Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/jzKZPvOEjOIdh__VYITHMO5ciGs.roa
File: jzKZPvOEjOIdh__VYITHMO5ciGs.roa (raw, json)
Hash identifier: VsBSrsy1/6Gn7DonXmheEqC0ere8sJD4XO7HgcX2coc=
Subject key identifier: 8F:32:99:3E:F3:84:8C:E2:1D:87:FF:D5:60:84:C7:30:EE:5C:88:6B
Certificate issuer: /CN=4b61cc8a365cc40382a31dad54f6cb723f58758a
Certificate serial: 32D89BF4
Authority key identifier: 4B:61:CC:8A:36:5C:C4:03:82:A3:1D:AD:54:F6:CB:72:3F:58:75:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2HMijZcxAOCox2tVPbLcj9YdYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/jzKZPvOEjOIdh__VYITHMO5ciGs.roa
Signing time: Sat 01 Jan 2022 13:00:56 +0000
ROA not before: Sat 01 Jan 2022 13:00:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42339
IP address blocks: 46.28.224.0/21 maxlen: 21
77.72.120.0/21 maxlen: 21
185.22.204.0/22 maxlen: 22
2a00:60a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 853056500 (0x32d89bf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b61cc8a365cc40382a31dad54f6cb723f58758a
Validity
Not Before: Jan 1 13:00:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f32993ef3848ce21d87ffd56084c730ee5c886b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ab:74:87:60:67:f2:fd:10:af:8b:81:be:95:
6d:f8:ad:de:c0:3a:a7:e9:e0:88:55:0f:43:ff:03:
91:47:d1:6c:57:50:19:8f:88:8a:03:74:c4:0d:74:
3b:86:75:00:fc:e4:94:3c:9a:ba:87:f6:2b:4a:1e:
7d:ae:78:b8:ed:d0:b7:01:34:ca:5d:f8:49:ba:eb:
d5:27:c8:dc:ee:69:d8:29:ea:f9:c0:d5:78:fc:26:
a8:c8:3a:52:80:44:3c:02:47:02:80:51:c4:04:ca:
b3:db:20:05:31:f2:bc:bd:5c:10:6d:64:b3:cf:9e:
90:a1:e9:02:a1:2d:e5:ef:a1:59:9a:55:a2:86:bb:
5a:05:b4:8f:e9:93:7b:8a:97:29:4d:24:f2:3f:14:
0a:b5:9c:5d:4f:78:b9:0b:30:69:c4:72:cb:04:c2:
5f:9a:c3:6f:d4:a7:26:79:d0:59:d0:36:1d:3c:7b:
68:07:d3:07:e0:14:b9:70:9e:92:c5:2f:3b:9b:b0:
d2:13:4c:2e:ec:3d:7a:74:e0:aa:88:31:f7:c5:92:
85:e1:2f:b6:83:1c:52:2b:c6:13:6e:17:a8:21:94:
bb:70:f7:61:bc:b9:da:b6:34:82:80:f0:5d:0b:37:
8d:9c:d0:fa:b3:e7:16:13:43:8d:69:3d:22:bc:27:
4a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:32:99:3E:F3:84:8C:E2:1D:87:FF:D5:60:84:C7:30:EE:5C:88:6B
X509v3 Authority Key Identifier:
keyid:4B:61:CC:8A:36:5C:C4:03:82:A3:1D:AD:54:F6:CB:72:3F:58:75:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2HMijZcxAOCox2tVPbLcj9YdYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/jzKZPvOEjOIdh__VYITHMO5ciGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/S2HMijZcxAOCox2tVPbLcj9YdYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.224.0/21
77.72.120.0/21
185.22.204.0/22
IPv6:
2a00:60a0::/32
Signature Algorithm: sha256WithRSAEncryption
58:3b:7e:0a:0b:ce:14:db:cc:31:2f:51:78:a2:0c:2c:f6:e3:
48:2f:08:3a:6c:fc:4e:69:53:2a:5d:51:46:00:c0:a9:f4:f6:
58:f4:21:54:2b:c4:94:d3:79:2f:70:01:1a:c7:b4:ef:99:4c:
c4:b7:00:e0:8b:13:5d:49:85:42:01:02:d2:e6:3c:7c:47:39:
fc:04:0b:98:29:4d:ed:ce:a5:79:aa:36:81:5b:27:ce:93:58:
fb:04:87:62:13:e3:ac:5b:6d:06:de:e0:c8:95:3e:36:a7:f1:
ee:ed:cc:d9:93:c5:0e:7a:47:0c:25:64:57:1d:3d:be:cf:39:
86:52:e9:d4:02:13:3f:8c:a5:6f:5c:0d:8e:c5:15:d8:db:af:
e7:9d:50:8f:c5:7c:71:0d:a8:ab:94:0b:e3:e7:33:d5:12:ca:
df:6d:a3:0f:18:25:d7:48:34:75:20:ca:25:41:49:12:13:3e:
e3:58:b6:21:7e:91:49:07:73:bf:58:a7:87:1a:ff:29:93:cd:
26:f7:61:34:c8:28:23:9c:d7:66:82:97:1d:98:50:e9:ec:56:
eb:82:ac:7a:24:54:3f:e5:4f:69:08:43:52:19:38:9b:b0:95:
fb:69:2e:cb:6d:a0:de:84:08:c1:90:a5:7a:0c:e9:ec:8a:3f:
49:e6:25:a1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEMtib9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjYxY2M4YTM2NWNjNDAzODJhMzFkYWQ1NGY2Y2I3MjNmNTg3NThhMB4XDTIyMDEw
MTEzMDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGYzMjk5M2VmMzg0
OGNlMjFkODdmZmQ1NjA4NGM3MzBlZTVjODg2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMurdIdgZ/L9EK+Lgb6Vbfit3sA6p+ngiFUPQ/8DkUfRbFdQ
GY+IigN0xA10O4Z1APzklDyauof2K0oefa54uO3QtwE0yl34Sbrr1SfI3O5p2Cnq
+cDVePwmqMg6UoBEPAJHAoBRxATKs9sgBTHyvL1cEG1ks8+ekKHpAqEt5e+hWZpV
ooa7WgW0j+mTe4qXKU0k8j8UCrWcXU94uQswacRyywTCX5rDb9SnJnnQWdA2HTx7
aAfTB+AUuXCeksUvO5uw0hNMLuw9enTgqogx98WSheEvtoMcUivGE24XqCGUu3D3
Yby52rY0goDwXQs3jZzQ+rPnFhNDjWk9IrwnSqUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSPMpk+84SM4h2H/9VghMcw7lyIazAfBgNVHSMEGDAWgBRLYcyKNlzEA4Kj
Ha1U9styP1h1ijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MySE1palpjeEFPQ294MnRWUGJMY2o5WWRZby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNmI5ZWMwLTliMTAtNDQ0My1iNWU2LWM0ZmQ1M2ViZWI2Ny8x
L2p6S1pQdk9Fak9JZGhfX1ZZSVRITU81Y2lHcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NmI5ZWMwLTliMTAtNDQ0My1iNWU2LWM0ZmQ1M2ViZWI2Ny8xL1MySE1palpjeEFP
Q294MnRWUGJMY2o5WWRZby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAy4c4AMEA01IeAMEArkWzDANBAIA
AjAHAwUAKgBgoDANBgkqhkiG9w0BAQsFAAOCAQEAWDt+CgvOFNvMMS9ReKIMLPbj
SC8IOmz8TmlTKl1RRgDAqfT2WPQhVCvElNN5L3ABGse075lMxLcA4IsTXUmFQgEC
0uY8fEc5/AQLmClN7c6leao2gVsnzpNY+wSHYhPjrFttBt7gyJU+Nqfx7u3M2ZPF
DnpHDCVkVx09vs85hlLp1AITP4ylb1wNjsUV2Nuv551Qj8V8cQ2oq5QL4+cz1RLK
322jDxgl10g0dSDKJUFJEhM+41i2IX6RSQdzv1inhxr/KZPNJvdhNMgoI5zXZoKX
HZhQ6exW64KseiRUP+VPaQhDUhk4m7CV+2kuy22g3oQIwZClegzp7Io/SeYloQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:26 2024 by rpki-client on console-ams.rpki-client.org