Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/_zZ2KeD2GCIu540cwRKhVQznwSg.roa
File: _zZ2KeD2GCIu540cwRKhVQznwSg.roa (raw, json)
Hash identifier: L+6EzhW4sDC9omakYOuykt9EwvwRZB61QmaPYOFlerk=
Subject key identifier: FF:36:76:29:E0:F6:18:22:2E:E7:8D:1C:C1:12:A1:55:0C:E7:C1:28
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 04712DB8
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/_zZ2KeD2GCIu540cwRKhVQznwSg.roa
Signing time: Mon 21 Mar 2022 17:14:26 +0000
ROA not before: Mon 21 Mar 2022 17:14:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50495
IP address blocks: 91.223.99.0/24 maxlen: 24
91.223.102.0/24 maxlen: 24
195.234.99.0/24 maxlen: 24
91.223.126.0/24 maxlen: 24
194.39.32.0/22 maxlen: 22
83.136.221.0/24 maxlen: 24
91.223.163.0/24 maxlen: 24
77.83.232.0/22 maxlen: 22
2a06:ef40::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74526136 (0x4712db8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Mar 21 17:14:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff367629e0f618222ee78d1cc112a1550ce7c128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:45:39:a9:e5:9c:19:17:f7:d5:4b:33:c6:30:
7b:12:6a:aa:53:2b:0a:99:65:db:b4:3e:66:a6:be:
7d:36:15:bb:c0:44:42:a3:84:9c:08:a9:47:26:ff:
e0:2d:05:56:67:b2:02:0a:f2:27:15:46:5f:67:7a:
5e:a2:75:6a:4f:bd:09:0e:75:ff:8b:2b:09:5e:9a:
4c:87:04:bd:fb:02:1c:4b:3c:bb:97:33:ae:50:11:
9a:be:7b:de:8c:c5:8a:99:e5:57:c1:f9:fc:18:d7:
17:79:97:bf:e5:bc:3f:14:39:2e:84:82:f6:26:c7:
59:99:e8:9b:59:3d:96:6d:ac:86:76:f2:cf:47:d6:
39:8f:9f:e8:fe:a3:aa:b9:5a:84:76:2d:dd:95:e5:
13:8d:a6:78:2d:a2:5a:ad:79:17:e9:2a:05:ee:3c:
e4:df:29:7b:0d:1f:f1:53:58:a2:6f:f9:f3:c5:c5:
19:6e:97:7f:40:a2:72:2a:58:d7:ce:0f:b9:6d:69:
6f:9e:39:bd:d4:31:a8:e9:79:fb:9c:f2:a6:ca:27:
b0:1e:59:2b:18:3d:01:d0:0c:0a:98:36:d8:fa:c1:
da:c3:b4:25:f3:3d:db:10:8a:9c:1a:73:da:c2:6d:
6d:b5:30:cd:f0:f5:6e:a1:fa:db:a7:75:12:a2:bf:
ac:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:36:76:29:E0:F6:18:22:2E:E7:8D:1C:C1:12:A1:55:0C:E7:C1:28
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/_zZ2KeD2GCIu540cwRKhVQznwSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.232.0/22
83.136.221.0/24
91.223.99.0/24
91.223.102.0/24
91.223.126.0/24
91.223.163.0/24
194.39.32.0/22
195.234.99.0/24
IPv6:
2a06:ef40::/32
Signature Algorithm: sha256WithRSAEncryption
5d:7f:d7:bb:78:7c:9f:10:31:54:fb:a9:04:95:b5:9e:74:db:
eb:f5:73:93:f6:3a:98:c0:a5:79:ee:33:e7:d3:fa:a7:fa:de:
1f:05:a5:b2:be:0b:09:51:f8:8f:23:9e:47:bc:e4:0d:5f:3b:
d0:be:bb:75:ea:6d:eb:3b:20:3e:21:40:da:36:cf:81:b6:fc:
bf:3d:04:88:34:67:b1:a5:99:2a:73:69:87:ce:47:d1:ae:2f:
75:dd:e9:07:e5:ce:aa:74:c6:a7:79:13:34:90:bc:de:73:ee:
7c:15:bf:47:3f:10:bf:aa:7d:a3:d3:da:a0:63:36:77:99:cf:
00:39:55:1d:4b:f9:c3:c8:1d:83:9b:5a:28:47:48:19:df:07:
e4:06:ca:28:69:92:fa:85:4b:f2:ab:7c:18:ae:99:36:52:b0:
aa:12:56:ac:d3:60:d1:af:3c:2d:e2:62:07:e9:ea:3c:59:1a:
f0:1b:6c:9d:c9:bf:30:1c:32:e4:df:d7:72:bf:78:1d:a6:8b:
fa:50:0e:df:72:99:f1:b6:b3:12:a2:29:20:1f:ed:00:9e:5d:
2f:84:30:9d:3e:23:f7:e7:90:74:04:56:5a:86:93:ec:9a:78:
01:84:78:1c:03:25:4a:fc:dc:f0:47:03:91:39:7a:8f:3d:15:
99:03:d0:67
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEBHEtuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmQwYzQ5YTBlOTdlMGQ1ZjNjZWQzYjdiNmI5ZjcyY2EwY2I1M2Q2MB4XDTIyMDMy
MTE3MTQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmYzNjc2MjllMGY2
MTgyMjJlZTc4ZDFjYzExMmExNTUwY2U3YzEyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxFOanlnBkX99VLM8YwexJqqlMrCpll27Q+Zqa+fTYVu8BE
QqOEnAipRyb/4C0FVmeyAgryJxVGX2d6XqJ1ak+9CQ51/4srCV6aTIcEvfsCHEs8
u5czrlARmr573ozFipnlV8H5/BjXF3mXv+W8PxQ5LoSC9ibHWZnom1k9lm2shnby
z0fWOY+f6P6jqrlahHYt3ZXlE42meC2iWq15F+kqBe485N8pew0f8VNYom/588XF
GW6Xf0CicipY184PuW1pb545vdQxqOl5+5zypsonsB5ZKxg9AdAMCpg22PrB2sO0
JfM92xCKnBpz2sJtbbUwzfD1bqH626d1EqK/rMkCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBT/NnYp4PYYIi7njRzBEqFVDOfBKDAfBgNVHSMEGDAWgBTi0MSaDpfg1fPO
07e2ufcsoMtT1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR0REVtZzZYNE5Yenp0TzN0cm4zTEtETFU5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvOWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8x
L196WjJLZUQyR0NJdTU0MGN3UktoVlF6bndTZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
OWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8xLzR0REVtZzZYNE5Y
enp0TzN0cm4zTEtETFU5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAk1T6AMEAFOI3QMEAFvfYwMEAFvf
ZgMEAFvffgMEAFvfowMEAsInIAMEAMPqYzANBAIAAjAHAwUAKgbvQDANBgkqhkiG
9w0BAQsFAAOCAQEAXX/Xu3h8nxAxVPupBJW1nnTb6/Vzk/Y6mMClee4z59P6p/re
HwWlsr4LCVH4jyOeR7zkDV870L67dept6zsgPiFA2jbPgbb8vz0EiDRnsaWZKnNp
h85H0a4vdd3pB+XOqnTGp3kTNJC83nPufBW/Rz8Qv6p9o9PaoGM2d5nPADlVHUv5
w8gdg5taKEdIGd8H5AbKKGmS+oVL8qt8GK6ZNlKwqhJWrNNg0a88LeJiB+nqPFka
8Btsncm/MBwy5N/Xcr94HaaL+lAO33KZ8bazEqIpIB/tAJ5dL4QwnT4j9+eQdARW
WoaT7Jp4AYR4HAMlSvzc8EcDkTl6jz0VmQPQZw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:10 2023 by rpki-client on console-ams.rpki-client.org