Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/ce69f0-b6e1-4ba6-b9e0-4eb2695a868d/1/jk4QVAhyrpPg5t5ga6xioUFNhNY.roa
File: jk4QVAhyrpPg5t5ga6xioUFNhNY.roa (raw, json)
Hash identifier: yk9BcpqIqrl7pk8qRykL/Mlfrote1urTkVDgAPzhyzY=
Subject key identifier: 8E:4E:10:54:08:72:AE:93:E0:E6:DE:60:6B:AC:62:A1:41:4D:84:D6
Certificate issuer: /CN=cf1d7ff016fff5d039a9689a43c93e84fe45dbc8
Certificate serial: 03EBEB67
Authority key identifier: CF:1D:7F:F0:16:FF:F5:D0:39:A9:68:9A:43:C9:3E:84:FE:45:DB:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx1_8Bb_9dA5qWiaQ8k-hP5F28g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/ce69f0-b6e1-4ba6-b9e0-4eb2695a868d/1/jk4QVAhyrpPg5t5ga6xioUFNhNY.roa
Signing time: Sat 01 Jan 2022 11:57:18 +0000
ROA not before: Sat 01 Jan 2022 11:57:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47477
IP address blocks: 192.164.161.0/24 maxlen: 24
192.164.164.0/24 maxlen: 24
192.164.172.0/24 maxlen: 24
192.164.167.0/24 maxlen: 24
192.164.173.0/24 maxlen: 24
192.164.174.0/24 maxlen: 24
2a04:62c2:1::/48 maxlen: 48
2a04:62c2:6::/48 maxlen: 48
2a04:62c1::/32 maxlen: 32
2a04:62c2:5::/48 maxlen: 48
2a04:62c2:4::/48 maxlen: 48
2a04:62c2:3::/48 maxlen: 48
2a04:62c0::/32 maxlen: 32
2a04:62c2:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65792871 (0x3ebeb67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1d7ff016fff5d039a9689a43c93e84fe45dbc8
Validity
Not Before: Jan 1 11:57:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e4e10540872ae93e0e6de606bac62a1414d84d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:17:ab:2c:1a:68:21:69:f6:64:6e:53:3f:b2:
de:d1:1c:ad:ff:a3:db:3b:71:90:12:9e:05:4a:28:
d5:db:ea:02:80:bc:15:a3:45:20:5c:38:7c:28:bc:
d7:d0:9e:db:eb:55:78:02:9a:d7:29:1d:48:c0:bf:
b4:01:35:2c:e5:43:67:18:5e:f4:48:13:da:15:09:
fb:24:36:cc:eb:82:1a:3a:8d:da:8b:26:fe:c0:cd:
98:88:b0:27:bc:56:56:9a:ab:e2:6d:08:4e:94:5b:
22:8a:2c:d2:80:cd:b2:5b:e9:bd:86:36:a9:9d:9a:
e0:98:d9:77:f3:94:63:24:e1:d5:3f:29:b0:de:c3:
b4:45:d8:74:23:de:7d:ef:5e:5e:67:84:91:1c:8e:
41:b5:b0:b9:dc:c0:e1:3d:30:16:93:35:23:ee:7b:
81:d8:ef:a5:5c:58:59:c9:62:a5:05:b7:a0:c5:df:
20:f8:90:f9:54:4e:40:93:77:15:44:ed:c4:a6:ff:
67:66:2f:4c:93:cc:07:16:cb:f9:00:73:18:e6:7e:
d3:13:8e:5c:fd:21:26:ff:50:16:83:e7:05:53:15:
b5:0e:8c:b8:99:15:33:4f:f0:c3:97:b3:ed:b5:7b:
a0:f1:88:e0:c1:65:f8:73:9f:4c:bc:0b:20:1e:5d:
65:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4E:10:54:08:72:AE:93:E0:E6:DE:60:6B:AC:62:A1:41:4D:84:D6
X509v3 Authority Key Identifier:
keyid:CF:1D:7F:F0:16:FF:F5:D0:39:A9:68:9A:43:C9:3E:84:FE:45:DB:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx1_8Bb_9dA5qWiaQ8k-hP5F28g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ce69f0-b6e1-4ba6-b9e0-4eb2695a868d/1/jk4QVAhyrpPg5t5ga6xioUFNhNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ce69f0-b6e1-4ba6-b9e0-4eb2695a868d/1/zx1_8Bb_9dA5qWiaQ8k-hP5F28g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.164.161.0/24
192.164.164.0/24
192.164.167.0/24
192.164.172.0-192.164.174.255
IPv6:
2a04:62c0::/31
2a04:62c2:1::-2a04:62c2:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
30:86:38:1a:fc:8d:8a:8e:07:70:f1:1e:78:5f:03:27:eb:7f:
a7:08:84:5f:d0:ff:42:0a:ce:15:b1:d5:24:6d:7c:24:0f:db:
f3:4b:dd:39:3c:e4:65:0c:fa:bc:8f:a3:21:fc:63:5c:f9:0f:
72:6b:50:23:58:62:87:1a:f4:99:b8:65:60:7d:9c:3e:47:1c:
c1:ef:b8:05:ae:38:48:66:01:ba:30:e1:a0:70:97:1e:c0:21:
22:67:01:f6:c3:1c:a8:08:d4:fa:65:f8:17:d9:df:7e:53:f3:
e5:f2:75:98:43:89:23:b7:0b:a7:0b:1d:9e:bb:5d:65:01:eb:
55:82:dc:85:f0:b9:e1:b7:4b:8d:c6:56:69:50:60:f2:a6:c0:
9c:fb:c3:ce:b8:2f:f4:e5:a5:b4:ba:03:33:94:64:b4:e8:a1:
06:df:f7:4a:0d:58:6b:c4:3b:69:70:9b:98:46:0d:3c:03:d6:
a1:ee:9d:57:b1:29:5a:37:6a:c6:6a:5f:ea:79:30:4a:70:0a:
ac:81:e4:00:78:39:a8:ef:90:01:51:2d:0b:28:1f:2b:0b:49:
8d:d0:8e:2d:b3:82:c5:38:5e:bc:7e:17:e1:82:fa:eb:73:06:
c6:77:5f:b7:5b:72:66:0a:c1:70:00:cc:ec:dc:44:23:b5:88:
d7:07:c7:ed
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIEA+vrZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZjFkN2ZmMDE2ZmZmNWQwMzlhOTY4OWE0M2M5M2U4NGZlNDVkYmM4MB4XDTIyMDEw
MTExNTcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU0ZTEwNTQwODcy
YWU5M2UwZTZkZTYwNmJhYzYyYTE0MTRkODRkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJkXqywaaCFp9mRuUz+y3tEcrf+j2ztxkBKeBUoo1dvqAoC8
FaNFIFw4fCi819Ce2+tVeAKa1ykdSMC/tAE1LOVDZxhe9EgT2hUJ+yQ2zOuCGjqN
2osm/sDNmIiwJ7xWVpqr4m0ITpRbIoos0oDNslvpvYY2qZ2a4JjZd/OUYyTh1T8p
sN7DtEXYdCPefe9eXmeEkRyOQbWwudzA4T0wFpM1I+57gdjvpVxYWclipQW3oMXf
IPiQ+VROQJN3FUTtxKb/Z2YvTJPMBxbL+QBzGOZ+0xOOXP0hJv9QFoPnBVMVtQ6M
uJkVM0/ww5ez7bV7oPGI4MFl+HOfTLwLIB5dZeUCAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBSOThBUCHKuk+Dm3mBrrGKhQU2E1jAfBgNVHSMEGDAWgBTPHX/wFv/10Dmp
aJpDyT6E/kXbyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3p4MV84QmJfOWRBNXFXaWFROGstaFA1RjI4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvY2U2OWYwLWI2ZTEtNGJhNi1iOWUwLTRlYjI2OTVhODY4ZC8x
L2prNFFWQWh5cnBQZzV0NWdhNnhpb1VGTmhOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
Y2U2OWYwLWI2ZTEtNGJhNi1iOWUwLTRlYjI2OTVhODY4ZC8xL3p4MV84QmJfOWRB
NXFXaWFROGstaFA1RjI4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswJgQCAAEwIAMEAMCkoQMEAMCkpAMEAMCkpzAMAwQC
wKSsAwQAwKSuMCEEAgACMBsDBQEqBGLAMBIDBwAqBGLCAAEDBwAqBGLCAAYwDQYJ
KoZIhvcNAQELBQADggEBADCGOBr8jYqOB3DxHnhfAyfrf6cIhF/Q/0IKzhWx1SRt
fCQP2/NL3Tk85GUM+ryPoyH8Y1z5D3JrUCNYYoca9Jm4ZWB9nD5HHMHvuAWuOEhm
Abow4aBwlx7AISJnAfbDHKgI1Ppl+BfZ335T8+XydZhDiSO3C6cLHZ67XWUB61WC
3IXwueG3S43GVmlQYPKmwJz7w864L/TlpbS6AzOUZLTooQbf90oNWGvEO2lwm5hG
DTwD1qHunVexKVo3asZqX+p5MEpwCqyB5AB4OajvkAFRLQsoHysLSY3Qji2zgsU4
Xrx+F+GC+utzBsZ3X7dbcmYKwXAAzOzcRCO1iNcHx+0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:14 2024 by rpki-client on console-ams.rpki-client.org