Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/zgzKuoQgMvXFJPRghVvO2kR8efs.roa
File: zgzKuoQgMvXFJPRghVvO2kR8efs.roa (raw, json)
Hash identifier: v7WiiQ+wc3HBv6ggAvq+HqWe4e2QBo0VoByKJqMdiHU=
Subject key identifier: CE:0C:CA:BA:84:20:32:F5:C5:24:F4:60:85:5B:CE:DA:44:7C:79:FB
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 089A3D8C
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/zgzKuoQgMvXFJPRghVvO2kR8efs.roa
Signing time: Sat 01 Jan 2022 02:51:48 +0000
ROA not before: Sat 01 Jan 2022 02:51:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28839
IP address blocks: 2a01:190:15ee::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144326028 (0x89a3d8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 02:51:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce0ccaba842032f5c524f460855bceda447c79fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:14:00:7a:73:1a:7a:4c:37:c3:c0:d6:6c:49:
f1:3f:dd:76:fe:d0:fa:45:be:14:fe:1e:a9:09:77:
b9:9c:dd:ad:d3:77:81:8a:83:ea:1f:00:00:ee:04:
6d:20:c8:40:15:54:51:ac:24:28:ad:21:8c:85:48:
47:b9:32:06:9b:68:09:c4:11:dd:f1:96:7a:70:99:
27:62:86:e5:5b:f9:f1:31:09:3e:a8:c5:e6:80:42:
45:e8:ab:ae:dd:d3:a7:77:ae:12:67:77:a0:cb:9c:
bc:bb:bf:5d:03:c6:23:28:c9:be:4a:be:9c:6d:c2:
d6:68:4d:8d:dc:bf:fc:67:8e:5c:12:0a:81:16:73:
fc:ae:f2:d4:84:ef:91:3f:d4:f2:11:76:b4:bc:ae:
02:2b:31:d9:92:3d:8f:dc:d0:a6:b0:55:8d:eb:32:
39:90:a3:cd:37:06:00:74:92:78:6a:a2:a1:d1:61:
d0:62:1a:a1:a1:b0:1e:5e:10:84:74:91:f0:dd:42:
cc:52:e2:3c:fa:77:e8:57:6e:f4:72:5a:d1:4f:0f:
03:c0:f2:f3:f9:5d:ce:8a:1c:0f:c5:55:d4:2a:f1:
a7:cc:38:b2:99:05:67:f6:49:a8:05:be:83:82:94:
2e:a6:9f:e1:52:ed:10:83:9e:a7:74:c5:09:00:9b:
91:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0C:CA:BA:84:20:32:F5:C5:24:F4:60:85:5B:CE:DA:44:7C:79:FB
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/zgzKuoQgMvXFJPRghVvO2kR8efs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:190:15ee::/48
Signature Algorithm: sha256WithRSAEncryption
61:1f:47:be:6c:3e:b8:eb:8b:e9:fd:4f:26:d2:35:1e:94:5e:
22:f9:b3:00:f4:2d:55:8e:31:c9:ab:5b:25:e9:8e:fd:7a:ae:
4f:5e:c2:9c:8c:8a:de:f9:cb:6a:3a:72:2a:a2:3b:bf:cb:fa:
d2:3c:da:1b:a1:3f:3f:68:72:f3:e3:6e:6b:19:57:8d:d7:70:
f4:f7:60:7b:d4:c8:21:41:05:24:6a:b5:72:b3:b7:43:0d:54:
02:a8:5b:06:18:3f:b0:b1:cf:d6:36:16:48:be:65:76:55:22:
66:65:5e:8d:41:5f:2c:54:44:00:05:47:f4:ec:9a:cb:5c:d2:
d0:05:d3:2d:a9:b5:1b:4b:a2:51:e0:8a:10:ad:6d:87:b8:6f:
8b:4d:ae:13:21:6f:17:19:06:94:46:4c:9c:17:0a:b7:50:20:
58:28:12:e7:b6:82:8d:2b:f7:b0:91:ef:d2:6a:69:9b:ca:70:
1c:51:dc:d8:32:fa:8c:61:8d:b8:62:65:ab:5a:98:65:16:11:
36:7f:0c:76:64:24:48:2f:21:5a:e5:bd:55:88:12:1b:81:a4:
b3:2d:be:5e:32:d2:7f:81:03:99:7a:ba:e3:e6:15:71:6e:3b:
d1:4f:cf:69:fd:55:56:c1:0a:0d:e5:06:c5:fb:cc:e5:3f:67:
55:76:21:72
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECJo9jDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjczZDg0OWI3ZDUwNDczNzZkNTdlNmY3OTZmMDAxOGI3MGI0NTA2MB4XDTIyMDEw
MTAyNTE0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2UwY2NhYmE4NDIw
MzJmNWM1MjRmNDYwODU1YmNlZGE0NDdjNzlmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUUAHpzGnpMN8PA1mxJ8T/ddv7Q+kW+FP4eqQl3uZzdrdN3
gYqD6h8AAO4EbSDIQBVUUawkKK0hjIVIR7kyBptoCcQR3fGWenCZJ2KG5Vv58TEJ
PqjF5oBCReirrt3Tp3euEmd3oMucvLu/XQPGIyjJvkq+nG3C1mhNjdy//GeOXBIK
gRZz/K7y1ITvkT/U8hF2tLyuAisx2ZI9j9zQprBVjesyOZCjzTcGAHSSeGqiodFh
0GIaoaGwHl4QhHSR8N1CzFLiPPp36Fdu9HJa0U8PA8Dy8/ldzoocD8VV1Crxp8w4
spkFZ/ZJqAW+g4KULqaf4VLtEIOep3TFCQCbkQMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTODMq6hCAy9cUk9GCFW87aRHx5+zAfBgNVHSMEGDAWgBTWc9hJt9UEc3bV
fm95bwAYtwtFBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFuUFlTYmZWQkhOMjFYNXZlVzhBR0xjTFJRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvMmVjZTYyLTFkOGMtNDUwYy05MWU4LThlZWI3NTdjZjU0NS8x
L3pnekt1b1FnTXZYRkpQUmdoVnZPMmtSOGVmcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
MmVjZTYyLTFkOGMtNDUwYy05MWU4LThlZWI3NTdjZjU0NS8xLzFuUFlTYmZWQkhO
MjFYNXZlVzhBR0xjTFJRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBAZAV7jANBgkqhkiG9w0BAQsF
AAOCAQEAYR9Hvmw+uOuL6f1PJtI1HpReIvmzAPQtVY4xyatbJemO/XquT17CnIyK
3vnLajpyKqI7v8v60jzaG6E/P2hy8+NuaxlXjddw9Pdge9TIIUEFJGq1crO3Qw1U
AqhbBhg/sLHP1jYWSL5ldlUiZmVejUFfLFREAAVH9Oyay1zS0AXTLam1G0uiUeCK
EK1th7hvi02uEyFvFxkGlEZMnBcKt1AgWCgS57aCjSv3sJHv0mppm8pwHFHc2DL6
jGGNuGJlq1qYZRYRNn8MdmQkSC8hWuW9VYgSG4Gksy2+XjLSf4EDmXq64+YVcW47
0U/Paf1VVsEKDeUGxfvM5T9nVXYhcg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:49 2023 by rpki-client on console-fra.rpki-client.org