Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/zyTQe8gZELRL2FwNCDRg6vu1FQA.roa
File: zyTQe8gZELRL2FwNCDRg6vu1FQA.roa (raw, json)
Hash identifier: +hKsVVuQYM06jzplHPJMGlM7D7BqMjiBeOaytngUH0g=
Subject key identifier: CF:24:D0:7B:C8:19:10:B4:4B:D8:5C:0D:08:34:60:EA:FB:B5:15:00
Certificate issuer: /CN=9256db3487b4c5bacb300177057cf3174cf77477
Certificate serial: 01855B0D61EB7BD0A5CCBD8F3CE2D9E47F23
Authority key identifier: 92:56:DB:34:87:B4:C5:BA:CB:30:01:77:05:7C:F3:17:4C:F7:74:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klbbNIe0xbrLMAF3BXzzF0z3dHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/zyTQe8gZELRL2FwNCDRg6vu1FQA.roa
Signing time: Wed 28 Dec 2022 23:24:41 +0000
ROA not before: Wed 28 Dec 2022 23:24:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51263
IP address blocks: 62.56.176.0/20 maxlen: 20
168.86.192.0/19 maxlen: 19
178.251.178.0/24 maxlen: 24
178.251.177.0/24 maxlen: 24
178.251.176.0/24 maxlen: 24
178.251.176.0/21 maxlen: 21
178.251.179.0/24 maxlen: 24
178.251.183.0/24 maxlen: 24
178.251.182.0/24 maxlen: 24
178.251.181.0/24 maxlen: 24
178.251.180.0/24 maxlen: 24
185.25.56.0/22 maxlen: 22
213.244.200.0/21 maxlen: 21
2a03:e240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5b:0d:61:eb:7b:d0:a5:cc:bd:8f:3c:e2:d9:e4:7f:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9256db3487b4c5bacb300177057cf3174cf77477
Validity
Not Before: Dec 28 23:24:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf24d07bc81910b44bd85c0d083460eafbb51500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4e:01:db:d7:2f:94:f3:72:c4:45:3e:92:8e:
ce:ae:d9:1e:8a:74:1f:d8:69:91:c3:e6:ac:ca:f2:
85:bc:fb:89:97:c4:18:1a:a8:bf:ab:92:46:29:cd:
b0:0b:a8:29:fa:28:22:1b:4c:8c:f6:d6:9a:75:fa:
23:22:1f:90:95:26:65:b6:18:25:96:25:3d:75:81:
ba:b4:14:15:48:2d:61:b9:70:f2:67:a9:d4:85:33:
2a:e0:67:9d:bc:70:e2:59:e5:09:c3:18:00:a7:63:
bf:ff:19:10:4d:c1:b2:bb:e2:93:0b:8f:5b:62:42:
9c:b1:7b:5b:d8:06:88:77:93:24:0b:d6:52:0a:7b:
39:96:6b:d5:b2:b7:6e:00:56:02:4b:d0:03:d6:3a:
31:28:29:fe:0b:dc:83:a8:0d:e3:53:5c:4d:2d:de:
42:07:67:03:10:60:68:f6:f0:0c:74:cf:5d:58:1b:
e7:0b:88:51:d4:44:0e:ed:0c:98:8a:3a:75:48:92:
e9:6d:23:d6:dd:9d:64:f1:ad:9d:a4:8d:d3:63:ea:
82:27:bf:77:3c:17:c7:74:63:6d:aa:aa:63:8c:2f:
30:6e:e8:59:48:e7:6e:8b:3d:bf:11:f9:55:1d:ea:
b1:ec:0d:78:85:15:bc:c9:49:a1:a6:77:34:b3:bd:
01:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:24:D0:7B:C8:19:10:B4:4B:D8:5C:0D:08:34:60:EA:FB:B5:15:00
X509v3 Authority Key Identifier:
keyid:92:56:DB:34:87:B4:C5:BA:CB:30:01:77:05:7C:F3:17:4C:F7:74:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klbbNIe0xbrLMAF3BXzzF0z3dHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/zyTQe8gZELRL2FwNCDRg6vu1FQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/klbbNIe0xbrLMAF3BXzzF0z3dHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.56.176.0/20
168.86.192.0/19
178.251.176.0/21
185.25.56.0/22
213.244.200.0/21
IPv6:
2a03:e240::/32
Signature Algorithm: sha256WithRSAEncryption
4d:86:4c:66:63:24:18:a5:48:eb:1b:92:14:72:60:d5:91:ef:
79:76:43:59:36:d1:a9:26:1f:a5:48:10:37:de:ac:52:aa:ad:
66:15:54:12:cc:f8:58:80:43:28:12:17:84:20:5a:85:18:1c:
a1:7d:82:7c:ed:1b:72:8e:3b:23:71:1b:83:d3:06:66:86:79:
d5:6c:6e:84:50:2c:41:b5:dc:a5:69:59:6a:37:52:d9:89:b5:
6a:a2:24:4e:9e:a0:89:4c:be:ef:a2:a3:ef:01:ec:ec:1b:ba:
1e:58:ac:f0:dd:58:f3:6c:2b:59:a5:48:cf:dd:09:57:56:96:
6e:c0:c2:e1:d1:f6:4e:bc:15:5c:96:7e:7c:db:38:cb:9d:f3:
57:26:ae:71:41:44:7f:ab:f9:83:15:7c:1a:b0:fc:62:b2:4a:
d7:09:d3:3d:c4:4a:08:f6:cb:13:cb:eb:0b:40:de:3c:8b:1d:
ef:fd:5f:92:f5:48:af:b1:0e:b8:36:6d:60:5c:d9:2f:40:4c:
45:58:79:db:41:f9:db:38:c0:29:c5:4e:60:ca:0a:e0:5f:73:
8c:f9:04:34:bb:06:50:36:53:82:89:b1:ca:09:6b:f3:ff:1a:
aa:65:38:d8:81:e4:da:87:fe:15:7b:bd:2b:eb:0a:63:14:84:
1e:49:12:59
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVbDWHre9ClzL2PPOLZ5H8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTZkYjM0ODdiNGM1YmFjYjMwMDE3NzA1N2NmMzE3NGNm
Nzc0NzcwHhcNMjIxMjI4MjMyNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjI0ZDA3YmM4MTkxMGI0NGJkODVjMGQwODM0NjBlYWZiYjUxNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnk4B29cvlPNyxEU+ko7OrtkeinQf
2GmRw+asyvKFvPuJl8QYGqi/q5JGKc2wC6gp+igiG0yM9taadfojIh+QlSZlthgl
liU9dYG6tBQVSC1huXDyZ6nUhTMq4GedvHDiWeUJwxgAp2O//xkQTcGyu+KTC49b
YkKcsXtb2AaId5MkC9ZSCns5lmvVsrduAFYCS9AD1joxKCn+C9yDqA3jU1xNLd5C
B2cDEGBo9vAMdM9dWBvnC4hR1EQO7QyYijp1SJLpbSPW3Z1k8a2dpI3TY+qCJ793
PBfHdGNtqqpjjC8wbuhZSOduiz2/EflVHeqx7A14hRW8yUmhpnc0s70BcwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM8k0HvIGRC0S9hcDQg0YOr7tRUAMB8GA1UdIwQY
MBaAFJJW2zSHtMW6yzABdwV88xdM93R3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xiYk5JZTB4YnJMTUFGM0JYenpGMHozZEhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83YjQ1YjktOTkwYi00NjE0LWE2NGUt
MGY1MmVhNTIyOWZjLzEvenlUUWU4Z1pFTFJMMkZ3TkNEUmc2dnUxRlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83YjQ1YjktOTkwYi00NjE0LWE2NGUtMGY1MmVhNTIyOWZj
LzEva2xiYk5JZTB4YnJMTUFGM0JYenpGMHozZEhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEPjiwAwQF
qFbAAwQDsvuwAwQCuRk4AwQD1fTIMA0EAgACMAcDBQAqA+JAMA0GCSqGSIb3DQEB
CwUAA4IBAQBNhkxmYyQYpUjrG5IUcmDVke95dkNZNtGpJh+lSBA33qxSqq1mFVQS
zPhYgEMoEheEIFqFGByhfYJ87RtyjjsjcRuD0wZmhnnVbG6EUCxBtdylaVlqN1LZ
ibVqoiROnqCJTL7voqPvAezsG7oeWKzw3VjzbCtZpUjP3QlXVpZuwMLh0fZOvBVc
ln582zjLnfNXJq5xQUR/q/mDFXwasPxiskrXCdM9xEoI9ssTy+sLQN48ix3v/V+S
9UivsQ64Nm1gXNkvQExFWHnbQfnbOMApxU5gygrgX3OM+QQ0uwZQNlOCibHKCWvz
/xqqZTjYgeTah/4Ve70r6wpjFIQeSRJZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:50 2024 by rpki-client on console-ams.rpki-client.org