Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/ZFK5Iko6XR42HKdMqWYPqetCHdc.roa
File: ZFK5Iko6XR42HKdMqWYPqetCHdc.roa (raw, json)
Hash identifier: iZ6IN3IN3TSDdSWXiB/CAxaIi3Fg0f9BQHcteygUn8w=
Subject key identifier: 64:52:B9:22:4A:3A:5D:1E:36:1C:A7:4C:A9:66:0F:A9:EB:42:1D:D7
Certificate issuer: /CN=82b3dcdf31af6ef0c934eaf24884ad99516edd76
Certificate serial: 0181F24AB07A013BA47378379912718DD4C1
Authority key identifier: 82:B3:DC:DF:31:AF:6E:F0:C9:34:EA:F2:48:84:AD:99:51:6E:DD:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grPc3zGvbvDJNOrySIStmVFu3XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/ZFK5Iko6XR42HKdMqWYPqetCHdc.roa
Signing time: Tue 12 Jul 2022 12:03:09 +0000
ROA not before: Tue 12 Jul 2022 12:03:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398577
IP address blocks: 144.57.40.0/24 maxlen: 24
144.57.41.0/24 maxlen: 24
144.57.40.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f2:4a:b0:7a:01:3b:a4:73:78:37:99:12:71:8d:d4:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b3dcdf31af6ef0c934eaf24884ad99516edd76
Validity
Not Before: Jul 12 12:03:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6452b9224a3a5d1e361ca74ca9660fa9eb421dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:19:b1:f3:52:12:09:32:0e:ea:df:ae:24:1f:
7f:5a:ce:de:6d:ff:4e:d9:5e:5b:b8:ad:1e:3b:33:
a9:a6:be:ec:cb:71:89:fc:e2:46:49:f1:ef:26:c5:
42:a7:a6:df:70:2c:f7:d1:92:54:b7:64:0f:ca:b5:
92:e6:1e:ab:cc:94:5a:7d:0f:f8:7f:7d:5b:d7:01:
3a:5d:3c:eb:ed:dc:f0:52:40:dd:d2:31:07:04:fc:
04:d3:0f:58:ee:ee:ad:69:6f:c7:76:1d:31:bc:9b:
0f:05:04:0e:da:3e:88:ad:ce:18:e2:44:91:94:3e:
94:b6:ad:75:1d:57:91:93:58:4e:56:c5:c4:75:02:
3e:67:b2:81:5f:70:0b:84:c4:68:e2:8a:57:84:e5:
ee:49:dd:82:72:54:c0:b2:87:9d:ae:a7:4c:da:8d:
98:76:94:51:54:3d:69:16:0a:b9:e6:bf:ae:64:4e:
d7:04:92:ae:2b:5f:83:7f:d9:57:30:72:f4:9c:d3:
16:72:56:b5:da:80:ec:85:65:26:04:2b:5f:0a:20:
f7:42:4c:89:2b:0d:16:3c:e1:63:5d:24:f3:22:67:
65:78:ff:67:37:e4:5f:62:6f:68:4b:a4:31:3b:58:
79:21:0e:49:a0:8b:80:1b:44:0f:b6:59:c6:8d:ea:
ba:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:52:B9:22:4A:3A:5D:1E:36:1C:A7:4C:A9:66:0F:A9:EB:42:1D:D7
X509v3 Authority Key Identifier:
keyid:82:B3:DC:DF:31:AF:6E:F0:C9:34:EA:F2:48:84:AD:99:51:6E:DD:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grPc3zGvbvDJNOrySIStmVFu3XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/ZFK5Iko6XR42HKdMqWYPqetCHdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/grPc3zGvbvDJNOrySIStmVFu3XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.57.40.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:74:f7:36:c4:9f:01:02:f6:92:de:6e:a1:66:91:eb:f4:a2:
5c:f2:d9:db:48:d9:3a:a4:8f:86:97:0b:71:7a:bb:9d:92:28:
e1:ae:8f:f1:62:d8:cd:44:44:80:d5:c9:19:14:ae:15:b7:5e:
f1:29:c1:35:14:29:89:6d:04:ca:17:50:39:e1:90:88:d8:77:
3a:5f:e8:da:01:c9:ff:7d:32:40:9c:51:27:79:ff:22:41:38:
df:70:40:7e:81:d2:36:0d:4c:d2:a3:db:08:76:05:ff:e2:be:
8c:50:d8:fa:9a:fc:f6:52:d0:70:f5:07:a9:56:6f:a8:f5:bd:
84:bf:9a:35:c9:94:fb:e2:1e:58:de:26:4a:6c:f5:30:25:3a:
f3:23:9f:37:46:6f:1b:b4:44:cd:fc:85:62:f1:b0:8c:56:90:
78:92:5e:8f:94:22:7f:4d:5f:ff:4e:e2:c6:96:c9:15:f5:ac:
5c:7f:34:63:cb:9f:aa:e7:f1:e6:4d:66:4a:e5:33:27:75:0b:
a9:9a:cd:35:b7:2c:b1:25:60:78:54:ff:5e:f7:ee:be:89:8c:
dc:6d:53:b3:fe:1d:2f:77:90:e2:6a:74:93:71:34:f2:c3:3a:
ed:58:e0:59:23:35:44:c2:ba:8b:fb:9a:50:95:90:bd:e9:32:
eb:93:90:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHySrB6ATukc3g3mRJxjdTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjNkY2RmMzFhZjZlZjBjOTM0ZWFmMjQ4ODRhZDk5NTE2
ZWRkNzYwHhcNMjIwNzEyMTIwMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDUyYjkyMjRhM2E1ZDFlMzYxY2E3NGNhOTY2MGZhOWViNDIxZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhmx81ISCTIO6t+uJB9/Ws7ebf9O
2V5buK0eOzOppr7sy3GJ/OJGSfHvJsVCp6bfcCz30ZJUt2QPyrWS5h6rzJRafQ/4
f31b1wE6XTzr7dzwUkDd0jEHBPwE0w9Y7u6taW/Hdh0xvJsPBQQO2j6Irc4Y4kSR
lD6Utq11HVeRk1hOVsXEdQI+Z7KBX3ALhMRo4opXhOXuSd2CclTAsoedrqdM2o2Y
dpRRVD1pFgq55r+uZE7XBJKuK1+Df9lXMHL0nNMWcla12oDshWUmBCtfCiD3QkyJ
Kw0WPOFjXSTzImdleP9nN+RfYm9oS6QxO1h5IQ5JoIuAG0QPtlnGjeq6IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRSuSJKOl0eNhynTKlmD6nrQh3XMB8GA1UdIwQY
MBaAFIKz3N8xr27wyTTq8kiErZlRbt12MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JQYzN6R3ZidkRKTk9yeVNJU3RtVkZ1M1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC80MWY0YzctOTY2OC00Y2Y0LTllOWQt
ZTBlMDQ2OGU2OWQ3LzEvWkZLNUlrbzZYUjQySEtkTXFXWVBxZXRDSGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC80MWY0YzctOTY2OC00Y2Y0LTllOWQtZTBlMDQ2OGU2OWQ3
LzEvZ3JQYzN6R3ZidkRKTk9yeVNJU3RtVkZ1M1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDkDkoMA0G
CSqGSIb3DQEBCwUAA4IBAQCMdPc2xJ8BAvaS3m6hZpHr9KJc8tnbSNk6pI+Glwtx
erudkijhro/xYtjNRESA1ckZFK4Vt17xKcE1FCmJbQTKF1A54ZCI2Hc6X+jaAcn/
fTJAnFEnef8iQTjfcEB+gdI2DUzSo9sIdgX/4r6MUNj6mvz2UtBw9QepVm+o9b2E
v5o1yZT74h5Y3iZKbPUwJTrzI583Rm8btETN/IVi8bCMVpB4kl6PlCJ/TV//TuLG
lskV9axcfzRjy5+q5/HmTWZK5TMndQupms01tyyxJWB4VP9e9+6+iYzcbVOz/h0v
d5DianSTcTTywzrtWOBZIzVEwrqL+5pQlZC96TLrk5C/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:22 2023 by rpki-client on console-ams.rpki-client.org