Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/Z_GpOzXcJsf-GbblAAMTqKEansA.roa
File: Z_GpOzXcJsf-GbblAAMTqKEansA.roa (raw, json)
Hash identifier: H2u7OhNYSrkfs6D0inXfFXHMlTlxMqkl0pIPhswAkzU=
Subject key identifier: 67:F1:A9:3B:35:DC:26:C7:FE:19:B6:E5:00:03:13:A8:A1:1A:9E:C0
Certificate issuer: /CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Certificate serial: 0184D3473067B9D8B71E3D53C552E42B5E10
Authority key identifier: 20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/Z_GpOzXcJsf-GbblAAMTqKEansA.roa
Signing time: Fri 02 Dec 2022 14:39:28 +0000
ROA not before: Fri 02 Dec 2022 14:39:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198770
IP address blocks: 37.230.248.0/24 maxlen: 24
128.0.66.0/24 maxlen: 24
128.0.67.0/24 maxlen: 24
141.101.228.0/24 maxlen: 24
141.101.231.0/24 maxlen: 24
85.92.116.0/24 maxlen: 24
85.92.117.0/24 maxlen: 24
85.92.118.0/24 maxlen: 24
37.230.152.0/24 maxlen: 24
37.230.153.0/24 maxlen: 24
37.230.154.0/24 maxlen: 24
37.230.155.0/24 maxlen: 24
141.101.204.0/24 maxlen: 24
178.170.225.0/24 maxlen: 24
37.18.74.0/24 maxlen: 24
37.18.75.0/24 maxlen: 24
37.18.76.0/24 maxlen: 24
37.18.77.0/24 maxlen: 24
2a0d:b1c0:c0::/44 maxlen: 44
2a0d:b1c0:abc0::/44 maxlen: 44
2a0d:b1c0:500::/44 maxlen: 48
2a0d:b1c0:d0::/44 maxlen: 44
2a0d:b1c0:ffff::/48 maxlen: 48
2a0d:b1c0:aaaa::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:47:30:67:b9:d8:b7:1e:3d:53:c5:52:e4:2b:5e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Validity
Not Before: Dec 2 14:39:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67f1a93b35dc26c7fe19b6e5000313a8a11a9ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a0:1b:15:a4:10:c9:9f:4e:e8:ec:17:71:c6:
b3:a9:03:b9:20:ba:d9:28:e7:b9:dd:f9:3d:8c:bb:
24:e1:86:26:ed:98:e4:6f:7f:46:ac:4b:ab:d8:51:
d5:7f:3f:c5:fb:86:ae:57:ff:ad:a8:a8:bd:fa:62:
1c:7d:2e:f5:a2:60:78:6f:e3:df:28:9e:18:f4:7f:
78:0c:2f:63:85:fc:8b:3f:15:0f:94:5c:58:58:4c:
3e:c7:72:f7:96:af:8a:e1:b3:47:9d:61:cf:c9:3e:
af:25:22:12:28:a6:14:62:d5:65:a0:c1:7f:26:2c:
1b:c4:59:66:d7:86:33:0f:27:57:da:67:06:de:02:
5a:39:75:50:a5:5f:24:b2:98:d4:f9:4c:5f:15:15:
ba:48:2e:41:95:3b:c4:99:75:dc:f2:ac:c5:ce:1c:
1f:f6:c0:17:74:07:93:7e:63:f4:9d:58:e7:1b:82:
52:67:77:1f:82:ec:30:55:f9:e1:14:47:52:01:a4:
6a:75:d2:fa:82:62:9b:f5:06:ff:73:b8:ad:9d:f5:
e2:28:a8:4c:c9:0d:4d:83:51:f3:6c:95:9a:2f:08:
fe:91:ed:97:3e:c0:f7:71:c2:fb:e2:35:72:c9:0f:
52:2f:ad:39:32:5c:2a:97:52:2f:35:bc:3c:e8:ac:
51:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F1:A9:3B:35:DC:26:C7:FE:19:B6:E5:00:03:13:A8:A1:1A:9E:C0
X509v3 Authority Key Identifier:
keyid:20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/Z_GpOzXcJsf-GbblAAMTqKEansA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.74.0-37.18.77.255
37.230.152.0/22
37.230.248.0/24
85.92.116.0-85.92.118.255
128.0.66.0/23
141.101.204.0/24
141.101.228.0/24
141.101.231.0/24
178.170.225.0/24
IPv6:
2a0d:b1c0:c0::/43
2a0d:b1c0:500::/44
2a0d:b1c0:aaaa::/48
2a0d:b1c0:abc0::/44
2a0d:b1c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
27:0f:e6:9c:65:ee:eb:15:f4:fc:c2:05:f1:82:81:30:63:68:
91:62:b4:75:c0:8d:d7:79:f8:1c:e1:cc:36:0e:75:12:cd:fd:
d9:e7:98:bf:90:59:46:ff:95:d5:ca:82:ad:db:f2:d2:f0:62:
4f:c1:d3:b5:23:6b:98:7a:97:0d:08:39:2f:25:35:85:ce:7b:
e7:ef:10:d9:1a:23:13:19:43:08:b8:3a:53:d8:d6:71:70:22:
8a:46:3d:51:ab:28:5d:ee:d1:c4:73:3a:7c:4e:ab:a4:57:47:
a4:96:db:58:1d:35:b1:2d:77:ce:9a:45:b4:6d:cb:42:4b:d5:
47:12:ce:64:12:09:bf:bb:93:bf:d8:96:bd:b6:01:4b:6a:c2:
10:4f:f1:89:5c:7c:cf:f6:c8:08:d7:f4:85:a0:1f:b2:47:5b:
a9:e8:9b:87:60:e4:11:63:6c:a0:63:40:0b:1e:a8:85:65:63:
62:3f:18:63:f9:8c:43:aa:87:bc:30:29:ff:d3:74:cd:b2:2e:
2b:3e:9e:c1:f5:04:07:c5:00:7d:a7:21:3d:c7:75:5d:ca:7e:
72:fa:bf:da:9b:70:32:c1:de:9c:86:b9:50:46:97:b8:d5:65:
73:cf:6e:f7:f7:e1:25:a9:87:7e:53:e1:d7:1c:ba:01:6c:8e:
e6:d4:07:aa
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYTTRzBnudi3Hj1TxVLkK14QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2EyZDRjYjNlNTZiNWQyOTk3MGE5N2ZjNjQ1ZWIyZmQ2
ODc2YTEwHhcNMjIxMjAyMTQzOTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2YxYTkzYjM1ZGMyNmM3ZmUxOWI2ZTUwMDAzMTNhOGExMWE5ZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKAbFaQQyZ9O6OwXccazqQO5ILrZ
KOe53fk9jLsk4YYm7Zjkb39GrEur2FHVfz/F+4auV/+tqKi9+mIcfS71omB4b+Pf
KJ4Y9H94DC9jhfyLPxUPlFxYWEw+x3L3lq+K4bNHnWHPyT6vJSISKKYUYtVloMF/
JiwbxFlm14YzDydX2mcG3gJaOXVQpV8kspjU+UxfFRW6SC5BlTvEmXXc8qzFzhwf
9sAXdAeTfmP0nVjnG4JSZ3cfguwwVfnhFEdSAaRqddL6gmKb9Qb/c7itnfXiKKhM
yQ1Ng1HzbJWaLwj+ke2XPsD3ccL74jVyyQ9SL605Mlwql1IvNbw86KxRVwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFGfxqTs13CbH/hm25QADE6ihGp7AMB8GA1UdIwQY
MBaAFCDKLUyz5WtdKZcKl/xkXrL9aHahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQt
ZWVjNDg4NWM0ZjhkLzEvWl9HcE96WGNKc2YtR2JibEFBTVRxS0VhbnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQtZWVjNDg4NWM0Zjhk
LzEvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzBMBAIAATBGMAwDBAEl
EkoDBAElEkwDBAIl5pgDBAAl5vgwDAMEAlVcdAMEAFVcdgMEAYAAQgMEAI1lzAME
AI1l5AMEAI1l5wMEALKq4TAzBAIAAjAtAwcFKg2xwADAAwcEKg2xwAUAAwcAKg2x
wKqqAwcEKg2xwKvAAwcAKg2xwP//MA0GCSqGSIb3DQEBCwUAA4IBAQAnD+acZe7r
FfT8wgXxgoEwY2iRYrR1wI3Xefgc4cw2DnUSzf3Z55i/kFlG/5XVyoKt2/LS8GJP
wdO1I2uYepcNCDkvJTWFznvn7xDZGiMTGUMIuDpT2NZxcCKKRj1Rqyhd7tHEczp8
TqukV0eklttYHTWxLXfOmkW0bctCS9VHEs5kEgm/u5O/2Ja9tgFLasIQT/GJXHzP
9sgI1/SFoB+yR1up6JuHYOQRY2ygY0ALHqiFZWNiPxhj+YxDqoe8MCn/03TNsi4r
Pp7B9QQHxQB9pyE9x3Vdyn5y+r/am3Aywd6chrlQRpe41WVzz2739+ElqYd+U+HX
HLoBbI7m1Aeq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:17 2024 by rpki-client on console-fra.rpki-client.org