Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/z1rMXrkYsiYpM8DErKqgspPAu6k.roa
File: z1rMXrkYsiYpM8DErKqgspPAu6k.roa (raw, json)
Hash identifier: o9JnXxpfq/mxsWJWSE/LIqa6d3NKZP39tpeaZ6Rb8HU=
Subject key identifier: CF:5A:CC:5E:B9:18:B2:26:29:33:C0:C4:AC:AA:A0:B2:93:C0:BB:A9
Certificate issuer: /CN=063badc7853b05100a6b224ddcefc18e2e7d3dd5
Certificate serial: 052BD5
Authority key identifier: 06:3B:AD:C7:85:3B:05:10:0A:6B:22:4D:DC:EF:C1:8E:2E:7D:3D:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/z1rMXrkYsiYpM8DErKqgspPAu6k.roa
Signing time: Tue 22 Feb 2022 21:28:32 +0000
ROA not before: Tue 22 Feb 2022 21:28:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8387
IP address blocks: 92.61.208.0/20 maxlen: 20
185.49.176.0/22 maxlen: 22
212.166.96.0/19 maxlen: 19
212.31.64.0/19 maxlen: 19
193.162.45.0/24 maxlen: 24
46.17.224.0/21 maxlen: 21
2a10:f8c0::/29 maxlen: 29
2001:9d0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 338901 (0x52bd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=063badc7853b05100a6b224ddcefc18e2e7d3dd5
Validity
Not Before: Feb 22 21:28:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf5acc5eb918b2262933c0c4acaaa0b293c0bba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c9:e9:36:5f:66:ad:a7:bc:06:32:f7:ec:df:
d4:51:f0:fc:fe:fe:26:9e:30:ab:5c:8c:10:b1:a5:
ed:99:cd:9b:d6:a8:b0:96:88:82:4a:66:f2:7c:ec:
6a:86:82:e8:c2:0a:76:85:30:87:59:38:6a:28:37:
16:96:9f:22:28:90:32:be:72:18:ee:e2:77:2c:01:
41:3a:e8:9c:87:b2:2a:4a:39:c7:df:87:81:06:aa:
84:7f:8a:1a:bd:16:2c:94:1b:74:1a:58:a1:a5:e9:
bf:33:dd:02:2e:54:e5:59:5a:bf:ce:5c:35:14:8e:
52:26:df:f8:3d:2c:ab:94:00:70:b0:35:f4:37:c9:
30:5e:57:6d:c2:52:55:df:67:86:34:f0:2b:16:48:
8b:e2:12:5c:07:d2:3f:46:f4:ec:38:92:06:ac:08:
5e:97:f2:1d:e3:8f:b2:ba:e7:40:16:bf:e7:3b:b5:
55:3d:23:14:a2:a2:f3:34:a8:bd:06:35:5f:bf:d3:
22:5b:37:f2:5b:69:e1:19:64:8d:40:48:08:26:6c:
87:e9:9e:ab:fa:29:d3:ad:2b:98:7e:62:69:61:51:
0b:5c:50:f2:d8:4e:34:07:71:89:a5:67:ba:13:b5:
82:1c:e3:cb:95:8d:3e:fe:12:21:1c:78:b8:5d:18:
c2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5A:CC:5E:B9:18:B2:26:29:33:C0:C4:AC:AA:A0:B2:93:C0:BB:A9
X509v3 Authority Key Identifier:
keyid:06:3B:AD:C7:85:3B:05:10:0A:6B:22:4D:DC:EF:C1:8E:2E:7D:3D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/z1rMXrkYsiYpM8DErKqgspPAu6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Bjutx4U7BRAKayJN3O_Bji59PdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.224.0/21
92.61.208.0/20
185.49.176.0/22
193.162.45.0/24
212.31.64.0/19
212.166.96.0/19
IPv6:
2001:9d0::/32
2a10:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
57:fc:b0:b9:86:ec:1e:de:4c:6b:86:5a:8a:db:bd:94:b8:2d:
06:26:e7:83:f2:aa:e7:72:a3:27:9f:b0:e5:d2:3e:e7:f6:ba:
a8:da:dd:52:16:62:d4:4b:46:ed:66:f7:19:4e:53:d8:69:34:
b3:9e:bf:c4:51:50:f0:0a:d8:91:be:7d:fb:c9:be:6c:b2:49:
dd:96:dd:ce:78:10:2b:4f:f4:2d:7f:55:37:ab:a8:e0:a8:72:
6f:c3:2d:4a:44:3a:43:81:3e:23:7f:1b:b4:67:9d:78:98:d3:
3d:4c:77:b2:a5:69:8b:5b:11:0d:ab:16:78:ad:c0:e4:1c:ed:
98:a4:47:e4:23:4e:d5:9f:a5:d0:20:e4:a3:b9:ef:91:d4:8c:
ad:7c:a7:22:fc:54:e1:cb:20:14:57:99:ed:77:f0:60:fe:97:
f6:e5:d7:84:ef:cc:05:84:05:ed:a7:72:30:01:45:81:b0:93:
f2:c0:2b:fb:02:41:58:4a:61:57:77:58:d4:fb:3c:e5:0c:7b:
a9:34:4e:80:fd:c8:5a:a9:9a:e7:01:a9:12:a0:90:37:e0:34:
88:49:53:71:20:04:21:54:5a:77:cb:26:49:83:e7:de:3a:82:
6b:05:eb:13:3e:0e:e0:11:76:2b:c0:d3:dc:e6:4f:1c:1a:b3:
54:53:ef:99
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIDBSvVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA2
M2JhZGM3ODUzYjA1MTAwYTZiMjI0ZGRjZWZjMThlMmU3ZDNkZDUwHhcNMjIwMjIy
MjEyODMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZjVhY2M1ZWI5MThi
MjI2MjkzM2MwYzRhY2FhYTBiMjkzYzBiYmE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxcnpNl9mrae8BjL37N/UUfD8/v4mnjCrXIwQsaXtmc2b1qiw
loiCSmbyfOxqhoLowgp2hTCHWThqKDcWlp8iKJAyvnIY7uJ3LAFBOuich7IqSjnH
34eBBqqEf4oavRYslBt0Glihpem/M90CLlTlWVq/zlw1FI5SJt/4PSyrlABwsDX0
N8kwXldtwlJV32eGNPArFkiL4hJcB9I/RvTsOJIGrAhel/Id44+yuudAFr/nO7VV
PSMUoqLzNKi9BjVfv9MiWzfyW2nhGWSNQEgIJmyH6Z6r+inTrSuYfmJpYVELXFDy
2E40B3GJpWe6E7WCHOPLlY0+/hIhHHi4XRjCwwIDAQABo4ICPTCCAjkwHQYDVR0O
BBYEFM9azF65GLImKTPAxKyqoLKTwLupMB8GA1UdIwQYMBaAFAY7rceFOwUQCmsi
TdzvwY4ufT3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Qmp1dHg0VTdCUkFLYXlKTjNPX0JqaTU5UGRVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84OC9kMDlmYjAtOWFhNS00YjVhLThhNGYtYTIzNzQ0NGFmODI5LzEv
ejFyTVhya1lzaVlwTThERXJLcWdzcFBBdTZrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9k
MDlmYjAtOWFhNS00YjVhLThhNGYtYTIzNzQ0NGFmODI5LzEvQmp1dHg0VTdCUkFL
YXlKTjNPX0JqaTU5UGRVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFMG
CCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDLhHgAwQEXD3QAwQCuTGwAwQAwaIt
AwQF1B9AAwQF1KZgMBQEAgACMA4DBQAgAQnQAwUDKhD4wDANBgkqhkiG9w0BAQsF
AAOCAQEAV/ywuYbsHt5Ma4Zaitu9lLgtBibng/Kq53KjJ5+w5dI+5/a6qNrdUhZi
1EtG7Wb3GU5T2Gk0s56/xFFQ8ArYkb59+8m+bLJJ3ZbdzngQK0/0LX9VN6uo4Khy
b8MtSkQ6Q4E+I38btGedeJjTPUx3sqVpi1sRDasWeK3A5BztmKRH5CNO1Z+l0CDk
o7nvkdSMrXynIvxU4csgFFeZ7XfwYP6X9uXXhO/MBYQF7adyMAFFgbCT8sAr+wJB
WEphV3dY1Ps85Qx7qTROgP3IWqma5wGpEqCQN+A0iElTcSAEIVRad8smSYPn3jqC
awXrEz4O4BF2K8DT3OZPHBqzVFPvmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:55 2024 by rpki-client on console-fra.rpki-client.org