Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/zEgpnfifF7XIZGdYEi1eosbZIY8.roa
File: zEgpnfifF7XIZGdYEi1eosbZIY8.roa (raw, json)
Hash identifier: Fyfg7qAfUZieZC72IBWjS4faIkpeQULc6Qf52c4unUY=
Subject key identifier: CC:48:29:9D:F8:9F:17:B5:C8:64:67:58:12:2D:5E:A2:C6:D9:21:8F
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 063A93B4
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/zEgpnfifF7XIZGdYEi1eosbZIY8.roa
Signing time: Sat 01 Jan 2022 11:59:38 +0000
ROA not before: Sat 01 Jan 2022 11:59:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48095
IP address blocks: 194.38.28.0/23 maxlen: 23
194.38.30.0/23 maxlen: 23
171.22.36.0/23 maxlen: 23
171.22.38.0/23 maxlen: 23
193.168.182.0/23 maxlen: 23
193.168.180.0/23 maxlen: 23
45.67.178.0/23 maxlen: 23
45.67.176.0/23 maxlen: 23
5.253.162.0/23 maxlen: 23
5.253.160.0/23 maxlen: 23
83.150.239.0/24 maxlen: 24
83.150.238.0/24 maxlen: 24
141.98.92.0/23 maxlen: 23
85.209.138.0/23 maxlen: 23
85.209.136.0/23 maxlen: 23
141.98.94.0/23 maxlen: 23
2.56.44.0/23 maxlen: 23
152.89.10.0/23 maxlen: 23
188.119.90.0/23 maxlen: 23
152.89.8.0/23 maxlen: 23
188.119.88.0/23 maxlen: 23
2.56.46.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104502196 (0x63a93b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jan 1 11:59:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc48299df89f17b5c8646758122d5ea2c6d9218f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:24:34:75:58:9e:70:31:c3:36:0f:97:64:86:
a1:16:09:e7:34:f4:49:53:d4:b1:58:cb:7b:01:00:
2b:27:69:02:82:68:70:b2:2f:e1:fe:77:9c:77:3d:
15:ad:c2:a7:85:a6:35:72:85:6f:26:1c:0d:d8:27:
21:01:1b:e1:eb:fa:ad:ae:5d:6d:5b:7d:92:33:18:
dc:cc:30:9b:fe:66:3c:35:4a:c6:2c:8f:50:11:f6:
a3:3a:db:5c:65:1c:9c:37:ff:b1:ef:33:cc:87:fb:
98:fa:60:ff:6a:cf:75:0d:c6:70:ea:78:5e:54:6a:
aa:7a:d7:4b:ac:38:07:07:95:d1:67:6c:7d:9a:6e:
3e:af:ff:d8:3f:73:72:f5:18:5f:70:59:19:f5:24:
c7:23:c5:be:de:0a:48:54:0f:8c:50:9b:03:1e:ef:
68:40:9b:59:1f:16:ef:a5:e4:55:e6:63:90:dd:61:
2b:f7:59:97:19:43:94:8f:37:5c:a3:37:a9:8e:73:
d2:ff:34:3b:19:31:af:34:60:3a:b1:e1:17:66:b1:
04:19:3c:f1:61:e7:5c:a1:dc:7a:eb:d5:e1:cb:9d:
ab:73:ed:6e:cc:a7:e6:0e:00:ec:11:47:15:82:7c:
35:8c:3d:58:fc:87:6a:48:fc:a3:0b:48:d1:e1:78:
d1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:48:29:9D:F8:9F:17:B5:C8:64:67:58:12:2D:5E:A2:C6:D9:21:8F
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/zEgpnfifF7XIZGdYEi1eosbZIY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.44.0/22
5.253.160.0/22
45.67.176.0/22
83.150.238.0/23
85.209.136.0/22
141.98.92.0/22
152.89.8.0/22
171.22.36.0/22
188.119.88.0/22
193.168.180.0/22
194.38.28.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:3e:86:e6:10:da:e9:3a:22:5e:d4:85:f9:c9:ba:cf:4c:4d:
57:d2:61:ca:23:e6:71:11:79:e8:e3:cd:34:d0:12:a7:78:59:
19:b2:b9:74:48:76:ff:b5:e8:6c:19:07:ef:1f:64:1d:90:db:
ab:3c:84:27:97:7e:2b:21:7b:f2:bb:91:e3:ab:00:0f:8a:e4:
3c:3c:b0:1b:50:09:55:a8:ed:0c:76:a7:b4:42:90:b0:f3:04:
d4:49:71:f5:e6:4c:5d:d6:79:24:c0:e4:cc:b0:47:7b:8d:69:
5e:81:eb:b8:bf:50:bf:65:88:9e:8b:c3:c3:31:15:da:33:1c:
1f:be:9b:e0:3c:cc:f4:3e:f9:4a:29:c7:5e:19:93:60:f4:3a:
5d:e4:f8:89:f7:7f:e1:d8:f5:52:b1:e0:3f:21:25:2c:03:96:
5c:9c:b3:1f:da:22:9d:6f:09:f1:61:0f:ae:4d:fe:96:91:51:
86:34:4b:54:df:cc:8b:28:e5:f2:7f:6f:2a:c0:79:07:58:66:
0f:92:76:36:45:ab:c6:aa:2a:8e:81:d8:bc:8e:7c:0f:c5:6f:
b4:dd:79:0e:16:8d:7a:9c:0d:c1:fa:50:94:99:ac:a3:74:64:
6f:14:fa:f2:a1:bc:3c:fa:41:61:bf:cb:e2:13:1d:8f:64:b3:
b0:f3:0e:27
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEBjqTtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDUyMTEyOGNmNjM0YWE2YWZhN2VmNTJkNTMxZjNmY2Q1NTYyOGY5MB4XDTIyMDEw
MTExNTkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M0ODI5OWRmODlm
MTdiNWM4NjQ2NzU4MTIyZDVlYTJjNmQ5MjE4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALskNHVYnnAxwzYPl2SGoRYJ5zT0SVPUsVjLewEAKydpAoJo
cLIv4f53nHc9Fa3Cp4WmNXKFbyYcDdgnIQEb4ev6ra5dbVt9kjMY3Mwwm/5mPDVK
xiyPUBH2ozrbXGUcnDf/se8zzIf7mPpg/2rPdQ3GcOp4XlRqqnrXS6w4BweV0Wds
fZpuPq//2D9zcvUYX3BZGfUkxyPFvt4KSFQPjFCbAx7vaECbWR8W76XkVeZjkN1h
K/dZlxlDlI83XKM3qY5z0v80OxkxrzRgOrHhF2axBBk88WHnXKHceuvV4cudq3Pt
bsyn5g4A7BFHFYJ8NYw9WPyHakj8owtI0eF40TsCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBTMSCmd+J8XtchkZ1gSLV6ixtkhjzAfBgNVHSMEGDAWgBTwUhEoz2NKpq+n
71LVMfP81VYo+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhGSVJLTTlqU3FhdnAtOVMxVEh6X05WV0tQay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvYjRiMTUwLWRiYjgtNDY1Zi04MTU1LWU0NDE5YjY0MjEyZS8x
L3pFZ3BuZmlmRjdYSVpHZFlFaTFlb3NiWklZOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
YjRiMTUwLWRiYjgtNDY1Zi04MTU1LWU0NDE5YjY0MjEyZS8xLzhGSVJLTTlqU3Fh
dnAtOVMxVEh6X05WV0tQay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAgI4LAMEAgX9oAMEAi1DsAMEAVOW
7gMEAlXRiAMEAo1iXAMEAphZCAMEAqsWJAMEArx3WAMEAsGotAMEAsImHDANBgkq
hkiG9w0BAQsFAAOCAQEAHT6G5hDa6ToiXtSF+cm6z0xNV9JhyiPmcRF56OPNNNAS
p3hZGbK5dEh2/7XobBkH7x9kHZDbqzyEJ5d+KyF78ruR46sAD4rkPDywG1AJVajt
DHantEKQsPME1Elx9eZMXdZ5JMDkzLBHe41pXoHruL9Qv2WInovDwzEV2jMcH76b
4DzM9D75SinHXhmTYPQ6XeT4ifd/4dj1UrHgPyElLAOWXJyzH9oinW8J8WEPrk3+
lpFRhjRLVN/Miyjl8n9vKsB5B1hmD5J2NkWrxqoqjoHYvI58D8VvtN15DhaNepwN
wfpQlJmso3RkbxT68qG8PPpBYb/L4hMdj2SzsPMOJw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:54 2023 by rpki-client on console-fra.rpki-client.org