Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/ZsYZ53C2hu9mCxAhzEOlffZcL20.roa
File: ZsYZ53C2hu9mCxAhzEOlffZcL20.roa (raw, json)
Hash identifier: Srq9CNcAnhbk0BSgh5Ngilf4RzgA27hvpsqrxsOEd8w=
Subject key identifier: 66:C6:19:E7:70:B6:86:EF:66:0B:10:21:CC:43:A5:7D:F6:5C:2F:6D
Certificate issuer: /CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Certificate serial: 051F8F77
Authority key identifier: 27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/ZsYZ53C2hu9mCxAhzEOlffZcL20.roa
Signing time: Sat 01 Jan 2022 04:04:16 +0000
ROA not before: Sat 01 Jan 2022 04:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47262
IP address blocks: 212.120.192.0/19 maxlen: 19
46.245.0.0/18 maxlen: 20
95.81.64.0/24 maxlen: 24
95.81.65.0/24 maxlen: 24
95.81.68.0/23 maxlen: 23
95.81.104.0/21 maxlen: 21
2a00:d20::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85954423 (0x51f8f77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Validity
Not Before: Jan 1 04:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66c619e770b686ef660b1021cc43a57df65c2f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:35:be:0d:57:59:18:5a:68:23:39:8e:4d:a1:
ac:83:4a:49:43:85:0c:c4:6c:13:50:23:53:a1:88:
4f:f3:6a:03:28:7a:40:30:06:44:9e:21:4d:b7:d2:
a5:74:90:9f:4e:8b:86:ea:0f:71:c6:50:23:26:b7:
af:4b:0c:57:c6:d4:41:41:fa:b0:ef:04:f6:0f:4d:
31:d7:c4:af:83:cd:0e:62:76:b7:64:89:f9:13:fa:
39:ba:42:36:99:e0:cd:56:4a:0f:f1:7b:0c:7a:47:
d0:a5:74:63:87:c7:af:b1:cb:07:d1:e7:04:69:fe:
dd:f6:a6:29:d7:9e:5a:f8:db:7d:9c:60:3c:ae:0f:
92:10:37:d8:c6:35:68:4d:2c:e4:57:c2:05:75:9e:
6d:41:ca:fb:75:b2:37:11:81:13:94:02:0d:0b:d2:
1e:38:47:dc:37:5a:8a:12:41:08:c0:9a:d7:12:0a:
e1:54:43:0d:42:90:dc:8e:a4:58:c4:27:2b:92:84:
a0:f0:c5:cc:0c:4d:a9:36:0d:13:e3:67:a5:61:60:
ff:a6:a6:58:0e:58:f5:ff:ec:73:90:65:dc:44:3c:
ff:1a:d3:b0:b9:99:d4:7b:4c:60:12:c6:59:f0:cf:
02:2f:44:bc:af:c4:87:ed:06:6e:1b:ec:6d:64:67:
3a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C6:19:E7:70:B6:86:EF:66:0B:10:21:CC:43:A5:7D:F6:5C:2F:6D
X509v3 Authority Key Identifier:
keyid:27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/ZsYZ53C2hu9mCxAhzEOlffZcL20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.0.0/18
95.81.64.0/23
95.81.68.0/23
95.81.104.0/21
212.120.192.0/19
IPv6:
2a00:d20::/32
Signature Algorithm: sha256WithRSAEncryption
7e:de:d9:53:54:36:5c:de:fa:47:15:0d:37:13:0f:4b:77:b0:
a4:fa:e4:7e:02:14:19:e2:c7:7a:e3:57:19:6f:8a:a5:d2:34:
32:0e:7f:58:9a:76:50:ef:eb:5b:07:21:ef:b0:71:43:f5:e3:
4a:3c:1a:79:29:3a:90:28:ae:98:04:a2:cf:0b:41:52:03:7d:
c0:3c:32:95:2d:54:07:63:2e:dc:c5:95:f7:12:f8:96:76:cb:
1c:11:1d:63:03:d2:b4:0e:1b:38:78:31:bb:2f:a9:5f:1f:51:
0d:15:c6:d0:2b:6b:1c:9a:cc:01:b8:8f:d2:f5:9f:8a:f1:39:
88:c7:39:1f:e4:f9:9c:e7:13:72:db:41:25:d8:f4:74:fa:9c:
ec:37:b4:ed:78:58:41:78:6c:a3:b2:10:c7:a1:81:e9:a7:07:
14:84:af:59:a7:b2:46:c4:94:58:b1:0d:5c:54:1c:f9:2d:43:
a3:f0:4c:71:b6:c1:50:95:97:a2:46:0d:a8:af:c0:0d:b9:fc:
32:da:09:4c:87:7d:d8:47:81:ab:2f:e2:90:80:14:ce:2f:49:
b5:b3:23:f6:93:0f:cf:93:3f:63:8b:53:2a:4e:18:0c:2a:8a:
4a:52:a1:b1:e4:66:ab:02:d1:ed:8b:af:7b:cd:64:39:00:9b:
f8:52:fc:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBR+PdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NzJlZDA5MGFjZjdjODI5YTIyYmJmYmUyYjBlOTk4Y2QyMGFkODI2MB4XDTIyMDEw
MTA0MDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZjNjE5ZTc3MGI2
ODZlZjY2MGIxMDIxY2M0M2E1N2RmNjVjMmY2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALw1vg1XWRhaaCM5jk2hrINKSUOFDMRsE1AjU6GIT/NqAyh6
QDAGRJ4hTbfSpXSQn06LhuoPccZQIya3r0sMV8bUQUH6sO8E9g9NMdfEr4PNDmJ2
t2SJ+RP6ObpCNpngzVZKD/F7DHpH0KV0Y4fHr7HLB9HnBGn+3famKdeeWvjbfZxg
PK4PkhA32MY1aE0s5FfCBXWebUHK+3WyNxGBE5QCDQvSHjhH3DdaihJBCMCa1xIK
4VRDDUKQ3I6kWMQnK5KEoPDFzAxNqTYNE+NnpWFg/6amWA5Y9f/sc5Bl3EQ8/xrT
sLmZ1HtMYBLGWfDPAi9EvK/Eh+0GbhvsbWRnOvECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRmxhnncLaG72YLECHMQ6V99lwvbTAfBgNVHSMEGDAWgBQnLtCQrPfIKaIr
v74rDpmM0grYJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0p5N1FrS3ozeUNtaUs3LS1LdzZaak5JSzJDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvYTE1Zjk2LWVjMTgtNDY0NC04OWIzLWFjYzIyYmI0ZGNlZC8x
L1pzWVo1M0MyaHU5bUN4QWh6RU9sZmZaY0wyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
YTE1Zjk2LWVjMTgtNDY0NC04OWIzLWFjYzIyYmI0ZGNlZC8xL0p5N1FrS3ozeUNt
aUs3LS1LdzZaak5JSzJDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBi71AAMEAV9RQAMEAV9RRAMEA19R
aAMEBdR4wDANBAIAAjAHAwUAKgANIDANBgkqhkiG9w0BAQsFAAOCAQEAft7ZU1Q2
XN76RxUNNxMPS3ewpPrkfgIUGeLHeuNXGW+KpdI0Mg5/WJp2UO/rWwch77BxQ/Xj
SjwaeSk6kCiumASizwtBUgN9wDwylS1UB2Mu3MWV9xL4lnbLHBEdYwPStA4bOHgx
uy+pXx9RDRXG0CtrHJrMAbiP0vWfivE5iMc5H+T5nOcTcttBJdj0dPqc7De07XhY
QXhso7IQx6GB6acHFISvWaeyRsSUWLENXFQc+S1Do/BMcbbBUJWXokYNqK/ADbn8
MtoJTId92EeBqy/ikIAUzi9JtbMj9pMPz5M/Y4tTKk4YDCqKSlKhseRmqwLR7Yuv
e81kOQCb+FL8Ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:40 2024 by rpki-client on console-ams.rpki-client.org