Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/Z9kmpkvF_D1AIdfE568tYVc_lRI.roa
File: Z9kmpkvF_D1AIdfE568tYVc_lRI.roa (raw, json)
Hash identifier: fufUl3IGyLfjGb1z36HYCuk5rMPKqmCetB/V/WewxaA=
Subject key identifier: 67:D9:26:A6:4B:C5:FC:3D:40:21:D7:C4:E7:AF:2D:61:57:3F:95:12
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 37FE7FA6
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/Z9kmpkvF_D1AIdfE568tYVc_lRI.roa
Signing time: Thu 17 Mar 2022 17:03:04 +0000
ROA not before: Thu 17 Mar 2022 17:03:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 37.148.216.0/21 maxlen: 24
195.191.102.0/23 maxlen: 24
37.148.220.0/23 maxlen: 24
31.222.200.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 939425702 (0x37fe7fa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: Mar 17 17:03:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67d926a64bc5fc3d4021d7c4e7af2d61573f9512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7b:43:12:d3:b4:c4:9b:f8:54:1e:f3:2b:ec:
98:87:7d:c3:98:bc:c8:e4:0a:b8:26:96:75:6d:6e:
62:ff:ff:9f:21:d7:05:be:c0:a5:c5:cb:6d:2e:3b:
26:00:70:e6:ff:0e:0b:9d:d3:3a:67:4f:4e:13:4f:
15:2f:62:25:9d:59:a3:f8:7e:7a:31:b8:d7:8b:a6:
b0:5b:48:3b:d2:39:36:08:7e:b1:e3:92:d8:b4:ab:
fc:4f:7a:db:05:5a:42:42:d5:0f:7b:fe:dd:1e:78:
e6:13:a4:c8:1b:b9:bb:a7:d5:51:99:e7:3a:7e:99:
b7:d0:a5:c0:4a:d4:bb:dc:e1:8b:eb:78:f5:85:88:
8f:ef:78:1f:f3:8d:ba:52:05:97:ed:03:02:d7:c8:
58:26:bb:cb:d3:cc:0f:52:25:05:d0:1d:9e:7e:8c:
46:24:2f:cb:b3:17:e2:60:54:47:af:1c:09:da:a8:
50:92:78:99:d3:64:4f:5a:13:4d:5b:6a:27:3a:93:
41:8b:b4:5e:f8:b2:80:c1:c8:97:c7:b1:c1:5f:68:
15:25:c6:ad:c1:9d:b1:40:d1:c9:db:78:a1:12:ef:
55:68:a3:f0:e5:a8:e3:ba:de:e1:01:63:41:94:5a:
01:5a:4e:b7:c9:1e:61:b9:5c:af:34:6e:fa:62:4a:
49:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D9:26:A6:4B:C5:FC:3D:40:21:D7:C4:E7:AF:2D:61:57:3F:95:12
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/Z9kmpkvF_D1AIdfE568tYVc_lRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.200.0/21
37.148.216.0/21
195.191.102.0/23
Signature Algorithm: sha256WithRSAEncryption
56:be:8b:1a:07:32:ff:72:54:25:fd:d8:6b:f9:88:b0:e6:40:
c4:5b:4c:ba:d2:6f:45:51:04:71:b8:89:2d:12:7d:3f:87:1b:
5c:4f:74:a5:a6:ab:74:a5:6e:bc:fe:7d:c6:5d:54:54:99:c0:
62:28:a3:68:ec:09:82:78:b9:aa:91:23:a8:2a:a0:6c:55:87:
40:e8:2f:50:7c:73:9c:b6:06:cd:9e:a1:eb:27:61:e4:d6:ae:
bf:53:84:f9:01:f2:ba:4d:0b:82:ce:87:e5:c9:6c:a8:fa:44:
61:00:34:00:f3:dd:e8:91:97:9b:2e:28:7d:4b:f5:a8:34:5e:
ac:c9:35:06:6e:a9:1e:88:52:43:1b:e9:01:e0:eb:18:e7:95:
0a:db:89:9c:95:88:25:0c:36:3b:01:e1:e5:37:4a:d7:f8:9a:
04:d3:87:bf:83:b4:0e:23:cd:d7:4e:4c:21:5e:ed:b7:d9:07:
a7:09:41:de:e5:f2:38:5f:55:6c:46:65:e4:8c:6e:b7:fa:2a:
40:9b:80:fb:22:4d:60:22:bc:f2:4d:c9:cb:98:2b:5b:59:96:
c5:19:5a:e4:09:62:22:4d:01:80:77:b8:53:f3:8a:1f:de:48:
10:fb:12:ba:4a:55:62:71:cd:cf:d7:f7:b3:a3:8f:1f:09:81:
17:3e:d5:6f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEN/5/pjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGIzZWVkMWM3YWNhNjM2ZDYyNDU4NTJiODAyZTBlNzM3NTRkZjYzMB4XDTIyMDMx
NzE3MDMwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdkOTI2YTY0YmM1
ZmMzZDQwMjFkN2M0ZTdhZjJkNjE1NzNmOTUxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKF7QxLTtMSb+FQe8yvsmId9w5i8yOQKuCaWdW1uYv//nyHX
Bb7ApcXLbS47JgBw5v8OC53TOmdPThNPFS9iJZ1Zo/h+ejG414umsFtIO9I5Ngh+
seOS2LSr/E962wVaQkLVD3v+3R545hOkyBu5u6fVUZnnOn6Zt9ClwErUu9zhi+t4
9YWIj+94H/ONulIFl+0DAtfIWCa7y9PMD1IlBdAdnn6MRiQvy7MX4mBUR68cCdqo
UJJ4mdNkT1oTTVtqJzqTQYu0XviygMHIl8exwV9oFSXGrcGdsUDRydt4oRLvVWij
8OWo47re4QFjQZRaAVpOt8keYblcrzRu+mJKSQkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRn2SamS8X8PUAh18Tnry1hVz+VEjAfBgNVHSMEGDAWgBTos+7Rx6ymNtYk
WFK4AuDnN1TfYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZMUHUwY2VzcGpiV0pGaFN1QUxnNXpkVTMyTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvMTc3MzI5LTI4Y2QtNDg2NC05ZTE2LTk0NjQwNGVjMWFhNC8x
L1o5a21wa3ZGX0QxQUlkZkU1Njh0WVZjX2xSSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
MTc3MzI5LTI4Y2QtNDg2NC05ZTE2LTk0NjQwNGVjMWFhNC8xLzZMUHUwY2VzcGpi
V0pGaFN1QUxnNXpkVTMyTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAx/eyAMEAyWU2AMEAcO/ZjANBgkq
hkiG9w0BAQsFAAOCAQEAVr6LGgcy/3JUJf3Ya/mIsOZAxFtMutJvRVEEcbiJLRJ9
P4cbXE90paardKVuvP59xl1UVJnAYiijaOwJgni5qpEjqCqgbFWHQOgvUHxznLYG
zZ6h6ydh5Nauv1OE+QHyuk0Lgs6H5clsqPpEYQA0APPd6JGXmy4ofUv1qDRerMk1
Bm6pHohSQxvpAeDrGOeVCtuJnJWIJQw2OwHh5TdK1/iaBNOHv4O0DiPN105MIV7t
t9kHpwlB3uXyOF9VbEZl5Ixut/oqQJuA+yJNYCK88k3Jy5grW1mWxRla5AliIk0B
gHe4U/OKH95IEPsSukpVYnHNz9f3s6OPHwmBFz7Vbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:08 2024 by rpki-client on console-fra.rpki-client.org