Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/zVp2zm3CWJSp4yVd9ONOLm79qCg.roa
File: zVp2zm3CWJSp4yVd9ONOLm79qCg.roa (raw, json)
Hash identifier: klV8uEtL/ItOOV7cSoXD7hLsJy4N/jI5zv9WoIXoRH4=
Subject key identifier: CD:5A:76:CE:6D:C2:58:94:A9:E3:25:5D:F4:E3:4E:2E:6E:FD:A8:28
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 0A378270
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/zVp2zm3CWJSp4yVd9ONOLm79qCg.roa
Signing time: Sat 01 Jan 2022 11:58:10 +0000
ROA not before: Sat 01 Jan 2022 11:58:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31400
IP address blocks: 37.114.96.0/19 maxlen: 24
185.171.204.0/22 maxlen: 22
84.200.0.0/16 maxlen: 24
82.211.0.0/18 maxlen: 24
84.201.0.0/18 maxlen: 24
2001:1608::/32 maxlen: 48
2a01:7e0:aa00::/40 maxlen: 40
2001:1638::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171410032 (0xa378270)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Jan 1 11:58:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd5a76ce6dc25894a9e3255df4e34e2e6efda828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f6:b1:33:26:4d:a8:67:f1:2a:81:4d:77:70:
c0:11:ed:c8:74:42:61:db:44:68:9e:61:6b:e7:31:
9c:a9:6a:6b:77:19:8b:ed:d8:7a:a0:0e:5f:2f:94:
b2:43:05:8b:c5:1c:6e:50:d7:f7:45:58:71:39:ea:
94:a8:9e:a6:4c:1b:77:2e:39:fc:75:d9:ce:e7:9f:
65:e9:d4:42:ab:8b:ae:01:ae:db:59:0d:3c:83:b3:
60:c5:9a:f0:98:4e:f2:29:8d:dc:2f:85:1a:96:e2:
0e:9a:c3:f2:d9:8b:cc:6e:e5:a3:a8:34:b0:a1:c1:
47:52:ba:46:18:d4:d5:18:d2:b8:74:eb:78:b7:51:
42:b4:4f:f5:d8:23:e8:25:87:0d:81:e9:58:05:f8:
44:2c:d6:1e:be:14:d1:59:56:59:24:f8:c8:98:be:
8f:0a:36:46:3d:fd:a4:2d:e6:03:38:bd:55:78:78:
a6:32:87:33:91:5a:8f:47:34:da:78:ca:1b:50:d4:
3d:ee:9e:3c:02:ae:de:01:a1:e6:e5:8b:56:3e:19:
32:cf:74:94:68:ea:22:3a:76:ce:b5:bc:8e:46:72:
eb:17:9d:65:84:30:21:dc:6c:b8:22:bc:09:ea:b0:
b2:da:d6:ab:eb:f4:7b:38:4e:e0:7d:1d:f9:3e:09:
8b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:5A:76:CE:6D:C2:58:94:A9:E3:25:5D:F4:E3:4E:2E:6E:FD:A8:28
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/zVp2zm3CWJSp4yVd9ONOLm79qCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.96.0/19
82.211.0.0/18
84.200.0.0-84.201.63.255
185.171.204.0/22
IPv6:
2001:1608::/32
2001:1638::/32
2a01:7e0:aa00::/40
Signature Algorithm: sha256WithRSAEncryption
22:c8:f5:2f:4d:ec:e3:0e:0c:2a:76:c2:e2:31:88:39:62:25:
45:9a:ef:05:9a:0c:3b:4f:a9:ff:d6:29:27:0e:c8:6f:55:25:
9a:c3:fa:30:0d:88:a4:db:d1:74:97:ae:4c:68:7a:cd:2a:52:
b1:11:1f:87:c7:3a:72:89:f7:1b:14:fa:32:b3:b7:6b:bb:4d:
ca:af:d6:d1:50:2d:2b:f8:a5:c7:18:a2:58:24:63:f4:53:5e:
cb:00:69:f7:17:46:a1:15:4a:00:d8:a7:15:e5:92:12:76:17:
83:d3:a9:8a:08:bb:38:35:12:77:5d:c9:5e:ce:b4:b1:b7:4d:
de:25:e2:81:c7:e2:fd:b9:96:f1:c1:df:93:03:88:4a:ad:b6:
34:3f:f4:9e:bf:53:50:5a:52:67:45:70:69:ac:bd:25:f0:af:
b7:6e:30:31:61:47:c5:fc:68:da:64:7e:a0:e2:c3:d3:19:cc:
6e:1b:28:db:df:4c:03:c3:57:67:1e:1e:81:ed:b1:57:e4:a2:
a5:21:3f:a5:77:53:a4:50:b4:63:a0:04:00:f0:47:0d:49:4d:
4c:93:89:be:fb:40:e5:30:a2:b4:ef:b5:22:0d:38:ca:43:c5:
3c:15:93:c3:dd:7e:f9:85:9a:4d:19:8a:a4:ab:10:b8:c5:5f:
90:b2:05:95
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIECjeCcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTFkYzUwYTRiNTI2ZGYxOGU4YjBhNjU2NWQ3YjlkNThhNzVkMzE1MB4XDTIyMDEw
MTExNTgxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q1YTc2Y2U2ZGMy
NTg5NGE5ZTMyNTVkZjRlMzRlMmU2ZWZkYTgyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKH2sTMmTahn8SqBTXdwwBHtyHRCYdtEaJ5ha+cxnKlqa3cZ
i+3YeqAOXy+UskMFi8UcblDX90VYcTnqlKiepkwbdy45/HXZzuefZenUQquLrgGu
21kNPIOzYMWa8JhO8imN3C+FGpbiDprD8tmLzG7lo6g0sKHBR1K6RhjU1RjSuHTr
eLdRQrRP9dgj6CWHDYHpWAX4RCzWHr4U0VlWWST4yJi+jwo2Rj39pC3mAzi9VXh4
pjKHM5Faj0c02njKG1DUPe6ePAKu3gGh5uWLVj4ZMs90lGjqIjp2zrW8jkZy6xed
ZYQwIdxsuCK8CeqwstrWq+v0ezhO4H0d+T4Jix8CAwEAAaOCAkAwggI8MB0GA1Ud
DgQWBBTNWnbObcJYlKnjJV30404ubv2oKDAfBgNVHSMEGDAWgBSqHcUKS1Jt8Y6L
CmVl17nVinXTFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FoM0ZDa3RTYmZHT2l3cGxaZGU1MVlwMTB4VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvZjIzOTI5LTczNzUtNDFjOC05OTczLTMzZDcyODQzM2MxMS8x
L3pWcDJ6bTNDV0pTcDR5VmQ5T05PTG03OXFDZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
ZjIzOTI5LTczNzUtNDFjOC05OTczLTMzZDcyODQzM2MxMS8xL3FoM0ZDa3RTYmZH
T2l3cGxaZGU1MVlwMTB4VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBW
BggrBgEFBQcBBwEB/wRHMEUwJQQCAAEwHwMEBSVyYAMEBlLTADALAwMDVMgDBAZU
yQADBAK5q8wwHAQCAAIwFgMFACABFggDBQAgARY4AwYAKgEH4KowDQYJKoZIhvcN
AQELBQADggEBACLI9S9N7OMODCp2wuIxiDliJUWa7wWaDDtPqf/WKScOyG9VJZrD
+jANiKTb0XSXrkxoes0qUrERH4fHOnKJ9xsU+jKzt2u7Tcqv1tFQLSv4pccYolgk
Y/RTXssAafcXRqEVSgDYpxXlkhJ2F4PTqYoIuzg1EnddyV7OtLG3Td4l4oHH4v25
lvHB35MDiEqttjQ/9J6/U1BaUmdFcGmsvSXwr7duMDFhR8X8aNpkfqDiw9MZzG4b
KNvfTAPDV2ceHoHtsVfkoqUhP6V3U6RQtGOgBADwRw1JTUyTib77QOUworTvtSIN
OMpDxTwVk8PdfvmFmk0ZiqSrELjFX5CyBZU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:37 2024 by rpki-client on console-fra.rpki-client.org