Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/zeZF71SNPRhM4i6vLSn3JTYmIxg.roa
File: zeZF71SNPRhM4i6vLSn3JTYmIxg.roa (raw, json)
Hash identifier: UY1vH2qHGu985CoDKHt+I3i0406uofOYclxvT7/irE4=
Subject key identifier: CD:E6:45:EF:54:8D:3D:18:4C:E2:2E:AF:2D:29:F7:25:36:26:23:18
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 030BA0FB
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/zeZF71SNPRhM4i6vLSn3JTYmIxg.roa
Signing time: Sat 01 Jan 2022 02:53:41 +0000
ROA not before: Sat 01 Jan 2022 02:53:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 91.220.249.0/24 maxlen: 24
195.8.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51093755 (0x30ba0fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Jan 1 02:53:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cde645ef548d3d184ce22eaf2d29f72536262318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3b:44:07:6e:69:dc:51:6f:c0:a1:c8:64:08:
2b:b2:ed:82:f7:23:19:dc:c8:44:e3:fb:5f:d6:68:
40:95:f1:54:45:be:a2:52:21:84:cf:07:77:ca:90:
b0:9a:df:0e:d8:a2:bd:d1:05:58:ea:22:62:ce:1b:
7b:76:4d:d0:c4:f8:66:a3:d8:38:3f:7d:53:99:ff:
c0:63:2c:8d:8d:e2:42:59:09:ac:14:26:81:46:7e:
59:d8:cf:80:bd:9d:05:db:1a:d8:0f:e1:05:b1:cf:
f9:d5:62:ed:f2:c5:60:9d:c9:01:04:9d:aa:ae:28:
e3:9f:b0:c2:e6:7d:de:bd:af:51:97:68:aa:40:90:
ed:30:8e:4a:fe:13:7b:36:8c:b4:29:15:62:72:6a:
81:f2:91:9f:c7:dd:35:56:06:4f:c3:ed:bb:02:46:
30:97:6e:eb:ed:57:e4:a5:81:bc:2b:2a:4f:70:c0:
c7:09:73:bd:cd:5a:e3:06:64:25:0d:06:b8:9e:de:
5c:9e:63:c7:63:cc:5f:bb:9f:e5:84:40:79:bb:70:
d7:ea:d6:3f:49:bc:6a:3f:e2:3e:3b:3b:40:9f:91:
26:69:0c:ef:d8:ab:89:30:ad:c9:c7:bd:01:60:fd:
26:62:e4:73:d4:5e:d7:e1:e3:e2:ed:a6:de:4b:c6:
73:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E6:45:EF:54:8D:3D:18:4C:E2:2E:AF:2D:29:F7:25:36:26:23:18
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/zeZF71SNPRhM4i6vLSn3JTYmIxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.249.0/24
195.8.200.0/24
Signature Algorithm: sha256WithRSAEncryption
67:9f:13:ab:ea:86:b8:7a:16:e8:50:2b:1b:6c:fc:9a:f2:88:
1c:5d:f7:70:26:b3:12:3d:88:50:3d:dd:5b:c8:07:e7:57:76:
3f:9c:7d:e1:49:21:30:36:ab:44:ba:5d:1a:1f:21:4e:9f:4b:
d4:93:c0:6c:f9:d1:9d:2e:b2:38:d0:a8:ab:73:91:38:ae:82:
08:2b:a3:b6:d4:3e:00:81:f2:c1:bb:3c:f2:c8:9d:58:7b:f0:
29:b5:59:3e:83:68:b0:1c:ff:23:62:bd:72:5f:75:c0:85:df:
bc:58:9c:87:ee:35:e6:e5:1f:ea:c9:32:53:0c:48:90:7f:e1:
8b:26:31:db:63:f8:18:93:5a:27:8c:d8:8e:2d:10:df:4b:7a:
fd:3a:01:99:04:95:f0:f9:3e:a2:ec:07:16:bf:20:64:d7:a3:
75:9a:f1:57:8e:13:8b:5a:e4:cb:7e:4a:63:fd:a4:e6:64:a4:
9d:61:3d:63:45:6a:03:fc:4f:5d:05:45:bd:74:5b:c3:e9:80:
6d:49:bd:41:53:0b:f1:7f:e0:69:41:27:2c:cc:da:94:96:31:
e7:a7:2d:24:43:49:68:a3:8c:7c:66:53:d2:57:bc:31:63:51:
83:ba:0c:c0:6e:1b:24:0b:3d:9c:16:09:a5:6a:44:3a:8b:4b:
d6:5c:91:96
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAwug+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Y2RjYzhiY2RiNmM3NDRhY2RmNDNkZDcyZDY4ZDIwNDUxYTE3OWY2MB4XDTIyMDEw
MTAyNTM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RlNjQ1ZWY1NDhk
M2QxODRjZTIyZWFmMmQyOWY3MjUzNjI2MjMxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALU7RAduadxRb8ChyGQIK7LtgvcjGdzIROP7X9ZoQJXxVEW+
olIhhM8Hd8qQsJrfDtiivdEFWOoiYs4be3ZN0MT4ZqPYOD99U5n/wGMsjY3iQlkJ
rBQmgUZ+WdjPgL2dBdsa2A/hBbHP+dVi7fLFYJ3JAQSdqq4o45+wwuZ93r2vUZdo
qkCQ7TCOSv4TezaMtCkVYnJqgfKRn8fdNVYGT8PtuwJGMJdu6+1X5KWBvCsqT3DA
xwlzvc1a4wZkJQ0GuJ7eXJ5jx2PMX7uf5YRAebtw1+rWP0m8aj/iPjs7QJ+RJmkM
79iriTCtyce9AWD9JmLkc9Re1+Hj4u2m3kvGc/0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTN5kXvVI09GEziLq8tKfclNiYjGDAfBgNVHSMEGDAWgBQ83Mi822x0Ss30
PdctaNIEUaF59jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BOekl2TnRzZEVyTjlEM1hMV2pTQkZHaGVmWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvMzU2ODI2LWZjMTAtNGFhOS05NmE0LTYzN2IzNzFkYThlNi8x
L3plWkY3MVNOUFJoTTRpNnZMU24zSlRZbUl4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
MzU2ODI2LWZjMTAtNGFhOS05NmE0LTYzN2IzNzFkYThlNi8xL1BOekl2TnRzZEVy
TjlEM1hMV2pTQkZHaGVmWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvc+QMEAMMIyDANBgkqhkiG9w0B
AQsFAAOCAQEAZ58Tq+qGuHoW6FArG2z8mvKIHF33cCazEj2IUD3dW8gH51d2P5x9
4UkhMDarRLpdGh8hTp9L1JPAbPnRnS6yONCoq3OROK6CCCujttQ+AIHywbs88sid
WHvwKbVZPoNosBz/I2K9cl91wIXfvFich+415uUf6skyUwxIkH/hiyYx22P4GJNa
J4zYji0Q30t6/ToBmQSV8Pk+ouwHFr8gZNejdZrxV44Ti1rky35KY/2k5mSknWE9
Y0VqA/xPXQVFvXRbw+mAbUm9QVML8X/gaUEnLMzalJYx56ctJENJaKOMfGZT0le8
MWNRg7oMwG4bJAs9nBYJpWpEOotL1lyRlg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:49 2023 by rpki-client on console-fra.rpki-client.org