Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/dZu5u0AJR3lyDAijjWB9hcXwf2k.roa
File: dZu5u0AJR3lyDAijjWB9hcXwf2k.roa (raw, json)
Hash identifier: uGKIFeY69pGBRWkeiH4P0ukO1z3lJmxI0JUW8blfxHo=
Subject key identifier: 75:9B:B9:BB:40:09:47:79:72:0C:08:A3:8D:60:7D:85:C5:F0:7F:69
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 03F75633
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/dZu5u0AJR3lyDAijjWB9hcXwf2k.roa
Signing time: Mon 11 Apr 2022 12:23:15 +0000
ROA not before: Mon 11 Apr 2022 12:23:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 92.51.40.0/23 maxlen: 24
92.51.42.0/23 maxlen: 24
92.51.9.0/24 maxlen: 24
92.51.8.0/24 maxlen: 24
92.51.11.0/24 maxlen: 24
92.51.10.0/24 maxlen: 24
92.51.12.0/22 maxlen: 22
92.51.16.0/22 maxlen: 22
92.51.34.0/23 maxlen: 24
92.51.32.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66541107 (0x3f75633)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Apr 11 12:23:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=759bb9bb40094779720c08a38d607d85c5f07f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:95:0d:03:7f:6a:1b:f9:9f:d1:0e:0f:10:
de:eb:d8:5c:e8:ee:d7:bd:6f:d0:a5:7a:17:88:50:
39:fa:83:c5:9f:32:57:a7:bd:73:ae:30:4a:d9:4e:
3f:08:f7:8d:9a:37:34:f3:4e:fe:57:55:ab:80:b5:
69:36:70:de:18:a4:7e:b0:3b:7a:5c:5c:c7:12:62:
14:1e:05:59:33:ba:8b:2a:fa:a5:57:68:ef:04:c0:
3b:63:4e:a2:f2:4b:ff:5d:44:82:34:cc:bf:e2:a0:
ab:de:f6:22:e9:7e:a3:9b:0c:17:7c:9e:69:df:c5:
64:6e:f3:13:65:91:9d:61:f0:f5:60:2e:11:65:85:
70:ce:a6:9c:3c:a4:98:03:21:60:a0:51:aa:9f:c7:
31:3a:6b:bc:88:c4:0b:76:cf:31:2f:8e:79:d2:22:
79:25:26:a0:2b:4d:fe:96:21:be:2c:11:85:77:94:
63:85:b2:f4:fd:d1:2a:dc:c4:93:c8:d1:70:6d:a3:
43:8c:7a:d3:18:a6:ef:f6:81:b9:f2:2f:1e:d6:83:
cb:5e:39:ce:ea:98:5c:18:b0:21:5b:08:34:c8:f1:
9f:ab:ae:d1:66:03:f8:44:9b:09:ae:09:3c:ae:3e:
9d:bf:e6:4a:bf:8e:31:8f:e2:14:eb:98:cd:f1:df:
94:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:9B:B9:BB:40:09:47:79:72:0C:08:A3:8D:60:7D:85:C5:F0:7F:69
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/dZu5u0AJR3lyDAijjWB9hcXwf2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.8.0-92.51.19.255
92.51.32.0/22
92.51.40.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:08:48:f6:91:a0:11:ce:c3:a2:ab:1a:31:93:84:df:e9:be:
da:94:76:36:48:19:42:6b:13:23:90:25:5c:51:a2:69:e0:b0:
39:a9:cf:54:f6:00:a4:5a:56:1d:db:40:2e:18:ec:aa:af:3e:
69:95:88:40:ea:c4:79:24:6a:f8:3f:72:60:bd:94:08:71:8f:
69:22:96:88:fb:b2:92:2b:32:fe:82:cc:0f:01:7a:bc:43:eb:
63:8d:c3:32:74:68:dd:5a:eb:7d:8a:73:ea:e4:cd:b5:6c:26:
13:02:61:e0:b6:61:00:69:be:3c:88:eb:ec:4f:8f:a3:e1:42:
87:5c:47:08:e4:eb:c3:68:6e:fa:cd:53:90:62:45:e1:aa:e9:
0d:c4:5b:6a:a7:cc:1b:39:2d:14:fa:dc:8d:92:f3:e7:36:17:
33:ef:b8:ea:a0:a2:73:d3:d8:bd:4c:e3:0d:8d:fe:58:0c:32:
a3:ad:d5:d5:0a:ec:98:29:2e:40:83:27:8c:b1:12:e9:bc:78:
1b:33:eb:92:a6:da:28:a0:7f:2b:64:f0:00:56:12:bf:41:68:
7f:15:98:79:80:ee:64:56:fc:7a:39:79:84:fd:0e:9d:7a:d1:
d8:01:27:2e:28:b6:05:2c:e7:6a:81:fe:08:78:ef:52:c6:f4:
b8:7b:59:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEA/dWMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjU3YzJkOWQ5M2FjN2NmOWIyZjE3Y2FhNzg1OWI2OTg1YjM5YjlkMB4XDTIyMDQx
MTEyMjMxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU5YmI5YmI0MDA5
NDc3OTcyMGMwOGEzOGQ2MDdkODVjNWYwN2Y2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeilQ0Df2ob+Z/RDg8Q3uvYXOju171v0KV6F4hQOfqDxZ8y
V6e9c64wStlOPwj3jZo3NPNO/ldVq4C1aTZw3hikfrA7elxcxxJiFB4FWTO6iyr6
pVdo7wTAO2NOovJL/11EgjTMv+Kgq972Iul+o5sMF3yead/FZG7zE2WRnWHw9WAu
EWWFcM6mnDykmAMhYKBRqp/HMTprvIjEC3bPMS+OedIieSUmoCtN/pYhviwRhXeU
Y4Wy9P3RKtzEk8jRcG2jQ4x60xim7/aBufIvHtaDy145zuqYXBiwIVsINMjxn6uu
0WYD+ESbCa4JPK4+nb/mSr+OMY/iFOuYzfHflMkCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR1m7m7QAlHeXIMCKONYH2FxfB/aTAfBgNVHSMEGDAWgBTvV8LZ2TrHz5sv
F8qnhZtphbObnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzcxZkMyZGs2eDgtYkx4ZktwNFdiYVlXem01MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8x
L2RadTV1MEFKUjNseURBaWpqV0I5aGNYd2Yyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8xLzcxZkMyZGs2eDgt
Ykx4ZktwNFdiYVlXem01MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQDXDMIAwQCXDMQAwQCXDMgAwQC
XDMoMA0GCSqGSIb3DQEBCwUAA4IBAQCpCEj2kaARzsOiqxoxk4Tf6b7alHY2SBlC
axMjkCVcUaJp4LA5qc9U9gCkWlYd20AuGOyqrz5plYhA6sR5JGr4P3JgvZQIcY9p
IpaI+7KSKzL+gswPAXq8Q+tjjcMydGjdWut9inPq5M21bCYTAmHgtmEAab48iOvs
T4+j4UKHXEcI5OvDaG76zVOQYkXhqukNxFtqp8wbOS0U+tyNkvPnNhcz77jqoKJz
09i9TOMNjf5YDDKjrdXVCuyYKS5AgyeMsRLpvHgbM+uSptoooH8rZPAAVhK/QWh/
FZh5gO5kVvx6OXmE/Q6detHYAScuKLYFLOdqgf4IeO9SxvS4e1kx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:14 2023 by rpki-client on console-fra.rpki-client.org