Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/zmL6eO-F0REASce7b5kMwmv_U7w.roa
File: zmL6eO-F0REASce7b5kMwmv_U7w.roa (raw, json)
Hash identifier: 5ume2mF6lSnArVlNnNi4vDVI3QedoG9Zgr5ke5mWlMY=
Subject key identifier: CE:62:FA:78:EF:85:D1:11:00:49:C7:BB:6F:99:0C:C2:6B:FF:53:BC
Certificate issuer: /CN=869569a2526687da91a7ecd4f567f5409cdffe79
Certificate serial: 018559623FDE06655DB6D2F0236772662CFE
Authority key identifier: 86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/zmL6eO-F0REASce7b5kMwmv_U7w.roa
Signing time: Wed 28 Dec 2022 15:38:09 +0000
ROA not before: Wed 28 Dec 2022 15:38:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49360
IP address blocks: 45.90.232.0/22 maxlen: 22
31.7.144.0/20 maxlen: 20
91.214.72.0/22 maxlen: 22
185.29.248.0/22 maxlen: 22
5.83.122.0/24 maxlen: 24
5.83.120.0/22 maxlen: 22
2a0a:d3c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:62:3f:de:06:65:5d:b6:d2:f0:23:67:72:66:2c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869569a2526687da91a7ecd4f567f5409cdffe79
Validity
Not Before: Dec 28 15:38:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce62fa78ef85d1110049c7bb6f990cc26bff53bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:93:51:5e:5c:e8:84:b0:15:68:30:d7:e2:a5:
47:f3:47:60:7f:51:98:05:a2:9e:09:84:46:a4:1a:
8e:da:97:43:c5:8d:43:ee:91:6a:82:c9:9d:36:bb:
90:30:b8:a5:97:78:bf:59:55:34:d4:9e:e0:4e:22:
2c:0b:a9:97:14:fa:f7:fc:61:f5:99:f0:67:2f:a4:
3b:28:10:cf:5d:fe:6f:53:cb:a3:10:23:a8:d3:54:
52:e3:8f:4d:43:32:e6:ff:87:19:4a:e6:71:79:a3:
71:6a:33:f6:5f:86:31:a8:32:a9:ae:3f:8d:32:7f:
7e:87:ea:43:cf:e3:be:31:f9:8b:f9:67:e8:28:79:
c9:88:1c:67:43:b8:3d:ad:28:2b:1b:15:80:b8:78:
ff:37:e9:62:c9:ef:9b:aa:a4:07:eb:fa:20:92:20:
44:07:b2:62:5b:ed:13:99:c7:6f:d4:2b:10:2e:c2:
90:71:14:29:3a:5f:d1:79:2d:25:9b:0b:97:5d:09:
c8:60:e8:41:f7:d9:72:22:1e:a4:cb:58:66:0e:5d:
30:78:e5:55:98:31:15:b9:a0:42:46:c8:8d:f7:c4:
84:13:18:e9:42:62:92:08:11:ee:09:c4:25:54:37:
26:c2:a9:47:8a:71:7e:01:2b:95:5c:a6:96:b7:a5:
8f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:62:FA:78:EF:85:D1:11:00:49:C7:BB:6F:99:0C:C2:6B:FF:53:BC
X509v3 Authority Key Identifier:
keyid:86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/zmL6eO-F0REASce7b5kMwmv_U7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.120.0/22
31.7.144.0/20
45.90.232.0/22
91.214.72.0/22
185.29.248.0/22
IPv6:
2a0a:d3c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:d7:a7:2c:1c:4b:18:10:cd:78:30:a0:16:db:4c:d1:a3:14:
36:77:a5:81:2d:42:f0:58:7b:28:95:1f:58:f0:f5:48:dd:f2:
12:ba:c7:c6:e6:a6:ff:01:1a:dd:7f:e0:67:da:1a:6e:61:b1:
13:5c:37:1e:83:9c:83:a6:09:16:ed:5e:51:6f:f9:4e:2d:a0:
87:b8:4d:3a:4a:0c:86:89:9d:93:63:ba:c8:5d:36:18:20:fb:
ef:fb:30:06:a0:5e:9b:06:79:a3:21:08:2a:40:b9:5d:b6:1f:
de:5d:64:a9:83:a8:cf:6f:bb:23:85:8a:c6:36:a1:ad:3d:e6:
7a:23:8b:7d:ab:a3:e8:d2:06:b5:ea:00:68:59:c2:b0:ff:e7:
f7:d6:b7:4c:2c:88:33:c6:35:67:53:f8:88:25:c7:ce:1a:49:
9e:9d:cf:ef:6d:b5:41:0f:0c:4a:ab:7e:c1:32:90:d8:b7:fc:
d6:d5:19:c7:af:00:d6:8c:55:e8:49:cc:ca:f8:0f:bf:dc:3f:
89:cd:0a:2f:0f:fb:74:72:eb:18:83:e5:14:a9:1c:b8:64:e3:
7d:80:94:54:93:8e:74:10:2b:ce:db:a3:c0:c4:95:7b:61:02:
5a:14:c5:e2:3a:07:fd:81:88:1a:b2:24:43:d3:e3:b6:42:d8:
18:84:18:22
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVZYj/eBmVdttLwI2dyZiz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTU2OWEyNTI2Njg3ZGE5MWE3ZWNkNGY1NjdmNTQwOWNk
ZmZlNzkwHhcNMjIxMjI4MTUzODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTYyZmE3OGVmODVkMTExMDA0OWM3YmI2Zjk5MGNjMjZiZmY1M2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5NRXlzohLAVaDDX4qVH80dgf1GY
BaKeCYRGpBqO2pdDxY1D7pFqgsmdNruQMLill3i/WVU01J7gTiIsC6mXFPr3/GH1
mfBnL6Q7KBDPXf5vU8ujECOo01RS449NQzLm/4cZSuZxeaNxajP2X4YxqDKprj+N
Mn9+h+pDz+O+MfmL+WfoKHnJiBxnQ7g9rSgrGxWAuHj/N+liye+bqqQH6/ogkiBE
B7JiW+0Tmcdv1CsQLsKQcRQpOl/ReS0lmwuXXQnIYOhB99lyIh6ky1hmDl0weOVV
mDEVuaBCRsiN98SEExjpQmKSCBHuCcQlVDcmwqlHinF+ASuVXKaWt6WPzwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM5i+njvhdERAEnHu2+ZDMJr/1O8MB8GA1UdIwQY
MBaAFIaVaaJSZofakafs1PVn9UCc3/55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEt
MWVhYTU5MWI2NzcxLzEvem1MNmVPLUYwUkVBU2NlN2I1a013bXZfVTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEtMWVhYTU5MWI2Nzcx
LzEvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBVN4AwQE
HweQAwQCLVroAwQCW9ZIAwQCuR34MA0EAgACMAcDBQMqCtPAMA0GCSqGSIb3DQEB
CwUAA4IBAQB116csHEsYEM14MKAW20zRoxQ2d6WBLULwWHsolR9Y8PVI3fISusfG
5qb/ARrdf+Bn2hpuYbETXDceg5yDpgkW7V5Rb/lOLaCHuE06SgyGiZ2TY7rIXTYY
IPvv+zAGoF6bBnmjIQgqQLldth/eXWSpg6jPb7sjhYrGNqGtPeZ6I4t9q6Po0ga1
6gBoWcKw/+f31rdMLIgzxjVnU/iIJcfOGkmenc/vbbVBDwxKq37BMpDYt/zW1RnH
rwDWjFXoSczK+A+/3D+JzQovD/t0cusYg+UUqRy4ZON9gJRUk450ECvO26PAxJV7
YQJaFMXiOgf9gYgasiRD0+O2QtgYhBgi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:34 2023 by rpki-client on console-ams.rpki-client.org