Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/zauSEz7i9dwl2wVGykUZPVprPys.roa
File: zauSEz7i9dwl2wVGykUZPVprPys.roa (raw, json)
Hash identifier: lmkv3lG/o9ErcCVLwWcDa4SOEeQ6aRPchpy6CaKF6gE=
Subject key identifier: CD:AB:92:13:3E:E2:F5:DC:25:DB:05:46:CA:45:19:3D:5A:6B:3F:2B
Certificate issuer: /CN=84184ce919023640bb9256c2d8d1a049fa102520
Certificate serial: 0BEA633D
Authority key identifier: 84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/zauSEz7i9dwl2wVGykUZPVprPys.roa
Signing time: Sat 01 Jan 2022 14:02:12 +0000
ROA not before: Sat 01 Jan 2022 14:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64489
IP address blocks: 185.11.68.0/22 maxlen: 22
2a0b:3000::/29 maxlen: 29
2a06:e080::/29 maxlen: 29
2a03:9080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199910205 (0xbea633d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84184ce919023640bb9256c2d8d1a049fa102520
Validity
Not Before: Jan 1 14:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdab92133ee2f5dc25db0546ca45193d5a6b3f2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:8a:36:ac:2a:5e:c4:0c:de:14:7b:e9:3b:72:
0e:23:a6:5f:19:50:c2:ac:38:14:dd:03:54:9b:24:
40:62:a7:b3:9b:47:af:08:05:a4:53:75:10:47:27:
5b:4a:f3:80:3a:95:6e:9c:44:1e:d1:0f:59:90:db:
61:0f:1f:63:00:e1:57:00:88:df:de:01:0d:2f:b0:
b2:ce:7f:05:4c:de:e5:2b:51:e3:37:23:8c:46:85:
ce:f3:27:d4:d3:72:90:0e:f4:ec:1a:14:f9:4a:84:
d3:17:11:95:3a:d1:4f:2e:8f:04:e6:98:52:90:2a:
e0:db:5a:61:d2:29:57:51:df:bc:95:36:f4:d5:92:
56:22:1f:d9:50:d4:87:f9:49:d2:0d:e4:4f:8e:c9:
8f:29:d4:a2:58:f0:ba:44:ff:9f:88:02:f8:63:7b:
25:53:59:17:80:fd:cb:1c:47:74:a2:16:07:0f:75:
b6:67:f1:2b:af:c6:ce:4f:f8:5c:44:72:62:bd:42:
c6:e6:0e:2a:1f:7a:5d:75:ec:28:ed:d1:1c:59:40:
e4:bc:6c:db:38:5e:2d:1c:e8:25:31:30:37:d4:0e:
95:9c:33:d4:55:a1:0d:63:70:e0:fb:10:b7:81:c0:
ba:46:48:f3:bb:c0:95:28:bc:98:30:61:cd:b3:62:
db:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AB:92:13:3E:E2:F5:DC:25:DB:05:46:CA:45:19:3D:5A:6B:3F:2B
X509v3 Authority Key Identifier:
keyid:84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/zauSEz7i9dwl2wVGykUZPVprPys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.68.0/22
IPv6:
2a03:9080::/32
2a06:e080::/29
2a0b:3000::/29
Signature Algorithm: sha256WithRSAEncryption
50:02:cb:5a:96:2a:f3:eb:21:84:e6:3e:8a:8b:03:2a:19:23:
c0:ad:88:80:de:da:67:63:c2:8f:14:dd:9f:97:54:1c:18:b8:
0f:08:1e:75:12:1d:70:58:4a:2d:37:b0:7d:b9:3c:e9:b2:cb:
7a:98:ed:78:12:92:33:07:0f:50:a9:10:2a:aa:80:f2:02:08:
f0:15:7d:fb:37:92:0d:56:98:09:53:c7:20:43:12:7c:95:7a:
33:e5:65:c8:66:84:73:04:79:18:22:b8:0f:c4:de:5d:c0:48:
ac:68:2a:9c:d9:cf:c9:85:db:c2:30:42:63:8e:56:2b:6e:b0:
29:d3:40:b7:52:45:e2:9a:05:21:e3:78:12:34:cf:b6:ff:e7:
c3:23:f9:a3:21:2f:e4:a2:e6:57:c2:e0:6a:bd:87:1a:eb:6d:
51:84:aa:15:dd:ca:0e:fc:f7:cc:d9:0c:29:8d:d9:62:f2:c4:
e3:56:89:1a:34:20:90:d0:bb:54:36:10:67:c7:c8:f0:23:c5:
9d:9c:d6:dc:ac:89:f4:23:5c:e5:ef:4a:08:40:2c:44:14:77:
d1:8e:72:b4:da:d2:58:3e:13:fe:50:23:d0:0c:af:63:a5:64:
09:4b:ed:7a:a0:c4:04:9a:5a:40:41:d5:87:70:5d:a5:6b:df:
12:a3:a4:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEC+pjPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDE4NGNlOTE5MDIzNjQwYmI5MjU2YzJkOGQxYTA0OWZhMTAyNTIwMB4XDTIyMDEw
MTE0MDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RhYjkyMTMzZWUy
ZjVkYzI1ZGIwNTQ2Y2E0NTE5M2Q1YTZiM2YyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPWKNqwqXsQM3hR76TtyDiOmXxlQwqw4FN0DVJskQGKns5tH
rwgFpFN1EEcnW0rzgDqVbpxEHtEPWZDbYQ8fYwDhVwCI394BDS+wss5/BUze5StR
4zcjjEaFzvMn1NNykA707BoU+UqE0xcRlTrRTy6PBOaYUpAq4NtaYdIpV1HfvJU2
9NWSViIf2VDUh/lJ0g3kT47JjynUoljwukT/n4gC+GN7JVNZF4D9yxxHdKIWBw91
tmfxK6/Gzk/4XERyYr1CxuYOKh96XXXsKO3RHFlA5Lxs2zheLRzoJTEwN9QOlZwz
1FWhDWNw4PsQt4HAukZI87vAlSi8mDBhzbNi290CAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTNq5ITPuL13CXbBUbKRRk9Wms/KzAfBgNVHSMEGDAWgBSEGEzpGQI2QLuS
VsLY0aBJ+hAlIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hCaE02UmtDTmtDN2tsYkMyTkdnU2ZvUUpTQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvMjkyMmNmLTE4NjEtNDE5ZC05ZWVhLTBhNzlkNTQ5NjVhOS8x
L3phdVNFejdpOWR3bDJ3Vkd5a1VaUFZwclB5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
MjkyMmNmLTE4NjEtNDE5ZC05ZWVhLTBhNzlkNTQ5NjVhOS8xL2hCaE02UmtDTmtD
N2tsYkMyTkdnU2ZvUUpTQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswDAQCAAEwBgMEArkLRDAbBAIAAjAVAwUAKgOQgAMF
AyoG4IADBQMqCzAAMA0GCSqGSIb3DQEBCwUAA4IBAQBQAstalirz6yGE5j6KiwMq
GSPArYiA3tpnY8KPFN2fl1QcGLgPCB51Eh1wWEotN7B9uTzpsst6mO14EpIzBw9Q
qRAqqoDyAgjwFX37N5INVpgJU8cgQxJ8lXoz5WXIZoRzBHkYIrgPxN5dwEisaCqc
2c/JhdvCMEJjjlYrbrAp00C3UkXimgUh43gSNM+2/+fDI/mjIS/kouZXwuBqvYca
621RhKoV3coO/PfM2Qwpjdli8sTjVokaNCCQ0LtUNhBnx8jwI8WdnNbcrIn0I1zl
70oIQCxEFHfRjnK02tJYPhP+UCPQDK9jpWQJS+16oMQEmlpAQdWHcF2la98So6SZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:06 2024 by rpki-client on console-fra.rpki-client.org