Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/Z3lyZOxZeiwPYthbqWm5gR88W7E.roa
File: Z3lyZOxZeiwPYthbqWm5gR88W7E.roa (raw, json)
Hash identifier: 4DNHXHChXYXrQHoUIMGJliJ16Z4VkVwlPCUhHFV7TG8=
Subject key identifier: 67:79:72:64:EC:59:7A:2C:0F:62:D8:5B:A9:69:B9:81:1F:3C:5B:B1
Certificate issuer: /CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Certificate serial: 01833773F963370E2E81CC51EF46ABF97AA7
Authority key identifier: 9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/Z3lyZOxZeiwPYthbqWm5gR88W7E.roa
Signing time: Tue 13 Sep 2022 15:24:50 +0000
ROA not before: Tue 13 Sep 2022 15:24:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206075
IP address blocks: 193.36.132.0/24 maxlen: 24
2a07:e041::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:37:73:f9:63:37:0e:2e:81:cc:51:ef:46:ab:f9:7a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Validity
Not Before: Sep 13 15:24:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67797264ec597a2c0f62d85ba969b9811f3c5bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:73:c0:68:19:99:b5:9a:e1:7f:d1:11:dc:b2:
66:30:79:4c:66:88:8a:e4:b5:55:3d:88:09:4a:a3:
3b:da:c0:e1:37:1a:8f:dd:fa:26:b6:f5:3b:93:eb:
a1:d6:9c:46:79:f2:fa:70:66:48:32:46:c9:1a:72:
51:da:12:fa:52:a2:79:db:e6:2f:d2:9e:bb:4d:62:
6f:a9:7a:80:54:05:37:b8:59:83:ba:62:ab:4d:fb:
b8:e8:01:fc:59:8b:9d:a9:69:b4:bf:75:f9:fd:59:
2c:f4:9c:8e:29:7d:ad:55:bd:d5:6a:a5:32:5e:a0:
9e:c5:88:9e:ab:27:98:44:91:a0:a2:ba:e5:f9:82:
f6:53:37:77:b4:7e:43:9f:eb:c6:ee:1b:0d:4a:0c:
32:bf:b0:7d:fb:46:83:a1:88:4f:63:2a:fe:b7:88:
c8:2e:5c:ec:4c:c8:52:b7:01:82:7c:44:73:23:93:
5a:42:9a:57:07:51:69:aa:4b:77:2c:50:19:8c:fe:
3b:6d:06:b7:58:34:3e:4f:9a:e0:16:6b:fd:30:ff:
71:d6:10:5d:8a:f9:b9:73:be:30:36:5d:e6:be:6e:
6e:4e:df:66:7b:32:7c:fc:ac:8b:97:6f:cb:ca:0b:
67:ed:bb:08:55:35:35:9c:de:ed:a6:03:83:db:8f:
f8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:79:72:64:EC:59:7A:2C:0F:62:D8:5B:A9:69:B9:81:1F:3C:5B:B1
X509v3 Authority Key Identifier:
keyid:9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/Z3lyZOxZeiwPYthbqWm5gR88W7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/nCim7Q9c_Ody1c5bA7tCkyyKZNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.132.0/24
IPv6:
2a07:e041::/32
Signature Algorithm: sha256WithRSAEncryption
20:44:a4:a5:01:e1:23:84:44:99:c8:fd:db:3d:d3:81:82:1d:
1a:81:d8:42:0a:e3:33:1a:53:55:de:95:10:57:e1:4b:39:d5:
51:4e:ef:26:40:98:e4:37:3b:b9:6f:3d:64:c5:5c:4f:4f:4c:
3f:6f:d0:6c:42:b6:de:fc:16:36:71:a4:ab:7a:c9:74:33:d2:
d5:5c:e3:5b:1b:5c:e0:50:b6:54:e7:69:2e:3e:0b:af:4f:75:
f3:8c:4f:b6:3c:fa:8c:72:c2:d9:83:f7:e4:f0:2f:46:eb:18:
72:b7:e7:7b:55:69:ff:fa:de:d1:eb:70:4f:d8:10:81:d7:06:
8e:a6:87:29:38:fc:af:8b:e0:1f:38:fa:d6:34:42:96:34:1c:
31:da:e1:1c:d7:b9:f8:79:0e:b7:72:46:a8:f1:ae:04:23:11:
d2:3f:73:f8:3f:63:4e:8e:d7:00:bf:7d:e7:f4:d2:c8:6a:ca:
41:2f:10:8a:51:23:5e:30:69:10:05:bf:40:63:7a:bc:09:7f:
60:8b:b7:ac:f8:75:0f:da:90:b6:c4:f7:c9:62:7b:6b:9a:3e:
5d:a8:a7:4b:66:b9:b5:3c:9e:f4:10:3a:72:2e:6e:95:2d:37:
1b:d0:8b:72:71:6c:54:23:31:47:1a:db:62:11:0f:3d:ff:f2:
f5:ee:77:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYM3c/ljNw4ugcxR70ar+XqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjhhNmVkMGY1Y2ZjZTc3MmQ1Y2U1YjAzYmI0MjkzMmM4
YTY0ZDAwHhcNMjIwOTEzMTUyNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzc5NzI2NGVjNTk3YTJjMGY2MmQ4NWJhOTY5Yjk4MTFmM2M1YmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnPAaBmZtZrhf9ER3LJmMHlMZoiK
5LVVPYgJSqM72sDhNxqP3fomtvU7k+uh1pxGefL6cGZIMkbJGnJR2hL6UqJ52+Yv
0p67TWJvqXqAVAU3uFmDumKrTfu46AH8WYudqWm0v3X5/Vks9JyOKX2tVb3VaqUy
XqCexYieqyeYRJGgorrl+YL2Uzd3tH5Dn+vG7hsNSgwyv7B9+0aDoYhPYyr+t4jI
LlzsTMhStwGCfERzI5NaQppXB1Fpqkt3LFAZjP47bQa3WDQ+T5rgFmv9MP9x1hBd
ivm5c74wNl3mvm5uTt9mezJ8/KyLl2/Lygtn7bsIVTU1nN7tpgOD24/4ZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGd5cmTsWXosD2LYW6lpuYEfPFuxMB8GA1UdIwQY
MBaAFJwopu0PXPznctXOWwO7QpMsimTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYt
YTZiNzYwMDg3MWE2LzEvWjNseVpPeFplaXdQWXRoYnFXbTVnUjg4VzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYtYTZiNzYwMDg3MWE2
LzEvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSSEMA0E
AgACMAcDBQAqB+BBMA0GCSqGSIb3DQEBCwUAA4IBAQAgRKSlAeEjhESZyP3bPdOB
gh0agdhCCuMzGlNV3pUQV+FLOdVRTu8mQJjkNzu5bz1kxVxPT0w/b9BsQrbe/BY2
caSresl0M9LVXONbG1zgULZU52kuPguvT3XzjE+2PPqMcsLZg/fk8C9G6xhyt+d7
VWn/+t7R63BP2BCB1waOpocpOPyvi+AfOPrWNEKWNBwx2uEc17n4eQ63ckao8a4E
IxHSP3P4P2NOjtcAv33n9NLIaspBLxCKUSNeMGkQBb9AY3q8CX9gi7es+HUP2pC2
xPfJYntrmj5dqKdLZrm1PJ70EDpyLm6VLTcb0ItycWxUIzFHGttiEQ89//L17ndo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:30 2024 by rpki-client on console-ams.rpki-client.org