Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/82f901-3f48-429a-8365-7af574941936/1/zQ-Hib6VRKSSZisa4BVMf4v8vcE.roa
File: zQ-Hib6VRKSSZisa4BVMf4v8vcE.roa (raw, json)
Hash identifier: E1w2M5cHBlSPdYF+1hAh8rVXL8T+yp88UxD8Py0HXxY=
Subject key identifier: CD:0F:87:89:BE:95:44:A4:92:66:2B:1A:E0:15:4C:7F:8B:FC:BD:C1
Certificate issuer: /CN=76f90cc123d0d20469d39c6c3455f31ea6123f4e
Certificate serial: 0A9DA528
Authority key identifier: 76:F9:0C:C1:23:D0:D2:04:69:D3:9C:6C:34:55:F3:1E:A6:12:3F:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dvkMwSPQ0gRp05xsNFXzHqYSP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/82f901-3f48-429a-8365-7af574941936/1/zQ-Hib6VRKSSZisa4BVMf4v8vcE.roa
Signing time: Sat 01 Jan 2022 13:56:05 +0000
ROA not before: Sat 01 Jan 2022 13:56:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31127
IP address blocks: 92.245.192.0/19 maxlen: 20
185.22.176.0/22 maxlen: 23
88.80.224.0/19 maxlen: 20
217.144.16.0/20 maxlen: 21
2a01:108::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178103592 (0xa9da528)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76f90cc123d0d20469d39c6c3455f31ea6123f4e
Validity
Not Before: Jan 1 13:56:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd0f8789be9544a492662b1ae0154c7f8bfcbdc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:df:fe:c7:be:17:49:a6:5b:cc:e1:18:b5:50:
04:6a:49:74:c1:6e:1b:c7:9c:15:8d:25:a9:86:43:
b3:4b:6b:88:b4:cc:75:c7:2c:e2:66:55:4d:97:b5:
db:95:8b:b6:57:05:88:41:61:20:44:3e:0a:95:d4:
09:16:06:14:76:ef:77:28:dd:33:73:e4:5e:8f:7e:
c9:a2:b7:95:54:07:82:c2:69:85:67:6f:4e:99:cd:
28:4a:54:94:82:9c:67:c6:0a:75:9b:89:f7:aa:cd:
a9:e1:af:28:57:45:6c:a9:81:74:b7:50:86:ab:0d:
9b:18:2f:4a:dd:29:57:9e:eb:29:ae:f4:ad:82:70:
12:a7:d8:63:18:0e:84:67:a8:0b:ee:b1:47:cf:c7:
26:61:c1:d9:eb:15:9f:45:bd:f2:80:19:06:e0:58:
2b:c2:1b:7a:aa:77:a7:85:55:39:c3:35:68:70:0b:
51:99:af:75:a5:7b:64:52:e7:8e:7c:2c:d9:31:3d:
4a:ce:bf:9d:39:02:d7:c6:cf:cc:64:09:f4:02:c1:
63:85:b7:26:b7:82:7e:b6:15:dd:2e:56:45:15:88:
95:df:7f:cf:64:f8:f8:b8:d1:1d:7e:57:2a:9b:96:
98:7e:c1:ef:53:e6:c7:b4:e4:e7:85:46:2f:2f:de:
3d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:0F:87:89:BE:95:44:A4:92:66:2B:1A:E0:15:4C:7F:8B:FC:BD:C1
X509v3 Authority Key Identifier:
keyid:76:F9:0C:C1:23:D0:D2:04:69:D3:9C:6C:34:55:F3:1E:A6:12:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvkMwSPQ0gRp05xsNFXzHqYSP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/82f901-3f48-429a-8365-7af574941936/1/zQ-Hib6VRKSSZisa4BVMf4v8vcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/82f901-3f48-429a-8365-7af574941936/1/dvkMwSPQ0gRp05xsNFXzHqYSP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.224.0/19
92.245.192.0/19
185.22.176.0/22
217.144.16.0/20
IPv6:
2a01:108::/32
Signature Algorithm: sha256WithRSAEncryption
67:24:7f:4e:60:2d:52:70:32:4a:53:12:50:5e:74:9d:0b:55:
c7:f8:5f:12:c8:f8:e7:53:49:6c:16:65:3c:38:4d:07:4b:5f:
f2:cd:85:69:70:55:17:8a:5e:58:4f:aa:b5:f2:1a:35:9d:cf:
06:6c:1c:ae:14:55:45:ce:fd:2d:b8:08:8d:78:84:82:e6:9f:
69:83:ec:85:6f:8f:e6:9c:83:d2:92:cd:9c:b1:79:f4:bb:23:
4a:d0:38:da:ff:24:3f:4a:4c:72:85:49:b8:b4:4e:fc:44:2b:
42:87:bc:9b:08:71:9b:25:d4:f4:b8:7a:bf:9d:a7:d1:15:26:
e1:a7:80:8e:70:b0:26:0d:8a:6f:5c:82:bd:1c:93:e7:0d:f2:
46:fd:a3:dd:65:bd:83:bd:39:ef:2e:63:da:0e:20:d9:57:09:
b0:9b:c1:ca:6f:97:db:23:34:f8:87:99:5b:a8:0b:fe:bd:c5:
b3:9b:47:33:5d:7d:ad:aa:72:21:9c:0a:c4:0b:5d:bf:f4:a2:
03:06:de:70:95:2e:36:31:64:4b:12:54:23:03:27:8e:ba:c1:
80:ae:67:56:27:31:33:fd:a9:5e:31:91:ff:01:a6:59:a9:67:
d1:2a:87:06:8c:7a:70:04:3c:6b:9a:81:85:04:44:dd:45:ab:
39:96:d4:86
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECp2lKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmY5MGNjMTIzZDBkMjA0NjlkMzljNmMzNDU1ZjMxZWE2MTIzZjRlMB4XDTIyMDEw
MTEzNTYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QwZjg3ODliZTk1
NDRhNDkyNjYyYjFhZTAxNTRjN2Y4YmZjYmRjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPf/se+F0mmW8zhGLVQBGpJdMFuG8ecFY0lqYZDs0triLTM
dccs4mZVTZe125WLtlcFiEFhIEQ+CpXUCRYGFHbvdyjdM3PkXo9+yaK3lVQHgsJp
hWdvTpnNKEpUlIKcZ8YKdZuJ96rNqeGvKFdFbKmBdLdQhqsNmxgvSt0pV57rKa70
rYJwEqfYYxgOhGeoC+6xR8/HJmHB2esVn0W98oAZBuBYK8Ibeqp3p4VVOcM1aHAL
UZmvdaV7ZFLnjnws2TE9Ss6/nTkC18bPzGQJ9ALBY4W3JreCfrYV3S5WRRWIld9/
z2T4+LjRHX5XKpuWmH7B71Pmx7Tk54VGLy/ePW0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTND4eJvpVEpJJmKxrgFUx/i/y9wTAfBgNVHSMEGDAWgBR2+QzBI9DSBGnT
nGw0VfMephI/TjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2R2a013U1BRMGdScDA1eHNORlh6SHFZU1AwNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvODJmOTAxLTNmNDgtNDI5YS04MzY1LTdhZjU3NDk0MTkzNi8x
L3pRLUhpYjZWUktTU1ppc2E0QlZNZjR2OHZjRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
ODJmOTAxLTNmNDgtNDI5YS04MzY1LTdhZjU3NDk0MTkzNi8xL2R2a013U1BRMGdS
cDA1eHNORlh6SHFZU1AwNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBVhQ4AMEBVz1wAMEArkWsAMEBNmQ
EDANBAIAAjAHAwUAKgEBCDANBgkqhkiG9w0BAQsFAAOCAQEAZyR/TmAtUnAySlMS
UF50nQtVx/hfEsj451NJbBZlPDhNB0tf8s2FaXBVF4peWE+qtfIaNZ3PBmwcrhRV
Rc79LbgIjXiEguafaYPshW+P5pyD0pLNnLF59LsjStA42v8kP0pMcoVJuLRO/EQr
Qoe8mwhxmyXU9Lh6v52n0RUm4aeAjnCwJg2Kb1yCvRyT5w3yRv2j3WW9g7057y5j
2g4g2VcJsJvBym+X2yM0+IeZW6gL/r3Fs5tHM119rapyIZwKxAtdv/SiAwbecJUu
NjFkSxJUIwMnjrrBgK5nVicxM/2pXjGR/wGmWaln0SqHBox6cAQ8a5qBhQRE3UWr
OZbUhg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:08 2023 by rpki-client on console-fra.rpki-client.org