Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/cezVLwoCKtgNbu4SaL1fr3R3JBs.roa
File: cezVLwoCKtgNbu4SaL1fr3R3JBs.roa (raw, json)
Hash identifier: uTtgr1mMTL9rXHBwATBWxDI1boR5F31yC3c3wI3IWF0=
Subject key identifier: 71:EC:D5:2F:0A:02:2A:D8:0D:6E:EE:12:68:BD:5F:AF:74:77:24:1B
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 01826FDB0DED78D874248D6A86024E4288AB
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/cezVLwoCKtgNbu4SaL1fr3R3JBs.roa
Signing time: Fri 05 Aug 2022 21:13:23 +0000
ROA not before: Fri 05 Aug 2022 21:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 54203
IP address blocks: 176.67.85.0/24 maxlen: 24
176.67.86.0/24 maxlen: 24
185.91.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6f:db:0d:ed:78:d8:74:24:8d:6a:86:02:4e:42:88:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Aug 5 21:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71ecd52f0a022ad80d6eee1268bd5faf7477241b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:26:e1:73:72:3c:cc:57:af:79:48:3f:3c:e0:
c1:27:9b:80:59:f0:da:18:6d:ae:3a:80:d6:af:c5:
2f:32:f0:3a:88:0f:f2:3e:05:8c:39:0a:fc:3a:08:
fb:f0:3e:5c:bd:c4:22:fc:a7:68:11:06:6b:51:5d:
4c:2d:dc:74:3c:2b:a6:14:c5:d6:6b:65:ba:c5:58:
be:38:e7:1c:42:24:7a:cd:77:73:16:5a:7e:6d:dd:
7f:70:35:bb:c6:f3:d2:a6:b5:34:4d:a6:de:af:15:
cf:2b:f2:1d:d3:9c:70:5a:f9:ec:79:88:03:98:33:
12:c7:30:80:5d:6c:af:78:a5:27:23:34:64:30:a7:
be:29:a7:37:03:42:b0:06:78:c3:f9:6f:1d:2b:98:
3b:9d:24:74:45:a0:5d:da:a8:22:8a:8d:da:eb:6b:
53:ed:ae:17:53:36:ec:e3:99:e0:f4:2f:2d:03:68:
21:b1:59:06:47:9a:01:7e:a9:c2:b1:db:3e:7f:20:
39:f2:3c:6c:09:de:f6:8c:e8:21:af:fe:20:ec:fe:
9a:1f:fe:6a:39:ea:36:cc:33:61:fa:39:fd:23:33:
85:14:d9:19:e7:77:b0:aa:f0:18:d2:2a:2a:66:74:
52:72:05:10:ae:5e:ae:ed:e8:06:75:4e:45:16:52:
03:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:EC:D5:2F:0A:02:2A:D8:0D:6E:EE:12:68:BD:5F:AF:74:77:24:1B
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/cezVLwoCKtgNbu4SaL1fr3R3JBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.85.0-176.67.86.255
185.91.120.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:a7:0a:df:54:b4:dd:f4:af:40:c1:f8:6b:7c:2c:66:9a:ba:
cd:68:46:9b:46:db:a3:76:15:ac:23:31:e2:7c:08:cf:66:18:
3b:73:a9:31:31:71:7a:f2:68:53:fa:32:f7:d6:d9:22:50:63:
ea:db:2f:e5:53:95:86:d8:d0:e7:52:8c:2f:83:b5:1d:fd:60:
41:1d:60:a4:d8:0a:a4:c8:22:96:87:1e:09:81:94:47:fc:49:
c3:47:0f:67:cc:76:7b:17:19:a1:be:c6:f6:31:c5:6c:8e:ac:
63:f1:38:2b:fc:c6:3a:6b:7d:8e:bf:f1:74:f7:d1:aa:31:17:
da:9f:78:4e:6c:73:5c:ce:57:ac:5e:41:73:9e:f5:21:a9:42:
6c:09:2b:40:c2:f5:d9:eb:2a:40:eb:96:86:88:15:9d:1f:d6:
f9:36:c4:36:05:37:22:df:0d:34:b5:cb:dd:8d:0a:52:8e:c8:
6f:1c:67:57:53:e6:f2:00:15:c9:e2:e8:58:81:7b:d5:28:48:
ae:fe:58:6f:89:fe:ee:57:7a:86:a9:a1:1f:c3:04:0b:bb:24:
57:07:7e:b5:d4:ec:e8:52:a0:02:5f:2a:0e:78:ce:e9:8a:11:
c4:bb:c5:95:04:02:39:d9:61:0c:a7:56:68:c5:f0:07:e1:b3:
fb:ed:c8:8e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYJv2w3teNh0JI1qhgJOQoirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjIwODA1MjExMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWVjZDUyZjBhMDIyYWQ4MGQ2ZWVlMTI2OGJkNWZhZjc0NzcyNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCbhc3I8zFeveUg/PODBJ5uAWfDa
GG2uOoDWr8UvMvA6iA/yPgWMOQr8Ogj78D5cvcQi/KdoEQZrUV1MLdx0PCumFMXW
a2W6xVi+OOccQiR6zXdzFlp+bd1/cDW7xvPSprU0TaberxXPK/Id05xwWvnseYgD
mDMSxzCAXWyveKUnIzRkMKe+Kac3A0KwBnjD+W8dK5g7nSR0RaBd2qgiio3a62tT
7a4XUzbs45ng9C8tA2ghsVkGR5oBfqnCsds+fyA58jxsCd72jOghr/4g7P6aH/5q
Oeo2zDNh+jn9IzOFFNkZ53ewqvAY0ioqZnRScgUQrl6u7egGdU5FFlIDCQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHHs1S8KAirYDW7uEmi9X690dyQbMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvY2V6Vkx3b0NLdGdOYnU0U2FMMWZyM1IzSkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACwQ1UD
BACwQ1YDBAK5W3gwDQYJKoZIhvcNAQELBQADggEBAL2nCt9UtN30r0DB+Gt8LGaa
us1oRptG26N2FawjMeJ8CM9mGDtzqTExcXryaFP6MvfW2SJQY+rbL+VTlYbY0OdS
jC+DtR39YEEdYKTYCqTIIpaHHgmBlEf8ScNHD2fMdnsXGaG+xvYxxWyOrGPxOCv8
xjprfY6/8XT30aoxF9qfeE5sc1zOV6xeQXOe9SGpQmwJK0DC9dnrKkDrloaIFZ0f
1vk2xDYFNyLfDTS1y92NClKOyG8cZ1dT5vIAFcni6FiBe9UoSK7+WG+J/u5Xeoap
oR/DBAu7JFcHfrXU7OhSoAJfKg54zumKEcS7xZUEAjnZYQynVmjF8Afhs/vtyI4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:38 2024 by rpki-client on console-ams.rpki-client.org