Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/cZLNnL8KD8Avlna81Ks2NCttdSg.roa
File: cZLNnL8KD8Avlna81Ks2NCttdSg.roa (raw, json)
Hash identifier: LmnTs5YK3wg3mIiG2C30FLVaZxp7/6WNLkO8g2Q45n8=
Subject key identifier: 71:92:CD:9C:BF:0A:0F:C0:2F:96:76:BC:D4:AB:36:34:2B:6D:75:28
Certificate issuer: /CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d
Certificate serial: 0227F39D
Authority key identifier: 1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/cZLNnL8KD8Avlna81Ks2NCttdSg.roa
Signing time: Sat 01 Jan 2022 05:55:59 +0000
ROA not before: Sat 01 Jan 2022 05:55:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204467
IP address blocks: 185.247.156.0/22 maxlen: 22
92.39.48.0/20 maxlen: 20
2a0d:c680::/29 maxlen: 29
2a01:6dc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36172701 (0x227f39d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d
Validity
Not Before: Jan 1 05:55:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7192cd9cbf0a0fc02f9676bcd4ab36342b6d7528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c6:4b:7b:bc:2f:47:90:8a:55:81:68:4b:fb:
c5:2b:32:30:45:61:b2:4f:a5:f2:c9:1b:34:d4:48:
d8:64:87:88:74:4a:f7:54:5c:9d:e7:b0:73:b9:9a:
3a:20:99:41:ef:52:f8:bf:a8:13:65:7a:1c:8e:5a:
2f:2e:8f:82:8e:c2:de:b1:58:b9:01:c1:c2:55:c0:
ef:37:c4:f1:fd:98:30:61:87:3a:d5:25:e3:28:ef:
75:08:a5:72:42:d3:70:df:16:44:8b:90:2e:31:d2:
9d:ae:a7:2f:8e:cf:02:d5:82:39:6f:27:42:d3:e6:
74:15:3e:81:4b:30:b5:28:fd:d7:84:f1:9d:cc:de:
65:99:e2:23:dc:a0:83:41:fd:a4:e9:82:fe:3a:19:
cb:9c:84:33:b5:94:f0:e5:24:6b:fc:62:b4:30:d2:
94:54:06:37:7b:df:f2:2d:9f:54:4c:db:5b:d6:8a:
72:5e:10:50:b9:ae:fd:49:96:82:83:37:29:57:00:
eb:27:90:64:84:60:07:db:60:4d:5b:c9:66:19:6e:
33:15:98:af:06:a4:f7:31:9a:61:c1:57:0f:22:03:
ae:2a:c8:15:c1:e2:b9:66:b9:af:2d:59:f3:c6:28:
17:4b:11:d5:28:8d:0a:5d:2c:e6:43:b6:32:9e:64:
e7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:92:CD:9C:BF:0A:0F:C0:2F:96:76:BC:D4:AB:36:34:2B:6D:75:28
X509v3 Authority Key Identifier:
keyid:1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/cZLNnL8KD8Avlna81Ks2NCttdSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/G9LUY64VNG1e3Xk3uL-o4JsUN20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.39.48.0/20
185.247.156.0/22
IPv6:
2a01:6dc0::/32
2a0d:c680::/29
Signature Algorithm: sha256WithRSAEncryption
1a:ad:83:02:01:2f:b9:60:47:86:dc:ba:46:90:bf:2d:8f:06:
20:85:3d:71:b7:ea:9d:3a:47:1a:b3:42:81:6b:43:0b:ba:28:
b2:bf:d4:d3:d6:33:ef:95:a4:4c:ce:78:11:ec:ec:ed:41:29:
09:36:f5:4e:fe:a6:27:b4:7b:82:de:db:d2:9e:de:ff:8c:ad:
97:ac:3b:05:8f:22:f0:c5:c1:d9:bf:63:08:3b:31:f7:c0:0d:
0e:7a:1f:ea:aa:85:6f:63:51:13:df:19:98:a4:e0:09:14:ca:
b5:ff:f2:4e:53:5e:d4:64:1a:3d:08:ba:85:68:12:40:d1:4f:
36:c9:ef:b3:cf:bc:fa:d1:98:41:88:51:2b:82:d5:9c:be:31:
14:ca:9f:c0:d5:b4:1e:50:a0:d4:29:5f:2e:7c:0f:d6:41:1f:
2e:f1:7c:d6:8f:40:91:4b:40:16:82:39:8d:a9:27:41:c3:58:
29:fa:96:4f:2f:9c:1b:46:eb:4f:a3:73:64:d8:29:3b:ff:8d:
30:cb:28:8e:7a:d3:33:7f:8a:7f:13:79:75:fd:6e:ee:65:5e:
50:42:ae:cd:70:00:a5:4b:78:db:f1:b9:2f:b6:20:73:d8:b0:
7e:a4:be:32:a9:c4:0a:eb:de:df:39:17:0a:ab:8c:b9:7e:6f:
36:c7:0b:49
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEAifznTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YmQyZDQ2M2FlMTUzNDZkNWVkZDc5MzdiOGJmYThlMDliMTQzNzZkMB4XDTIyMDEw
MTA1NTU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE5MmNkOWNiZjBh
MGZjMDJmOTY3NmJjZDRhYjM2MzQyYjZkNzUyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7GS3u8L0eQilWBaEv7xSsyMEVhsk+l8skbNNRI2GSHiHRK
91Rcneewc7maOiCZQe9S+L+oE2V6HI5aLy6Pgo7C3rFYuQHBwlXA7zfE8f2YMGGH
OtUl4yjvdQilckLTcN8WRIuQLjHSna6nL47PAtWCOW8nQtPmdBU+gUswtSj914Tx
nczeZZniI9ygg0H9pOmC/joZy5yEM7WU8OUka/xitDDSlFQGN3vf8i2fVEzbW9aK
cl4QULmu/UmWgoM3KVcA6yeQZIRgB9tgTVvJZhluMxWYrwak9zGaYcFXDyIDrirI
FcHiuWa5ry1Z88YoF0sR1SiNCl0s5kO2Mp5k508CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBRxks2cvwoPwC+WdrzUqzY0K211KDAfBgNVHSMEGDAWgBQb0tRjrhU0bV7d
eTe4v6jgmxQ3bTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c5TFVZNjRWTkcxZTNYazN1TC1vNEpzVU4yMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvNzBjNDc3LWE4Y2QtNGE3Mi1iNjY5LTFmOTNjMjM5YTAxMi8x
L2NaTE5uTDhLRDhBdmxuYTgxS3MyTkN0dGRTZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
NzBjNDc3LWE4Y2QtNGE3Mi1iNjY5LTFmOTNjMjM5YTAxMi8xL0c5TFVZNjRWTkcx
ZTNYazN1TC1vNEpzVU4yMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEBFwnMAMEArn3nDAUBAIAAjAOAwUA
KgFtwAMFAyoNxoAwDQYJKoZIhvcNAQELBQADggEBABqtgwIBL7lgR4bcukaQvy2P
BiCFPXG36p06RxqzQoFrQwu6KLK/1NPWM++VpEzOeBHs7O1BKQk29U7+pie0e4Le
29Ke3v+MrZesOwWPIvDFwdm/Ywg7MffADQ56H+qqhW9jURPfGZik4AkUyrX/8k5T
XtRkGj0IuoVoEkDRTzbJ77PPvPrRmEGIUSuC1Zy+MRTKn8DVtB5QoNQpXy58D9ZB
Hy7xfNaPQJFLQBaCOY2pJ0HDWCn6lk8vnBtG60+jc2TYKTv/jTDLKI560zN/in8T
eXX9bu5lXlBCrs1wAKVLeNvxuS+2IHPYsH6kvjKpxArr3t85FwqrjLl+bzbHC0k=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-ams.rpki-client.org