Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/ff1078-d196-46a5-a741-ed31e43f1e08/1/zXrWhT91wyMK0Lt5dkXAllDEpTQ.roa
File: zXrWhT91wyMK0Lt5dkXAllDEpTQ.roa (raw, json)
Hash identifier: Dnkrv2vvyOahEu32nFzn5LyZf5Q2jn+xposkGtFKIXg=
Subject key identifier: CD:7A:D6:85:3F:75:C3:23:0A:D0:BB:79:76:45:C0:96:50:C4:A5:34
Certificate issuer: /CN=0cdc07fda6f4d55b7c8182c929a3c4ac3c0a82fd
Certificate serial: 0183D09DF6877C5BAD47E5B787C9700E4E16
Authority key identifier: 0C:DC:07:FD:A6:F4:D5:5B:7C:81:82:C9:29:A3:C4:AC:3C:0A:82:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNwH_ab01Vt8gYLJKaPErDwKgv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/ff1078-d196-46a5-a741-ed31e43f1e08/1/zXrWhT91wyMK0Lt5dkXAllDEpTQ.roa
Signing time: Thu 13 Oct 2022 09:12:36 +0000
ROA not before: Thu 13 Oct 2022 09:12:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199666
IP address blocks: 185.127.220.0/23 maxlen: 23
185.127.222.0/23 maxlen: 23
146.247.64.0/22 maxlen: 22
146.247.64.0/24 maxlen: 24
146.247.66.0/24 maxlen: 24
146.247.67.0/24 maxlen: 24
146.247.68.0/23 maxlen: 23
146.247.68.0/24 maxlen: 24
146.247.69.0/24 maxlen: 24
146.247.70.0/24 maxlen: 24
146.247.70.0/23 maxlen: 23
146.247.65.0/24 maxlen: 24
2a05:9dc0:ffff::/48 maxlen: 48
2a05:9dc0::/48 maxlen: 48
2a05:9dc0:420::/48 maxlen: 48
2a05:9dc0:410::/48 maxlen: 48
2a05:9dc0:400::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:9d:f6:87:7c:5b:ad:47:e5:b7:87:c9:70:0e:4e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cdc07fda6f4d55b7c8182c929a3c4ac3c0a82fd
Validity
Not Before: Oct 13 09:12:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd7ad6853f75c3230ad0bb797645c09650c4a534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:02:a8:bb:25:d0:cf:6b:22:42:4e:3b:b5:97:
45:10:3c:95:e7:e1:e1:aa:c7:25:fd:4b:59:78:7f:
5c:5b:b8:f7:58:78:1c:cd:96:34:cd:12:26:7c:3c:
49:34:fa:f3:b8:9a:f6:74:51:32:5c:4d:9f:c9:39:
64:83:59:cc:f0:ae:04:1c:56:82:f6:65:10:d7:19:
a2:b2:84:8b:d5:35:d9:ce:20:9b:b2:f2:32:bc:99:
df:4f:f4:5a:3f:93:c0:f3:db:12:e8:12:d8:02:73:
2e:ad:5e:dc:23:e1:29:64:c7:f5:e1:f4:fe:9f:6f:
d9:b6:84:47:f0:c5:2a:8b:1f:39:ed:c7:d2:ad:61:
9b:b5:96:4c:88:a0:59:62:ee:3c:94:90:64:c0:49:
5c:2b:f4:6b:51:4f:a0:d6:95:b9:27:35:bf:2e:01:
13:31:7d:64:80:fb:11:86:7a:ee:3e:ad:95:0b:47:
cc:6b:c9:4e:b2:bb:77:0c:74:47:f4:61:33:e3:40:
c7:42:c0:c9:da:a5:4f:31:5c:0c:30:72:8f:cb:f2:
9e:0a:00:ac:27:fd:ae:60:29:4f:ee:6e:ae:5a:b9:
a6:ae:ad:3e:91:be:8d:c8:b2:92:f0:0e:32:e2:f9:
c1:fe:77:a9:af:24:ef:d0:6a:0d:7f:28:19:db:dd:
0e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7A:D6:85:3F:75:C3:23:0A:D0:BB:79:76:45:C0:96:50:C4:A5:34
X509v3 Authority Key Identifier:
keyid:0C:DC:07:FD:A6:F4:D5:5B:7C:81:82:C9:29:A3:C4:AC:3C:0A:82:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNwH_ab01Vt8gYLJKaPErDwKgv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/ff1078-d196-46a5-a741-ed31e43f1e08/1/zXrWhT91wyMK0Lt5dkXAllDEpTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/ff1078-d196-46a5-a741-ed31e43f1e08/1/DNwH_ab01Vt8gYLJKaPErDwKgv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.64.0/21
185.127.220.0/22
IPv6:
2a05:9dc0::/48
2a05:9dc0:400::/48
2a05:9dc0:410::/48
2a05:9dc0:420::/48
2a05:9dc0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
54:1a:50:01:8b:c2:93:49:81:39:9b:ab:0e:53:bd:72:82:eb:
0a:b6:65:c3:e4:61:aa:2c:ea:15:08:ce:07:15:0c:99:08:55:
a6:1e:e5:a5:49:6f:ba:83:c9:1a:3f:30:f4:24:ea:5f:a3:a6:
03:e3:0a:81:33:75:49:0b:7b:71:0c:93:f8:3d:6a:0f:1f:9e:
78:16:d9:a9:28:4d:11:d9:ba:7d:dd:89:b2:3f:31:f0:95:1c:
41:c8:0e:1d:88:3d:75:34:31:0f:45:01:52:de:cb:e5:79:bb:
ca:2b:33:91:08:d9:29:fe:8f:a2:65:c5:08:d7:d3:92:a6:01:
64:c6:71:3f:f0:59:0f:2a:d4:46:fc:09:df:a3:c3:51:0b:87:
40:38:d7:92:0b:e2:bd:60:7a:72:0f:39:14:9b:98:65:16:02:
58:ef:3d:2b:9a:9e:71:e0:cf:7c:16:ba:a0:ea:76:e8:e1:02:
15:59:95:1f:be:1d:72:6c:3b:10:1c:31:4c:09:5f:96:be:9f:
b1:a3:0f:4f:c1:7b:7f:a6:11:2d:cc:dd:d9:b3:a9:b7:31:37:
73:83:db:ff:6a:7f:d9:fc:ef:4b:21:ef:1b:4e:56:0c:4c:ad:
7e:73:be:0f:34:d0:32:52:a1:50:78:32:75:8f:ac:4f:fe:03:
08:34:49:d8
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYPQnfaHfFutR+W3h8lwDk4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZGMwN2ZkYTZmNGQ1NWI3YzgxODJjOTI5YTNjNGFjM2Mw
YTgyZmQwHhcNMjIxMDEzMDkxMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdhZDY4NTNmNzVjMzIzMGFkMGJiNzk3NjQ1YzA5NjUwYzRhNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAKouyXQz2siQk47tZdFEDyV5+Hh
qscl/UtZeH9cW7j3WHgczZY0zRImfDxJNPrzuJr2dFEyXE2fyTlkg1nM8K4EHFaC
9mUQ1xmisoSL1TXZziCbsvIyvJnfT/RaP5PA89sS6BLYAnMurV7cI+EpZMf14fT+
n2/ZtoRH8MUqix857cfSrWGbtZZMiKBZYu48lJBkwElcK/RrUU+g1pW5JzW/LgET
MX1kgPsRhnruPq2VC0fMa8lOsrt3DHRH9GEz40DHQsDJ2qVPMVwMMHKPy/KeCgCs
J/2uYClP7m6uWrmmrq0+kb6NyLKS8A4y4vnB/nepryTv0GoNfygZ290OtwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFM161oU/dcMjCtC7eXZFwJZQxKU0MB8GA1UdIwQY
MBaAFAzcB/2m9NVbfIGCySmjxKw8CoL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE53SF9hYjAxVnQ4Z1lMSkthUEVyRHdLZ3YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9mZjEwNzgtZDE5Ni00NmE1LWE3NDEt
ZWQzMWU0M2YxZTA4LzEvelhyV2hUOTF3eU1LMEx0NWRrWEFsbERFcFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9mZjEwNzgtZDE5Ni00NmE1LWE3NDEtZWQzMWU0M2YxZTA4
LzEvRE53SF9hYjAxVnQ4Z1lMSkthUEVyRHdLZ3YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTASBAIAATAMAwQDkvdAAwQC
uX/cMDMEAgACMC0DBwAqBZ3AAAADBwAqBZ3ABAADBwAqBZ3ABBADBwAqBZ3ABCAD
BwAqBZ3A//8wDQYJKoZIhvcNAQELBQADggEBAFQaUAGLwpNJgTmbqw5TvXKC6wq2
ZcPkYaos6hUIzgcVDJkIVaYe5aVJb7qDyRo/MPQk6l+jpgPjCoEzdUkLe3EMk/g9
ag8fnngW2akoTRHZun3dibI/MfCVHEHIDh2IPXU0MQ9FAVLey+V5u8orM5EI2Sn+
j6JlxQjX05KmAWTGcT/wWQ8q1Eb8Cd+jw1ELh0A415IL4r1genIPORSbmGUWAljv
PSuannHgz3wWuqDqdujhAhVZlR++HXJsOxAcMUwJX5a+n7GjD0/Be3+mES3M3dmz
qbcxN3OD2/9qf9n870sh7xtOVgxMrX5zvg800DJSoVB4MnWPrE/+Awg0Sdg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:03 2023 by rpki-client on console-fra.rpki-client.org