Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/zzloNMXzb6PzRl1yfPkpGF589do.roa
File: zzloNMXzb6PzRl1yfPkpGF589do.roa (raw, json)
Hash identifier: gFZVRDRIAXzjDZVWVmzoWkEMd8SRfXWmJsHsCAWEOIw=
Subject key identifier: CF:39:68:34:C5:F3:6F:A3:F3:46:5D:72:7C:F9:29:18:5E:7C:F5:DA
Certificate issuer: /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial: 02E5AF9E
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/zzloNMXzb6PzRl1yfPkpGF589do.roa
Signing time: Sat 01 Jan 2022 10:04:32 +0000
ROA not before: Sat 01 Jan 2022 10:04:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200023
IP address blocks: 185.239.142.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48607134 (0x2e5af9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Validity
Not Before: Jan 1 10:04:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf396834c5f36fa3f3465d727cf929185e7cf5da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1b:e4:4e:1d:b7:10:93:69:e8:78:77:91:f3:
99:ed:89:ee:8a:d9:a4:58:fb:67:eb:99:ef:26:df:
60:60:8e:92:7a:f0:82:8b:79:d0:a8:d8:97:0d:3e:
6b:c9:b6:d1:ef:d9:05:14:53:b6:0f:c4:01:a5:43:
f1:b8:bf:81:9b:a9:9d:39:59:0c:73:d7:cd:51:55:
f0:db:fb:66:62:34:d0:33:c4:05:32:88:a4:60:6e:
ff:90:6d:59:4c:af:63:c2:8c:51:ec:f1:56:75:6f:
5b:3c:06:a6:74:48:3b:2c:96:8d:a1:71:10:d4:64:
c8:f7:2d:21:61:e8:19:2f:0a:1b:f2:28:82:e5:48:
b8:17:5e:ee:41:00:6a:8b:a3:23:1c:b3:a1:b6:1b:
3b:00:5d:b4:01:0f:8c:07:5e:c2:ff:3d:f1:5e:cd:
44:34:f6:c6:e3:95:c2:7a:cd:ad:29:0e:d8:d2:23:
32:e8:31:01:51:7e:5e:f3:7e:d7:2d:35:11:1b:a3:
07:83:01:29:dd:8e:20:2b:a3:96:5c:d6:5b:b9:cd:
ef:fd:10:32:a7:ba:ba:5a:f3:4f:d2:27:69:d5:e3:
c9:40:f5:51:59:71:09:1b:48:73:4b:3e:a7:29:41:
17:a3:32:0f:e3:50:14:af:79:c9:02:73:42:5e:be:
56:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:39:68:34:C5:F3:6F:A3:F3:46:5D:72:7C:F9:29:18:5E:7C:F5:DA
X509v3 Authority Key Identifier:
keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/zzloNMXzb6PzRl1yfPkpGF589do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.141.0-185.239.142.255
Signature Algorithm: sha256WithRSAEncryption
a6:a9:81:c6:1a:cc:1b:b6:63:48:5b:82:7e:2e:6a:f3:18:8b:
3a:5d:40:c4:fe:2d:9a:b1:7e:e5:1a:5f:fd:d9:cf:57:0f:81:
13:71:ec:8b:01:bf:18:86:3f:06:f4:07:b4:cc:2b:50:ca:e3:
d0:6f:7c:fb:bc:57:1d:9d:12:04:84:86:83:87:53:46:77:84:
c8:6f:4b:a0:a9:a4:72:0e:87:24:37:88:fe:26:6b:66:20:79:
66:c9:b0:fd:60:72:bb:98:44:72:70:20:d3:c8:03:a8:59:0c:
cc:ca:cb:69:01:6f:bd:4e:0e:9d:f2:67:e5:5a:39:d2:fb:92:
fc:c1:32:89:cd:9b:ad:fe:21:d6:fd:d9:1c:dd:2e:db:df:b6:
1f:66:6d:38:2e:d7:57:dc:9f:16:a9:12:2c:38:33:4c:96:6f:
ea:14:48:b9:7b:0d:80:a7:30:91:a9:f4:eb:ac:ea:dd:7d:05:
2c:dd:e0:4b:7d:17:36:60:62:a6:f6:44:91:43:49:63:ff:12:
10:57:2a:c9:e8:f6:07:df:e4:ef:4f:7c:eb:a9:fe:a1:64:a6:
09:aa:bb:9a:30:11:a2:c9:c0:11:2a:0f:8c:8f:f2:93:41:db:
b3:03:90:d1:fa:71:c1:54:22:e6:d6:fa:7a:c9:9f:bc:98:ef:
47:a4:dd:42
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAuWvnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWVlY2Q3MWMxOTNlNGFjMzBlZDAzZDBiOWYwNWRhMTAxYzYwM2QyMB4XDTIyMDEw
MTEwMDQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YzOTY4MzRjNWYz
NmZhM2YzNDY1ZDcyN2NmOTI5MTg1ZTdjZjVkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIYb5E4dtxCTaeh4d5Hzme2J7orZpFj7Z+uZ7ybfYGCOknrw
got50KjYlw0+a8m20e/ZBRRTtg/EAaVD8bi/gZupnTlZDHPXzVFV8Nv7ZmI00DPE
BTKIpGBu/5BtWUyvY8KMUezxVnVvWzwGpnRIOyyWjaFxENRkyPctIWHoGS8KG/Io
guVIuBde7kEAaoujIxyzobYbOwBdtAEPjAdewv898V7NRDT2xuOVwnrNrSkO2NIj
MugxAVF+XvN+1y01ERujB4MBKd2OICujllzWW7nN7/0QMqe6ulrzT9InadXjyUD1
UVlxCRtIc0s+pylBF6MyD+NQFK95yQJzQl6+Vt8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTPOWg0xfNvo/NGXXJ8+SkYXnz12jAfBgNVHSMEGDAWgBQR7s1xwZPkrDDt
A9C58F2hAcYD0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VlN05jY0dUNUt3dzdRUFF1ZkJkb1FIR0E5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvNGZkOTVhLTUxNTctNGExYi1iODY4LTEzODk5NWM5OWI5Ny8x
L3p6bG9OTVh6YjZQelJsMXlmUGtwR0Y1ODlkby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
NGZkOTVhLTUxNTctNGExYi1iODY4LTEzODk5NWM5OWI5Ny8xL0VlN05jY0dUNUt3
dzdRUFF1ZkJkb1FIR0E5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAue+NAwQAue+OMA0GCSqGSIb3
DQEBCwUAA4IBAQCmqYHGGswbtmNIW4J+LmrzGIs6XUDE/i2asX7lGl/92c9XD4ET
ceyLAb8Yhj8G9Ae0zCtQyuPQb3z7vFcdnRIEhIaDh1NGd4TIb0ugqaRyDockN4j+
JmtmIHlmybD9YHK7mERycCDTyAOoWQzMystpAW+9Tg6d8mflWjnS+5L8wTKJzZut
/iHW/dkc3S7b37YfZm04LtdX3J8WqRIsODNMlm/qFEi5ew2ApzCRqfTrrOrdfQUs
3eBLfRc2YGKm9kSRQ0lj/xIQVyrJ6PYH3+TvT3zrqf6hZKYJqruaMBGiycARKg+M
j/KTQduzA5DR+nHBVCLm1vp6yZ+8mO9HpN1C
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:25 2023 by rpki-client on console-ams.rpki-client.org