Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/zGo34DSaCZXYV9cLewBEcXwDBtI.roa
File: zGo34DSaCZXYV9cLewBEcXwDBtI.roa (raw, json)
Hash identifier: xt9lwyAo9tU7PDf9QHhbGk0GvWblwBsHAvTBnbUJ8N8=
Subject key identifier: CC:6A:37:E0:34:9A:09:95:D8:57:D7:0B:7B:00:44:71:7C:03:06:D2
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 08ED1CFD
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/zGo34DSaCZXYV9cLewBEcXwDBtI.roa
Signing time: Sat 01 Jan 2022 08:05:19 +0000
ROA not before: Sat 01 Jan 2022 08:05:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58079
IP address blocks: 95.158.153.0/24 maxlen: 24
46.35.180.0/23 maxlen: 24
46.35.184.0/22 maxlen: 24
46.35.188.0/22 maxlen: 24
95.158.184.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149757181 (0x8ed1cfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 1 08:05:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc6a37e0349a0995d857d70b7b0044717c0306d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e1:ec:84:fc:5f:4b:38:a9:ce:ba:e3:36:6c:
fc:fd:90:30:e2:d8:2d:ec:df:6b:4c:61:c1:d9:5a:
da:46:87:dd:3d:63:f8:a5:9e:03:82:9b:a5:e2:28:
f6:54:89:ee:26:fa:62:b1:3e:11:4f:09:92:9b:01:
02:55:0c:21:f0:28:66:eb:15:47:4e:df:72:61:55:
c3:ca:1e:9c:e7:cc:3e:fd:ce:ca:e1:1b:70:f7:dc:
07:1f:02:f6:6b:5c:a7:32:0c:a8:a8:39:37:47:63:
91:92:40:88:87:4e:18:12:47:2b:a0:f9:d1:db:87:
e2:fa:a7:8f:b4:c4:b7:fc:5b:8c:47:ce:e6:dd:07:
0b:4b:48:d8:9b:60:67:34:f2:df:79:5c:0b:c3:53:
23:eb:4e:2a:b8:10:b2:3e:3a:52:36:fb:01:38:57:
32:29:10:6f:23:51:6b:a0:c7:54:18:b9:07:4e:95:
15:05:cb:66:ab:b3:10:35:f2:d0:45:c4:70:11:52:
63:90:a1:85:4a:71:c4:34:8e:d0:39:9e:82:f2:53:
b3:cc:88:dc:c3:7b:e2:2c:f7:fd:14:24:3d:20:f0:
e8:7f:64:b4:00:a2:41:36:87:23:d3:a9:29:ce:ac:
f6:93:40:cd:e5:09:48:eb:77:53:14:18:40:70:07:
64:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:6A:37:E0:34:9A:09:95:D8:57:D7:0B:7B:00:44:71:7C:03:06:D2
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/zGo34DSaCZXYV9cLewBEcXwDBtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.35.180.0/23
46.35.184.0/21
95.158.153.0/24
95.158.184.0/22
Signature Algorithm: sha256WithRSAEncryption
07:b5:5c:57:f7:af:79:4e:1b:51:df:81:2d:46:c6:ac:83:d2:
76:25:11:bc:be:77:02:0b:6c:9d:16:75:34:d4:91:4d:8b:7e:
7c:89:61:6b:d1:6b:b6:cb:ab:54:08:41:37:40:f5:3b:6d:7c:
fc:5a:ad:75:4c:c1:b9:72:ea:f8:e4:38:50:40:4d:69:6c:cc:
21:10:4d:fc:0d:8f:0b:d8:3e:49:58:d8:99:43:b0:8f:88:25:
fd:55:ee:65:e1:db:02:e5:61:1f:9c:9d:b5:08:bf:e2:38:57:
26:c3:92:99:54:54:b9:00:71:5f:35:ab:39:2f:ec:f3:0c:04:
bd:5d:42:88:44:0e:37:39:69:77:a5:5e:1a:d9:82:13:19:34:
18:6a:d5:1d:5e:42:73:b4:53:13:d9:65:48:7e:bc:21:8a:06:
be:a1:28:78:15:b0:77:4c:04:10:01:ca:7d:87:ad:c9:d0:95:
a4:7f:fc:b5:76:68:b4:2b:5e:c3:3b:12:2b:d2:79:2e:f8:41:
d1:e0:6f:35:88:ef:ed:41:5d:5c:60:e8:b6:ee:97:86:d1:d0:
b1:5c:66:08:82:9b:3a:42:86:1a:b6:ce:36:4a:ea:fb:1d:d0:
c4:85:6e:e4:8f:03:01:57:f3:83:a9:a5:64:51:54:d6:00:2c:
7c:84:d6:be
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECO0c/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDEw
MTA4MDUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M2YTM3ZTAzNDlh
MDk5NWQ4NTdkNzBiN2IwMDQ0NzE3YzAzMDZkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXh7IT8X0s4qc664zZs/P2QMOLYLezfa0xhwdla2kaH3T1j
+KWeA4KbpeIo9lSJ7ib6YrE+EU8JkpsBAlUMIfAoZusVR07fcmFVw8oenOfMPv3O
yuEbcPfcBx8C9mtcpzIMqKg5N0djkZJAiIdOGBJHK6D50duH4vqnj7TEt/xbjEfO
5t0HC0tI2JtgZzTy33lcC8NTI+tOKrgQsj46Ujb7AThXMikQbyNRa6DHVBi5B06V
FQXLZquzEDXy0EXEcBFSY5ChhUpxxDSO0DmegvJTs8yI3MN74iz3/RQkPSDw6H9k
tACiQTaHI9OpKc6s9pNAzeUJSOt3UxQYQHAHZHcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTMajfgNJoJldhX1wt7AERxfAMG0jAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L3pHbzM0RFNhQ1pYWVY5Y0xld0JFY1h3REJ0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAS4jtAMEAy4juAMEAF+emQMEAl+e
uDANBgkqhkiG9w0BAQsFAAOCAQEAB7VcV/eveU4bUd+BLUbGrIPSdiURvL53Agts
nRZ1NNSRTYt+fIlha9FrtsurVAhBN0D1O218/FqtdUzBuXLq+OQ4UEBNaWzMIRBN
/A2PC9g+SVjYmUOwj4gl/VXuZeHbAuVhH5ydtQi/4jhXJsOSmVRUuQBxXzWrOS/s
8wwEvV1CiEQONzlpd6VeGtmCExk0GGrVHV5Cc7RTE9llSH68IYoGvqEoeBWwd0wE
EAHKfYetydCVpH/8tXZotCtewzsSK9J5LvhB0eBvNYjv7UFdXGDotu6XhtHQsVxm
CIKbOkKGGrbONkrq+x3QxIVu5I8DAVfzg6mlZFFU1gAsfITWvg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:44 2023 by rpki-client on console-fra.rpki-client.org