Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/ZqfHZ9jb_FbnBN-eNUGfMS0n2b0.roa
File: ZqfHZ9jb_FbnBN-eNUGfMS0n2b0.roa (raw, json)
Hash identifier: IWik3Ghnwb0UlKoiF553lgudzujHfY+QL17FrZ6z4fE=
Subject key identifier: 66:A7:C7:67:D8:DB:FC:56:E7:04:DF:9E:35:41:9F:31:2D:27:D9:BD
Certificate issuer: /CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Certificate serial: 01839E254E1E727054766F0D061218E2B267
Authority key identifier: AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/ZqfHZ9jb_FbnBN-eNUGfMS0n2b0.roa
Signing time: Mon 03 Oct 2022 13:59:48 +0000
ROA not before: Mon 03 Oct 2022 13:59:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12859
IP address blocks: 185.84.140.0/22 maxlen: 22
185.103.172.0/22 maxlen: 22
2a05:a640::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9e:25:4e:1e:72:70:54:76:6f:0d:06:12:18:e2:b2:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Validity
Not Before: Oct 3 13:59:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66a7c767d8dbfc56e704df9e35419f312d27d9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:68:63:6d:46:43:60:3b:a2:93:b3:9d:47:70:
bb:35:53:18:4f:3a:98:6a:15:24:f4:87:64:1b:7f:
53:98:c1:f3:d9:53:1c:91:f0:6d:b8:d6:91:6d:1c:
01:b4:a2:eb:11:36:a1:1a:ef:58:02:64:dc:61:46:
eb:ad:41:49:8a:e7:f0:ab:bc:99:15:49:72:c5:f0:
0f:a2:aa:8a:13:99:95:e7:5b:4b:f1:cb:35:c9:32:
22:c6:3c:d6:24:4d:65:3e:5f:0a:02:7d:62:97:eb:
ad:55:8c:40:d6:bf:30:af:e5:6e:97:0f:18:d6:a4:
49:10:8c:7d:2e:e0:bc:a6:15:b9:c0:f3:bb:44:81:
e4:31:8d:9a:55:72:e0:56:e5:2b:97:e9:6f:26:39:
d3:d0:d9:ff:84:e4:a4:43:16:92:ac:f5:5f:dd:e8:
eb:5c:9f:9a:ef:18:5c:9e:33:34:aa:b4:4c:0b:37:
f9:50:77:ec:7d:03:58:f2:5a:fa:d7:0f:9e:3e:e6:
f1:77:1a:a6:4d:57:4a:7c:80:fe:82:00:0d:79:c1:
b7:dc:80:02:e7:1c:8a:cb:3f:ba:d4:85:76:4c:49:
34:14:2b:3f:9f:0a:e6:87:eb:3d:f2:6e:88:fe:b1:
00:44:f9:47:18:1f:84:98:05:a8:30:54:89:bd:e5:
82:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A7:C7:67:D8:DB:FC:56:E7:04:DF:9E:35:41:9F:31:2D:27:D9:BD
X509v3 Authority Key Identifier:
keyid:AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/ZqfHZ9jb_FbnBN-eNUGfMS0n2b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.140.0/22
185.103.172.0/22
IPv6:
2a05:a640::/29
Signature Algorithm: sha256WithRSAEncryption
15:1e:75:05:73:d3:95:ba:82:b8:c1:19:5e:20:ba:5b:5f:f4:
97:c4:d5:8b:67:37:6c:61:ca:89:49:48:f6:cd:23:8d:d7:b9:
6e:5a:55:98:67:e4:c3:e5:84:e3:dd:73:cf:22:5e:2e:75:b1:
bb:63:10:a0:8d:7b:60:92:6c:b7:7d:31:d7:76:c4:7c:43:9b:
d7:f6:f5:a1:92:76:cf:fe:86:97:19:4f:16:21:b8:62:ae:4e:
1c:60:7e:e5:b9:14:59:96:27:4f:b2:73:b9:af:46:33:d2:13:
70:b7:a7:92:ac:7b:99:75:03:10:04:6d:2d:a5:05:9c:80:59:
a3:ae:24:66:eb:70:47:ce:31:c6:90:74:82:6b:54:b2:c6:cf:
e4:2f:d9:c1:3c:32:95:10:39:1e:54:00:59:85:9b:8e:a5:51:
0d:36:df:6e:a5:a5:12:6f:65:61:4e:b2:16:07:9a:88:c6:6f:
2e:d8:48:8a:fd:db:73:e0:d6:31:51:45:6e:1f:ae:3d:da:9f:
95:a9:ac:9a:0d:5d:91:b7:2a:93:05:ea:f0:82:a5:72:4d:07:
a5:1b:5f:b1:7d:e3:86:71:04:d3:10:61:37:d9:1c:13:9b:1a:
69:38:28:33:3c:7e:52:f4:0e:ff:ec:19:2f:2d:66:ad:cb:a2:
3d:8f:97:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYOeJU4ecnBUdm8NBhIY4rJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMWQyYTU2MmM3ZGIyMTE1MWI0YTA5MjZiOGQ2ZmVlYWNl
Zjg4NTcwHhcNMjIxMDAzMTM1OTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmE3Yzc2N2Q4ZGJmYzU2ZTcwNGRmOWUzNTQxOWYzMTJkMjdkOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmhjbUZDYDuik7OdR3C7NVMYTzqY
ahUk9IdkG39TmMHz2VMckfBtuNaRbRwBtKLrETahGu9YAmTcYUbrrUFJiufwq7yZ
FUlyxfAPoqqKE5mV51tL8cs1yTIixjzWJE1lPl8KAn1il+utVYxA1r8wr+Vulw8Y
1qRJEIx9LuC8phW5wPO7RIHkMY2aVXLgVuUrl+lvJjnT0Nn/hOSkQxaSrPVf3ejr
XJ+a7xhcnjM0qrRMCzf5UHfsfQNY8lr61w+ePubxdxqmTVdKfID+ggANecG33IAC
5xyKyz+61IV2TEk0FCs/nwrmh+s98m6I/rEARPlHGB+EmAWoMFSJveWCMQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGanx2fY2/xW5wTfnjVBnzEtJ9m9MB8GA1UdIwQY
MBaAFK0dKlYsfbIRUbSgkmuNb+6s74hXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDkt
MzI5MzZjM2E0YTlkLzEvWnFmSFo5amJfRmJuQk4tZU5VR2ZNUzBuMmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDktMzI5MzZjM2E0YTlk
LzEvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVSMAwQC
uWesMA0EAgACMAcDBQMqBaZAMA0GCSqGSIb3DQEBCwUAA4IBAQAVHnUFc9OVuoK4
wRleILpbX/SXxNWLZzdsYcqJSUj2zSON17luWlWYZ+TD5YTj3XPPIl4udbG7YxCg
jXtgkmy3fTHXdsR8Q5vX9vWhknbP/oaXGU8WIbhirk4cYH7luRRZlidPsnO5r0Yz
0hNwt6eSrHuZdQMQBG0tpQWcgFmjriRm63BHzjHGkHSCa1Syxs/kL9nBPDKVEDke
VABZhZuOpVENNt9upaUSb2VhTrIWB5qIxm8u2EiK/dtz4NYxUUVuH6492p+Vqaya
DV2RtyqTBerwgqVyTQelG1+xfeOGcQTTEGE32RwTmxppOCgzPH5S9A7/7BkvLWat
y6I9j5eP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org