Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/Zed3PQKSAExXoGPDLmJxHN6TvxY.roa
File: Zed3PQKSAExXoGPDLmJxHN6TvxY.roa (raw, json)
Hash identifier: 6PjHbb5OpB0JjkAe9eVvQR5hL7fy1E46FrMRcWzFV8A=
Subject key identifier: 65:E7:77:3D:02:92:00:4C:57:A0:63:C3:2E:62:71:1C:DE:93:BF:16
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 01845756E8007AABE53F6CDFAFF42C41841F
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/Zed3PQKSAExXoGPDLmJxHN6TvxY.roa
Signing time: Tue 08 Nov 2022 13:03:44 +0000
ROA not before: Tue 08 Nov 2022 13:03:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36007
IP address blocks: 45.91.171.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:57:56:e8:00:7a:ab:e5:3f:6c:df:af:f4:2c:41:84:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Nov 8 13:03:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65e7773d0292004c57a063c32e62711cde93bf16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:69:82:99:02:77:ca:9c:31:61:4b:6f:db:bf:
a3:0d:1d:03:1a:67:a6:e8:d7:f8:19:79:32:a3:d8:
d5:29:82:50:d9:6d:c9:30:0c:53:98:61:d6:03:19:
ba:6a:0c:99:64:52:f9:c4:96:49:9d:9e:6f:4a:83:
66:f6:70:14:0c:e3:d7:86:30:e0:1e:10:9e:aa:3b:
01:b3:a3:91:5f:b6:d9:1d:58:4d:8e:d9:e8:92:7a:
8d:e9:70:8b:2e:96:09:8f:c0:35:1c:64:19:7c:11:
8c:6d:d2:f4:8e:4c:10:db:b9:37:17:9f:53:09:98:
8d:b4:13:06:4e:8c:1f:35:e6:84:7b:b0:06:fa:27:
32:e2:2e:39:fc:9a:e5:dc:8e:33:51:65:93:39:1e:
af:32:19:d9:67:13:d5:44:ec:4d:60:86:bc:fc:72:
4b:09:96:61:19:8c:41:63:0b:dd:b1:25:a3:a3:52:
2b:c4:48:68:50:3b:3a:5b:be:37:37:4a:a3:cc:95:
42:a8:af:a1:b1:32:57:19:29:f3:2e:87:36:41:a4:
56:51:2f:b5:28:02:d1:35:28:04:58:32:29:ec:a2:
98:62:b6:49:1d:77:8c:68:31:27:c9:2f:6b:0c:60:
1a:0d:92:97:85:89:f9:1a:ad:39:3a:13:2b:61:fe:
62:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E7:77:3D:02:92:00:4C:57:A0:63:C3:2E:62:71:1C:DE:93:BF:16
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/Zed3PQKSAExXoGPDLmJxHN6TvxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
185.47.172.0/24
185.53.209.0/24
Signature Algorithm: sha256WithRSAEncryption
76:be:11:5f:e5:b2:bc:1a:a3:8c:82:f1:c7:fb:89:8a:9e:60:
4b:4f:84:63:2c:1d:3c:c0:f3:cf:a0:8c:f9:06:d7:77:84:81:
6b:1d:17:b5:27:d3:2b:a3:82:e9:9b:d1:57:c7:00:f8:13:5a:
5e:58:c8:a9:c0:81:e5:17:69:d9:92:37:f7:8e:33:64:b8:ed:
62:4e:02:20:03:65:06:f3:06:4f:59:8d:3f:3b:c3:3c:d6:a8:
39:58:1b:d1:b5:75:9b:22:ba:71:99:98:76:41:53:ad:40:cc:
30:52:91:d8:3a:ec:93:54:b4:d9:aa:62:5c:78:1d:01:ef:c4:
f4:e8:9a:d2:79:4e:ba:81:e5:02:10:ff:dd:85:b8:e0:b1:4b:
8c:1c:53:1d:52:d8:94:a4:80:e6:4a:11:5b:cf:a3:df:95:c2:
ab:cf:8f:c0:33:5a:76:e0:75:fc:30:e1:3c:9a:e4:6b:0f:7a:
ee:5d:a7:f7:9c:6c:9d:dc:1a:73:63:d8:4e:20:69:ed:53:75:
86:78:b8:3f:ff:f9:c6:c5:35:aa:28:ed:31:65:03:88:8a:6e:
9a:fb:75:1f:d7:23:34:b6:54:7b:35:41:c9:65:be:a4:c2:d4:
85:c8:79:dd:79:1f:c2:c0:01:61:29:2c:a5:11:cd:3c:4b:b7:
9f:a1:c8:fd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYRXVugAeqvlP2zfr/QsQYQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjIxMTA4MTMwMzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWU3NzczZDAyOTIwMDRjNTdhMDYzYzMyZTYyNzExY2RlOTNiZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGmCmQJ3ypwxYUtv27+jDR0DGmem
6Nf4GXkyo9jVKYJQ2W3JMAxTmGHWAxm6agyZZFL5xJZJnZ5vSoNm9nAUDOPXhjDg
HhCeqjsBs6ORX7bZHVhNjtnoknqN6XCLLpYJj8A1HGQZfBGMbdL0jkwQ27k3F59T
CZiNtBMGTowfNeaEe7AG+icy4i45/Jrl3I4zUWWTOR6vMhnZZxPVROxNYIa8/HJL
CZZhGYxBYwvdsSWjo1IrxEhoUDs6W743N0qjzJVCqK+hsTJXGSnzLoc2QaRWUS+1
KALRNSgEWDIp7KKYYrZJHXeMaDEnyS9rDGAaDZKXhYn5Gq05OhMrYf5ieQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGXndz0CkgBMV6Bjwy5icRzek78WMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvWmVkM1BRS1NBRXhYb0dQRExtSnhITjZUdnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVurAwQA
W8qqAwQAW9+pAwQAuS+sAwQAuTXRMA0GCSqGSIb3DQEBCwUAA4IBAQB2vhFf5bK8
GqOMgvHH+4mKnmBLT4RjLB08wPPPoIz5Btd3hIFrHRe1J9Mro4Lpm9FXxwD4E1pe
WMipwIHlF2nZkjf3jjNkuO1iTgIgA2UG8wZPWY0/O8M81qg5WBvRtXWbIrpxmZh2
QVOtQMwwUpHYOuyTVLTZqmJceB0B78T06JrSeU66geUCEP/dhbjgsUuMHFMdUtiU
pIDmShFbz6PflcKrz4/AM1p24HX8MOE8muRrD3ruXaf3nGyd3BpzY9hOIGntU3WG
eLg///nGxTWqKO0xZQOIim6a+3Uf1yM0tlR7NUHJZb6kwtSFyHndeR/CwAFhKSyl
Ec08S7efocj9
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:25 2023 by rpki-client on console-ams.rpki-client.org