e6:66:a5:5e:
31:17:f8:a3:31:cc:e7:74:08:a5:6f:d0:f8:e1:f9:
5d:a9:59:5c:c2:9c:28:44:46:6b:a1:21:64:ab:fb:
7c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:12:4A:C1:F0:86:7C:D3:CF:64:58:0B:02:80:86:65:07:C0:44:62
X509v3 Authority Key Identifier:
keyid:B4:42:5C:F5:50:13:44:AC:5A:CC:30:7A:BD:0A:F0:13:FA:C6:70:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/zxJKwfCGfNPPZFgLAoCGZQfARGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.216.0/21
45.82.132.0/22
185.58.132.0/22
185.119.228.0/22
193.25.255.0-193.26.0.255
193.26.2.0/24
193.26.12.0/24
194.48.180.0/22
IPv6:
2a02:63e0::/32
2a0e:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
40:96:14:c0:3a:8c:70:ff:7b:ab:13:d4:e2:0b:9c:d5:83:bc:
93:58:4b:5d:ae:37:ef:69:be:49:13:c1:c8:2c:1f:32:50:c4:
1b:43:a7:9c:e2:cc:3b:d7:52:95:1d:53:54:1c:17:41:42:6f:
1e:01:57:1f:1a:b5:8e:52:8e:cd:ba:14:2a:72:1e:5b:84:b9:
98:46:36:0e:53:2e:34:66:d1:02:bf:68:55:61:d8:41:ba:87:
4d:8d:7c:b3:34:42:e3:d7:46:c9:23:ba:b1:3e:96:9a:f0:dd:
34:19:a1:e9:b0:2d:73:d3:7b:a3:8b:a3:4c:76:ad:f5:8d:56:
36:7b:3d:77:44:dd:69:a2:2c:24:45:f2:83:ab:f9:78:7f:29:
4c:4d:7f:c2:e5:65:3e:c6:6a:c5:48:d2:28:e1:fb:ea:7f:f7:
b2:15:a4:cd:73:96:37:dc:28:11:94:93:6d:31:a7:f6:0a:94:
59:45:f2:6b:e0:0c:8c:31:bb:26:c0:2d:0a:02:f2:4a:62:df:
fa:57:b7:e6:14:5b:fb:38:d1:9d:7a:43:e7:d6:8e:03:dd:f5:
5a:45:f0:c5:ab:41:17:ad:b3:e4:34:57:92:04:e2:c9:b5:5c:
95:61:4f:1d:cc:d2:e2:37:16:ca:3c:8d:12:32:99:d7:f5:59:
9f:72:61:0a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEAuYjZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDQyNWNmNTUwMTM0NGFjNWFjYzMwN2FiZDBhZjAxM2ZhYzY3MDczMB4XDTIyMDEw
MTA2NTg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YxMjRhYzFmMDg2
N2NkM2NmNjQ1ODBiMDI4MDg2NjUwN2MwNDQ2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYiEKjIuao6pyeoo+g69FJBkv3bjBxys4jvfG12fLD3gx48
XmY98UI/Xqcj4k/NaPdMWpdt9FP2LC8zZsGRVgmvX4vQr5UqnAMcjbiBfx5Qi5o1
eZCZbUP9u9A7XPdyd5swzEBlDrEV+ozGbLmlMYgwCpFJPOz3fQBY1dF8pMDoRjBO
b2z6dzMgtHeSXBQh196dp1+flN2MZ+ItxSRne7TUft3CDyIEh7W/CkMvGpUZwyBS
sxL7HixakcTBezYdXP6Gw4EwRbXs4yTRjzLp/nJlcg+XwDhAUzs1CuXmZqVeMRf4
ozHM53QIpW/Q+OH5XalZXMKcKERGa6EhZKv7fNsCAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBTPEkrB8IZ8089kWAsCgIZlB8BEYjAfBgNVHSMEGDAWgBS0Qlz1UBNErFrM
MHq9CvAT+sZwczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RFSmM5VkFUUkt4YXpEQjZ2UXJ3RV9yR2NITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNmFjMGEyLTVjNmMtNDM1Ny05N2U0LWNlYjhhYjZkMTEyZS8x
L3p4Skt3ZkNHZk5QUFpGZ0xBb0NHWlFmQVJHSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
NmFjMGEyLTVjNmMtNDM1Ny05N2U0LWNlYjhhYjZkMTEyZS8xL3RFSmM5VkFUUkt4
YXpEQjZ2UXJ3RV9yR2NITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwPgQCAAEwOAMEAwU92AMEAi1ShAMEArk6hAMEArl3
5DAMAwQAwRn/AwQAwRoAAwQAwRoCAwQAwRoMAwQCwjC0MBQEAgACMA4DBQAqAmPg
AwUDKg5rgDANBgkqhkiG9w0BAQsFAAOCAQEAQJYUwDqMcP97qxPU4guc1YO8k1hL
Xa4372m+SRPByCwfMlDEG0OnnOLMO9dSlR1TVBwXQUJvHgFXHxq1jlKOzboUKnIe
W4S5mEY2DlMuNGbRAr9oVWHYQbqHTY18szRC49dGySO6sT6WmvDdNBmh6bAtc9N7
o4ujTHat9Y1WNns9d0TdaaIsJEXyg6v5eH8pTE1/wuVlPsZqxUjSKOH76n/3shWk
zXOWN9woEZSTbTGn9gqUWUXya+AMjDG7JsAtCgLySmLf+le35hRb+zjRnXpD59aO
A931WkXwxatBF62z5DRXkgTiybVclWFPHczS4jcWyjyNEjKZ1/VZn3JhCg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:49 2023 by rpki-client on console-ams.rpki-client.org