Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/ZbHpzh_qSCrfdF9-aAxWaANHSWs.roa
File: ZbHpzh_qSCrfdF9-aAxWaANHSWs.roa (raw, json)
Hash identifier: NEkYj7qQWz+3j9z7pxfn4mVOtP/zp3tDqnP/JIGiJWo=
Subject key identifier: 65:B1:E9:CE:1F:EA:48:2A:DF:74:5F:7E:68:0C:56:68:03:47:49:6B
Certificate issuer: /CN=5ca053dfe7712ee63dbff640fae07308d66ce748
Certificate serial: 0181F6D2A91C6E55E6EFDA0A40E86079C979
Authority key identifier: 5C:A0:53:DF:E7:71:2E:E6:3D:BF:F6:40:FA:E0:73:08:D6:6C:E7:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/ZbHpzh_qSCrfdF9-aAxWaANHSWs.roa
Signing time: Wed 13 Jul 2022 09:10:09 +0000
ROA not before: Wed 13 Jul 2022 09:10:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8426
IP address blocks: 80.67.96.0/20 maxlen: 24
92.54.0.0/18 maxlen: 18
2a02:a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f6:d2:a9:1c:6e:55:e6:ef:da:0a:40:e8:60:79:c9:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ca053dfe7712ee63dbff640fae07308d66ce748
Validity
Not Before: Jul 13 09:10:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65b1e9ce1fea482adf745f7e680c56680347496b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:10:61:9d:b6:76:fc:26:a6:86:cf:7b:78:04:
a9:f7:60:a1:c2:b8:74:53:b9:c9:b0:8e:91:f0:8b:
27:cc:79:77:1d:65:72:dd:75:89:4e:20:db:dd:bb:
f8:a5:77:5b:fa:7f:81:99:09:fa:c4:b7:56:17:0f:
99:47:20:1f:30:88:13:59:5f:0f:07:07:5e:0f:e4:
ba:59:1e:7d:b0:dd:d1:3d:8c:de:c8:b5:ad:1a:ab:
ad:90:42:70:73:a1:36:a9:33:d4:0c:be:f2:a2:a3:
10:db:71:de:64:b3:a8:2e:df:66:9b:38:4b:80:68:
36:f2:96:7b:f3:94:6a:0f:49:1a:69:2f:05:7d:ab:
ca:b7:f9:82:04:78:a9:ce:b4:6a:ac:75:62:26:cb:
bd:0d:82:3c:ae:c9:7a:0c:3c:b3:77:a0:73:cc:e1:
cc:f1:b8:41:a6:92:7b:ad:85:c4:e7:72:4e:c3:6b:
95:68:89:76:51:8e:cd:65:8b:9b:59:17:ed:be:5c:
ac:d6:ae:63:0a:0e:e7:c6:90:ab:d2:88:ba:66:f5:
40:86:38:5a:fc:91:46:47:c9:e3:c7:5f:6d:83:d7:
c9:93:74:1b:eb:f6:57:9a:5b:68:15:f0:bc:37:8e:
88:c5:a6:29:67:c6:07:b7:4f:fe:c9:3d:18:01:8e:
77:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B1:E9:CE:1F:EA:48:2A:DF:74:5F:7E:68:0C:56:68:03:47:49:6B
X509v3 Authority Key Identifier:
keyid:5C:A0:53:DF:E7:71:2E:E6:3D:BF:F6:40:FA:E0:73:08:D6:6C:E7:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/ZbHpzh_qSCrfdF9-aAxWaANHSWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/XKBT3-dxLuY9v_ZA-uBzCNZs50g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.96.0/20
92.54.0.0/18
IPv6:
2a02:a0::/32
Signature Algorithm: sha256WithRSAEncryption
76:82:4e:b6:92:de:f1:b5:dc:24:19:6a:cb:f6:06:cd:58:ec:
e6:ab:fb:b2:c9:fc:9d:64:e5:18:f7:05:d7:ff:9f:f8:b7:3f:
f0:e9:91:69:84:c6:45:dd:76:f1:0f:43:9c:08:35:4a:aa:69:
c5:00:77:6d:62:19:28:d6:68:bd:31:43:75:c2:d7:f1:49:2e:
9e:8e:c8:ce:10:b6:bd:7c:60:95:89:24:0f:84:32:30:d2:8a:
a9:b2:97:78:2c:c6:a8:b1:2e:c1:4a:f1:e0:88:11:5f:2b:df:
0e:9e:a0:3d:01:75:48:86:aa:f1:99:9f:84:a1:f0:37:87:a4:
c4:e6:18:da:e4:83:8b:57:09:4e:49:f6:d4:b7:f3:39:bb:e1:
91:c7:89:00:52:07:ed:90:7a:0b:cb:c0:5a:a2:ed:0f:b6:21:
79:88:7f:21:d5:8e:0f:bb:08:2f:60:8a:05:b1:35:76:3f:2a:
7a:45:5f:4d:6f:b2:f8:a8:6a:dd:41:e0:a5:04:1d:c1:7a:20:
1e:29:7d:a8:ad:75:d4:5d:08:07:e2:58:78:57:32:21:20:8c:
55:a4:e2:eb:43:cc:31:e5:8f:b6:92:fe:93:60:25:3c:86:5c:
55:ce:7c:ed:6c:29:fd:74:45:14:94:8f:6e:a4:de:cb:a6:f1:
5f:f9:74:5f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYH20qkcblXm79oKQOhgecl5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTA1M2RmZTc3MTJlZTYzZGJmZjY0MGZhZTA3MzA4ZDY2
Y2U3NDgwHhcNMjIwNzEzMDkxMDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWIxZTljZTFmZWE0ODJhZGY3NDVmN2U2ODBjNTY2ODAzNDc0OTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBBhnbZ2/Camhs97eASp92Chwrh0
U7nJsI6R8IsnzHl3HWVy3XWJTiDb3bv4pXdb+n+BmQn6xLdWFw+ZRyAfMIgTWV8P
BwdeD+S6WR59sN3RPYzeyLWtGqutkEJwc6E2qTPUDL7yoqMQ23HeZLOoLt9mmzhL
gGg28pZ785RqD0kaaS8FfavKt/mCBHipzrRqrHViJsu9DYI8rsl6DDyzd6BzzOHM
8bhBppJ7rYXE53JOw2uVaIl2UY7NZYubWRftvlys1q5jCg7nxpCr0oi6ZvVAhjha
/JFGR8njx19tg9fJk3Qb6/ZXmltoFfC8N46IxaYpZ8YHt0/+yT0YAY53yQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGWx6c4f6kgq33RffmgMVmgDR0lrMB8GA1UdIwQY
MBaAFFygU9/ncS7mPb/2QPrgcwjWbOdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtCVDMtZHhMdVk5dl9aQS11QnpDTlpzNTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lYmJkMmMtYmY1YS00NmRhLTg2ZmIt
ODBjM2VhNGZkMDAwLzEvWmJIcHpoX3FTQ3JmZEY5LWFBeFdhQU5IU1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lYmJkMmMtYmY1YS00NmRhLTg2ZmItODBjM2VhNGZkMDAw
LzEvWEtCVDMtZHhMdVk5dl9aQS11QnpDTlpzNTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUENgAwQG
XDYAMA0EAgACMAcDBQAqAgCgMA0GCSqGSIb3DQEBCwUAA4IBAQB2gk62kt7xtdwk
GWrL9gbNWOzmq/uyyfydZOUY9wXX/5/4tz/w6ZFphMZF3XbxD0OcCDVKqmnFAHdt
Yhko1mi9MUN1wtfxSS6ejsjOELa9fGCViSQPhDIw0oqpspd4LMaosS7BSvHgiBFf
K98OnqA9AXVIhqrxmZ+EofA3h6TE5hja5IOLVwlOSfbUt/M5u+GRx4kAUgftkHoL
y8Baou0PtiF5iH8h1Y4PuwgvYIoFsTV2Pyp6RV9Nb7L4qGrdQeClBB3BeiAeKX2o
rXXUXQgH4lh4VzIhIIxVpOLrQ8wx5Y+2kv6TYCU8hlxVznztbCn9dEUUlI9upN7L
pvFf+XRf
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:48 2023 by rpki-client on console-ams.rpki-client.org