Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ztGjeiQ_QZZN3HIdqr_tSb1Yfs0.roa
File: ztGjeiQ_QZZN3HIdqr_tSb1Yfs0.roa (raw, json)
Hash identifier: V38rnxpYOdOayko6vNA7+KNdqi/T30gF+9N5q4MuqZo=
Subject key identifier: CE:D1:A3:7A:24:3F:41:96:4D:DC:72:1D:AA:BF:ED:49:BD:58:7E:CD
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 01855DB59FD02E767BDDFDFE991BEBFE0B8F
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ztGjeiQ_QZZN3HIdqr_tSb1Yfs0.roa
Signing time: Thu 29 Dec 2022 11:47:42 +0000
ROA not before: Thu 29 Dec 2022 11:47:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43769
IP address blocks: 195.136.197.0/24 maxlen: 24
82.177.95.0/24 maxlen: 24
82.177.92.0/23 maxlen: 23
82.177.100.0/24 maxlen: 24
81.15.187.0/24 maxlen: 24
82.177.110.0/24 maxlen: 24
2a00:4120:8001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:b5:9f:d0:2e:76:7b:dd:fd:fe:99:1b:eb:fe:0b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Dec 29 11:47:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ced1a37a243f41964ddc721daabfed49bd587ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f4:2d:1e:c6:d3:f9:a6:e7:2a:50:a5:2b:9d:
40:25:9a:ef:e0:3d:78:d4:af:ca:df:c1:fb:ed:92:
cc:92:40:19:3a:fe:45:ec:b3:a9:74:7a:4e:44:64:
fe:b3:04:9e:63:f2:ef:4f:d8:b7:6a:d5:c6:33:31:
a0:c3:cb:75:7e:eb:ed:60:be:ad:c2:80:2e:a9:5d:
10:9c:83:ac:29:2a:b8:2b:a4:b7:dd:ec:ae:1d:17:
30:d4:6d:ee:64:31:c7:ba:c3:0e:e1:04:e4:f5:94:
e4:6a:5c:af:b9:1a:b3:05:44:77:e9:34:c7:33:a1:
4a:5d:f9:12:7d:85:4e:22:c6:97:fa:1c:62:9b:53:
9a:45:fe:11:30:f4:d0:bb:eb:43:ab:b4:31:9f:0b:
a8:ac:7e:cf:47:7b:23:6d:81:2c:f4:14:3b:3e:de:
d7:81:ee:64:6d:70:17:ff:ed:92:aa:30:23:29:86:
40:79:4a:4d:e7:06:63:45:f8:76:d1:63:bf:b6:4f:
63:1f:90:f8:97:aa:3e:95:21:18:53:f5:f3:02:1d:
05:f7:69:32:e8:10:ac:4d:70:d1:95:8c:56:8f:a4:
2e:36:b9:33:fc:4b:3f:15:20:25:2f:ce:0f:cf:6e:
ab:00:23:fc:52:89:d4:61:9f:a6:70:12:ad:e6:60:
80:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D1:A3:7A:24:3F:41:96:4D:DC:72:1D:AA:BF:ED:49:BD:58:7E:CD
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ztGjeiQ_QZZN3HIdqr_tSb1Yfs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.15.187.0/24
82.177.92.0/23
82.177.95.0/24
82.177.100.0/24
82.177.110.0/24
195.136.197.0/24
IPv6:
2a00:4120:8001::/48
Signature Algorithm: sha256WithRSAEncryption
b2:9b:29:bd:33:65:28:69:72:2b:29:ca:1e:05:4a:63:6c:cf:
4b:3b:c3:b2:a9:b8:87:8f:f4:6e:8c:aa:4f:4a:d6:e0:c8:13:
c7:9c:6e:e3:44:3e:17:76:92:5f:44:fd:b9:96:2b:d0:0a:d0:
40:5b:f3:7c:c3:c6:87:9b:bf:89:64:f4:bb:32:71:a9:87:73:
c5:5e:4d:f6:6c:46:58:01:26:0f:92:e8:0c:62:f8:bf:9e:fb:
6a:18:4d:88:d8:03:01:95:93:8e:7a:a7:88:fe:e3:35:3c:e4:
59:05:7a:2e:43:b8:20:68:b3:ba:f4:1f:98:e1:92:c7:cf:cc:
0e:ec:89:06:24:d1:2a:70:4e:87:f4:50:68:11:ff:2c:ea:c6:
67:57:10:0f:4d:21:02:c6:f9:0e:52:5b:2e:03:61:2c:fb:09:
b1:a0:4b:4e:e1:5c:8f:de:c3:9b:04:80:87:ac:c5:e5:e9:1b:
b4:f4:e3:8e:9f:77:9b:f1:3c:77:4e:1f:9b:ee:bc:89:76:b4:
7c:9d:82:b6:e8:5d:13:b2:b2:d4:8c:2e:15:d5:73:af:4f:46:
f0:44:2e:64:41:2d:ff:f6:3d:2f:a9:74:a7:d8:40:8d:24:17:
59:90:2a:70:00:51:f8:fa:5a:03:8a:81:0d:43:eb:e3:7a:b6:
a1:8b:07:6e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVdtZ/QLnZ73f3+mRvr/guPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjIxMjI5MTE0NzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQxYTM3YTI0M2Y0MTk2NGRkYzcyMWRhYWJmZWQ0OWJkNTg3ZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/QtHsbT+abnKlClK51AJZrv4D14
1K/K38H77ZLMkkAZOv5F7LOpdHpORGT+swSeY/LvT9i3atXGMzGgw8t1fuvtYL6t
woAuqV0QnIOsKSq4K6S33eyuHRcw1G3uZDHHusMO4QTk9ZTkalyvuRqzBUR36TTH
M6FKXfkSfYVOIsaX+hxim1OaRf4RMPTQu+tDq7QxnwuorH7PR3sjbYEs9BQ7Pt7X
ge5kbXAX/+2SqjAjKYZAeUpN5wZjRfh20WO/tk9jH5D4l6o+lSEYU/XzAh0F92ky
6BCsTXDRlYxWj6QuNrkz/Es/FSAlL84Pz26rACP8UonUYZ+mcBKt5mCASwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFM7Ro3okP0GWTdxyHaq/7Um9WH7NMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvenRHamVpUV9RWlpOM0hJZHFyX3RTYjFZZnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAUQ+7AwQB
UrFcAwQAUrFfAwQAUrFkAwQAUrFuAwQAw4jFMA8EAgACMAkDBwAqAEEggAEwDQYJ
KoZIhvcNAQELBQADggEBALKbKb0zZShpcispyh4FSmNsz0s7w7KpuIeP9G6Mqk9K
1uDIE8ecbuNEPhd2kl9E/bmWK9AK0EBb83zDxoebv4lk9LsycamHc8VeTfZsRlgB
Jg+S6Axi+L+e+2oYTYjYAwGVk456p4j+4zU85FkFei5DuCBos7r0H5jhksfPzA7s
iQYk0SpwTof0UGgR/yzqxmdXEA9NIQLG+Q5SWy4DYSz7CbGgS07hXI/ew5sEgIes
xeXpG7T0446fd5vxPHdOH5vuvIl2tHydgrboXROystSMLhXVc69PRvBELmRBLf/2
PS+pdKfYQI0kF1mQKnAAUfj6WgOKgQ1D6+N6tqGLB24=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:02 2023 by rpki-client on console-ams.rpki-client.org