Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/Z8mBHOiA9mmny_7D63tOmTLdF1Q.roa
File: Z8mBHOiA9mmny_7D63tOmTLdF1Q.roa (raw, json)
Hash identifier: HKf4y/S4muKBzUn7POI19X+TkmFm2tWbp+IkaWHPBHs=
Subject key identifier: 67:C9:81:1C:E8:80:F6:69:A7:CB:FE:C3:EB:7B:4E:99:32:DD:17:54
Certificate issuer: /CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Certificate serial: 05F2FB
Authority key identifier: CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/Z8mBHOiA9mmny_7D63tOmTLdF1Q.roa
Signing time: Mon 23 May 2022 14:19:29 +0000
ROA not before: Mon 23 May 2022 14:19:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12329
IP address blocks: 212.23.128.0/19 maxlen: 24
81.173.6.0/24 maxlen: 24
185.249.168.0/22 maxlen: 24
62.221.232.0/21 maxlen: 24
62.221.240.0/21 maxlen: 24
2001:7d8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 389883 (0x5f2fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Validity
Not Before: May 23 14:19:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67c9811ce880f669a7cbfec3eb7b4e9932dd1754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a3:38:c6:2d:1e:1a:e2:76:ce:e4:e5:59:26:
cf:fb:e1:f1:16:28:2b:a3:f1:c0:79:9e:e1:0a:f2:
6e:ba:62:a1:eb:83:ee:17:bf:a1:67:d6:0e:24:ca:
0f:12:2f:23:7e:19:32:ea:fc:71:d4:e0:ba:03:d1:
41:bd:12:09:c1:82:56:e6:40:2f:30:d9:ae:a7:b2:
92:40:1d:73:18:f0:60:86:33:94:2c:67:2a:b5:fa:
86:9d:e8:c5:d2:86:c0:38:70:4a:f1:e9:48:82:f3:
2c:d4:20:f9:c3:11:c2:64:49:b6:ca:0e:71:16:81:
5b:f0:d2:77:9b:f4:54:19:d2:05:96:af:3d:63:21:
79:c1:e7:70:30:2b:36:96:63:5f:64:d3:4f:40:ba:
bb:e8:24:fc:5d:c6:d0:59:d4:9c:66:f8:1a:9f:1f:
48:e8:86:21:17:49:7b:98:4b:d6:6f:a4:4b:38:0a:
c6:13:f0:db:5c:36:2f:1d:8e:6c:97:96:31:5c:47:
6c:dd:f5:55:b3:6b:ba:af:d8:f7:66:e2:e1:b6:7c:
bc:46:0e:fb:41:a1:5f:b3:c4:2f:01:cd:cb:3c:30:
6b:5a:ad:20:89:89:5c:af:ce:40:10:7e:60:32:e7:
db:0a:66:fe:f3:a0:ec:63:d6:e2:8e:f2:20:41:d7:
c2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C9:81:1C:E8:80:F6:69:A7:CB:FE:C3:EB:7B:4E:99:32:DD:17:54
X509v3 Authority Key Identifier:
keyid:CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/Z8mBHOiA9mmny_7D63tOmTLdF1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/z9s9kEs0RAVGtiQdeJTZMwC8vSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.232.0-62.221.247.255
81.173.6.0/24
185.249.168.0/22
212.23.128.0/19
IPv6:
2001:7d8::/32
Signature Algorithm: sha256WithRSAEncryption
90:61:9f:db:9b:db:68:e0:25:9c:06:67:f7:05:ae:a5:7b:97:
c5:72:a0:6c:71:30:73:f1:f8:12:63:38:98:16:42:f0:f8:d6:
a6:53:e5:ba:7d:4a:80:7f:90:0a:31:cf:ea:30:f8:ad:72:ea:
2b:7c:5b:e7:70:91:cc:11:18:8d:41:71:1d:17:34:d9:34:c0:
17:89:5c:21:26:9b:1c:c5:5f:ea:84:f1:69:29:d7:55:c2:99:
24:39:a5:00:84:9a:40:ac:f8:2c:91:63:e2:fa:34:d3:0c:bb:
3c:a2:0b:76:6b:d8:f8:73:7d:42:fd:2e:0c:03:2c:a6:2c:7c:
36:e9:bb:75:51:04:c6:51:a1:f5:32:97:83:2c:ad:bf:fa:7f:
5e:94:a2:2e:b3:cc:6a:28:c0:c7:59:0d:55:b6:ce:e9:26:b3:
51:ca:b6:e3:af:d2:52:8c:de:36:c6:66:af:ab:78:68:98:f1:
09:40:79:f5:9e:a5:7e:f6:29:7f:a7:09:58:be:f0:c9:ca:eb:
ee:9b:b3:12:5e:21:1b:d0:71:61:8a:9d:ad:00:9d:49:6f:42:
7e:57:77:59:9d:73:2c:37:ab:4c:5b:0d:fb:7a:6c:1b:8a:3b:
c4:f3:f3:b7:66:7f:29:9d:17:ef:b0:fc:bb:c6:54:f3:ea:a0:
4f:c3:b1:5a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIDBfL7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNm
ZGIzZDkwNGIzNDQ0MDU0NmI2MjQxZDc4OTRkOTMzMDBiY2JkMjgwHhcNMjIwNTIz
MTQxOTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2N2M5ODExY2U4ODBm
NjY5YTdjYmZlYzNlYjdiNGU5OTMyZGQxNzU0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArKM4xi0eGuJ2zuTlWSbP++HxFigro/HAeZ7hCvJuumKh64Pu
F7+hZ9YOJMoPEi8jfhky6vxx1OC6A9FBvRIJwYJW5kAvMNmup7KSQB1zGPBghjOU
LGcqtfqGnejF0obAOHBK8elIgvMs1CD5wxHCZEm2yg5xFoFb8NJ3m/RUGdIFlq89
YyF5wedwMCs2lmNfZNNPQLq76CT8XcbQWdScZvganx9I6IYhF0l7mEvWb6RLOArG
E/DbXDYvHY5sl5YxXEds3fVVs2u6r9j3ZuLhtny8Rg77QaFfs8QvAc3LPDBrWq0g
iYlcr85AEH5gMufbCmb+86DsY9bijvIgQdfCTwIDAQABo4ICMjCCAi4wHQYDVR0O
BBYEFGfJgRzogPZpp8v+w+t7Tpky3RdUMB8GA1UdIwQYMBaAFM/bPZBLNEQFRrYk
HXiU2TMAvL0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ejlzOWtFczBSQVZHdGlRZGVKVFpNd0M4dlNnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81ZS85MjVhYjktMjFmZS00YmJmLWFjMGUtNmU3NTYxNTM1YmJkLzEv
WjhtQkhPaUE5bW1ueV83RDYzdE9tVExkRjFRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85
MjVhYjktMjFmZS00YmJmLWFjMGUtNmU3NTYxNTM1YmJkLzEvejlzOWtFczBSQVZH
dGlRZGVKVFpNd0M4dlNnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEgG
CCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAM+3egDBAM+3fADBABRrQYDBAK5
+agDBAXUF4AwDQQCAAIwBwMFACABB9gwDQYJKoZIhvcNAQELBQADggEBAJBhn9ub
22jgJZwGZ/cFrqV7l8VyoGxxMHPx+BJjOJgWQvD41qZT5bp9SoB/kAoxz+ow+K1y
6it8W+dwkcwRGI1BcR0XNNk0wBeJXCEmmxzFX+qE8Wkp11XCmSQ5pQCEmkCs+CyR
Y+L6NNMMuzyiC3Zr2PhzfUL9LgwDLKYsfDbpu3VRBMZRofUyl4Msrb/6f16Uoi6z
zGoowMdZDVW2zukms1HKtuOv0lKM3jbGZq+reGiY8QlAefWepX72KX+nCVi+8MnK
6+6bsxJeIRvQcWGKna0AnUlvQn5Xd1mdcyw3q0xbDft6bBuKO8Tz87dmfymdF++w
/LvGVPPqoE/DsVo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:32 2023 by rpki-client on console-ams.rpki-client.org