Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ZR8K4dIUgNVRTRmp4NxSKa4Fe8s.roa
File: ZR8K4dIUgNVRTRmp4NxSKa4Fe8s.roa (raw, json)
Hash identifier: Yft3gFgFDU+SCTuHjugkI35uz3vydzt7Y1ifASVMewI=
Subject key identifier: 65:1F:0A:E1:D2:14:80:D5:51:4D:19:A9:E0:DC:52:29:AE:05:7B:CB
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0185534C8903093349CEF573AF6BFFCBD690
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ZR8K4dIUgNVRTRmp4NxSKa4Fe8s.roa
Signing time: Tue 27 Dec 2022 11:16:42 +0000
ROA not before: Tue 27 Dec 2022 11:16:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.103.0/24 maxlen: 24
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
185.81.219.0/24 maxlen: 24
185.81.218.0/24 maxlen: 24
88.151.192.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:53:4c:89:03:09:33:49:ce:f5:73:af:6b:ff:cb:d6:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Dec 27 11:16:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=651f0ae1d21480d5514d19a9e0dc5229ae057bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:72:34:9d:12:62:f0:e8:0e:2e:b8:bc:e7:1e:
c3:93:ef:5d:06:8e:0e:b3:f9:8e:34:f6:e7:1c:03:
4e:46:1c:37:d2:63:3a:e6:81:6a:98:ce:50:0e:26:
85:af:de:c6:6a:93:22:c3:ac:9b:f6:c4:e2:ab:11:
ee:06:e0:f3:7b:5c:fb:06:6f:e6:6f:1b:db:5c:fc:
22:5f:b0:98:10:dd:e6:08:6f:a3:66:d1:59:4c:82:
b3:c5:cc:19:69:8e:cc:f7:18:a4:92:2e:b4:03:ad:
49:f9:5c:6f:aa:d0:ff:63:a3:77:24:58:c4:69:92:
ad:cd:3e:21:17:75:b1:07:75:a9:36:96:c4:10:06:
fb:90:49:8c:8b:6c:5e:f6:f6:24:05:b4:d7:c4:ba:
4a:46:35:21:eb:cd:9b:8e:a2:96:7c:cb:44:cd:d5:
7d:f7:58:a8:5e:a6:4d:64:24:1f:0b:a0:f5:5e:79:
a9:5c:ec:c3:8b:15:47:f3:ab:15:1d:ae:37:e4:11:
ec:98:00:6c:74:7a:1d:aa:b5:38:23:83:76:f1:97:
38:f3:f7:12:c8:78:40:e3:cd:b2:ad:54:73:fa:2c:
56:4c:e5:4b:60:ab:b0:91:77:ff:31:e2:7b:ef:f8:
62:01:e5:f8:85:f1:dd:b9:34:8a:01:9c:e2:12:8d:
f0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1F:0A:E1:D2:14:80:D5:51:4D:19:A9:E0:DC:52:29:AE:05:7B:CB
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ZR8K4dIUgNVRTRmp4NxSKa4Fe8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
88.151.192.0/24
164.215.103.0/24
185.81.218.0/23
Signature Algorithm: sha256WithRSAEncryption
69:aa:a8:86:07:51:60:30:07:b0:a0:cc:a0:01:b5:01:1a:c6:
67:70:bc:4c:ba:c4:67:31:91:4d:5c:c9:b6:74:95:1d:41:f4:
cc:1a:6c:d2:91:55:cf:e8:d7:a9:1a:e8:10:ed:e5:d8:dc:4c:
ee:3c:b3:10:df:1f:a5:49:3d:cb:46:1c:45:f2:50:7c:b1:70:
41:1f:70:25:c2:46:f7:28:d6:7a:ac:ea:7d:d8:c7:a8:b2:d3:
bc:c7:17:2a:e9:51:5f:e2:e4:7d:4b:3a:57:92:ee:3f:83:67:
27:63:98:0f:ee:69:d9:37:ce:7b:96:69:82:28:dc:78:27:52:
ab:2f:37:bd:0c:07:ab:c9:73:40:ca:60:0d:c2:71:77:6b:87:
b2:05:7c:6c:03:c3:c8:88:a9:73:14:50:ad:ae:b7:6b:ef:b6:
5a:14:39:11:65:1a:10:c9:82:04:3f:ab:63:bc:90:87:04:74:
ab:02:48:ef:75:b7:0d:ef:e5:9d:5c:40:c6:f0:e2:8b:23:d2:
d6:44:8c:36:32:a3:c5:90:ad:c2:65:f0:84:47:08:96:59:77:
a1:f4:b1:c3:81:6c:cb:39:bd:88:b7:2e:ac:43:ae:44:99:7a:
c9:21:6b:01:d0:ce:a0:d8:4f:e8:94:4d:a5:e5:6b:dd:33:b3:
19:a8:bc:90
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVTTIkDCTNJzvVzr2v/y9aQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMjI3MTExNjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTFmMGFlMWQyMTQ4MGQ1NTE0ZDE5YTllMGRjNTIyOWFlMDU3YmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHI0nRJi8OgOLri85x7Dk+9dBo4O
s/mONPbnHANORhw30mM65oFqmM5QDiaFr97GapMiw6yb9sTiqxHuBuDze1z7Bm/m
bxvbXPwiX7CYEN3mCG+jZtFZTIKzxcwZaY7M9xikki60A61J+VxvqtD/Y6N3JFjE
aZKtzT4hF3WxB3WpNpbEEAb7kEmMi2xe9vYkBbTXxLpKRjUh682bjqKWfMtEzdV9
91ioXqZNZCQfC6D1XnmpXOzDixVH86sVHa435BHsmABsdHodqrU4I4N28Zc48/cS
yHhA482yrVRz+ixWTOVLYKuwkXf/MeJ77/hiAeX4hfHduTSKAZziEo3wFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGUfCuHSFIDVUU0ZqeDcUimuBXvLMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvWlI4SzRkSVVnTlZSVFJtcDROeFNLYTRGZThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBQrwAwQC
BQr8AwQAWJfAAwQApNdnAwQBuVHaMA0GCSqGSIb3DQEBCwUAA4IBAQBpqqiGB1Fg
MAewoMygAbUBGsZncLxMusRnMZFNXMm2dJUdQfTMGmzSkVXP6NepGugQ7eXY3Ezu
PLMQ3x+lST3LRhxF8lB8sXBBH3Alwkb3KNZ6rOp92MeostO8xxcq6VFf4uR9SzpX
ku4/g2cnY5gP7mnZN857lmmCKNx4J1KrLze9DAeryXNAymANwnF3a4eyBXxsA8PI
iKlzFFCtrrdr77ZaFDkRZRoQyYIEP6tjvJCHBHSrAkjvdbcN7+WdXEDG8OKLI9LW
RIw2MqPFkK3CZfCERwiWWXeh9LHDgWzLOb2Ity6sQ65EmXrJIWsB0M6g2E/olE2l
5WvdM7MZqLyQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org