Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/zz6vNvnY883XntjTmBEIb3NObmw.roa
File: zz6vNvnY883XntjTmBEIb3NObmw.roa (raw, json)
Hash identifier: npQHozuL3cLEdAGo8Zrurj2iO4XeSSCS1hQSxf0Kq2o=
Subject key identifier: CF:3E:AF:36:F9:D8:F3:CD:D7:9E:D8:D3:98:11:08:6F:73:4E:6E:6C
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 018563D8AE93ED47381E1F119698F2C6FC2E
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/zz6vNvnY883XntjTmBEIb3NObmw.roa
Signing time: Fri 30 Dec 2022 16:23:42 +0000
ROA not before: Fri 30 Dec 2022 16:23:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197579
IP address blocks: 185.92.232.0/22 maxlen: 22
91.223.113.0/24 maxlen: 24
2a13:6b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:63:d8:ae:93:ed:47:38:1e:1f:11:96:98:f2:c6:fc:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Dec 30 16:23:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf3eaf36f9d8f3cdd79ed8d39811086f734e6e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:34:4d:0e:28:8f:77:22:78:dd:3b:04:18:f1:
19:76:83:52:16:4e:6e:ae:ca:b2:9c:28:b8:99:93:
c2:30:01:92:e7:2b:5f:29:e8:02:2a:bb:84:ff:94:
83:71:af:e2:01:9e:c1:36:ae:bd:ab:fc:46:a7:71:
ab:22:ea:68:fd:e1:a1:46:86:87:d1:ea:f1:61:15:
2b:33:bc:f3:3e:b4:eb:d9:02:0e:76:c0:1f:25:4c:
17:36:d8:fc:05:5b:20:1f:12:8b:17:c4:5b:ed:61:
b9:ea:1f:e0:0d:c6:11:73:c3:c8:27:64:e9:59:4b:
d3:3f:7d:61:df:9a:a5:76:b5:9e:71:38:3d:f2:1f:
19:51:f0:a8:9f:28:f7:60:cc:86:1c:e6:21:64:af:
64:d1:d4:1f:20:9d:00:1c:e9:9d:02:15:16:20:ba:
88:5a:1a:28:61:de:ba:a8:7f:9c:2d:f9:27:ae:e0:
da:76:eb:83:ae:b4:2c:45:25:87:99:b9:fe:55:41:
19:e5:97:e5:b7:62:7c:f9:d1:1b:ba:d8:2a:65:e8:
26:15:e8:6e:7e:33:bd:7d:85:54:d9:77:c9:c1:25:
a5:4a:9a:9f:3d:c8:39:b8:85:e6:a8:05:7a:4f:4d:
41:59:6c:37:b7:c9:72:21:ec:a3:aa:44:b4:a3:79:
6c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3E:AF:36:F9:D8:F3:CD:D7:9E:D8:D3:98:11:08:6F:73:4E:6E:6C
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/zz6vNvnY883XntjTmBEIb3NObmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.113.0/24
185.92.232.0/22
IPv6:
2a13:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
ae:f6:f0:9b:d7:a7:6f:d1:07:48:36:ab:5d:b2:76:3a:36:39:
0a:66:94:35:7e:23:64:34:02:27:f0:78:d5:89:0f:9d:8b:14:
7e:e9:c5:af:82:ff:b9:86:2c:e5:7c:e7:a5:c6:0c:0d:03:dc:
0a:c2:25:1d:84:20:c6:c4:f4:3c:9b:f9:a6:82:72:15:0b:82:
b1:be:5e:61:d2:3e:4d:96:1a:25:3a:bf:57:78:2a:49:0a:4d:
e3:3e:c3:d1:da:14:17:63:4f:30:db:af:6c:01:8c:ee:ae:a4:
7c:01:b6:ac:c3:32:73:57:4b:9d:21:5a:0f:74:8d:90:23:b7:
c9:90:85:3a:d2:1d:23:4d:79:10:86:cf:5a:5e:2f:90:e0:47:
e4:9a:65:f0:81:4e:d1:b2:e9:a9:8b:13:98:ad:a7:b6:5b:0a:
78:82:e1:0d:ca:c1:08:18:30:25:6e:53:5e:10:92:87:fd:9f:
bd:ad:73:a6:e1:71:d3:45:35:fa:59:23:04:9c:6d:b7:6c:17:
bc:18:16:d2:67:19:ec:51:63:27:2c:bc:f5:1b:7f:06:ec:94:
2c:89:21:19:4c:0d:40:bb:d5:6f:49:ba:fe:f5:d5:31:cf:d6:
9b:74:ac:81:e0:07:15:b5:01:53:c0:63:1f:6c:1e:ae:c0:81:
93:7f:cb:ca
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVj2K6T7Uc4Hh8RlpjyxvwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjIxMjMwMTYyMzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjNlYWYzNmY5ZDhmM2NkZDc5ZWQ4ZDM5ODExMDg2ZjczNGU2ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjRNDiiPdyJ43TsEGPEZdoNSFk5u
rsqynCi4mZPCMAGS5ytfKegCKruE/5SDca/iAZ7BNq69q/xGp3GrIupo/eGhRoaH
0erxYRUrM7zzPrTr2QIOdsAfJUwXNtj8BVsgHxKLF8Rb7WG56h/gDcYRc8PIJ2Tp
WUvTP31h35qldrWecTg98h8ZUfConyj3YMyGHOYhZK9k0dQfIJ0AHOmdAhUWILqI
WhooYd66qH+cLfknruDaduuDrrQsRSWHmbn+VUEZ5Zflt2J8+dEbutgqZegmFehu
fjO9fYVU2XfJwSWlSpqfPcg5uIXmqAV6T01BWWw3t8lyIeyjqkS0o3lsEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM8+rzb52PPN157Y05gRCG9zTm5sMB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEveno2dk52blk4ODNYbnRqVG1CRUliM05PYm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW99xAwQC
uVzoMA0EAgACMAcDBQMqE2tAMA0GCSqGSIb3DQEBCwUAA4IBAQCu9vCb16dv0QdI
NqtdsnY6NjkKZpQ1fiNkNAIn8HjViQ+dixR+6cWvgv+5hizlfOelxgwNA9wKwiUd
hCDGxPQ8m/mmgnIVC4Kxvl5h0j5NlholOr9XeCpJCk3jPsPR2hQXY08w269sAYzu
rqR8AbaswzJzV0udIVoPdI2QI7fJkIU60h0jTXkQhs9aXi+Q4EfkmmXwgU7Rsump
ixOYrae2Wwp4guENysEIGDAlblNeEJKH/Z+9rXOm4XHTRTX6WSMEnG23bBe8GBbS
ZxnsUWMnLLz1G38G7JQsiSEZTA1Au9VvSbr+9dUxz9abdKyB4AcVtQFTwGMfbB6u
wIGTf8vK
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:40 2023 by rpki-client on console-fra.rpki-client.org