Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ZA4wjhz3ApDKQp3KyFTcaWHKuaY.roa
File: ZA4wjhz3ApDKQp3KyFTcaWHKuaY.roa (raw, json)
Hash identifier: +h/nzsFwsiyH1W0E378ROtTH6kToSerVMT73BLsn0l8=
Subject key identifier: 64:0E:30:8E:1C:F7:02:90:CA:42:9D:CA:C8:54:DC:69:61:CA:B9:A6
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 01842E9F39F53E34A177010BC540307A4490
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ZA4wjhz3ApDKQp3KyFTcaWHKuaY.roa
Signing time: Mon 31 Oct 2022 15:18:17 +0000
ROA not before: Mon 31 Oct 2022 15:18:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59524
IP address blocks: 145.128.64.0/20 maxlen: 20
145.128.80.0/20 maxlen: 20
145.128.96.0/19 maxlen: 19
145.128.0.0/20 maxlen: 20
145.128.16.0/20 maxlen: 20
91.242.160.0/24 maxlen: 24
145.128.27.0/24 maxlen: 24
145.128.32.0/19 maxlen: 19
2001:67c:104c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2e:9f:39:f5:3e:34:a1:77:01:0b:c5:40:30:7a:44:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Oct 31 15:18:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=640e308e1cf70290ca429dcac854dc6961cab9a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cb:aa:ac:05:af:00:18:82:f0:49:4c:f7:51:
33:2d:84:dc:3a:24:f0:f8:d1:72:11:54:08:e2:d7:
fc:87:a9:f5:10:58:fe:62:8c:4a:b6:56:94:ce:67:
e7:4b:40:d6:17:60:bf:b5:3a:44:91:65:48:23:3e:
7d:37:62:97:d2:40:b3:3d:71:0b:33:c7:01:6f:56:
03:4b:4a:c3:a7:91:91:d7:fb:e5:e0:8c:2a:59:0f:
f9:32:c2:37:34:d8:59:34:0e:aa:ba:ed:a1:c1:09:
7c:ea:a8:8d:c5:5f:76:3e:85:c8:62:db:8c:08:87:
b3:57:78:f2:6d:0f:7b:62:78:70:c7:01:8b:1b:2a:
ee:38:3b:f8:df:4f:8a:a5:cc:9a:cd:42:0d:c0:a6:
9b:57:71:c6:5b:96:69:bd:4e:84:33:69:a5:ae:a5:
1b:e1:b5:ad:df:c1:56:4e:52:0d:ea:8d:c7:21:c5:
83:17:39:3b:1e:02:52:9b:c6:30:e6:72:30:80:5b:
7b:6f:ab:e7:15:4c:fa:98:58:ec:02:40:c8:5f:51:
b1:df:22:b9:1a:a7:71:5a:da:1d:b3:d9:2b:76:50:
e0:36:ea:fc:fe:fe:2e:7f:0e:b2:01:1e:7d:a5:c4:
57:6c:b3:97:02:28:ee:eb:a0:c1:62:80:ed:45:c7:
e9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0E:30:8E:1C:F7:02:90:CA:42:9D:CA:C8:54:DC:69:61:CA:B9:A6
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ZA4wjhz3ApDKQp3KyFTcaWHKuaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.160.0/24
145.128.0.0/17
IPv6:
2001:67c:104c::/48
Signature Algorithm: sha256WithRSAEncryption
7d:74:6a:fa:40:f6:0e:32:3c:f4:df:3a:bc:6f:e4:f3:cf:13:
13:f7:db:f6:e6:1a:04:4a:c7:9a:ad:c2:48:79:db:cd:fa:32:
5e:78:19:22:9a:37:1f:83:42:e7:b5:d4:4d:bd:ba:dd:ca:32:
ba:e8:6d:3c:e0:f8:e5:8e:52:68:74:b0:02:75:7b:3b:4b:52:
b2:1b:15:97:5a:af:0d:a5:eb:f0:b7:fc:dd:32:85:18:70:76:
07:17:02:51:7b:e3:02:00:05:4c:5a:a7:7a:c8:fc:95:35:2d:
b0:28:00:68:1e:7b:af:95:07:02:63:21:c9:03:0b:bb:21:44:
8e:90:ba:12:e4:6a:1c:b6:36:3c:90:4b:24:1d:49:c0:be:ab:
64:99:37:e8:5b:f0:ba:21:d1:ee:f3:f9:bc:8a:25:b5:25:74:
df:69:ba:13:0c:51:34:cf:96:b1:ce:3d:66:45:2a:40:f9:34:
bd:19:1a:e4:7e:fb:3e:13:46:a7:27:71:38:3f:65:7a:3c:37:
28:d9:27:ce:30:ce:79:99:f5:3b:ab:f6:09:ad:71:24:46:10:
84:3e:7e:1d:00:0c:70:0e:81:83:ed:e7:21:ea:77:74:5f:0c:
3c:b8:75:77:ae:08:19:fb:5f:0e:6e:64:1c:ff:d1:63:96:73:
6e:74:b4:0b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYQunzn1PjShdwELxUAwekSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjIxMDMxMTUxODE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDBlMzA4ZTFjZjcwMjkwY2E0MjlkY2FjODU0ZGM2OTYxY2FiOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8uqrAWvABiC8ElM91EzLYTcOiTw
+NFyEVQI4tf8h6n1EFj+YoxKtlaUzmfnS0DWF2C/tTpEkWVIIz59N2KX0kCzPXEL
M8cBb1YDS0rDp5GR1/vl4IwqWQ/5MsI3NNhZNA6quu2hwQl86qiNxV92PoXIYtuM
CIezV3jybQ97YnhwxwGLGyruODv430+KpcyazUINwKabV3HGW5ZpvU6EM2mlrqUb
4bWt38FWTlIN6o3HIcWDFzk7HgJSm8Yw5nIwgFt7b6vnFUz6mFjsAkDIX1Gx3yK5
GqdxWtods9krdlDgNur8/v4ufw6yAR59pcRXbLOXAiju66DBYoDtRcfphwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGQOMI4c9wKQykKdyshU3GlhyrmmMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvWkE0d2poejNBcERLUXAzS3lGVGNhV0hLdWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW/KgAwQH
kYAAMA8EAgACMAkDBwAgAQZ8EEwwDQYJKoZIhvcNAQELBQADggEBAH10avpA9g4y
PPTfOrxv5PPPExP32/bmGgRKx5qtwkh52836Ml54GSKaNx+DQue11E29ut3KMrro
bTzg+OWOUmh0sAJ1eztLUrIbFZdarw2l6/C3/N0yhRhwdgcXAlF74wIABUxap3rI
/JU1LbAoAGgee6+VBwJjIckDC7shRI6QuhLkahy2NjyQSyQdScC+q2SZN+hb8Loh
0e7z+byKJbUldN9puhMMUTTPlrHOPWZFKkD5NL0ZGuR++z4TRqcncTg/ZXo8NyjZ
J84wznmZ9Tur9gmtcSRGEIQ+fh0ADHAOgYPt5yHqd3RfDDy4dXeuCBn7Xw5uZBz/
0WOWc250tAs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:51 2024 by rpki-client on console-ams.rpki-client.org