Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/zsPkRyPaDcXDgxGIrIPGTMEwkeo.roa
File: zsPkRyPaDcXDgxGIrIPGTMEwkeo.roa (raw, json)
Hash identifier: ITSGTOhv4+CxNvaaFDoroHkwiAbtPnVe4VzFPfBjddQ=
Subject key identifier: CE:C3:E4:47:23:DA:0D:C5:C3:83:11:88:AC:83:C6:4C:C1:30:91:EA
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 0D8C1229
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/zsPkRyPaDcXDgxGIrIPGTMEwkeo.roa
Signing time: Thu 10 Feb 2022 16:18:58 +0000
ROA not before: Thu 10 Feb 2022 16:18:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8391
IP address blocks: 195.253.96.0/19 maxlen: 24
185.119.138.0/23 maxlen: 24
195.253.0.0/16 maxlen: 24
195.253.6.0/24 maxlen: 24
195.138.32.0/19 maxlen: 24
194.77.54.0/23 maxlen: 23
2a01:5b0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227283497 (0xd8c1229)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Feb 10 16:18:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cec3e44723da0dc5c3831188ac83c64cc13091ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:81:e8:0d:da:70:99:c2:2b:1f:ef:e0:33:bd:
13:54:45:8f:85:0f:fa:5b:d3:05:c3:ec:0e:3d:20:
45:3b:d4:93:59:e2:ae:a0:c4:9a:46:53:f1:68:1a:
d2:c8:72:1f:87:d3:13:d1:34:af:7c:97:c3:ac:c5:
a0:5b:1d:5a:79:f7:c4:e4:2c:37:00:01:51:1f:31:
67:d9:f5:26:b0:05:cf:6d:eb:6a:54:24:a4:a4:dd:
17:24:d1:b1:96:fc:76:be:e7:eb:61:46:0b:a1:d2:
15:14:57:17:1c:78:dd:77:22:10:65:7b:0d:dd:89:
20:4d:b2:da:b5:c5:b8:48:27:7c:26:54:05:28:43:
68:d6:0e:94:00:e7:29:b4:77:3b:84:ff:69:ba:e9:
21:3f:3c:7c:73:2e:b7:7f:0b:32:bc:da:b5:07:0d:
4b:c0:98:6c:5f:03:42:4e:fc:27:d6:9c:9f:26:05:
9b:7f:83:92:50:58:f1:ab:ad:2c:29:ed:0a:7a:35:
b6:e7:7a:27:52:93:6f:cc:40:a1:36:4e:cc:9b:1a:
e1:79:f7:e3:d8:79:a3:06:ab:f3:67:1d:cd:a0:44:
3b:8b:27:98:cd:c4:88:66:51:d8:bb:af:90:33:7a:
48:f6:dc:41:14:24:bd:bc:6c:50:e0:51:2b:ae:18:
ca:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C3:E4:47:23:DA:0D:C5:C3:83:11:88:AC:83:C6:4C:C1:30:91:EA
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/zsPkRyPaDcXDgxGIrIPGTMEwkeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.138.0/23
194.77.54.0/23
195.138.32.0/19
195.253.0.0/16
IPv6:
2a01:5b0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:e9:33:ce:01:8b:90:cf:4a:63:83:51:a8:e2:be:79:6b:cc:
8a:62:e7:07:4d:b3:e9:2d:98:46:50:c8:15:5e:da:f0:90:2f:
b0:0a:4c:8b:40:b2:17:52:07:26:2a:c1:68:38:fd:61:e8:34:
cc:a6:06:3f:ed:78:77:ff:b3:d5:cd:4a:4a:e7:46:33:83:49:
78:36:f2:e7:4d:58:09:96:81:1b:16:d7:aa:07:c0:5f:c3:45:
fe:1b:94:36:22:ac:69:31:a9:e9:ac:6e:92:65:60:07:41:52:
f9:27:0b:1c:d9:f8:e3:a6:57:e7:5c:3d:1d:48:90:25:16:44:
67:21:e0:9f:ff:88:f8:e7:c7:ba:8c:7a:f8:34:08:2e:14:37:
ee:af:51:33:9b:1c:f4:7b:95:d9:ea:70:94:13:ec:4d:6b:24:
af:ed:bb:77:35:17:af:b2:95:f4:72:56:8b:f6:91:99:aa:b9:
a5:58:3d:db:4c:e8:69:da:9e:7f:78:1d:1d:31:c1:50:e2:5d:
c6:af:64:78:34:cb:e9:4b:94:c1:42:4c:e5:c6:06:f2:d7:5d:
d7:68:10:6e:e1:30:2f:c7:45:1f:e0:86:6c:79:62:a6:76:07:
51:0f:a3:f4:09:a3:f8:98:47:9e:ae:aa:98:2c:ab:50:5f:06:
b5:26:08:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEDYwSKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGMxZTQyNmY1OGU0MmFlMzBlNTZjZGI3ZmY0ZDhmOWRkZDg1YjMwMB4XDTIyMDIx
MDE2MTg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2VjM2U0NDcyM2Rh
MGRjNWMzODMxMTg4YWM4M2M2NGNjMTMwOTFlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKB6A3acJnCKx/v4DO9E1RFj4UP+lvTBcPsDj0gRTvUk1ni
rqDEmkZT8Wga0shyH4fTE9E0r3yXw6zFoFsdWnn3xOQsNwABUR8xZ9n1JrAFz23r
alQkpKTdFyTRsZb8dr7n62FGC6HSFRRXFxx43XciEGV7Dd2JIE2y2rXFuEgnfCZU
BShDaNYOlADnKbR3O4T/abrpIT88fHMut38LMrzatQcNS8CYbF8DQk78J9acnyYF
m3+DklBY8autLCntCno1tud6J1KTb8xAoTZOzJsa4Xn349h5owar82cdzaBEO4sn
mM3EiGZR2LuvkDN6SPbcQRQkvbxsUOBRK64Yys0CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTOw+RHI9oNxcODEYisg8ZMwTCR6jAfBgNVHSMEGDAWgBRQweQm9Y5CrjDl
bNt/9Nj53dhbMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VNSGtKdldPUXE0dzVXemJmX1RZLWQzWVd6QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvOWM2ZGFkLTM3N2EtNDQ0ZS1iMGRjLTA2M2NlNmNmNDYwZC8x
L3pzUGtSeVBhRGNYRGd4R0lySVBHVE1Fd2tlby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
OWM2ZGFkLTM3N2EtNDQ0ZS1iMGRjLTA2M2NlNmNmNDYwZC8xL1VNSGtKdldPUXE0
dzVXemJmX1RZLWQzWVd6QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wHQQCAAEwFwMEAbl3igMEAcJNNgMEBcOKIAMDAMP9
MA0EAgACMAcDBQAqAQWwMA0GCSqGSIb3DQEBCwUAA4IBAQA/6TPOAYuQz0pjg1Go
4r55a8yKYucHTbPpLZhGUMgVXtrwkC+wCkyLQLIXUgcmKsFoOP1h6DTMpgY/7Xh3
/7PVzUpK50Yzg0l4NvLnTVgJloEbFteqB8Bfw0X+G5Q2IqxpManprG6SZWAHQVL5
Jwsc2fjjplfnXD0dSJAlFkRnIeCf/4j458e6jHr4NAguFDfur1Ezmxz0e5XZ6nCU
E+xNaySv7bt3NRevspX0claL9pGZqrmlWD3bTOhp2p5/eB0dMcFQ4l3Gr2R4NMvp
S5TBQkzlxgby113XaBBu4TAvx0Uf4IZseWKmdgdRD6P0CaP4mEeerqqYLKtQXwa1
Jgid
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:31 2024 by rpki-client on console-ams.rpki-client.org