Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zAxPP-V0Kk-S_MxFFHKUUu-XKKE.roa
File: zAxPP-V0Kk-S_MxFFHKUUu-XKKE.roa (raw, json)
Hash identifier: ySrQyJOpMVubdeYQXYj7zHDib3dt7KUE7Zf7ad5qRZE=
Subject key identifier: CC:0C:4F:3F:E5:74:2A:4F:92:FC:CC:45:14:72:94:52:EF:97:28:A1
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 426D0A70
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zAxPP-V0Kk-S_MxFFHKUUu-XKKE.roa
Signing time: Sat 01 Jan 2022 14:03:13 +0000
ROA not before: Sat 01 Jan 2022 14:03:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 192.121.17.0/24 maxlen: 24
192.121.16.0/24 maxlen: 24
193.235.147.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.121.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1114442352 (0x426d0a70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc0c4f3fe5742a4f92fccc4514729452ef9728a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e4:cc:9d:96:10:43:f0:20:d2:f3:c7:8f:29:
d4:cc:74:aa:78:8f:15:98:b6:9d:91:00:3d:50:b9:
ac:ee:fb:46:d6:39:5b:36:79:b6:f4:75:82:61:d1:
5f:4f:44:c9:2c:5d:07:78:19:aa:20:76:1b:5f:ea:
d3:56:b4:70:1a:a2:94:47:06:2f:ef:52:75:15:b3:
39:7d:f0:7e:dc:a5:4c:27:39:ac:e8:a8:fa:7e:20:
8f:74:43:3a:55:a7:cb:7d:4f:4f:6a:27:a9:85:40:
f1:cf:10:a3:9f:a2:d1:07:5f:3f:c9:25:06:51:a9:
1f:b1:07:d5:e7:b3:09:0c:9e:39:82:d5:f4:7e:34:
4c:3e:8b:e5:ae:ac:d0:c4:ab:45:68:ef:f9:62:cd:
8f:98:fa:24:74:cf:d4:17:ea:e0:23:07:ad:de:b3:
c8:6a:bb:a8:5e:39:a4:d2:20:8a:fb:dc:07:4d:e3:
19:80:ae:f1:20:53:9e:fc:9e:d2:16:42:a3:91:2d:
84:83:73:97:1a:76:b3:bf:05:4f:7f:d4:3e:24:65:
c2:34:6c:3a:7a:28:ed:42:d3:e9:52:79:9b:19:40:
fe:d6:b1:cd:86:fe:15:17:a6:07:0e:78:9e:42:75:
27:b5:61:f0:55:ff:6a:9a:70:d8:56:d0:0b:e5:48:
74:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:0C:4F:3F:E5:74:2A:4F:92:FC:CC:45:14:72:94:52:EF:97:28:A1
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zAxPP-V0Kk-S_MxFFHKUUu-XKKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.16.0/23
192.121.162.0/23
193.235.147.0/24
Signature Algorithm: sha256WithRSAEncryption
70:b4:60:36:56:f0:12:e1:dc:2c:04:d3:20:00:22:7e:0e:5b:
2f:0d:5f:d1:d9:47:12:ac:f2:a7:c5:9d:ee:b8:27:e7:7e:30:
c7:bd:b4:e8:e8:3e:71:10:ab:26:0d:d5:e4:df:21:06:3c:b4:
98:28:ab:cf:2b:fc:db:8e:4f:ce:91:5e:7a:f8:35:8b:fe:7a:
29:99:33:28:eb:a6:88:08:2b:da:52:50:72:d0:ae:f0:ea:48:
cb:c1:fb:54:b0:7b:b6:43:14:b6:54:36:44:44:a1:78:3d:a5:
bb:c3:a1:a6:d2:31:2f:e6:c7:7c:6c:83:76:ed:4a:71:a5:66:
ae:6f:80:c3:82:d0:42:62:4e:dc:f6:87:eb:fb:73:d1:b3:c7:
82:22:1c:d5:76:dc:59:27:65:9e:30:80:d1:0b:35:45:b1:7d:
cb:2f:c8:13:36:d2:3a:20:25:4c:6a:e8:b8:6d:3c:f3:63:20:
46:95:c2:e6:7b:bf:8a:d0:8d:ed:f6:e7:81:be:64:46:a3:b5:
ac:0d:82:96:ab:f4:1e:e3:7e:3d:9c:6c:1d:ec:96:6b:53:33:
5c:a7:37:35:85:64:cc:92:d3:31:4d:e8:6c:24:bf:9b:f5:18:
bc:a2:31:d6:10:52:e2:cf:dd:94:00:c8:69:c8:57:14:f4:a3:
1f:78:69:d3
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEQm0KcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2MwYzRmM2ZlNTc0
MmE0ZjkyZmNjYzQ1MTQ3Mjk0NTJlZjk3MjhhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7kzJ2WEEPwINLzx48p1Mx0qniPFZi2nZEAPVC5rO77RtY5
WzZ5tvR1gmHRX09EySxdB3gZqiB2G1/q01a0cBqilEcGL+9SdRWzOX3wftylTCc5
rOio+n4gj3RDOlWny31PT2onqYVA8c8Qo5+i0QdfP8klBlGpH7EH1eezCQyeOYLV
9H40TD6L5a6s0MSrRWjv+WLNj5j6JHTP1Bfq4CMHrd6zyGq7qF45pNIgivvcB03j
GYCu8SBTnvye0hZCo5EthINzlxp2s78FT3/UPiRlwjRsOnoo7ULT6VJ5mxlA/tax
zYb+FRemBw54nkJ1J7Vh8FX/appw2FbQC+VIdKMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTMDE8/5XQqT5L8zEUUcpRS75cooTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L3pBeFBQLVYwS2stU19NeEZGSEtVVXUtWEtLRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAcB5EAMEAcB5ogMEAMHrkzANBgkq
hkiG9w0BAQsFAAOCAQEAcLRgNlbwEuHcLATTIAAifg5bLw1f0dlHEqzyp8Wd7rgn
534wx7206Og+cRCrJg3V5N8hBjy0mCirzyv8245PzpFeevg1i/56KZkzKOumiAgr
2lJQctCu8OpIy8H7VLB7tkMUtlQ2RESheD2lu8OhptIxL+bHfGyDdu1KcaVmrm+A
w4LQQmJO3PaH6/tz0bPHgiIc1XbcWSdlnjCA0Qs1RbF9yy/IEzbSOiAlTGrouG08
82MgRpXC5nu/itCN7fbngb5kRqO1rA2Clqv0HuN+PZxsHeyWa1MzXKc3NYVkzJLT
MU3obCS/m/UYvKIx1hBS4s/dlADIachXFPSjH3hp0w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org