Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/zr0sOXAK3stPwapZtGhT1LPUwAU.roa
File: zr0sOXAK3stPwapZtGhT1LPUwAU.roa (raw, json)
Hash identifier: fRaOtk+GR1TV8qddEKvQsKo+heT79e+bDdW7s6u9ga4=
Subject key identifier: CE:BD:2C:39:70:0A:DE:CB:4F:C1:AA:59:B4:68:53:D4:B3:D4:C0:05
Certificate issuer: /CN=dac32632aa9154253c6dcd2331e9ad6920b6bdcc
Certificate serial: 01851CC9F4703FE762CB57B21C7C734BD2C7
Authority key identifier: DA:C3:26:32:AA:91:54:25:3C:6D:CD:23:31:E9:AD:69:20:B6:BD:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sMmMqqRVCU8bc0jMemtaSC2vcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/zr0sOXAK3stPwapZtGhT1LPUwAU.roa
Signing time: Fri 16 Dec 2022 21:14:35 +0000
ROA not before: Fri 16 Dec 2022 21:14:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8075
IP address blocks: 212.46.57.0/24 maxlen: 24
2a12:fc7:ffef::/48 maxlen: 48
2a12:fc0::/48 maxlen: 48
2a12:fc0:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1c:c9:f4:70:3f:e7:62:cb:57:b2:1c:7c:73:4b:d2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac32632aa9154253c6dcd2331e9ad6920b6bdcc
Validity
Not Before: Dec 16 21:14:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cebd2c39700adecb4fc1aa59b46853d4b3d4c005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b2:d2:cd:4d:23:dd:b1:32:a5:20:0e:cb:fe:
e5:22:77:19:ef:36:48:d8:2c:15:64:3f:9a:ee:7d:
3f:85:7f:7c:51:39:62:9a:70:02:7c:e0:11:87:6a:
d3:8a:c2:1e:10:db:75:01:d7:0b:49:40:e4:93:6f:
d5:9e:18:08:73:50:c6:6b:18:f7:96:07:79:0d:65:
c4:9c:92:e1:7b:50:0d:f2:a7:7d:07:9b:bf:45:c6:
1d:0a:28:b4:85:a8:16:3c:10:d2:94:b7:58:23:e6:
cc:54:74:86:6b:04:c2:18:71:bd:57:e4:e8:73:09:
c3:52:bf:00:28:f9:25:16:7c:62:b5:6c:ee:89:20:
17:73:0f:e8:29:4d:5f:12:7c:ca:92:5a:23:0d:38:
91:43:b1:83:f1:44:3c:0e:b1:c3:01:ae:b3:ee:34:
0d:13:c4:04:96:27:31:55:03:6f:06:81:a9:4a:3e:
f0:f3:34:9e:2e:be:9a:f2:a9:46:79:3f:cf:55:b2:
6a:e8:de:a3:d5:cc:df:1a:ba:5f:80:86:7d:b0:3b:
a6:18:cf:d5:3c:59:2c:02:72:29:2f:f0:5e:ce:85:
b7:43:75:92:62:03:11:84:dd:ed:29:0f:b6:07:32:
5c:b4:27:ca:3e:65:e0:cd:2c:82:05:83:c7:28:4d:
12:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:BD:2C:39:70:0A:DE:CB:4F:C1:AA:59:B4:68:53:D4:B3:D4:C0:05
X509v3 Authority Key Identifier:
keyid:DA:C3:26:32:AA:91:54:25:3C:6D:CD:23:31:E9:AD:69:20:B6:BD:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sMmMqqRVCU8bc0jMemtaSC2vcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/zr0sOXAK3stPwapZtGhT1LPUwAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/2sMmMqqRVCU8bc0jMemtaSC2vcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.46.57.0/24
IPv6:
2a12:fc0::/48
2a12:fc0:20::/48
2a12:fc7:ffef::/48
Signature Algorithm: sha256WithRSAEncryption
05:d8:01:6c:74:2c:7b:7e:22:74:2b:e6:1e:93:fe:af:25:28:
68:72:9a:0b:b5:02:fb:65:12:4a:9b:cd:e9:76:40:84:ea:27:
4e:6f:4d:a4:10:6c:52:39:6e:47:6d:b7:99:c9:25:20:ea:48:
97:4a:ad:a6:a2:5e:a0:8c:67:27:fb:81:a4:bb:c9:a3:8d:c2:
48:33:1a:ae:da:90:9f:c2:cd:04:c4:b6:7a:4e:df:55:4a:ba:
c9:7c:b5:47:29:61:39:56:80:19:e6:d0:80:2b:83:bc:6f:24:
2c:1b:ef:e0:7a:38:1c:49:33:2f:0e:36:9b:6a:d6:41:a9:3d:
c9:b3:78:55:55:52:1b:e3:cf:77:da:2b:6e:d3:68:ff:d2:99:
4b:41:0a:46:fc:50:e1:d2:ac:b7:69:e1:45:ea:b9:75:f5:83:
81:c8:b0:f4:40:80:b1:5a:8c:e3:a2:9a:c0:45:a5:18:b9:ae:
ba:a4:95:29:18:a0:d2:b9:d9:87:1c:f2:9a:25:56:27:a4:bc:
00:cc:48:6c:c8:38:0f:1f:25:c1:36:10:c4:48:8e:89:2a:ee:
e5:56:11:46:7a:f3:bd:dc:c3:af:3c:71:1b:70:4f:ea:a3:e6:
3a:e1:e5:a2:83:1f:68:59:4e:24:3d:7c:75:7b:1b:a9:e7:e4:
6b:67:f5:67
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYUcyfRwP+diy1eyHHxzS9LHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzMyNjMyYWE5MTU0MjUzYzZkY2QyMzMxZTlhZDY5MjBi
NmJkY2MwHhcNMjIxMjE2MjExNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWJkMmMzOTcwMGFkZWNiNGZjMWFhNTliNDY4NTNkNGIzZDRjMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLLSzU0j3bEypSAOy/7lIncZ7zZI
2CwVZD+a7n0/hX98UTlimnACfOARh2rTisIeENt1AdcLSUDkk2/VnhgIc1DGaxj3
lgd5DWXEnJLhe1AN8qd9B5u/RcYdCii0hagWPBDSlLdYI+bMVHSGawTCGHG9V+To
cwnDUr8AKPklFnxitWzuiSAXcw/oKU1fEnzKklojDTiRQ7GD8UQ8DrHDAa6z7jQN
E8QElicxVQNvBoGpSj7w8zSeLr6a8qlGeT/PVbJq6N6j1czfGrpfgIZ9sDumGM/V
PFksAnIpL/BezoW3Q3WSYgMRhN3tKQ+2BzJctCfKPmXgzSyCBYPHKE0S0wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFM69LDlwCt7LT8GqWbRoU9Sz1MAFMB8GA1UdIwQY
MBaAFNrDJjKqkVQlPG3NIzHprWkgtr3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNNbU1xcVJWQ1U4YmMwak1lbXRhU0MydmN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80OTQyNGEtYWE1Zi00YjlmLWE2Mjct
MjQ2NTRlOTQxYzEyLzEvenIwc09YQUszc3RQd2FwWnRHaFQxTFBVd0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80OTQyNGEtYWE1Zi00YjlmLWE2MjctMjQ2NTRlOTQxYzEy
LzEvMnNNbU1xcVJWQ1U4YmMwak1lbXRhU0MydmN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQA1C45MCEE
AgACMBsDBwAqEg/AAAADBwAqEg/AACADBwAqEg/H/+8wDQYJKoZIhvcNAQELBQAD
ggEBAAXYAWx0LHt+InQr5h6T/q8lKGhymgu1AvtlEkqbzel2QITqJ05vTaQQbFI5
bkdtt5nJJSDqSJdKraaiXqCMZyf7gaS7yaONwkgzGq7akJ/CzQTEtnpO31VKusl8
tUcpYTlWgBnm0IArg7xvJCwb7+B6OBxJMy8ONptq1kGpPcmzeFVVUhvjz3faK27T
aP/SmUtBCkb8UOHSrLdp4UXquXX1g4HIsPRAgLFajOOimsBFpRi5rrqklSkYoNK5
2Ycc8polViekvADMSGzIOA8fJcE2EMRIjokq7uVWEUZ6873cw688cRtwT+qj5jrh
5aKDH2hZTiQ9fHV7G6nn5Gtn9Wc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:03 2023 by rpki-client on console-fra.rpki-client.org