Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/RZanuiOrXWnqZnOUbKqE_VHBfpY.roa
File: RZanuiOrXWnqZnOUbKqE_VHBfpY.roa (raw, json)
Hash identifier: pVGes2BdJ7NEBGMLki0Di3UTyx+GZxa3+vhrgaq0KZw=
Subject key identifier: 45:96:A7:BA:23:AB:5D:69:EA:66:73:94:6C:AA:84:FD:51:C1:7E:96
Certificate issuer: /CN=e81393bdff601462a55591d26acb3d8c923ff26d
Certificate serial: 0184C46B5A6F98D5F0A83E4B6BC7BAC90871
Authority key identifier: E8:13:93:BD:FF:60:14:62:A5:55:91:D2:6A:CB:3D:8C:92:3F:F2:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6BOTvf9gFGKlVZHSass9jJI_8m0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/RZanuiOrXWnqZnOUbKqE_VHBfpY.roa
Signing time: Tue 29 Nov 2022 17:24:40 +0000
ROA not before: Tue 29 Nov 2022 17:24:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213373
IP address blocks: 149.3.170.0/24 maxlen: 24
2.56.10.0/24 maxlen: 24
2a10:5fc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c4:6b:5a:6f:98:d5:f0:a8:3e:4b:6b:c7:ba:c9:08:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e81393bdff601462a55591d26acb3d8c923ff26d
Validity
Not Before: Nov 29 17:24:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4596a7ba23ab5d69ea6673946caa84fd51c17e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:aa:f8:41:09:13:65:f7:04:85:0e:8b:9e:01:
aa:de:25:46:f6:27:b0:c1:7a:13:15:d8:f6:04:9a:
2f:b6:f2:a6:46:72:bd:e4:c6:1a:b2:64:28:e2:ad:
c6:ec:fe:a6:ec:eb:4e:36:56:30:bf:2a:5d:19:cd:
3e:af:1e:b0:80:58:72:c2:cd:df:bb:17:4c:e5:23:
fb:88:87:16:50:a6:75:c9:bf:90:b7:ba:3c:86:23:
4a:4b:a2:f7:50:66:f1:73:7f:5f:11:6a:fa:ef:c0:
25:21:e2:6a:88:f4:05:1e:36:57:ea:d0:e0:90:9a:
fa:59:f8:7e:cf:25:1f:f2:ad:df:d7:9e:9a:7f:b4:
d9:02:a7:33:02:d7:1c:1f:bc:73:1a:ae:52:b7:bb:
4f:b0:92:fc:f5:b9:dc:d0:7f:df:56:6d:d7:9a:fd:
a5:7b:46:ad:d9:03:85:d4:a0:81:6c:3b:30:f9:a7:
e6:69:78:f8:9e:22:52:4c:ef:48:18:60:f5:a9:41:
82:10:b6:11:03:eb:67:8e:41:58:34:1d:d6:bb:8a:
40:68:c9:b9:8e:b9:49:99:9f:a9:93:49:bc:40:5e:
4a:55:46:ae:4d:c2:fb:8b:1b:9a:12:5b:26:34:84:
04:89:f3:86:6a:48:33:fd:99:33:c9:1c:4d:13:1a:
4a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:96:A7:BA:23:AB:5D:69:EA:66:73:94:6C:AA:84:FD:51:C1:7E:96
X509v3 Authority Key Identifier:
keyid:E8:13:93:BD:FF:60:14:62:A5:55:91:D2:6A:CB:3D:8C:92:3F:F2:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6BOTvf9gFGKlVZHSass9jJI_8m0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/RZanuiOrXWnqZnOUbKqE_VHBfpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/6BOTvf9gFGKlVZHSass9jJI_8m0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.10.0/24
149.3.170.0/24
IPv6:
2a10:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
41:70:2a:63:14:97:76:c9:e1:97:c0:23:22:fa:5a:b3:3f:60:
07:15:4a:04:18:9d:27:62:cb:9c:23:e3:e6:6f:a3:75:ac:34:
8d:c1:92:ec:73:ef:a6:e6:08:b7:b3:4d:17:37:a4:99:fe:4e:
56:a6:c7:da:f1:e6:94:68:f2:ca:ab:5b:e9:2c:bd:2f:3c:c2:
a5:cc:64:68:29:54:f9:12:ff:de:4e:c3:97:50:cf:ba:39:8a:
93:0a:27:a0:9a:37:6c:d9:c4:94:3f:20:86:db:ac:2e:df:99:
80:57:5e:f1:1e:47:30:af:6d:3a:82:04:a8:d2:58:c8:d4:e2:
ae:d3:7f:96:01:9d:b0:13:9a:9e:2a:33:cc:fa:69:59:b3:04:
78:e4:3f:a0:ad:9a:2b:29:47:0a:96:1d:e4:ce:42:7c:06:9a:
e4:30:31:b0:79:c1:3f:14:ca:e5:4d:b4:5e:ea:ba:be:f2:cf:
43:ad:f8:1b:7a:2f:30:17:a6:18:7c:4a:4d:7f:34:d8:ac:07:
c3:d1:d2:5c:05:d6:3d:bc:b5:87:98:3e:4b:09:aa:63:d2:e5:
99:20:a6:9e:ae:ae:45:7c:9a:d8:9d:36:38:8c:79:78:04:fc:
c3:4b:10:9a:55:6b:d7:e2:99:00:18:14:53:7a:e8:ab:ee:fe:
09:a7:7b:2d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYTEa1pvmNXwqD5La8e6yQhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MTM5M2JkZmY2MDE0NjJhNTU1OTFkMjZhY2IzZDhjOTIz
ZmYyNmQwHhcNMjIxMTI5MTcyNDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk2YTdiYTIzYWI1ZDY5ZWE2NjczOTQ2Y2FhODRmZDUxYzE3ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgar4QQkTZfcEhQ6LngGq3iVG9iew
wXoTFdj2BJovtvKmRnK95MYasmQo4q3G7P6m7OtONlYwvypdGc0+rx6wgFhyws3f
uxdM5SP7iIcWUKZ1yb+Qt7o8hiNKS6L3UGbxc39fEWr678AlIeJqiPQFHjZX6tDg
kJr6Wfh+zyUf8q3f156af7TZAqczAtccH7xzGq5St7tPsJL89bnc0H/fVm3Xmv2l
e0at2QOF1KCBbDsw+afmaXj4niJSTO9IGGD1qUGCELYRA+tnjkFYNB3Wu4pAaMm5
jrlJmZ+pk0m8QF5KVUauTcL7ixuaElsmNIQEifOGakgz/ZkzyRxNExpKtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEWWp7ojq11p6mZzlGyqhP1RwX6WMB8GA1UdIwQY
MBaAFOgTk73/YBRipVWR0mrLPYySP/JtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkJPVHZmOWdGR0tsVlpIU2FzczlqSklfOG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iZDAzODQtODA1ZC00OGExLWJmMDkt
M2MxNDYyMWVjZmM1LzEvUlphbnVpT3JYV25xWm5PVWJLcUVfVkhCZnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iZDAzODQtODA1ZC00OGExLWJmMDktM2MxNDYyMWVjZmM1
LzEvNkJPVHZmOWdGR0tsVlpIU2FzczlqSklfOG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAAjgKAwQA
lQOqMA0EAgACMAcDBQMqEF/AMA0GCSqGSIb3DQEBCwUAA4IBAQBBcCpjFJd2yeGX
wCMi+lqzP2AHFUoEGJ0nYsucI+Pmb6N1rDSNwZLsc++m5gi3s00XN6SZ/k5Wpsfa
8eaUaPLKq1vpLL0vPMKlzGRoKVT5Ev/eTsOXUM+6OYqTCiegmjds2cSUPyCG26wu
35mAV17xHkcwr206ggSo0ljI1OKu03+WAZ2wE5qeKjPM+mlZswR45D+grZorKUcK
lh3kzkJ8BprkMDGwecE/FMrlTbRe6rq+8s9Drfgbei8wF6YYfEpNfzTYrAfD0dJc
BdY9vLWHmD5LCapj0uWZIKaerq5FfJrYnTY4jHl4BPzDSxCaVWvX4pkAGBRTeuir
7v4Jp3st
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org