Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/zFyd7ph892YhVOULnL-w579T4uw.roa
File: zFyd7ph892YhVOULnL-w579T4uw.roa (raw, json)
Hash identifier: aXfSAgTiZ20ji7xKI/cQJWka/9w7yhPzy4YYX53P7Y4=
Subject key identifier: CC:5C:9D:EE:98:7C:F7:66:21:54:E5:0B:9C:BF:B0:E7:BF:53:E2:EC
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 018450C44242D828703DEB95062E10A6AF40
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/zFyd7ph892YhVOULnL-w579T4uw.roa
Signing time: Mon 07 Nov 2022 06:25:50 +0000
ROA not before: Mon 07 Nov 2022 06:25:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213176
IP address blocks: 212.59.64.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
209.35.224.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:50:c4:42:42:d8:28:70:3d:eb:95:06:2e:10:a6:af:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Nov 7 06:25:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc5c9dee987cf7662154e50b9cbfb0e7bf53e2ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:93:2e:37:f5:6f:61:de:23:07:d5:54:67:2e:
61:94:f6:2a:19:b9:f0:9c:0b:6a:49:26:a7:83:07:
25:a4:85:6c:d4:a0:dd:c7:44:67:68:eb:77:0e:41:
02:ae:59:f5:26:d1:c6:4a:9d:9d:52:a4:2e:05:db:
3b:a2:bc:c0:82:21:50:80:60:bb:cf:78:7c:89:08:
e7:79:56:b0:4e:2a:5b:14:65:89:be:d7:c7:bf:58:
17:55:fe:01:ff:a7:69:27:e4:f8:29:e0:b9:14:3b:
8b:27:41:fa:bb:6e:31:35:f0:d3:3d:bf:83:c7:9e:
33:1c:5a:c5:b6:64:7a:63:15:00:0c:05:d1:74:94:
ca:7d:3c:52:22:47:ae:18:c0:62:dd:fd:04:4a:4c:
de:95:25:3b:ad:1a:94:be:45:a0:76:3b:dc:c0:d8:
4c:c7:af:2e:82:0a:e8:e4:f7:eb:0d:1d:5f:f3:74:
a5:62:e8:6c:86:9a:cd:1d:78:32:c7:0a:b1:f7:4e:
5e:de:45:d2:bb:f9:c4:74:de:ca:7f:b7:59:0a:0b:
90:92:5f:31:18:96:f8:3a:7d:cc:66:9c:ef:12:91:
8b:62:02:67:01:18:f0:0c:6b:42:7c:42:08:fe:0f:
7e:0d:e8:9a:c0:4b:fd:97:17:9a:0d:11:9c:bd:d5:
00:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:5C:9D:EE:98:7C:F7:66:21:54:E5:0B:9C:BF:B0:E7:BF:53:E2:EC
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/zFyd7ph892YhVOULnL-w579T4uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0-209.35.228.255
212.59.64.0-212.59.70.255
Signature Algorithm: sha256WithRSAEncryption
a5:c7:31:b8:d1:ac:c0:f5:c7:f2:ae:50:ee:ca:2f:51:e7:8f:
39:10:b5:3d:47:5b:2c:87:48:8d:b7:51:ef:94:4a:3a:6f:36:
83:c9:e7:5c:c4:e7:8f:19:6b:fe:e7:65:94:52:a3:75:23:e1:
dc:49:69:62:c4:91:9e:64:8b:4a:dc:17:e7:71:5f:00:d3:82:
dc:2d:c1:25:0c:9c:df:1f:1b:7c:af:a9:c6:4e:14:bc:d0:44:
b8:b0:84:3e:cb:a2:b6:fe:80:96:1c:77:da:d2:1e:50:89:2a:
17:b1:c5:fe:6f:69:16:8b:81:d6:31:8c:62:bf:6a:7b:47:c5:
29:21:ea:2d:5c:0c:09:c8:fc:97:75:64:1c:a1:26:a3:b7:15:
bb:50:4c:74:dc:46:92:0e:d7:22:7a:6d:bc:44:69:0f:de:6a:
e9:6b:88:d1:95:26:e6:d1:5b:f4:fa:e5:3c:85:58:5e:e7:74:
92:8e:ec:41:22:c2:16:d0:6d:9c:d4:5b:7c:3e:4f:09:d7:0b:
cc:42:6b:ad:a7:30:90:55:89:88:a8:0b:e5:0d:fc:e0:13:3f:
05:47:6f:9e:a4:63:ce:dd:8f:cc:7f:9f:40:3f:42:14:5b:31:
d0:49:b6:1c:ba:f0:18:5f:c8:90:88:d1:b6:a8:82:93:24:c6:
0a:3c:a5:2b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYRQxEJC2ChwPeuVBi4Qpq9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjIxMTA3MDYyNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzVjOWRlZTk4N2NmNzY2MjE1NGU1MGI5Y2JmYjBlN2JmNTNlMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5MuN/VvYd4jB9VUZy5hlPYqGbnw
nAtqSSangwclpIVs1KDdx0RnaOt3DkECrln1JtHGSp2dUqQuBds7orzAgiFQgGC7
z3h8iQjneVawTipbFGWJvtfHv1gXVf4B/6dpJ+T4KeC5FDuLJ0H6u24xNfDTPb+D
x54zHFrFtmR6YxUADAXRdJTKfTxSIkeuGMBi3f0ESkzelSU7rRqUvkWgdjvcwNhM
x68uggro5PfrDR1f83SlYuhshprNHXgyxwqx905e3kXSu/nEdN7Kf7dZCguQkl8x
GJb4On3MZpzvEpGLYgJnARjwDGtCfEII/g9+DeiawEv9lxeaDRGcvdUAawIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMxcne6YfPdmIVTlC5y/sOe/U+LsMB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvekZ5ZDdwaDg5MlloVk9VTG5MLXc1NzlUNHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAXRI+AD
BADRI+QwDAMEBtQ7QAMEANQ7RjANBgkqhkiG9w0BAQsFAAOCAQEApccxuNGswPXH
8q5Q7sovUeePORC1PUdbLIdIjbdR75RKOm82g8nnXMTnjxlr/udllFKjdSPh3Elp
YsSRnmSLStwX53FfANOC3C3BJQyc3x8bfK+pxk4UvNBEuLCEPsuitv6Alhx32tIe
UIkqF7HF/m9pFouB1jGMYr9qe0fFKSHqLVwMCcj8l3VkHKEmo7cVu1BMdNxGkg7X
InptvERpD95q6WuI0ZUm5tFb9PrlPIVYXud0ko7sQSLCFtBtnNRbfD5PCdcLzEJr
racwkFWJiKgL5Q384BM/BUdvnqRjzt2PzH+fQD9CFFsx0Em2HLrwGF/IkIjRtqiC
kyTGCjylKw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:55 2025 by rpki-client