Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/zrUq2JPOKT54HBz4t3qm-r4T40c.roa
File: zrUq2JPOKT54HBz4t3qm-r4T40c.roa (raw, json)
Hash identifier: R0SdZ6T/hWfA5U7+GL6fyc+AKXVaUL3Pq9cPRrK4vS0=
Subject key identifier: CE:B5:2A:D8:93:CE:29:3E:78:1C:1C:F8:B7:7A:A6:FA:BE:13:E3:47
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 186121A6
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/zrUq2JPOKT54HBz4t3qm-r4T40c.roa
Signing time: Thu 20 Jan 2022 13:46:40 +0000
ROA not before: Thu 20 Jan 2022 13:46:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210977
IP address blocks: 195.85.49.0/24 maxlen: 32
185.226.74.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 409018790 (0x186121a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 20 13:46:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ceb52ad893ce293e781c1cf8b77aa6fabe13e347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:03:a3:d8:85:ac:ad:f5:98:fd:a4:32:e8:53:
d8:55:7c:d2:c9:90:ee:2f:b6:1d:72:f8:cd:d9:4a:
eb:61:56:a9:75:fc:a5:a2:b0:c6:66:a9:f0:f0:38:
c8:57:63:fd:be:bf:18:06:9f:76:f7:a4:b3:7b:a5:
9d:5d:27:78:21:52:0c:1d:25:a4:99:cc:a0:42:a1:
33:7b:bc:0c:42:91:4e:6d:20:70:f7:d9:e5:c9:4e:
ff:93:97:a1:29:b4:0f:c1:01:a1:fa:7a:be:2e:b0:
9f:33:63:54:ca:26:16:22:38:8d:f9:6f:98:2c:1c:
5d:98:5d:8e:16:33:01:cc:bd:6f:e4:a0:05:a0:98:
e9:b0:5e:fd:23:54:80:86:89:7b:cb:b2:36:0a:d0:
36:7f:a0:dd:e8:4b:58:1f:54:a5:46:85:9e:d4:1f:
9f:4c:48:12:b7:76:c4:ef:1a:cb:47:97:8b:f0:d7:
69:e0:cd:e4:71:2f:a5:70:c5:85:ba:79:67:ac:ff:
08:08:a1:7c:19:08:a8:ef:da:8e:22:f9:3a:9a:b2:
6c:be:30:04:0a:f9:85:24:45:94:f6:f7:7a:3b:8c:
92:7e:c8:5e:a0:71:c9:9d:98:ac:ff:4c:26:06:87:
b5:4e:1f:87:4e:6b:27:b5:d4:0b:66:1f:af:80:d2:
8b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B5:2A:D8:93:CE:29:3E:78:1C:1C:F8:B7:7A:A6:FA:BE:13:E3:47
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/zrUq2JPOKT54HBz4t3qm-r4T40c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.74.0/24
195.85.49.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ff:33:8a:f4:2d:57:80:fb:40:94:5e:0e:cb:cb:ae:62:ec:
7e:a0:6e:d9:3f:e9:b5:b9:91:81:18:8e:90:a4:d9:3a:6d:d6:
19:8a:8b:65:58:81:54:a7:6a:48:0b:dd:10:ee:ff:85:23:2a:
ca:b1:b1:65:59:97:c1:66:64:08:0c:9e:bb:72:89:e4:28:7b:
60:58:32:48:31:6e:b3:e5:19:df:64:b7:58:a9:53:0e:25:c4:
58:a3:e8:28:07:e6:00:c2:92:1b:1e:3c:36:a9:08:46:96:23:
d7:ad:be:e1:23:9f:0b:d1:f3:5e:de:64:2f:05:17:ff:17:d2:
ff:d6:16:aa:c2:2d:7d:83:eb:fe:d0:46:28:da:c7:f0:9a:59:
8b:fb:bb:76:8f:50:23:b6:b3:4e:cf:49:d8:40:f8:30:a0:1f:
e4:84:0e:00:85:c2:91:86:45:1a:33:73:fb:49:32:ac:fd:c4:
4f:a9:06:bc:f1:4b:1d:dc:9a:62:32:59:63:bf:74:59:92:77:
37:9a:c9:fb:f3:cd:90:dd:bc:14:f0:eb:9e:df:22:9e:68:cc:
cc:9b:cb:12:4f:08:57:e2:6d:33:5c:8a:ba:b3:d2:41:65:b9:
58:be:2e:e9:13:4b:dd:38:6e:c1:f5:9c:90:84:c8:c1:e4:50:
3b:7e:7b:6d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGGEhpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEy
MDEzNDY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2ViNTJhZDg5M2Nl
MjkzZTc4MWMxY2Y4Yjc3YWE2ZmFiZTEzZTM0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMgDo9iFrK31mP2kMuhT2FV80smQ7i+2HXL4zdlK62FWqXX8
paKwxmap8PA4yFdj/b6/GAafdveks3ulnV0neCFSDB0lpJnMoEKhM3u8DEKRTm0g
cPfZ5clO/5OXoSm0D8EBofp6vi6wnzNjVMomFiI4jflvmCwcXZhdjhYzAcy9b+Sg
BaCY6bBe/SNUgIaJe8uyNgrQNn+g3ehLWB9UpUaFntQfn0xIErd2xO8ay0eXi/DX
aeDN5HEvpXDFhbp5Z6z/CAihfBkIqO/ajiL5OpqybL4wBAr5hSRFlPb3ejuMkn7I
XqBxyZ2YrP9MJgaHtU4fh05rJ7XUC2Yfr4DSi1kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTOtSrYk84pPngcHPi3eqb6vhPjRzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3pyVXEySlBPS1Q1NEhCejR0M3FtLXI0VDQwYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALniSgMEAMNVMTANBgkqhkiG9w0B
AQsFAAOCAQEAO/8zivQtV4D7QJReDsvLrmLsfqBu2T/ptbmRgRiOkKTZOm3WGYqL
ZViBVKdqSAvdEO7/hSMqyrGxZVmXwWZkCAyeu3KJ5Ch7YFgySDFus+UZ32S3WKlT
DiXEWKPoKAfmAMKSGx48NqkIRpYj162+4SOfC9HzXt5kLwUX/xfS/9YWqsItfYPr
/tBGKNrH8JpZi/u7do9QI7azTs9J2ED4MKAf5IQOAIXCkYZFGjNz+0kyrP3ET6kG
vPFLHdyaYjJZY790WZJ3N5rJ+/PNkN28FPDrnt8inmjMzJvLEk8IV+JtM1yKurPS
QWW5WL4u6RNL3ThuwfWckITIweRQO357bQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org