Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/ZXOdIyQut9hOu0IcudgThBSsll0.roa
File: ZXOdIyQut9hOu0IcudgThBSsll0.roa (raw, json)
Hash identifier: 1L0dcUFfMVjZ9kkF9aW+VSMqK8nnnA8vlTx5TEc9k1Y=
Subject key identifier: 65:73:9D:23:24:2E:B7:D8:4E:BB:42:1C:B9:D8:13:84:14:AC:96:5D
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 0184D1AFF8191976307B4B1B95E8C5371C18
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/ZXOdIyQut9hOu0IcudgThBSsll0.roa
Signing time: Fri 02 Dec 2022 07:14:41 +0000
ROA not before: Fri 02 Dec 2022 07:14:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59456
IP address blocks: 195.244.18.0/24 maxlen: 24
91.239.15.0/24 maxlen: 24
45.152.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d1:af:f8:19:19:76:30:7b:4b:1b:95:e8:c5:37:1c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Dec 2 07:14:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65739d23242eb7d84ebb421cb9d8138414ac965d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:71:3b:de:e3:d8:a8:0f:90:60:7d:33:c2:f8:
9d:9f:b5:1c:c4:34:eb:fa:a7:30:1d:17:d8:08:05:
54:dd:b3:4a:e2:f0:24:4c:20:3f:5d:a1:3b:fe:09:
78:1d:6c:de:4d:12:97:e6:d5:da:c2:d1:e7:63:25:
38:c0:ff:c2:e9:64:7e:fb:47:7d:85:56:42:55:2e:
16:3c:2b:bd:64:b9:ac:5e:fd:58:2e:6d:ed:df:9b:
eb:86:7f:ae:ef:61:85:85:17:7b:b5:61:fc:c0:7a:
0f:e9:87:a3:22:10:ad:81:f6:25:6c:1c:89:9c:e3:
8d:78:57:4c:aa:40:42:ad:2d:ff:38:d0:bf:34:1f:
d0:16:d8:45:26:87:be:07:af:10:9f:30:fb:2c:11:
cb:44:e0:0a:d2:5d:c1:9d:c0:33:dd:60:d4:8e:81:
9b:0f:17:bf:bb:a4:2c:ca:f4:90:cb:f4:95:ec:4a:
42:26:93:46:98:78:05:73:d8:89:0c:68:ae:a7:2d:
93:af:16:d3:e2:9a:4a:be:0c:a6:48:dc:ad:4c:ab:
01:5a:7a:99:42:bb:d2:fc:f4:ab:8d:21:79:7b:79:
5a:a9:e1:16:9a:a5:cb:26:2b:a0:e1:0c:86:92:df:
82:33:ca:55:8b:f4:93:28:79:35:54:f6:c6:2e:81:
e3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:73:9D:23:24:2E:B7:D8:4E:BB:42:1C:B9:D8:13:84:14:AC:96:5D
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/ZXOdIyQut9hOu0IcudgThBSsll0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.40.0/22
91.239.15.0/24
195.244.18.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ca:c3:8d:cb:20:d5:c9:42:a7:0c:84:c6:d7:da:ac:bb:c6:
10:13:b1:a7:a5:f2:66:07:9b:dc:dd:bf:63:51:57:9d:f6:4c:
cd:7c:e0:2f:7c:c3:b7:39:e6:d3:94:14:ad:7f:b8:91:97:72:
0c:24:61:f2:01:21:77:66:ea:e1:e2:a2:b5:f1:00:dc:e3:f0:
f2:3c:8a:4a:f5:f4:11:45:ea:07:d9:db:16:ad:b1:61:33:2b:
0e:75:b9:d5:d1:ba:92:4e:1c:7c:4a:28:36:f2:49:7f:df:cd:
4a:b9:86:56:e4:ef:59:a0:4b:77:c5:05:13:e5:da:9e:ef:15:
db:4b:ab:0b:7d:99:2d:ef:da:5a:07:8c:19:39:28:73:ec:0e:
bc:01:f3:ab:00:70:c7:07:39:ba:f8:3e:52:c6:3c:5c:bb:aa:
59:5a:57:04:2a:19:62:d6:a0:3a:a3:4b:cb:da:a0:e4:78:c7:
4f:75:2a:40:ff:ff:12:21:de:06:5a:fd:60:b9:b4:54:8f:bc:
06:d1:3b:61:43:f7:73:b5:d9:c7:3f:97:da:49:ff:24:1d:4d:
23:6a:c6:5a:e1:0b:1c:8b:70:41:60:52:ed:df:88:f9:a1:f9:
97:42:e2:a4:c8:6c:8f:29:5c:4a:68:e5:e6:f4:cb:18:4a:5c:
2e:1e:17:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTRr/gZGXYwe0sblejFNxwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjIxMjAyMDcxNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTczOWQyMzI0MmViN2Q4NGViYjQyMWNiOWQ4MTM4NDE0YWM5NjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXE73uPYqA+QYH0zwvidn7UcxDTr
+qcwHRfYCAVU3bNK4vAkTCA/XaE7/gl4HWzeTRKX5tXawtHnYyU4wP/C6WR++0d9
hVZCVS4WPCu9ZLmsXv1YLm3t35vrhn+u72GFhRd7tWH8wHoP6YejIhCtgfYlbByJ
nOONeFdMqkBCrS3/ONC/NB/QFthFJoe+B68QnzD7LBHLROAK0l3BncAz3WDUjoGb
Dxe/u6QsyvSQy/SV7EpCJpNGmHgFc9iJDGiupy2TrxbT4ppKvgymSNytTKsBWnqZ
QrvS/PSrjSF5e3laqeEWmqXLJiug4QyGkt+CM8pVi/STKHk1VPbGLoHjNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGVznSMkLrfYTrtCHLnYE4QUrJZdMB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvWlhPZEl5UXV0OWhPdTBJY3VkZ1RoQlNzbGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZgoAwQA
W+8PAwQAw/QSMA0GCSqGSIb3DQEBCwUAA4IBAQAqysONyyDVyUKnDITG19qsu8YQ
E7GnpfJmB5vc3b9jUVed9kzNfOAvfMO3OebTlBStf7iRl3IMJGHyASF3Zurh4qK1
8QDc4/DyPIpK9fQRReoH2dsWrbFhMysOdbnV0bqSThx8Sig28kl/381KuYZW5O9Z
oEt3xQUT5dqe7xXbS6sLfZkt79paB4wZOShz7A68AfOrAHDHBzm6+D5Sxjxcu6pZ
WlcEKhli1qA6o0vL2qDkeMdPdSpA//8SId4GWv1gubRUj7wG0TthQ/dztdnHP5fa
Sf8kHU0jasZa4Qsci3BBYFLt34j5ofmXQuKkyGyPKVxKaOXm9MsYSlwuHhfq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:31 2024 by rpki-client on console-fra.rpki-client.org