Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/zhQHeRbjYWgOTZBIOTDYB2DrajU.roa
File: zhQHeRbjYWgOTZBIOTDYB2DrajU.roa (raw, json)
Hash identifier: u2TPMTYYlNM2iX7HW2BP7dTWkV1EHFwdl/c70GEZTqM=
Subject key identifier: CE:14:07:79:16:E3:61:68:0E:4D:90:48:39:30:D8:07:60:EB:6A:35
Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Certificate serial: 092D669A
Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/zhQHeRbjYWgOTZBIOTDYB2DrajU.roa
Signing time: Fri 20 May 2022 14:17:29 +0000
ROA not before: Fri 20 May 2022 14:17:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57073
IP address blocks: 85.198.76.0/22 maxlen: 24
185.138.253.0/24 maxlen: 24
185.138.252.0/22 maxlen: 24
185.138.252.0/24 maxlen: 24
185.62.200.0/23 maxlen: 24
185.138.254.0/24 maxlen: 24
185.138.255.0/24 maxlen: 24
185.62.202.0/24 maxlen: 24
91.230.107.0/24 maxlen: 24
194.1.214.0/24 maxlen: 24
2a03:720::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153970330 (0x92d669a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Validity
Not Before: May 20 14:17:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce14077916e361680e4d90483930d80760eb6a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9a:b5:b2:85:a8:2c:cc:6a:38:c8:0b:b6:d9:
09:1b:00:5c:95:1b:0a:a7:3a:7e:12:18:50:94:72:
9d:70:5f:bf:e2:d7:8e:6e:07:7e:08:69:73:7e:7d:
37:e2:ae:36:02:b9:1a:d8:18:8b:ed:58:45:19:cc:
bf:62:96:6f:a0:87:73:f1:87:4a:75:b9:58:a4:13:
5a:5a:b1:96:44:54:64:aa:88:97:37:d8:61:59:64:
62:8c:3f:bc:40:10:a7:ec:2a:59:34:f8:6d:68:be:
2c:cf:a8:26:e3:80:01:6c:9a:db:77:cc:97:2c:ca:
af:39:55:ac:30:1a:14:3f:5f:38:11:ab:c9:10:83:
98:df:0d:10:f6:53:3f:51:f8:2b:99:bc:73:d8:e4:
e0:b1:25:ef:c3:dc:81:89:d2:a0:28:ce:ac:60:37:
31:5a:ad:3d:1e:be:b9:83:d3:c6:39:1e:81:19:1f:
eb:db:d7:c4:fb:4b:84:45:50:67:eb:f8:fa:47:99:
27:9d:e3:77:2f:be:ab:11:6e:0a:a5:c6:ea:d7:84:
e7:0c:8a:f0:88:ba:db:e5:45:c7:23:1f:60:91:ad:
cc:0a:10:5c:d1:20:22:88:15:a2:be:a9:2e:aa:82:
ea:49:8d:8b:68:79:6e:19:57:e8:6b:f7:a0:00:3b:
04:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:14:07:79:16:E3:61:68:0E:4D:90:48:39:30:D8:07:60:EB:6A:35
X509v3 Authority Key Identifier:
keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/zhQHeRbjYWgOTZBIOTDYB2DrajU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.76.0/22
91.230.107.0/24
185.62.200.0-185.62.202.255
185.138.252.0/22
194.1.214.0/24
IPv6:
2a03:720::/32
Signature Algorithm: sha256WithRSAEncryption
48:c8:e7:7b:f1:4e:3e:fd:2e:fd:7c:f0:96:0e:67:05:67:90:
75:07:d9:0a:ee:01:b3:b0:c2:8e:f8:cf:22:77:dc:d3:59:02:
f2:39:a2:ee:b6:d3:41:e8:6d:aa:1f:66:b8:d0:ea:bd:6c:3c:
33:39:76:1b:53:95:da:78:6f:b4:bf:3a:b1:d1:e1:db:59:88:
77:27:bc:e0:2a:c2:a4:ae:20:5b:a7:ba:a0:5f:6d:30:64:cf:
1d:c8:47:90:31:b2:f5:86:9c:eb:10:90:34:6b:f2:7b:da:9b:
22:b0:d3:40:3c:ba:e2:91:07:70:b3:a1:53:8f:f3:4e:34:95:
bf:a1:64:da:20:5c:99:d3:53:20:1b:e3:f1:96:f8:94:36:37:
f5:eb:a7:99:92:26:0d:03:fa:52:2d:b0:e9:cf:02:01:45:8a:
cb:c4:ec:dd:56:a0:4d:7e:85:5b:fe:60:ec:8b:a3:10:75:de:
98:39:cd:99:ba:bb:9f:8e:3c:32:c8:9f:99:4e:3f:05:01:96:
84:a4:d5:0d:85:bd:9f:94:a7:d1:25:57:d2:fb:8e:27:5f:46:
61:9c:17:92:49:03:a7:a5:55:b4:5a:57:4d:c3:23:8f:fe:60:
90:6e:11:7b:80:5b:38:0b:fb:db:0c:99:86:ca:c0:e2:52:7e:
72:63:c9:0a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIECS1mmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NmJhM2Y4MDAzOWI5ZTc4NGNmYjI0YmYyYzdkZGIyNGUxOTAwYTc2MB4XDTIyMDUy
MDE0MTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2UxNDA3NzkxNmUz
NjE2ODBlNGQ5MDQ4MzkzMGQ4MDc2MGViNmEzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKatbKFqCzMajjIC7bZCRsAXJUbCqc6fhIYUJRynXBfv+LX
jm4Hfghpc359N+KuNgK5GtgYi+1YRRnMv2KWb6CHc/GHSnW5WKQTWlqxlkRUZKqI
lzfYYVlkYow/vEAQp+wqWTT4bWi+LM+oJuOAAWya23fMlyzKrzlVrDAaFD9fOBGr
yRCDmN8NEPZTP1H4K5m8c9jk4LEl78PcgYnSoCjOrGA3MVqtPR6+uYPTxjkegRkf
69vXxPtLhEVQZ+v4+keZJ53jdy++qxFuCqXG6teE5wyK8Ii62+VFxyMfYJGtzAoQ
XNEgIogVor6pLqqC6kmNi2h5bhlX6Gv3oAA7BPUCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBTOFAd5FuNhaA5NkEg5MNgHYOtqNTAfBgNVHSMEGDAWgBRGuj+AA5ueeEz7
JL8sfdsk4ZAKdjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Jyb19nQU9ibm5oTS15U19MSDNiSk9HUUNuWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvY2ZhMmFlLWU1MjQtNGJkMC04NzViLTg5YWNlMzgyMjBmYi8x
L3poUUhlUmJqWVdnT1RaQklPVERZQjJEcmFqVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
Y2ZhMmFlLWU1MjQtNGJkMC04NzViLTg5YWNlMzgyMjBmYi8xL1Jyb19nQU9ibm5o
TS15U19MSDNiSk9HUUNuWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEAlXGTAMEAFvmazAMAwQDuT7IAwQA
uT7KAwQCuYr8AwQAwgHWMA0EAgACMAcDBQAqAwcgMA0GCSqGSIb3DQEBCwUAA4IB
AQBIyOd78U4+/S79fPCWDmcFZ5B1B9kK7gGzsMKO+M8id9zTWQLyOaLuttNB6G2q
H2a40Oq9bDwzOXYbU5XaeG+0vzqx0eHbWYh3J7zgKsKkriBbp7qgX20wZM8dyEeQ
MbL1hpzrEJA0a/J72psisNNAPLrikQdws6FTj/NONJW/oWTaIFyZ01MgG+PxlviU
Njf166eZkiYNA/pSLbDpzwIBRYrLxOzdVqBNfoVb/mDsi6MQdd6YOc2Zurufjjwy
yJ+ZTj8FAZaEpNUNhb2flKfRJVfS+44nX0ZhnBeSSQOnpVW0WldNwyOP/mCQbhF7
gFs4C/vbDJmGysDiUn5yY8kK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:32 2024 by rpki-client on console-fra.rpki-client.org