Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/zsl1rZcSKSZDTc11_EjOuq57ihA.roa
File: zsl1rZcSKSZDTc11_EjOuq57ihA.roa (raw, json)
Hash identifier: g1nLNxBRWEuupYvESkVJa2gNrCGd92pwbYeTCIn0U4c=
Subject key identifier: CE:C9:75:AD:97:12:29:26:43:4D:CD:75:FC:48:CE:BA:AE:7B:8A:10
Certificate issuer: /CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Certificate serial: 03E6CC17
Authority key identifier: 7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/zsl1rZcSKSZDTc11_EjOuq57ihA.roa
Signing time: Sat 01 Jan 2022 15:06:40 +0000
ROA not before: Sat 01 Jan 2022 15:06:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204279
IP address blocks: 185.49.244.0/22 maxlen: 22
185.108.250.0/24 maxlen: 24
185.108.249.0/24 maxlen: 24
185.108.248.0/22 maxlen: 22
178.249.192.0/21 maxlen: 23
178.249.192.0/23 maxlen: 23
178.249.194.0/23 maxlen: 23
153.94.16.0/20 maxlen: 20
2a06:4942:200::/40 maxlen: 40
2a06:4942::/41 maxlen: 41
2a01:a4a0::/32 maxlen: 32
2a06:4940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65457175 (0x3e6cc17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Validity
Not Before: Jan 1 15:06:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cec975ad97122926434dcd75fc48cebaae7b8a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1a:00:3b:3b:0d:24:36:49:03:5a:7d:0e:3a:
bd:5e:46:3d:10:32:45:9d:83:37:36:72:c8:e2:ec:
6d:b7:a9:69:dc:ec:19:8d:3c:ff:0f:50:80:5c:c6:
00:81:7f:4d:0e:29:b5:87:00:0b:d3:3b:e7:fd:69:
d3:f2:2e:60:ea:01:4d:b1:99:2a:d0:2f:1e:dc:34:
55:62:b6:a5:ed:f7:cf:5b:b9:d3:2c:4c:c7:06:27:
0b:8f:f9:e1:c3:1d:92:dd:7a:41:91:dd:cd:50:01:
41:b4:a5:00:7e:d8:7a:ef:83:42:dd:90:a8:02:da:
19:f1:8c:fb:dd:f2:a1:dd:d9:d5:6b:d0:14:77:3d:
20:5d:f1:d2:1f:f5:48:c6:2b:bf:0d:8b:d6:00:36:
26:09:9e:14:f5:61:d0:a2:cf:5b:77:a6:6b:1c:3a:
bb:60:d6:c3:a7:60:39:98:a0:74:bc:f1:65:73:af:
8a:19:03:a0:e1:ca:e9:3b:16:0a:35:8f:b3:4b:b6:
77:fc:e8:bf:41:f4:89:2c:ac:c6:9b:d1:0a:3d:eb:
34:52:c4:4a:93:d4:06:7b:8c:f8:86:fb:4d:52:a4:
eb:66:f1:85:3d:70:3c:ef:9a:ba:0f:3e:19:9c:72:
bc:c7:42:ec:0d:88:0e:28:20:3f:04:d8:48:33:d5:
81:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C9:75:AD:97:12:29:26:43:4D:CD:75:FC:48:CE:BA:AE:7B:8A:10
X509v3 Authority Key Identifier:
keyid:7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/zsl1rZcSKSZDTc11_EjOuq57ihA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/ftUAFk8HOBNbmuwE44_CTLkOD18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.94.16.0/20
178.249.192.0/21
185.49.244.0/22
185.108.248.0/22
IPv6:
2a01:a4a0::/32
2a06:4940::/29
Signature Algorithm: sha256WithRSAEncryption
38:e1:d1:d3:87:1e:f1:55:67:4e:4f:33:e8:68:a2:b8:32:0e:
d1:04:dd:3b:4c:b2:51:8b:f4:9b:98:eb:bb:f7:ef:b2:c0:4f:
ac:74:bb:1d:8a:d5:f0:38:58:58:7f:03:fd:04:f3:58:d2:39:
17:27:d4:dd:20:38:5e:e3:17:19:45:f3:1d:6f:84:c7:b1:97:
9c:08:99:85:ed:d7:f7:ff:cf:22:9b:6a:aa:31:1a:a0:ab:76:
27:df:22:54:53:53:18:64:01:2d:a2:bb:85:e6:f6:e8:56:c5:
2b:2b:64:76:00:ca:7e:02:f7:45:1b:57:71:84:7f:8c:50:0d:
a0:a8:44:9e:5c:fe:97:dd:24:36:56:82:7e:36:be:8d:b4:53:
7e:77:c7:6e:e1:11:4d:16:b8:89:17:b4:aa:63:54:ee:75:d9:
d3:09:a3:da:d8:00:9c:4f:b8:ec:04:e3:64:7e:81:e4:6e:f0:
4d:52:e4:bf:3e:54:8c:f1:74:2d:32:03:32:b0:ed:95:cd:d8:
6d:ca:b3:9f:1c:da:00:bc:84:89:db:10:25:f4:e3:67:f9:39:
ee:0f:ec:2b:0c:c7:e3:51:6b:bc:9c:de:3e:09:40:8f:df:2d:
c7:7d:9e:2a:ef:72:4d:9d:7e:d4:2f:1c:ed:e8:01:51:e3:df:
99:ed:e1:d0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEA+bMFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZWQ1MDAxNjRmMDczODEzNWI5YWVjMDRlMzhmYzI0Y2I5MGUwZjVmMB4XDTIyMDEw
MTE1MDY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2VjOTc1YWQ5NzEy
MjkyNjQzNGRjZDc1ZmM0OGNlYmFhZTdiOGExMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJYaADs7DSQ2SQNafQ46vV5GPRAyRZ2DNzZyyOLsbbepadzs
GY08/w9QgFzGAIF/TQ4ptYcAC9M75/1p0/IuYOoBTbGZKtAvHtw0VWK2pe33z1u5
0yxMxwYnC4/54cMdkt16QZHdzVABQbSlAH7Yeu+DQt2QqALaGfGM+93yod3Z1WvQ
FHc9IF3x0h/1SMYrvw2L1gA2JgmeFPVh0KLPW3emaxw6u2DWw6dgOZigdLzxZXOv
ihkDoOHK6TsWCjWPs0u2d/zov0H0iSysxpvRCj3rNFLESpPUBnuM+Ib7TVKk62bx
hT1wPO+aug8+GZxyvMdC7A2IDiggPwTYSDPVgZ8CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBTOyXWtlxIpJkNNzXX8SM66rnuKEDAfBgNVHSMEGDAWgBR+1QAWTwc4E1ua
7ATjj8JMuQ4PXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Z0VUFGazhIT0JOYm11d0U0NF9DVExrT0QxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvOWM1MzU5LTM0NTItNDJmMy04ODBiLTgyZDlhOWViNDMwYy8x
L3pzbDFyWmNTS1NaRFRjMTFfRWpPdXE1N2loQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
OWM1MzU5LTM0NTItNDJmMy04ODBiLTgyZDlhOWViNDMwYy8xL2Z0VUFGazhIT0JO
Ym11d0U0NF9DVExrT0QxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEBJleEAMEA7L5wAMEArkx9AMEArls
+DAUBAIAAjAOAwUAKgGkoAMFAyoGSUAwDQYJKoZIhvcNAQELBQADggEBADjh0dOH
HvFVZ05PM+hoorgyDtEE3TtMslGL9JuY67v377LAT6x0ux2K1fA4WFh/A/0E81jS
ORcn1N0gOF7jFxlF8x1vhMexl5wImYXt1/f/zyKbaqoxGqCrdiffIlRTUxhkAS2i
u4Xm9uhWxSsrZHYAyn4C90UbV3GEf4xQDaCoRJ5c/pfdJDZWgn42vo20U353x27h
EU0WuIkXtKpjVO512dMJo9rYAJxPuOwE42R+geRu8E1S5L8+VIzxdC0yAzKw7ZXN
2G3Ks58c2gC8hInbECX042f5Oe4P7CsMx+NRa7yc3j4JQI/fLcd9nirvck2dftQv
HO3oAVHj35nt4dA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:23 2023 by rpki-client on console-ams.rpki-client.org