Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/03a3bf-0cfc-430a-985d-28e773db91c2/1/zbEQOI-QXrEjVNWvbKi-5gTbj48.roa
File: zbEQOI-QXrEjVNWvbKi-5gTbj48.roa (raw, json)
Hash identifier: sRK+/tS8srC5eglmerF69IAjsrC9tPh3dj0PQk16KVY=
Subject key identifier: CD:B1:10:38:8F:90:5E:B1:23:54:D5:AF:6C:A8:BE:E6:04:DB:8F:8F
Certificate issuer: /CN=e08945d1fc7b470e6873655f7559300e097a65e8
Certificate serial: 1856EFBB
Authority key identifier: E0:89:45:D1:FC:7B:47:0E:68:73:65:5F:75:59:30:0E:09:7A:65:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4IlF0fx7Rw5oc2VfdVkwDgl6Zeg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/03a3bf-0cfc-430a-985d-28e773db91c2/1/zbEQOI-QXrEjVNWvbKi-5gTbj48.roa
Signing time: Sat 01 Jan 2022 09:54:12 +0000
ROA not before: Sat 01 Jan 2022 09:54:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201959
IP address blocks: 185.58.64.0/22 maxlen: 22
2a04:df40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 408350651 (0x1856efbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e08945d1fc7b470e6873655f7559300e097a65e8
Validity
Not Before: Jan 1 09:54:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdb110388f905eb12354d5af6ca8bee604db8f8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9b:ed:20:18:f3:01:7c:39:79:0a:ff:8f:05:
b2:d2:78:dd:85:c6:01:fa:ae:3d:39:85:39:81:05:
6b:47:88:85:ac:7e:c1:4a:93:11:6b:aa:01:f6:3b:
23:54:e0:dd:22:b4:5a:24:52:30:c1:f2:95:7f:97:
9c:6a:54:86:c2:d7:f3:64:d3:b4:28:a5:12:bf:27:
79:b5:55:4b:5d:3f:99:dc:1e:00:ab:15:ba:55:1b:
ac:fc:dd:d5:95:b0:97:14:63:fb:ce:d9:e1:a4:d0:
f1:93:61:d6:f5:ac:65:23:17:e5:5b:d6:05:8e:12:
7b:e5:e2:07:cd:8c:8c:2d:3f:b1:7f:01:9c:a6:a8:
c0:f3:ca:73:1a:59:00:cf:31:90:a3:90:c7:19:b3:
ca:82:3d:2a:a0:ad:d9:e2:03:70:63:13:7b:4f:51:
3f:8c:74:61:d2:b1:cf:b2:6c:4e:a2:07:de:7b:90:
f4:40:6d:23:45:ad:0e:d1:98:36:54:5b:b6:8c:85:
d2:1f:14:30:da:27:a4:34:45:63:a1:65:ad:d2:bc:
35:57:18:07:67:70:e1:82:da:2c:89:8b:a1:fa:87:
ac:9e:0f:dc:aa:09:cb:dc:68:fa:51:65:77:64:08:
78:76:5e:26:62:c5:dd:ea:36:1b:4a:54:0d:ea:19:
56:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B1:10:38:8F:90:5E:B1:23:54:D5:AF:6C:A8:BE:E6:04:DB:8F:8F
X509v3 Authority Key Identifier:
keyid:E0:89:45:D1:FC:7B:47:0E:68:73:65:5F:75:59:30:0E:09:7A:65:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4IlF0fx7Rw5oc2VfdVkwDgl6Zeg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/03a3bf-0cfc-430a-985d-28e773db91c2/1/zbEQOI-QXrEjVNWvbKi-5gTbj48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/03a3bf-0cfc-430a-985d-28e773db91c2/1/4IlF0fx7Rw5oc2VfdVkwDgl6Zeg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.64.0/22
IPv6:
2a04:df40::/29
Signature Algorithm: sha256WithRSAEncryption
52:ca:e7:f7:64:e2:13:02:e9:0a:88:f4:56:a5:04:5f:59:7e:
11:28:9c:24:5d:fb:4f:4f:75:65:e2:c1:3d:9e:fc:52:c8:16:
9a:d5:8d:7a:64:2d:f7:88:c8:e2:ac:49:b1:65:f1:99:e0:89:
9f:d0:94:4d:c3:b2:0a:b4:ef:49:69:60:bd:2e:f8:6a:67:15:
ef:69:64:17:40:f1:00:52:34:35:c9:fc:90:44:52:bc:5f:bc:
0c:ad:ff:d1:34:7f:ba:6b:4e:3c:c0:b9:9e:87:14:29:97:87:
55:55:1b:f9:1b:8f:6a:da:eb:cc:ff:33:2e:bc:3c:fb:d3:41:
85:40:88:df:3c:d1:fe:79:cc:ed:19:15:25:16:20:f2:9f:1c:
1f:46:73:53:33:43:d5:06:7d:a0:66:e6:66:0d:ce:1d:83:dc:
1e:ba:64:6a:22:84:a0:20:33:26:ac:ad:46:1b:18:48:89:b5:
24:e8:4d:e6:85:b1:90:89:cd:a4:cf:74:6d:cc:3f:3d:f0:e8:
6f:ee:e6:9a:74:bd:03:e6:02:17:ff:16:dd:fd:99:69:cd:d4:
94:d7:17:27:aa:c7:ee:7c:d4:2d:f3:ee:bd:ef:d7:b4:b1:c7:
ec:67:e8:fe:4f:a0:96:8d:3a:28:0e:cf:76:65:12:97:31:c2:
df:a3:3f:ac
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGFbvuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MDg5NDVkMWZjN2I0NzBlNjg3MzY1NWY3NTU5MzAwZTA5N2E2NWU4MB4XDTIyMDEw
MTA5NTQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RiMTEwMzg4Zjkw
NWViMTIzNTRkNWFmNmNhOGJlZTYwNGRiOGY4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWb7SAY8wF8OXkK/48FstJ43YXGAfquPTmFOYEFa0eIhax+
wUqTEWuqAfY7I1Tg3SK0WiRSMMHylX+XnGpUhsLX82TTtCilEr8nebVVS10/mdwe
AKsVulUbrPzd1ZWwlxRj+87Z4aTQ8ZNh1vWsZSMX5VvWBY4Se+XiB82MjC0/sX8B
nKaowPPKcxpZAM8xkKOQxxmzyoI9KqCt2eIDcGMTe09RP4x0YdKxz7JsTqIH3nuQ
9EBtI0WtDtGYNlRbtoyF0h8UMNonpDRFY6FlrdK8NVcYB2dw4YLaLImLofqHrJ4P
3KoJy9xo+lFld2QIeHZeJmLF3eo2G0pUDeoZVoUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTNsRA4j5BesSNU1a9sqL7mBNuPjzAfBgNVHSMEGDAWgBTgiUXR/HtHDmhz
ZV91WTAOCXpl6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRJbEYwZng3Unc1b2MyVmZkVmt3RGdsNlplZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvMDNhM2JmLTBjZmMtNDMwYS05ODVkLTI4ZTc3M2RiOTFjMi8x
L3piRVFPSS1RWHJFalZOV3ZiS2ktNWdUYmo0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
MDNhM2JmLTBjZmMtNDMwYS05ODVkLTI4ZTc3M2RiOTFjMi8xLzRJbEYwZng3Unc1
b2MyVmZkVmt3RGdsNlplZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk6QDANBAIAAjAHAwUDKgTfQDAN
BgkqhkiG9w0BAQsFAAOCAQEAUsrn92TiEwLpCoj0VqUEX1l+ESicJF37T091ZeLB
PZ78UsgWmtWNemQt94jI4qxJsWXxmeCJn9CUTcOyCrTvSWlgvS74amcV72lkF0Dx
AFI0Ncn8kERSvF+8DK3/0TR/umtOPMC5nocUKZeHVVUb+RuPatrrzP8zLrw8+9NB
hUCI3zzR/nnM7RkVJRYg8p8cH0ZzUzND1QZ9oGbmZg3OHYPcHrpkaiKEoCAzJqyt
RhsYSIm1JOhN5oWxkInNpM90bcw/PfDob+7mmnS9A+YCF/8W3f2Zac3UlNcXJ6rH
7nzULfPuve/XtLHH7Gfo/k+glo06KA7PdmUSlzHC36M/rA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:46 2023 by rpki-client on console-ams.rpki-client.org