Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/Z07_4psl7cq6ySWzLugeZojx_-E.roa
File: Z07_4psl7cq6ySWzLugeZojx_-E.roa (raw, json)
Hash identifier: 2JHSf3ddVBcApioUyOTZJ+iZlPbT6NB/Glrc3+YQrzY=
Subject key identifier: 67:4E:FF:E2:9B:25:ED:CA:BA:C9:25:B3:2E:E8:1E:66:88:F1:FF:E1
Certificate issuer: /CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Certificate serial: 0182A1434104872BFD93590DFB662CD93DD5
Authority key identifier: A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/Z07_4psl7cq6ySWzLugeZojx_-E.roa
Signing time: Mon 15 Aug 2022 11:28:35 +0000
ROA not before: Mon 15 Aug 2022 11:28:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21419
IP address blocks: 185.4.3.0/24 maxlen: 24
185.4.1.0/24 maxlen: 24
185.4.2.0/24 maxlen: 24
178.21.167.0/29 maxlen: 29
178.21.164.0/24 maxlen: 24
178.21.160.0/21 maxlen: 21
178.21.163.0/24 maxlen: 24
178.21.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:43:41:04:87:2b:fd:93:59:0d:fb:66:2c:d9:3d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Validity
Not Before: Aug 15 11:28:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=674effe29b25edcabac925b32ee81e6688f1ffe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:75:b9:66:01:a8:b3:db:53:2e:c7:68:07:89:
fb:c4:d5:60:46:b2:bb:5f:ec:7e:a6:2e:6c:4d:de:
f5:67:3c:16:de:da:1f:0c:01:1e:64:0d:1f:68:64:
10:89:a1:1b:5d:c3:d9:2d:01:97:9d:12:87:fc:ce:
93:d2:a4:e6:a3:f4:42:33:3d:32:3d:65:02:eb:af:
23:2e:af:79:86:2f:a1:1b:5a:f3:3b:94:d8:33:cb:
b8:cf:a4:14:71:73:30:df:8b:35:15:8e:91:0c:c0:
0a:a6:c4:a6:b9:92:c0:76:49:cb:3b:4c:e2:ff:d1:
7f:92:f2:13:fc:1f:b1:5d:19:8c:b6:da:79:b0:45:
fd:19:6d:77:a8:ae:4e:b4:8b:8f:3a:9a:2a:5e:c9:
b7:ee:c7:27:76:61:dc:a3:f5:18:9c:42:60:44:b9:
0b:10:e2:4a:87:2a:f9:33:a8:f0:83:ea:b1:cd:63:
9c:c4:07:6b:3e:f0:4f:51:e0:fe:97:ab:83:d0:64:
b1:93:3a:2d:91:94:d1:82:6b:42:08:04:49:30:32:
5c:99:4a:ee:2f:61:39:8c:7b:57:1e:d4:94:9b:15:
7f:62:73:7c:32:fa:32:19:68:96:14:97:f2:7d:77:
51:46:de:ed:51:d7:15:23:ee:3b:46:51:6f:0d:f3:
e9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4E:FF:E2:9B:25:ED:CA:BA:C9:25:B3:2E:E8:1E:66:88:F1:FF:E1
X509v3 Authority Key Identifier:
keyid:A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/Z07_4psl7cq6ySWzLugeZojx_-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.160.0/21
185.4.1.0-185.4.3.255
Signature Algorithm: sha256WithRSAEncryption
55:22:d6:26:ea:11:49:c3:48:da:c1:40:81:08:9e:1f:17:6c:
48:32:18:64:7b:f7:30:6a:7c:af:76:b0:04:e0:f0:6c:6f:15:
ab:fb:f0:fa:a4:1d:a7:e2:4b:d2:34:ea:ae:92:30:ef:6e:c5:
fb:d2:97:81:80:e8:46:a4:74:61:c1:4f:5b:c5:f4:2a:34:52:
dc:c4:bb:c2:44:45:21:21:8b:ae:64:56:76:8a:68:71:54:9b:
5b:1c:f0:e5:60:06:fd:d9:30:ee:fc:1a:a5:d2:b5:7f:b2:e0:
c4:e2:79:aa:5e:45:af:f1:f5:51:91:cb:0b:8b:9a:9b:1d:8f:
2f:e1:2b:fc:63:c8:e9:d8:ca:0b:c6:ed:f2:0e:85:31:21:26:
4c:8b:cc:a3:68:d6:5e:2c:7b:88:b9:cd:b6:78:c4:6e:ec:85:
a4:18:2c:44:7c:1f:f2:3a:79:cf:53:b1:90:5f:a1:73:8c:67:
19:c8:07:d0:ce:59:93:c3:48:b2:15:a5:83:32:9f:d4:63:4a:
56:36:75:bd:95:d0:c3:95:21:9b:0a:22:a4:02:28:8d:29:39:
b9:e9:8f:c8:6e:dd:fa:c5:dd:52:d4:5c:ea:c4:12:95:2b:f8:
be:89:07:cc:8a:02:4a:cf:6c:8c:6f:74:48:0d:7b:d0:77:9b:
e3:1f:1d:49
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYKhQ0EEhyv9k1kN+2Ys2T3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWNkOGM3MWE2ZTMzMjgyYzA0NWQ4Zjg4YzNiMzc4YWNm
NDFiZDkwHhcNMjIwODE1MTEyODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzRlZmZlMjliMjVlZGNhYmFjOTI1YjMyZWU4MWU2Njg4ZjFmZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnW5ZgGos9tTLsdoB4n7xNVgRrK7
X+x+pi5sTd71ZzwW3tofDAEeZA0faGQQiaEbXcPZLQGXnRKH/M6T0qTmo/RCMz0y
PWUC668jLq95hi+hG1rzO5TYM8u4z6QUcXMw34s1FY6RDMAKpsSmuZLAdknLO0zi
/9F/kvIT/B+xXRmMttp5sEX9GW13qK5OtIuPOpoqXsm37scndmHco/UYnEJgRLkL
EOJKhyr5M6jwg+qxzWOcxAdrPvBPUeD+l6uD0GSxkzotkZTRgmtCCARJMDJcmUru
L2E5jHtXHtSUmxV/YnN8MvoyGWiWFJfyfXdRRt7tUdcVI+47RlFvDfPpXwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGdO/+KbJe3Kusklsy7oHmaI8f/hMB8GA1UdIwQY
MBaAFKCc2McabjMoLARdj4jDs3is9BvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMt
NmU4ZTA3ZDY2YzliLzEvWjA3XzRwc2w3Y3E2eVNXekx1Z2Vab2p4Xy1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMtNmU4ZTA3ZDY2Yzli
LzEvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDshWgMAwD
BAC5BAEDBAK5BAAwDQYJKoZIhvcNAQELBQADggEBAFUi1ibqEUnDSNrBQIEInh8X
bEgyGGR79zBqfK92sATg8GxvFav78PqkHafiS9I06q6SMO9uxfvSl4GA6EakdGHB
T1vF9Co0UtzEu8JERSEhi65kVnaKaHFUm1sc8OVgBv3ZMO78GqXStX+y4MTieape
Ra/x9VGRywuLmpsdjy/hK/xjyOnYygvG7fIOhTEhJkyLzKNo1l4se4i5zbZ4xG7s
haQYLER8H/I6ec9TsZBfoXOMZxnIB9DOWZPDSLIVpYMyn9RjSlY2db2V0MOVIZsK
IqQCKI0pObnpj8hu3frF3VLUXOrEEpUr+L6JB8yKAkrPbIxvdEgNe9B3m+MfHUk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:09 2023 by rpki-client on console-fra.rpki-client.org