Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/zDvxbgq6uIDXT1kYGk7UsVC6R3E.roa
File: zDvxbgq6uIDXT1kYGk7UsVC6R3E.roa (raw, json)
Hash identifier: UmzmXWPhhlnWLCcVP4uaUKnV41QoDAmuN27mM8xjBlo=
Subject key identifier: CC:3B:F1:6E:0A:BA:B8:80:D7:4F:59:18:1A:4E:D4:B1:50:BA:47:71
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 110A9AAB
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/zDvxbgq6uIDXT1kYGk7UsVC6R3E.roa
Signing time: Sat 01 Jan 2022 07:02:22 +0000
ROA not before: Sat 01 Jan 2022 07:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47820
IP address blocks: 185.148.224.0/22 maxlen: 24
109.234.0.0/21 maxlen: 21
91.205.116.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 285907627 (0x110a9aab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 07:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc3bf16e0abab880d74f59181a4ed4b150ba4771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:05:97:08:7f:1a:f2:52:f4:f0:35:e6:d6:71:
f5:ff:85:5a:cf:4c:95:66:f7:3e:9c:ee:bb:f8:96:
04:5b:fc:bb:8a:5b:f9:3b:ab:bf:be:18:24:99:2a:
d5:c1:25:3e:4a:78:71:05:d1:46:48:b1:b5:c4:fc:
41:e3:5a:69:2d:0c:dd:e5:28:c5:94:7b:0c:23:c5:
d9:49:74:bc:68:39:e6:89:a0:8a:d2:c2:db:67:79:
08:a6:45:3b:7c:36:b0:77:81:c0:7a:95:d4:44:3f:
16:21:ba:e1:94:6d:ae:ac:9d:ff:9f:f6:01:f8:5c:
3b:e3:5f:01:cd:ee:68:ee:0f:b7:b3:ea:82:58:b2:
fc:4d:f6:e2:8d:94:6e:54:42:1a:5b:3d:72:84:ee:
01:f2:bf:2f:56:50:01:3e:32:25:0f:0e:36:a8:01:
12:98:ea:6d:61:34:9c:2e:8f:8b:c9:7d:35:e9:a3:
06:73:a8:81:ae:6e:da:de:68:91:90:4f:40:75:48:
6c:d2:04:fb:cd:1e:26:10:aa:03:66:d6:80:e2:4f:
77:52:29:1d:cb:33:ef:6f:d7:2f:c0:22:71:78:6c:
30:c1:5a:ca:b3:58:70:97:96:62:b5:49:fb:64:d9:
1c:9d:80:e9:d1:99:96:5f:eb:7f:96:c9:c5:19:55:
07:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:3B:F1:6E:0A:BA:B8:80:D7:4F:59:18:1A:4E:D4:B1:50:BA:47:71
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/zDvxbgq6uIDXT1kYGk7UsVC6R3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200::/29
Signature Algorithm: sha256WithRSAEncryption
17:10:6a:c6:62:19:39:af:ec:39:61:fb:fd:96:a9:58:28:f0:
3d:32:ec:d4:a6:43:ab:24:9a:55:a9:00:51:43:75:0e:d4:4a:
48:80:c8:fe:fe:fe:29:ed:1e:e0:66:50:5a:1d:7d:76:9e:8d:
ec:86:c4:49:53:39:c9:08:fe:ff:5f:10:02:99:24:60:95:67:
d5:0e:07:ff:10:5b:ea:af:02:28:37:e7:72:ec:d5:50:b6:07:
fd:6d:c5:56:be:6a:86:1e:48:6a:ce:e1:b4:fa:55:f2:07:5a:
8c:9f:f4:53:72:7d:5a:9f:24:6e:80:cb:61:22:b6:33:65:2c:
c0:8e:5a:5f:1f:0c:0f:2b:c7:87:c6:20:50:bd:cd:31:01:28:
0f:d8:7a:b0:e2:bf:95:fb:16:73:00:07:78:e3:43:37:71:2b:
bb:c9:bd:d5:4c:de:33:f9:d9:de:da:f0:06:b5:1a:d7:fd:e6:
81:1a:a1:bb:de:65:57:3d:5b:6e:4d:ed:60:02:10:48:5d:7a:
f5:e8:f0:61:12:19:2a:e2:0e:32:15:01:3a:c0:71:d9:b6:27:
f4:65:f0:c7:74:24:65:1c:b0:af:07:da:51:b5:18:b3:61:c9:
96:84:74:14:7f:43:8f:4a:6b:b4:2a:c9:75:11:2d:a3:7c:23:
9f:3f:ee:21
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEEQqaqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Nzk0OWFjODRkMGI4NjkxMGY0ZmQzY2Y1OTYyOTI3ZDgzNDUwYWViMB4XDTIyMDEw
MTA3MDIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2MzYmYxNmUwYWJh
Yjg4MGQ3NGY1OTE4MWE0ZWQ0YjE1MGJhNDc3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMFlwh/GvJS9PA15tZx9f+FWs9MlWb3Ppzuu/iWBFv8u4pb
+Turv74YJJkq1cElPkp4cQXRRkixtcT8QeNaaS0M3eUoxZR7DCPF2Ul0vGg55omg
itLC22d5CKZFO3w2sHeBwHqV1EQ/FiG64ZRtrqyd/5/2AfhcO+NfAc3uaO4Pt7Pq
gliy/E324o2UblRCGls9coTuAfK/L1ZQAT4yJQ8ONqgBEpjqbWE0nC6Pi8l9Nemj
BnOoga5u2t5okZBPQHVIbNIE+80eJhCqA2bWgOJPd1IpHcsz72/XL8AicXhsMMFa
yrNYcJeWYrVJ+2TZHJ2A6dGZll/rf5bJxRlVBzMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTMO/FuCrq4gNdPWRgaTtSxULpHcTAfBgNVHSMEGDAWgBQ3lJrITQuGkQ9P
089ZYpJ9g0UK6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L041U2F5RTBMaHBFUFQ5UFBXV0tTZllORkN1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvYzI4ZWE0LTA1OWMtNDlkZC05Mjc4LWE0ZGIzOTZjODk4Ny8x
L3pEdnhiZ3E2dUlEWFQxa1lHazdVc1ZDNlIzRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
YzI4ZWE0LTA1OWMtNDlkZC05Mjc4LWE0ZGIzOTZjODk4Ny8xL041U2F5RTBMaHBF
UFQ5UFBXV0tTZllORkN1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAlvNdAMEA23qAAMEArmU4AMEAcHy
rjANBAIAAjAHAwUDKgdiADANBgkqhkiG9w0BAQsFAAOCAQEAFxBqxmIZOa/sOWH7
/ZapWCjwPTLs1KZDqySaVakAUUN1DtRKSIDI/v7+Ke0e4GZQWh19dp6N7IbESVM5
yQj+/18QApkkYJVn1Q4H/xBb6q8CKDfncuzVULYH/W3FVr5qhh5Ias7htPpV8gda
jJ/0U3J9Wp8kboDLYSK2M2UswI5aXx8MDyvHh8YgUL3NMQEoD9h6sOK/lfsWcwAH
eONDN3Eru8m91UzeM/nZ3trwBrUa1/3mgRqhu95lVz1bbk3tYAIQSF169ejwYRIZ
KuIOMhUBOsBx2bYn9GXwx3QkZRywrwfaUbUYs2HJloR0FH9Dj0prtCrJdREto3wj
nz/uIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:51 2024 by rpki-client on console-ams.rpki-client.org