Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/CZpzL3-9_ka14q668PFVvCXvik4.roa
File: CZpzL3-9_ka14q668PFVvCXvik4.roa (raw, json)
Hash identifier: gWZdYuvCvwuUTNMaGHNC67i0YCw4X2/04zhg72TqCPs=
Subject key identifier: 09:9A:73:2F:7F:BD:FE:46:B5:E2:AE:BA:F0:F1:55:BC:25:EF:8A:4E
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 1907D3A4
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/CZpzL3-9_ka14q668PFVvCXvik4.roa
Signing time: Wed 01 Jun 2022 13:47:20 +0000
ROA not before: Wed 01 Jun 2022 13:47:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 178.251.228.0/23 maxlen: 32
178.251.228.0/24 maxlen: 32
5.1.74.0/24 maxlen: 32
5.1.81.0/24 maxlen: 32
2a01:367::/32 maxlen: 32
2a01:367:c204::/48 maxlen: 48
2a00:f826:3::/48 maxlen: 48
2a01:366::/32 maxlen: 32
2a01:363::/32 maxlen: 32
2a01:367:cff3::/48 maxlen: 48
2a01:367:dead::/48 maxlen: 48
2a01:365::/32 maxlen: 32
2a01:364::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 419943332 (0x1907d3a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jun 1 13:47:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=099a732f7fbdfe46b5e2aebaf0f155bc25ef8a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:be:81:4a:5c:ee:11:4d:28:49:83:33:4b:5e:
c5:8a:88:31:60:ad:dc:e7:d0:e8:cf:1d:30:e7:21:
de:db:d8:01:93:f1:8c:16:50:8d:6c:bc:3c:42:27:
e5:a2:44:ad:91:96:00:53:2b:73:55:f5:41:fc:f2:
ac:45:c1:77:7b:55:00:0f:37:0b:cc:24:82:e4:ef:
bc:25:dd:0b:75:9d:f1:55:c7:23:ee:e5:ab:5c:e8:
24:6d:5f:11:d3:ed:b5:88:66:0b:b3:16:b4:4c:5e:
cb:4f:75:f4:d8:71:b7:f2:be:e1:ad:f9:69:c4:d7:
ea:a6:f1:13:15:fb:7d:e5:1a:1d:11:61:6f:46:fd:
b8:e0:80:1d:a3:02:78:d0:4c:5a:35:8d:28:8a:0e:
87:df:ce:12:ac:dc:ed:f8:a5:68:47:c6:bf:87:28:
ec:5d:a5:42:96:ee:0b:5b:24:08:0e:c3:a0:96:d6:
5a:1e:3d:59:ee:1d:24:e0:06:60:da:43:dc:f4:40:
b9:51:58:cf:f5:1d:a2:54:f8:46:f2:dc:8e:0b:e4:
18:72:c2:d4:35:bb:63:12:c9:fe:d5:47:3c:94:f9:
f9:3c:c2:b1:e7:f6:17:c3:f6:45:f1:85:36:4a:6c:
8a:60:ad:fa:a6:c6:52:c5:51:20:fc:f3:7e:4f:83:
f7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9A:73:2F:7F:BD:FE:46:B5:E2:AE:BA:F0:F1:55:BC:25:EF:8A:4E
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/CZpzL3-9_ka14q668PFVvCXvik4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.74.0/24
5.1.81.0/24
178.251.228.0/23
IPv6:
2a00:f826:3::/48
2a01:363::-2a01:367:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:7a:dc:82:d4:90:e0:0c:4f:91:fc:74:63:57:76:28:20:b8:
83:01:3e:b4:d7:62:18:6a:f9:f4:e7:68:cf:69:72:23:9c:3b:
28:dc:2d:1a:b1:38:41:0c:4f:41:39:ac:f6:ad:4b:b3:67:cf:
60:a0:85:ee:f3:01:6d:b2:48:09:95:b4:ed:15:8d:e5:23:50:
e8:53:7b:95:b5:ae:9a:e2:83:f9:d3:de:ae:d9:04:c0:6a:22:
3d:89:cf:f8:27:76:96:e1:02:04:0c:69:38:95:d0:3d:7a:96:
d8:d8:82:8a:b2:bd:51:c0:e1:e4:8d:89:84:1a:fa:4f:b5:b3:
56:e5:69:d3:ed:8b:0e:c2:08:d8:1e:dd:86:cf:6b:a6:fc:cf:
6a:8d:cb:60:4e:64:dc:9a:5a:e6:5b:e0:2b:91:3b:c5:28:cf:
ca:ad:91:91:cc:17:06:4f:97:2f:95:d9:9d:b5:4d:31:77:38:
79:5a:38:54:35:85:bb:a5:4c:4a:ff:53:b9:d6:86:84:ee:f7:
d0:ee:a6:70:f1:ef:2c:38:f8:df:08:7f:11:ee:92:3c:5d:68:
7d:e9:24:da:80:d6:e4:14:21:7e:0b:39:8b:30:77:37:8d:1b:
c9:0c:fa:2f:50:97:c9:b0:09:6e:7c:07:2c:e3:69:97:d4:50:
a9:1e:73:22
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEGQfTpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDYw
MTEzNDcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk5YTczMmY3ZmJk
ZmU0NmI1ZTJhZWJhZjBmMTU1YmMyNWVmOGE0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANO+gUpc7hFNKEmDM0texYqIMWCt3OfQ6M8dMOch3tvYAZPx
jBZQjWy8PEIn5aJErZGWAFMrc1X1QfzyrEXBd3tVAA83C8wkguTvvCXdC3Wd8VXH
I+7lq1zoJG1fEdPttYhmC7MWtExey0919Nhxt/K+4a35acTX6qbxExX7feUaHRFh
b0b9uOCAHaMCeNBMWjWNKIoOh9/OEqzc7filaEfGv4co7F2lQpbuC1skCA7DoJbW
Wh49We4dJOAGYNpD3PRAuVFYz/UdolT4RvLcjgvkGHLC1DW7YxLJ/tVHPJT5+TzC
sef2F8P2RfGFNkpsimCt+qbGUsVRIPzzfk+D948CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQJmnMvf73+RrXirrrw8VW8Je+KTjAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L0NacHpMMy05X2thMTRxNjY4UEZWdkNYdmlrNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswGAQCAAEwEgMEAAUBSgMEAAUBUQMEAbL75DAfBAIA
AjAZAwcAKgD4JgADMA4DBQAqAQNjAwUDKgEDYDANBgkqhkiG9w0BAQsFAAOCAQEA
KHrcgtSQ4AxPkfx0Y1d2KCC4gwE+tNdiGGr59Odoz2lyI5w7KNwtGrE4QQxPQTms
9q1Ls2fPYKCF7vMBbbJICZW07RWN5SNQ6FN7lbWumuKD+dPertkEwGoiPYnP+Cd2
luECBAxpOJXQPXqW2NiCirK9UcDh5I2JhBr6T7WzVuVp0+2LDsII2B7dhs9rpvzP
ao3LYE5k3Jpa5lvgK5E7xSjPyq2RkcwXBk+XL5XZnbVNMXc4eVo4VDWFu6VMSv9T
udaGhO730O6mcPHvLDj43wh/Ee6SPF1ofekk2oDW5BQhfgs5izB3N40byQz6L1CX
ybAJbnwHLONpl9RQqR5zIg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org