Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZdKZILrFuNqsWIckvBQZCeiSZNI.roa
File: ZdKZILrFuNqsWIckvBQZCeiSZNI.roa (raw, json)
Hash identifier: i/rXDdtxupWF6pFSnEnQvHz07xC8gGWIL1j+2LvpKwg=
Subject key identifier: 65:D2:99:20:BA:C5:B8:DA:AC:58:87:24:BC:14:19:09:E8:92:64:D2
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01821FAD80BACA5707C848B9E5E9795ABB2E
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZdKZILrFuNqsWIckvBQZCeiSZNI.roa
Signing time: Thu 21 Jul 2022 07:34:00 +0000
ROA not before: Thu 21 Jul 2022 07:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 185.51.192.0/24 maxlen: 24
2a01:b2e0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1f:ad:80:ba:ca:57:07:c8:48:b9:e5:e9:79:5a:bb:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jul 21 07:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65d29920bac5b8daac588724bc141909e89264d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ee:d7:ee:52:6b:21:1c:11:54:c0:2e:8b:e0:
93:73:99:2e:f8:80:a7:8a:da:93:8c:68:2e:f4:1a:
9d:27:f4:52:8e:ed:45:b3:ce:8c:10:43:4b:2f:f6:
17:cb:7f:4a:b4:c9:c0:f1:ac:13:04:55:90:bc:38:
e3:b5:86:1c:9e:ab:b4:6c:af:1f:95:05:b8:40:eb:
57:aa:15:e4:57:b8:35:99:1e:c6:76:cb:54:c1:10:
8d:86:ca:c6:dc:ba:84:b2:6a:70:cb:11:b9:f2:36:
69:3f:8e:46:36:6b:52:b1:40:42:85:4a:ef:e8:71:
30:92:d0:48:97:b9:75:59:06:69:09:6f:0d:7c:d4:
6e:a6:71:d7:6c:bf:ad:e8:95:ea:09:cf:c5:79:fb:
b9:82:bd:75:7e:27:1b:94:60:0c:4b:4e:94:23:b4:
66:3b:2b:6c:e7:30:42:1d:a5:16:58:59:38:96:38:
ed:1e:57:43:2f:e3:35:5a:c6:a9:75:4f:b1:c5:e0:
6e:f9:e2:bb:75:2e:05:42:e3:a5:7c:da:a2:fa:5b:
44:6c:04:ca:32:eb:71:0c:ca:9a:dd:fc:6b:21:73:
37:23:53:80:d6:a0:39:99:b4:cd:3a:88:19:2d:ea:
68:d9:6f:2a:ce:ce:ab:e0:12:b2:57:c7:c6:24:f7:
c4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D2:99:20:BA:C5:B8:DA:AC:58:87:24:BC:14:19:09:E8:92:64:D2
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZdKZILrFuNqsWIckvBQZCeiSZNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.192.0/24
IPv6:
2a01:b2e0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:74:94:ce:fb:08:c1:24:0c:85:24:da:67:41:d3:03:d6:90:
1e:6c:d4:e5:17:03:dd:70:2c:20:76:61:7e:9c:48:68:8a:a5:
56:12:3d:c3:0b:13:9c:fd:3f:cc:df:46:6e:1e:f3:37:ec:fd:
f7:66:48:cf:a1:2a:81:f9:e6:eb:8f:aa:77:fa:11:39:8e:ef:
79:cd:a7:22:7a:3e:17:19:d8:33:23:7c:0f:65:fe:bc:6d:44:
17:c3:95:ee:2a:d6:e6:5f:7c:75:2b:6b:f5:a5:02:cb:6a:1d:
04:23:d9:0a:da:5f:03:48:8e:ca:a7:bf:60:f5:1a:56:6c:59:
23:97:36:d4:c7:6d:8a:40:e7:b4:ac:ea:a7:fc:2c:7e:82:28:
31:d7:bd:5c:a9:ff:b7:d4:39:7f:9e:df:10:6a:d0:28:7c:7e:
c4:81:bd:79:b6:c5:f5:fa:dc:26:df:f4:08:e5:9b:10:a9:0c:
48:47:0f:d1:e8:0b:b9:95:bb:50:be:65:bd:34:e5:e5:8b:a5:
3c:cd:d6:c6:2d:01:d5:5e:87:74:9b:03:f3:76:bc:9f:03:38:
d3:e9:81:d0:8c:6e:62:7f:c7:d9:06:6b:6a:10:f6:db:44:d8:
63:42:ce:43:d3:19:36:81:e1:33:42:19:36:75:fa:07:90:c5:
8e:ed:57:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYIfrYC6ylcHyEi55el5WrsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIwNzIxMDczNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQyOTkyMGJhYzViOGRhYWM1ODg3MjRiYzE0MTkwOWU4OTI2NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO7X7lJrIRwRVMAui+CTc5ku+ICn
itqTjGgu9BqdJ/RSju1Fs86MEENLL/YXy39KtMnA8awTBFWQvDjjtYYcnqu0bK8f
lQW4QOtXqhXkV7g1mR7GdstUwRCNhsrG3LqEsmpwyxG58jZpP45GNmtSsUBChUrv
6HEwktBIl7l1WQZpCW8NfNRupnHXbL+t6JXqCc/Fefu5gr11ficblGAMS06UI7Rm
Oyts5zBCHaUWWFk4ljjtHldDL+M1WsapdU+xxeBu+eK7dS4FQuOlfNqi+ltEbATK
MutxDMqa3fxrIXM3I1OA1qA5mbTNOogZLepo2W8qzs6r4BKyV8fGJPfE5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGXSmSC6xbjarFiHJLwUGQnokmTSMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWmRLWklMckZ1TnFzV0lja3ZCUVpDZWlTWk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTPAMA0E
AgACMAcDBQMqAbLgMA0GCSqGSIb3DQEBCwUAA4IBAQCmdJTO+wjBJAyFJNpnQdMD
1pAebNTlFwPdcCwgdmF+nEhoiqVWEj3DCxOc/T/M30ZuHvM37P33ZkjPoSqB+ebr
j6p3+hE5ju95zaciej4XGdgzI3wPZf68bUQXw5XuKtbmX3x1K2v1pQLLah0EI9kK
2l8DSI7Kp79g9RpWbFkjlzbUx22KQOe0rOqn/Cx+gigx171cqf+31Dl/nt8QatAo
fH7Egb15tsX1+twm3/QI5ZsQqQxIRw/R6Au5lbtQvmW9NOXli6U8zdbGLQHVXod0
mwPzdryfAzjT6YHQjG5if8fZBmtqEPbbRNhjQs5D0xk2geEzQhk2dfoHkMWO7VeI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org