Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/Z3nfjcHGj06iT0talDUmXzMofTU.roa
File: Z3nfjcHGj06iT0talDUmXzMofTU.roa (raw, json)
Hash identifier: LfeX0G1ugEg1LHHHOKTurhe3ErUeqimr50F5bEYCw/I=
Subject key identifier: 67:79:DF:8D:C1:C6:8F:4E:A2:4F:4B:5A:94:35:26:5F:33:28:7D:35
Certificate issuer: /CN=f73cdc6751d7c59073e4b706402d3691af09086f
Certificate serial: 0562D5F7
Authority key identifier: F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/Z3nfjcHGj06iT0talDUmXzMofTU.roa
Signing time: Sat 01 Jan 2022 10:57:32 +0000
ROA not before: Sat 01 Jan 2022 10:57:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49826
IP address blocks: 87.236.224.0/21 maxlen: 21
82.116.224.0/19 maxlen: 19
80.247.240.0/20 maxlen: 20
185.136.36.0/22 maxlen: 22
2a00:14b8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90363383 (0x562d5f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73cdc6751d7c59073e4b706402d3691af09086f
Validity
Not Before: Jan 1 10:57:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6779df8dc1c68f4ea24f4b5a9435265f33287d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6f:ff:89:c6:f7:88:ac:9c:71:25:82:8c:17:
fd:04:20:3c:f2:cf:7b:9f:13:21:86:cd:a6:8c:a2:
7e:28:47:90:4e:d8:7f:fd:a2:2f:a0:d1:84:39:61:
f3:08:89:cb:a9:7c:f3:9d:2e:3b:67:01:d5:21:e3:
e8:f9:b7:2c:75:f4:4a:0b:07:1f:3c:bc:5c:a0:d6:
95:5d:44:6e:1e:90:fb:65:b3:87:2d:46:35:63:a7:
22:8f:84:32:48:70:1c:9f:f4:d5:63:df:4e:49:82:
09:44:14:aa:d8:9a:80:48:52:06:53:16:7e:b0:ef:
4d:32:13:90:55:75:4d:7f:f6:fd:db:87:21:72:0b:
1d:bf:dd:86:1a:51:14:d2:fe:95:05:a6:18:5d:4a:
82:97:95:e9:9f:7e:83:ce:4a:91:26:dd:eb:66:03:
f6:e6:5e:a3:3c:64:4b:7b:53:ca:8e:82:ce:81:da:
f2:4a:61:ba:93:ea:3f:da:2f:1c:b5:5d:00:27:60:
a5:93:c2:7a:8a:ce:27:48:6f:e1:a9:dc:9a:27:dc:
28:4d:9b:6f:21:ef:b9:77:5a:cb:9b:25:cd:10:51:
9e:35:cd:34:81:b9:1d:94:bb:d7:d4:18:0f:87:16:
ab:dc:23:25:4d:d8:42:2b:16:f4:0f:62:e4:9c:44:
cf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:79:DF:8D:C1:C6:8F:4E:A2:4F:4B:5A:94:35:26:5F:33:28:7D:35
X509v3 Authority Key Identifier:
keyid:F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/Z3nfjcHGj06iT0talDUmXzMofTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.240.0/20
82.116.224.0/19
87.236.224.0/21
185.136.36.0/22
IPv6:
2a00:14b8::/32
Signature Algorithm: sha256WithRSAEncryption
85:d1:71:bf:e9:ce:31:c8:82:fc:53:3e:a7:b6:29:51:60:3a:
94:f8:0c:b3:ca:4f:40:6d:bb:1d:5d:02:bc:c3:5a:9b:39:67:
21:4c:9f:d6:ed:a7:90:93:f6:0a:17:06:64:32:0f:e1:ae:47:
56:0e:be:7e:5b:98:c4:d4:ee:40:e7:f3:62:8e:36:f3:c5:c2:
cb:09:85:5c:e7:fa:f0:90:a3:88:c5:2d:9c:af:cd:15:cc:e9:
43:ae:68:f4:10:66:8a:bb:47:94:15:11:e7:73:cc:4a:82:27:
64:31:07:b0:ea:c5:70:14:75:60:d5:e2:fe:59:fb:17:90:0c:
a4:72:b0:66:48:02:dc:cc:ea:c6:c5:07:3f:30:01:91:b8:11:
70:3a:cc:ee:28:03:e5:8c:3d:18:25:6e:e4:a8:5d:b8:ad:81:
e7:86:14:a4:a1:2c:92:71:86:97:2c:d9:fe:b8:eb:cf:79:3f:
9f:c1:46:3e:33:6b:04:65:39:9c:6b:6a:ab:45:a8:37:31:f8:
f6:61:a1:c8:e4:36:60:f7:3a:9f:10:19:66:65:67:d0:64:43:
45:d2:6b:7b:02:0f:4f:16:0d:13:b7:66:31:c2:23:e9:ab:04:
5e:e5:fb:ff:6d:c5:8b:b6:04:f7:d8:32:ac:e0:da:73:44:61:
84:6a:7f:33
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBWLV9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzNjZGM2NzUxZDdjNTkwNzNlNGI3MDY0MDJkMzY5MWFmMDkwODZmMB4XDTIyMDEw
MTEwNTczMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc3OWRmOGRjMWM2
OGY0ZWEyNGY0YjVhOTQzNTI2NWYzMzI4N2QzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBv/4nG94isnHElgowX/QQgPPLPe58TIYbNpoyifihHkE7Y
f/2iL6DRhDlh8wiJy6l8850uO2cB1SHj6Pm3LHX0SgsHHzy8XKDWlV1Ebh6Q+2Wz
hy1GNWOnIo+EMkhwHJ/01WPfTkmCCUQUqtiagEhSBlMWfrDvTTITkFV1TX/2/duH
IXILHb/dhhpRFNL+lQWmGF1KgpeV6Z9+g85KkSbd62YD9uZeozxkS3tTyo6CzoHa
8kphupPqP9ovHLVdACdgpZPCeorOJ0hv4ancmifcKE2bbyHvuXday5slzRBRnjXN
NIG5HZS719QYD4cWq9wjJU3YQisW9A9i5JxEzycCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRned+NwcaPTqJPS1qUNSZfMyh9NTAfBgNVHSMEGDAWgBT3PNxnUdfFkHPk
twZALTaRrwkIbzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzl6emNaMUhYeFpCejVMY0dRQzAya2E4SkNHOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvODU1MDAyLWQ4MjMtNDFmZS04ZjlhLTcxOGZkMTk1YzVlYi8x
L1ozbmZqY0hHajA2aVQwdGFsRFVtWHpNb2ZUVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
ODU1MDAyLWQ4MjMtNDFmZS04ZjlhLTcxOGZkMTk1YzVlYi8xLzl6emNaMUhYeFpC
ejVMY0dRQzAya2E4SkNHOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBFD38AMEBVJ04AMEA1fs4AMEArmI
JDANBAIAAjAHAwUAKgAUuDANBgkqhkiG9w0BAQsFAAOCAQEAhdFxv+nOMciC/FM+
p7YpUWA6lPgMs8pPQG27HV0CvMNamzlnIUyf1u2nkJP2ChcGZDIP4a5HVg6+fluY
xNTuQOfzYo4288XCywmFXOf68JCjiMUtnK/NFczpQ65o9BBmirtHlBUR53PMSoIn
ZDEHsOrFcBR1YNXi/ln7F5AMpHKwZkgC3MzqxsUHPzABkbgRcDrM7igD5Yw9GCVu
5KhduK2B54YUpKEsknGGlyzZ/rjrz3k/n8FGPjNrBGU5nGtqq0WoNzH49mGhyOQ2
YPc6nxAZZmVn0GRDRdJrewIPTxYNE7dmMcIj6asEXuX7/23Fi7YE99gyrODac0Rh
hGp/Mw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:14 2023 by rpki-client on console-fra.rpki-client.org