Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/_zpNpwErScZzKrnlHWZ0r3AM4BY.roa
File: _zpNpwErScZzKrnlHWZ0r3AM4BY.roa (raw, json)
Hash identifier: hfKnG3S2thx7I9Fow01xNC33bQs2cpZd5ep1yb+dxUY=
Subject key identifier: FF:3A:4D:A7:01:2B:49:C6:73:2A:B9:E5:1D:66:74:AF:70:0C:E0:16
Certificate issuer: /CN=edc22138c0af81c5cbf43a4f8ddd7c8de13c7230
Certificate serial: 38D6235C
Authority key identifier: ED:C2:21:38:C0:AF:81:C5:CB:F4:3A:4F:8D:DD:7C:8D:E1:3C:72:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/_zpNpwErScZzKrnlHWZ0r3AM4BY.roa
Signing time: Fri 18 Mar 2022 23:26:17 +0000
ROA not before: Fri 18 Mar 2022 23:26:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20704
IP address blocks: 81.92.240.0/24 maxlen: 24
81.92.242.0/24 maxlen: 24
81.92.241.0/24 maxlen: 24
81.92.243.0/24 maxlen: 24
217.196.64.0/19 maxlen: 20
2001:1408::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 953557852 (0x38d6235c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc22138c0af81c5cbf43a4f8ddd7c8de13c7230
Validity
Not Before: Mar 18 23:26:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff3a4da7012b49c6732ab9e51d6674af700ce016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:08:75:2c:00:b1:41:0b:94:7f:ad:cf:bc:e3:
79:22:47:94:80:f7:ce:f7:d2:78:a2:5c:1c:d4:c3:
63:57:15:8c:d1:cf:cd:a3:af:92:fc:0e:e3:0f:e5:
f8:23:10:61:2d:93:c9:86:89:4c:60:73:8c:4e:a8:
cd:db:f4:5b:1a:c8:39:02:d9:ef:32:7a:b0:d9:8c:
ed:77:66:a7:b6:5c:6b:51:b0:fb:d3:49:6b:e1:b1:
b0:e2:60:6a:7c:ad:a8:26:21:8a:92:da:f3:43:f8:
32:4b:67:45:40:37:fc:30:e4:93:78:e8:d9:1f:67:
1c:7d:0b:c0:2f:4d:5f:da:30:48:f0:c1:24:7f:9c:
2b:4d:9e:d4:79:63:a4:7c:b8:47:f5:ae:53:a6:ce:
39:ba:0c:b9:f3:00:10:2b:1b:c0:7d:32:0e:94:72:
22:18:a2:00:5a:46:b4:2d:a5:e1:c6:8e:d1:87:89:
2d:ce:54:d3:6d:0c:94:0e:d0:a7:71:d4:9e:63:37:
d1:d7:79:40:a9:e8:9f:86:31:52:1d:fe:c0:46:e2:
51:bb:33:6c:f9:db:d7:4a:bc:89:5f:1b:20:e7:04:
70:d8:f2:61:39:79:b8:b9:cb:03:b9:06:41:1e:75:
1c:b7:73:f3:14:47:1a:7a:ec:0d:81:a8:bf:ba:32:
18:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3A:4D:A7:01:2B:49:C6:73:2A:B9:E5:1D:66:74:AF:70:0C:E0:16
X509v3 Authority Key Identifier:
keyid:ED:C2:21:38:C0:AF:81:C5:CB:F4:3A:4F:8D:DD:7C:8D:E1:3C:72:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/_zpNpwErScZzKrnlHWZ0r3AM4BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/7cIhOMCvgcXL9DpPjd18jeE8cjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.240.0/22
217.196.64.0/19
IPv6:
2001:1408::/32
Signature Algorithm: sha256WithRSAEncryption
3e:87:c7:41:a1:14:13:ac:cb:9a:ae:08:52:ec:0b:d6:89:b6:
36:5e:3d:cb:92:10:a7:c2:1f:85:08:ba:e2:d3:aa:a3:73:d7:
5e:58:38:91:9d:bc:3c:ce:db:e7:ef:68:b5:3f:ed:d5:d7:5a:
de:95:1d:3a:7d:e6:2d:94:b3:95:90:86:62:67:50:7e:22:17:
a1:9b:ad:40:89:1c:45:b9:67:1e:f8:cd:f3:82:52:6c:93:7a:
6f:e2:83:15:bb:5b:a9:af:e4:c2:62:96:8d:41:71:88:7b:a3:
ea:4f:4b:67:dc:a3:11:7d:f2:ec:98:e2:3d:d4:05:f4:32:e6:
42:e3:9f:c0:bc:8c:fb:15:c9:7f:3e:76:cf:34:c2:5e:19:e9:
4c:0a:1c:50:79:65:98:65:ba:26:44:2d:bb:65:ef:67:dc:41:
4f:1a:ea:ab:e8:36:f0:9a:f1:4a:78:ba:36:9c:42:2d:fb:21:
ff:fa:08:d7:50:80:81:93:5b:64:dc:cf:f0:06:c3:37:b8:72:
7d:a7:92:06:bb:30:66:2c:5c:b2:c7:ac:3f:9a:18:68:1e:c1:
c2:27:80:01:d5:f6:eb:98:8a:93:7e:b7:11:e5:9b:86:62:dd:
73:61:b1:28:40:20:31:51:a1:88:1f:a9:1b:57:b1:49:e9:e9:
d0:7c:24:c4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEONYjXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZGMyMjEzOGMwYWY4MWM1Y2JmNDNhNGY4ZGRkN2M4ZGUxM2M3MjMwMB4XDTIyMDMx
ODIzMjYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmYzYTRkYTcwMTJi
NDljNjczMmFiOWU1MWQ2Njc0YWY3MDBjZTAxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMoIdSwAsUELlH+tz7zjeSJHlID3zvfSeKJcHNTDY1cVjNHP
zaOvkvwO4w/l+CMQYS2TyYaJTGBzjE6ozdv0WxrIOQLZ7zJ6sNmM7Xdmp7Zca1Gw
+9NJa+GxsOJganytqCYhipLa80P4MktnRUA3/DDkk3jo2R9nHH0LwC9NX9owSPDB
JH+cK02e1HljpHy4R/WuU6bOOboMufMAECsbwH0yDpRyIhiiAFpGtC2l4caO0YeJ
Lc5U020MlA7Qp3HUnmM30dd5QKnon4YxUh3+wEbiUbszbPnb10q8iV8bIOcEcNjy
YTl5uLnLA7kGQR51HLdz8xRHGnrsDYGov7oyGHkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBT/Ok2nAStJxnMqueUdZnSvcAzgFjAfBgNVHSMEGDAWgBTtwiE4wK+Bxcv0
Ok+N3XyN4TxyMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdjSWhPTUN2Z2NYTDlEcFBqZDE4amVFOGNqQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvNjQ5YWViLTc4ZGQtNDIyZi04OWM2LTU1MzhkYzBiYjA5OS8x
L196cE5wd0VyU2NaektybmxIV1owcjNBTTRCWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
NjQ5YWViLTc4ZGQtNDIyZi04OWM2LTU1MzhkYzBiYjA5OS8xLzdjSWhPTUN2Z2NY
TDlEcFBqZDE4amVFOGNqQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlFc8AMEBdnEQDANBAIAAjAHAwUA
IAEUCDANBgkqhkiG9w0BAQsFAAOCAQEAPofHQaEUE6zLmq4IUuwL1om2Nl49y5IQ
p8IfhQi64tOqo3PXXlg4kZ28PM7b5+9otT/t1dda3pUdOn3mLZSzlZCGYmdQfiIX
oZutQIkcRblnHvjN84JSbJN6b+KDFbtbqa/kwmKWjUFxiHuj6k9LZ9yjEX3y7Jji
PdQF9DLmQuOfwLyM+xXJfz52zzTCXhnpTAocUHllmGW6JkQtu2XvZ9xBTxrqq+g2
8JrxSni6NpxCLfsh//oI11CAgZNbZNzP8AbDN7hyfaeSBrswZixcssesP5oYaB7B
wieAAdX265iKk363EeWbhmLdc2GxKEAgMVGhiB+pG1exSenp0HwkxA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:42 2023 by rpki-client on console-ams.rpki-client.org