Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/ZZhmjUo2N4NzuqD4v4I6MlZ8fS4.roa
File: ZZhmjUo2N4NzuqD4v4I6MlZ8fS4.roa (raw, json)
Hash identifier: YDTrqPgtwBVtoJUPydso+SRSfMOtr08xL1n0YwFqC24=
Subject key identifier: 65:98:66:8D:4A:36:37:83:73:BA:A0:F8:BF:82:3A:32:56:7C:7D:2E
Certificate issuer: /CN=3ce7566bb5b19e700f48e25e07506c2f222df384
Certificate serial: 0184ED9ADE3F41C1D98E3F3EDBF7C71FAE0C
Authority key identifier: 3C:E7:56:6B:B5:B1:9E:70:0F:48:E2:5E:07:50:6C:2F:22:2D:F3:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/ZZhmjUo2N4NzuqD4v4I6MlZ8fS4.roa
Signing time: Wed 07 Dec 2022 17:21:00 +0000
ROA not before: Wed 07 Dec 2022 17:21:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43019
IP address blocks: 95.214.212.0/24 maxlen: 24
95.214.213.0/24 maxlen: 24
95.214.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ed:9a:de:3f:41:c1:d9:8e:3f:3e:db:f7:c7:1f:ae:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ce7566bb5b19e700f48e25e07506c2f222df384
Validity
Not Before: Dec 7 17:21:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6598668d4a36378373baa0f8bf823a32567c7d2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:79:45:2b:b5:d5:42:4f:50:1f:62:47:e2:21:
58:cb:2c:d3:4a:11:22:a7:5e:0d:2e:45:20:6a:12:
df:bc:94:89:dd:c9:c4:f2:3e:d1:f8:72:39:4f:10:
b5:fe:15:8c:f2:bf:09:46:b0:08:84:4b:c5:e3:c1:
40:71:e8:14:73:66:2b:89:8b:5a:39:d8:a3:6f:73:
e7:7e:67:04:a7:8e:5e:3f:6f:77:0d:62:d3:d5:bf:
d6:6d:e9:f1:b5:21:29:2c:96:90:ba:1a:17:ee:59:
94:2c:0e:f1:1c:31:19:af:99:29:22:de:2c:ff:28:
5c:db:b4:67:cc:2c:e5:73:1d:1a:01:cf:3c:74:ce:
b9:fe:1d:56:71:2c:3f:36:b5:48:68:e2:8d:c1:38:
1d:c2:74:bb:23:ca:95:20:04:04:bc:b2:16:d9:2b:
24:b0:70:c2:c6:42:3a:44:68:13:9c:c9:c0:4a:50:
78:30:94:f9:a4:75:bf:30:58:da:5b:29:08:ae:ec:
ba:7c:95:86:b5:d8:53:1d:7f:0e:8f:cf:22:c1:ad:
aa:56:73:37:5c:7a:a8:0c:0a:86:13:77:a9:c9:d1:
36:8e:1d:4f:ed:52:e1:b8:26:e6:a6:66:41:98:f5:
ce:30:e5:7e:c8:47:a7:9d:87:31:08:73:1d:1b:f3:
eb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:98:66:8D:4A:36:37:83:73:BA:A0:F8:BF:82:3A:32:56:7C:7D:2E
X509v3 Authority Key Identifier:
keyid:3C:E7:56:6B:B5:B1:9E:70:0F:48:E2:5E:07:50:6C:2F:22:2D:F3:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/ZZhmjUo2N4NzuqD4v4I6MlZ8fS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/POdWa7WxnnAPSOJeB1BsLyIt84Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.212.0-95.214.214.255
Signature Algorithm: sha256WithRSAEncryption
52:49:8b:14:09:d7:fc:76:15:66:52:50:ea:af:a1:e8:ea:28:
c4:d8:ba:ec:90:bc:2f:3a:5a:6c:d9:cd:e0:7d:ef:57:23:d5:
45:aa:1a:13:b9:4e:2e:99:1f:68:b9:37:15:24:49:0b:ad:01:
12:4a:06:61:4d:ea:a3:0b:ef:6e:c3:18:83:bb:89:25:fe:96:
95:56:ff:25:59:83:13:de:f8:63:cc:73:54:20:68:bf:4c:29:
5d:91:aa:28:bb:3f:fc:99:a8:2d:8c:23:5b:d7:f8:c2:23:4e:
ee:54:2c:ed:5d:68:80:63:b7:34:a0:a1:69:87:26:79:73:71:
76:6a:0c:75:b0:bf:08:96:98:d5:54:91:fb:52:ec:aa:90:1d:
f9:6c:75:ed:49:da:81:9f:41:c1:8f:a5:5b:88:a9:d1:d0:33:
1e:86:50:15:82:8a:95:dd:05:12:9d:42:a2:a0:f2:7a:5b:59:
16:1f:8a:c6:18:2a:ab:a9:2c:a6:68:e3:fc:49:92:97:e3:16:
62:c9:0e:5f:df:9a:45:3f:e6:66:0a:be:61:7d:a8:6c:c2:76:
67:6e:cf:24:f5:74:54:35:82:6f:72:8e:90:ff:85:c4:04:c2:
40:25:ce:cb:ae:db:b6:d3:ce:71:24:b1:a9:71:da:93:1b:3e:
19:9f:83:09
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYTtmt4/QcHZjj8+2/fHH64MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZTc1NjZiYjViMTllNzAwZjQ4ZTI1ZTA3NTA2YzJmMjIy
ZGYzODQwHhcNMjIxMjA3MTcyMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTk4NjY4ZDRhMzYzNzgzNzNiYWEwZjhiZjgyM2EzMjU2N2M3ZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnlFK7XVQk9QH2JH4iFYyyzTShEi
p14NLkUgahLfvJSJ3cnE8j7R+HI5TxC1/hWM8r8JRrAIhEvF48FAcegUc2YriYta
Odijb3PnfmcEp45eP293DWLT1b/WbenxtSEpLJaQuhoX7lmULA7xHDEZr5kpIt4s
/yhc27RnzCzlcx0aAc88dM65/h1WcSw/NrVIaOKNwTgdwnS7I8qVIAQEvLIW2Ssk
sHDCxkI6RGgTnMnASlB4MJT5pHW/MFjaWykIruy6fJWGtdhTHX8Oj88iwa2qVnM3
XHqoDAqGE3epydE2jh1P7VLhuCbmpmZBmPXOMOV+yEennYcxCHMdG/PrgwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGWYZo1KNjeDc7qg+L+COjJWfH0uMB8GA1UdIwQY
MBaAFDznVmu1sZ5wD0jiXgdQbC8iLfOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE9kV2E3V3hubkFQU09KZUIxQnNMeUl0ODRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84NmZmNzctOTc3Mi00YjI4LWFhMTIt
ODlmZjA2Zjc5NjM1LzEvWlpobWpVbzJONE56dXFENHY0STZNbFo4ZlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84NmZmNzctOTc3Mi00YjI4LWFhMTItODlmZjA2Zjc5NjM1
LzEvUE9kV2E3V3hubkFQU09KZUIxQnNMeUl0ODRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJf1tQD
BABf1tYwDQYJKoZIhvcNAQELBQADggEBAFJJixQJ1/x2FWZSUOqvoejqKMTYuuyQ
vC86WmzZzeB971cj1UWqGhO5Ti6ZH2i5NxUkSQutARJKBmFN6qML727DGIO7iSX+
lpVW/yVZgxPe+GPMc1QgaL9MKV2Rqii7P/yZqC2MI1vX+MIjTu5ULO1daIBjtzSg
oWmHJnlzcXZqDHWwvwiWmNVUkftS7KqQHflsde1J2oGfQcGPpVuIqdHQMx6GUBWC
ipXdBRKdQqKg8npbWRYfisYYKqupLKZo4/xJkpfjFmLJDl/fmkU/5mYKvmF9qGzC
dmduzyT1dFQ1gm9yjpD/hcQEwkAlzsuu27bTznEksalx2pMbPhmfgwk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:15 2024 by rpki-client on console-fra.rpki-client.org