Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/Zdx0YaKvx9zIZ-vFM-hwvb17MgE.roa
File: Zdx0YaKvx9zIZ-vFM-hwvb17MgE.roa (raw, json)
Hash identifier: ik6fXWIQU/f3StGAkKIDfstxyKJq+BUHoUQimM6Gtug=
Subject key identifier: 65:DC:74:61:A2:AF:C7:DC:C8:67:EB:C5:33:E8:70:BD:BD:7B:32:01
Certificate issuer: /CN=a8438eacf4d064e87a76bb462d3b4b2cc3858a4c
Certificate serial: 132740
Authority key identifier: A8:43:8E:AC:F4:D0:64:E8:7A:76:BB:46:2D:3B:4B:2C:C3:85:8A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/Zdx0YaKvx9zIZ-vFM-hwvb17MgE.roa
Signing time: Fri 11 Mar 2022 11:24:36 +0000
ROA not before: Fri 11 Mar 2022 11:24:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57457
IP address blocks: 185.210.203.0/24 maxlen: 24
185.210.200.0/24 maxlen: 24
185.210.201.0/24 maxlen: 24
185.210.202.0/24 maxlen: 24
91.232.64.0/24 maxlen: 24
91.232.65.0/24 maxlen: 24
91.232.69.0/24 maxlen: 24
91.232.66.0/24 maxlen: 24
91.232.67.0/24 maxlen: 24
91.232.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1255232 (0x132740)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8438eacf4d064e87a76bb462d3b4b2cc3858a4c
Validity
Not Before: Mar 11 11:24:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65dc7461a2afc7dcc867ebc533e870bdbd7b3201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3b:a2:29:af:77:0e:66:ef:6d:d1:8d:de:17:
0e:02:cf:5d:13:1d:fc:95:a8:15:f9:89:16:7c:be:
29:51:7f:68:75:c2:ee:b6:5b:97:a0:61:7b:ef:84:
b1:c6:bc:ac:d6:31:6d:af:c7:c6:5b:68:1b:72:d5:
88:ec:ed:79:06:b6:6b:28:e5:6a:bf:20:6f:4a:e3:
98:21:09:02:df:de:ec:aa:6a:dd:9e:85:b1:8c:22:
f8:dc:c2:12:c6:07:14:20:4f:30:d0:eb:25:33:47:
a4:a6:5f:bb:01:75:5a:85:2a:1d:66:aa:07:4c:ae:
84:f6:b8:89:07:4b:5f:60:6b:34:45:43:9a:ad:8a:
62:9e:70:b5:40:cc:fd:e7:ad:03:df:42:dc:98:71:
c1:bf:a8:b8:ac:33:c1:f3:b0:bd:50:74:bb:40:50:
aa:4e:2a:c8:05:22:08:4a:df:0d:ad:5e:63:d3:2d:
4d:f0:03:44:ec:89:74:38:79:45:c7:f4:69:af:a4:
6e:b4:34:1b:e5:cc:3a:0c:8e:ba:d7:3e:63:98:51:
00:b3:43:11:b3:b2:65:ec:3c:b7:d4:fe:20:87:3c:
a5:35:9d:47:07:b7:3d:73:f0:2f:9b:42:b5:e6:71:
61:0a:72:ee:33:94:81:24:4f:d7:df:ca:f2:95:e3:
a6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DC:74:61:A2:AF:C7:DC:C8:67:EB:C5:33:E8:70:BD:BD:7B:32:01
X509v3 Authority Key Identifier:
keyid:A8:43:8E:AC:F4:D0:64:E8:7A:76:BB:46:2D:3B:4B:2C:C3:85:8A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/Zdx0YaKvx9zIZ-vFM-hwvb17MgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/qEOOrPTQZOh6drtGLTtLLMOFikw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.64.0-91.232.69.255
185.210.200.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:c9:3a:c1:68:73:ac:86:10:a9:0a:80:6a:02:98:ac:e2:19:
1f:aa:b4:97:5c:bb:91:72:24:16:71:53:47:b5:1a:dd:77:fb:
17:11:99:52:a6:24:66:6d:7a:36:62:74:d1:7f:4b:ad:8f:87:
9d:17:30:df:02:40:be:67:93:fd:58:96:6b:de:80:60:a3:4a:
50:01:48:ba:ae:8a:8c:2b:12:4e:c0:75:a5:31:3d:f4:f8:19:
c3:7e:54:31:2a:74:9d:4f:37:63:ee:a4:7a:c2:f3:8f:9f:fd:
61:0d:e6:e2:5a:f7:d1:e2:fe:09:9a:9a:61:63:90:77:96:bc:
6c:b3:b3:15:6a:75:90:fb:15:fa:c7:ce:33:ae:31:0d:f6:7e:
bb:0d:5c:7d:84:bb:aa:5d:8a:aa:04:5a:ec:92:57:b6:31:b6:
6c:09:a8:d3:05:52:24:fa:6a:49:c6:0c:4b:cc:b8:a8:9d:a9:
bf:38:dc:26:6b:c5:8e:1f:2b:f7:f6:24:59:d8:7b:34:29:91:
bf:2f:d2:86:8c:f2:fd:ff:cc:57:51:48:81:c3:7e:07:1e:8b:
ee:ce:37:f8:42:1c:70:42:cc:fb:98:0a:00:1a:bb:da:03:49:
29:a3:ad:df:fc:5d:df:c9:8c:27:50:a5:e6:7b:e8:9c:7e:c2:
5f:14:72:4f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIDEydAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
NDM4ZWFjZjRkMDY0ZTg3YTc2YmI0NjJkM2I0YjJjYzM4NThhNGMwHhcNMjIwMzEx
MTEyNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2NWRjNzQ2MWEyYWZj
N2RjYzg2N2ViYzUzM2U4NzBiZGJkN2IzMjAxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuzuiKa93DmbvbdGN3hcOAs9dEx38lagV+YkWfL4pUX9odcLu
tluXoGF774Sxxrys1jFtr8fGW2gbctWI7O15BrZrKOVqvyBvSuOYIQkC397sqmrd
noWxjCL43MISxgcUIE8w0OslM0ekpl+7AXVahSodZqoHTK6E9riJB0tfYGs0RUOa
rYpinnC1QMz9560D30LcmHHBv6i4rDPB87C9UHS7QFCqTirIBSIISt8NrV5j0y1N
8ANE7Il0OHlFx/Rpr6RutDQb5cw6DI661z5jmFEAs0MRs7Jl7Dy31P4ghzylNZ1H
B7c9c/Avm0K15nFhCnLuM5SBJE/X38ryleOmzwIDAQABo4ICFzCCAhMwHQYDVR0O
BBYEFGXcdGGir8fcyGfrxTPocL29ezIBMB8GA1UdIwQYMBaAFKhDjqz00GToena7
Ri07SyzDhYpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cUVPT3JQVFFaT2g2ZHJ0R0xUdExMTU9GaWt3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMS84ZTExMjItOGNiOS00ODcyLTg4MTEtMWMyODAwODMxYzY0LzEv
WmR4MFlhS3Z4OXpJWi12Rk0taHd2YjE3TWdFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84
ZTExMjItOGNiOS00ODcyLTg4MTEtMWMyODAwODMxYzY0LzEvcUVPT3JQVFFaT2g2
ZHJ0R0xUdExMTU9GaWt3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0G
CCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAZb6EADBAFb6EQDBAK50sgwDQYJ
KoZIhvcNAQELBQADggEBAL/JOsFoc6yGEKkKgGoCmKziGR+qtJdcu5FyJBZxU0e1
Gt13+xcRmVKmJGZtejZidNF/S62Ph50XMN8CQL5nk/1YlmvegGCjSlABSLquiowr
Ek7AdaUxPfT4GcN+VDEqdJ1PN2PupHrC84+f/WEN5uJa99Hi/gmammFjkHeWvGyz
sxVqdZD7FfrHzjOuMQ32frsNXH2Eu6pdiqoEWuySV7YxtmwJqNMFUiT6aknGDEvM
uKidqb843CZrxY4fK/f2JFnYezQpkb8v0oaM8v3/zFdRSIHDfgcei+7ON/hCHHBC
zPuYCgAau9oDSSmjrd/8Xd/JjCdQpeZ76Jx+wl8Uck8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:35 2024 by rpki-client on console-fra.rpki-client.org