Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/z_ZgobxWJRrh01xWxTWAIR4adjM.roa
File: z_ZgobxWJRrh01xWxTWAIR4adjM.roa (raw, json)
Hash identifier: B/XOHhEBwq0UsmueyPUq0oggwmGbrMnslJ2rKGGjWxI=
Subject key identifier: CF:F6:60:A1:BC:56:25:1A:E1:D3:5C:56:C5:35:80:21:1E:1A:76:33
Certificate issuer: /CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Certificate serial: 01849FA4A44B5516C117876876AED34E6A60
Authority key identifier: 0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/z_ZgobxWJRrh01xWxTWAIR4adjM.roa
Signing time: Tue 22 Nov 2022 14:01:18 +0000
ROA not before: Tue 22 Nov 2022 14:01:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41419
IP address blocks: 89.250.82.0/24 maxlen: 24
89.250.83.0/24 maxlen: 24
89.250.80.0/20 maxlen: 20
89.250.81.0/24 maxlen: 24
89.250.84.0/24 maxlen: 24
89.250.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:a4:a4:4b:55:16:c1:17:87:68:76:ae:d3:4e:6a:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Validity
Not Before: Nov 22 14:01:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cff660a1bc56251ae1d35c56c53580211e1a7633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f6:3e:29:a5:56:3a:d2:19:e3:de:8e:a6:7c:
77:18:0f:ce:83:49:2c:78:7d:bd:1e:56:14:07:3a:
e1:d1:95:84:55:1d:c1:df:5b:b1:7d:45:1d:80:2d:
4f:de:8d:36:15:ec:5c:ad:6d:51:7b:c4:da:1e:de:
2c:d7:44:6e:02:c4:cb:87:ab:c7:37:3e:dd:f6:e5:
68:f3:86:72:2a:53:07:3c:a0:22:a0:a3:a5:64:0c:
4e:cd:7b:4f:38:62:b1:43:58:dd:17:84:37:71:74:
94:c6:8e:9b:47:d7:22:3e:d0:f4:d7:2a:74:b8:b4:
fd:de:fd:06:01:aa:c5:df:33:c9:64:10:bd:5b:bf:
07:55:71:05:ca:7e:7e:ed:56:36:b1:9e:9a:5a:ef:
41:03:8b:1e:f7:62:ad:1b:bf:d9:f0:97:9c:68:44:
fe:54:23:3d:cd:97:66:3d:48:72:23:f2:ba:ba:95:
de:a8:fd:f9:0a:c7:31:be:81:06:6c:89:90:5f:c5:
32:9e:ae:96:ed:44:a9:7a:ff:8b:33:7a:bf:97:3d:
6f:b7:35:6f:bc:d5:8e:9f:40:fd:37:dc:24:31:7e:
c0:d5:9b:8c:72:ea:17:94:97:2c:70:8d:cd:12:93:
93:19:26:b8:d1:9d:2c:6d:20:c0:24:75:22:a3:2d:
26:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F6:60:A1:BC:56:25:1A:E1:D3:5C:56:C5:35:80:21:1E:1A:76:33
X509v3 Authority Key Identifier:
keyid:0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/z_ZgobxWJRrh01xWxTWAIR4adjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/Cv6dZmVbX9J7LBfKloVlDVPzuwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.250.80.0/20
Signature Algorithm: sha256WithRSAEncryption
b3:69:e1:1b:0c:e1:04:9f:19:c8:7d:e4:5a:41:f4:83:a0:65:
fa:c0:13:5f:a3:c7:d6:de:39:04:76:49:bf:3f:a8:a0:be:38:
ae:47:73:55:b9:ff:64:77:8d:00:f2:1e:37:11:e3:3c:52:f9:
4b:a8:ac:9a:ea:17:8d:49:4d:02:c6:b7:76:0b:93:6e:fe:4b:
69:78:06:67:1e:9c:f3:af:ab:94:aa:f1:97:2a:d5:cf:5d:9c:
d7:62:b5:de:82:e7:a7:f1:ea:3f:92:a1:e2:e3:73:49:0b:77:
a0:78:cb:43:e6:d2:06:78:aa:b9:7a:23:5d:f7:9c:79:5f:8f:
71:00:f5:e4:49:cb:d6:3f:7d:ee:5e:42:98:b2:17:04:39:68:
ac:b5:93:bd:e1:6d:51:a0:d2:65:c5:58:79:95:89:7b:49:04:
ad:29:71:df:d9:98:d5:a2:f1:cb:60:a1:cf:12:ba:47:ca:6c:
b7:6b:23:2b:f1:f0:f4:5b:de:e1:57:9c:9b:4f:ac:ea:3b:b6:
ce:9e:56:df:01:c2:c4:6b:8a:91:e3:1a:0d:15:ea:df:29:38:
71:3f:ab:c9:99:f9:a8:56:18:16:73:cd:d7:9f:8e:59:09:ac:
b4:f1:94:9b:cc:9a:e6:49:48:f7:46:05:13:56:5c:dd:a1:43:
73:81:96:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSfpKRLVRbBF4dodq7TTmpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZmU5ZDY2NjU1YjVmZDI3YjJjMTdjYTk2ODU2NTBkNTNm
M2JiMGEwHhcNMjIxMTIyMTQwMTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmY2NjBhMWJjNTYyNTFhZTFkMzVjNTZjNTM1ODAyMTFlMWE3NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPY+KaVWOtIZ496Opnx3GA/Og0ks
eH29HlYUBzrh0ZWEVR3B31uxfUUdgC1P3o02FexcrW1Re8TaHt4s10RuAsTLh6vH
Nz7d9uVo84ZyKlMHPKAioKOlZAxOzXtPOGKxQ1jdF4Q3cXSUxo6bR9ciPtD01yp0
uLT93v0GAarF3zPJZBC9W78HVXEFyn5+7VY2sZ6aWu9BA4se92KtG7/Z8JecaET+
VCM9zZdmPUhyI/K6upXeqP35CscxvoEGbImQX8Uynq6W7USpev+LM3q/lz1vtzVv
vNWOn0D9N9wkMX7A1ZuMcuoXlJcscI3NEpOTGSa40Z0sbSDAJHUioy0mtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM/2YKG8ViUa4dNcVsU1gCEeGnYzMB8GA1UdIwQY
MBaAFAr+nWZlW1/SeywXypaFZQ1T87sKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWIt
YmRjMjQ4YTZmNTY1LzEvel9aZ29ieFdKUnJoMDF4V3hUV0FJUjRhZGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWItYmRjMjQ4YTZmNTY1
LzEvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWfpQMA0G
CSqGSIb3DQEBCwUAA4IBAQCzaeEbDOEEnxnIfeRaQfSDoGX6wBNfo8fW3jkEdkm/
P6igvjiuR3NVuf9kd40A8h43EeM8UvlLqKya6heNSU0Cxrd2C5Nu/ktpeAZnHpzz
r6uUqvGXKtXPXZzXYrXeguen8eo/kqHi43NJC3egeMtD5tIGeKq5eiNd95x5X49x
APXkScvWP33uXkKYshcEOWistZO94W1RoNJlxVh5lYl7SQStKXHf2ZjVovHLYKHP
ErpHymy3ayMr8fD0W97hV5ybT6zqO7bOnlbfAcLEa4qR4xoNFerfKThxP6vJmfmo
VhgWc83Xn45ZCay08ZSbzJrmSUj3RgUTVlzdoUNzgZZA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:48 2023 by rpki-client on console-fra.rpki-client.org