Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/pZB-zLaE0PTGIKgzu2BgA6gig3s.roa
File: pZB-zLaE0PTGIKgzu2BgA6gig3s.roa (raw, json)
Hash identifier: fKKOOeWrqsQDjssCHf9JlCXm/GVZ5ZczTt06A3FFTNw=
Subject key identifier: A5:90:7E:CC:B6:84:D0:F4:C6:20:A8:33:BB:60:60:03:A8:22:83:7B
Certificate issuer: /CN=9042e83976e35fe29a01d3c43a9bc5964b37b443
Certificate serial: 071BFE48
Authority key identifier: 90:42:E8:39:76:E3:5F:E2:9A:01:D3:C4:3A:9B:C5:96:4B:37:B4:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kELoOXbjX-KaAdPEOpvFlks3tEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/pZB-zLaE0PTGIKgzu2BgA6gig3s.roa
Signing time: Sat 01 Jan 2022 11:56:57 +0000
ROA not before: Sat 01 Jan 2022 11:56:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60735
IP address blocks: 194.124.236.0/24 maxlen: 24
2a0f:3cc6::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119275080 (0x71bfe48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9042e83976e35fe29a01d3c43a9bc5964b37b443
Validity
Not Before: Jan 1 11:56:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5907eccb684d0f4c620a833bb606003a822837b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f9:77:c3:93:15:a2:72:5d:54:45:ed:00:75:
94:e5:f7:58:63:55:d8:07:d0:1d:b9:d7:d9:c7:6e:
f8:cf:e1:2c:22:8c:d0:9d:a6:54:fa:a6:4e:4d:c6:
87:bd:30:14:a7:03:5d:c0:55:52:c2:30:ec:db:ca:
64:77:f1:18:33:df:8f:9a:73:b1:fa:51:74:39:66:
c1:c9:1a:0e:55:4b:e2:09:d3:b9:42:7a:2f:a7:26:
a8:7d:18:17:d9:e7:8a:92:f0:24:d4:46:90:8d:9a:
59:a9:fc:4d:fd:bb:b0:de:72:d5:84:dd:c9:b6:4e:
92:cf:58:43:17:dc:60:a8:3d:e2:dc:56:86:bc:6e:
ca:d0:56:73:1d:9c:12:6b:e8:b7:ba:46:d5:e5:8f:
b6:cd:20:b7:cc:1e:90:06:eb:23:5f:d4:ac:d7:b4:
b1:b1:b4:68:10:f5:8f:e0:fe:16:f9:15:b4:6f:b4:
f3:e2:9a:37:48:0d:f9:4c:33:fb:83:bf:86:60:d3:
5a:65:dc:e0:81:18:32:6e:e0:a2:29:a8:e1:fb:07:
38:b4:21:b4:1c:d9:da:c5:7f:39:57:8d:fd:7d:b5:
ce:67:a9:98:af:0e:a2:19:44:2d:0c:d1:47:e9:35:
ec:d4:b0:cd:4a:5d:18:3a:b4:29:65:81:0e:15:6f:
78:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:90:7E:CC:B6:84:D0:F4:C6:20:A8:33:BB:60:60:03:A8:22:83:7B
X509v3 Authority Key Identifier:
keyid:90:42:E8:39:76:E3:5F:E2:9A:01:D3:C4:3A:9B:C5:96:4B:37:B4:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kELoOXbjX-KaAdPEOpvFlks3tEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/pZB-zLaE0PTGIKgzu2BgA6gig3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/kELoOXbjX-KaAdPEOpvFlks3tEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.236.0/24
IPv6:
2a0f:3cc6::/32
Signature Algorithm: sha256WithRSAEncryption
94:b1:44:57:0a:89:5d:9b:9d:18:c0:22:2b:ca:ee:2d:74:e8:
d7:a1:6a:63:4e:2f:8e:db:33:36:f7:ae:7c:eb:9d:1d:0a:e7:
7b:18:25:22:ff:12:f7:89:9c:37:da:cb:46:79:54:38:bc:07:
ff:86:b5:d1:68:8b:50:8c:ff:ed:92:f8:0b:38:7c:37:8d:e4:
47:ef:95:99:8d:21:22:a1:e5:57:5e:24:25:c9:c1:27:c1:24:
07:36:6c:0f:b9:30:bd:9e:a0:4c:6a:aa:4a:ff:47:ba:7a:50:
af:88:15:35:a6:ff:17:22:0f:d6:99:5f:9d:35:78:16:31:f8:
38:55:94:ff:1c:ea:b6:d8:c8:a3:a4:c5:be:ab:d8:cb:2e:66:
e2:57:a9:35:b1:6c:75:68:c6:5e:71:e0:3d:9d:ea:53:f8:fc:
c2:1b:11:4d:46:aa:bc:2e:bd:6e:d0:b2:0a:6e:10:8c:9e:79:
40:99:ca:70:99:08:17:74:c7:15:72:7b:0b:42:fa:39:d5:4b:
89:03:12:7e:ca:6d:53:b6:3e:d1:79:ec:39:15:e7:8d:5f:9f:
82:b3:de:c6:4b:eb:ac:13:94:a5:6e:ed:18:2e:44:7c:86:d9:
96:36:2f:09:f0:d5:52:72:d1:54:7e:5e:ee:7b:4e:8d:30:87:
f9:e8:fd:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBxv+SDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDQyZTgzOTc2ZTM1ZmUyOWEwMWQzYzQzYTliYzU5NjRiMzdiNDQzMB4XDTIyMDEw
MTExNTY1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU5MDdlY2NiNjg0
ZDBmNGM2MjBhODMzYmI2MDYwMDNhODIyODM3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANT5d8OTFaJyXVRF7QB1lOX3WGNV2AfQHbnX2cdu+M/hLCKM
0J2mVPqmTk3Gh70wFKcDXcBVUsIw7NvKZHfxGDPfj5pzsfpRdDlmwckaDlVL4gnT
uUJ6L6cmqH0YF9nnipLwJNRGkI2aWan8Tf27sN5y1YTdybZOks9YQxfcYKg94txW
hrxuytBWcx2cEmvot7pG1eWPts0gt8wekAbrI1/UrNe0sbG0aBD1j+D+FvkVtG+0
8+KaN0gN+Uwz+4O/hmDTWmXc4IEYMm7goimo4fsHOLQhtBzZ2sV/OVeN/X21zmep
mK8OohlELQzRR+k17NSwzUpdGDq0KWWBDhVveFcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSlkH7MtoTQ9MYgqDO7YGADqCKDezAfBgNVHSMEGDAWgBSQQug5duNf4poB
08Q6m8WWSze0QzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tFTG9PWGJqWC1LYUFkUEVPcHZGbGtzM3RFTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvYTg3YjZlLWQ4NDItNGMwYy04ODFiLTIxMDk0MGRhMTc3Yi8x
L3BaQi16TGFFMFBUR0lLZ3p1MkJnQTZnaWczcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
YTg3YjZlLWQ4NDItNGMwYy04ODFiLTIxMDk0MGRhMTc3Yi8xL2tFTG9PWGJqWC1L
YUFkUEVPcHZGbGtzM3RFTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMJ87DANBAIAAjAHAwUAKg88xjAN
BgkqhkiG9w0BAQsFAAOCAQEAlLFEVwqJXZudGMAiK8ruLXTo16FqY04vjtszNveu
fOudHQrnexglIv8S94mcN9rLRnlUOLwH/4a10WiLUIz/7ZL4Czh8N43kR++VmY0h
IqHlV14kJcnBJ8EkBzZsD7kwvZ6gTGqqSv9HunpQr4gVNab/FyIP1plfnTV4FjH4
OFWU/xzqttjIo6TFvqvYyy5m4lepNbFsdWjGXnHgPZ3qU/j8whsRTUaqvC69btCy
Cm4QjJ55QJnKcJkIF3THFXJ7C0L6OdVLiQMSfsptU7Y+0XnsORXnjV+fgrPexkvr
rBOUpW7tGC5EfIbZljYvCfDVUnLRVH5e7ntOjTCH+ej9aw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:14 2023 by rpki-client on console-fra.rpki-client.org