Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/ZxMG4Yaip5xEls34BWAsATPRing.roa
File: ZxMG4Yaip5xEls34BWAsATPRing.roa (raw, json)
Hash identifier: Ztb1a2pHSFvwRWrEwxx1UoCrw3WYOI3JiuQq/rjpDnY=
Subject key identifier: 67:13:06:E1:86:A2:A7:9C:44:96:CD:F8:05:60:2C:01:33:D1:8A:78
Certificate issuer: /CN=d1122a5cb0643f736c7ec7961809a25938668f0e
Certificate serial: 0856794A
Authority key identifier: D1:12:2A:5C:B0:64:3F:73:6C:7E:C7:96:18:09:A2:59:38:66:8F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0RIqXLBkP3NsfseWGAmiWThmjw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/ZxMG4Yaip5xEls34BWAsATPRing.roa
Signing time: Sat 01 Jan 2022 00:51:51 +0000
ROA not before: Sat 01 Jan 2022 00:51:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60354
IP address blocks: 185.251.114.0/24 maxlen: 32
185.251.113.0/24 maxlen: 24
185.251.115.0/24 maxlen: 24
2a0c:1940::/44 maxlen: 44
2a0c:1940:20::/44 maxlen: 44
2a0c:1940:10::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139884874 (0x856794a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1122a5cb0643f736c7ec7961809a25938668f0e
Validity
Not Before: Jan 1 00:51:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=671306e186a2a79c4496cdf805602c0133d18a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c5:eb:2c:05:c3:ff:c7:39:c5:fa:6f:9f:8f:
dd:ba:20:e4:7b:cf:fb:f5:03:b5:85:3b:ea:c9:3d:
4a:41:41:c4:a7:61:44:b3:91:51:ea:d4:f7:76:98:
03:d2:1d:0b:d3:fb:1b:c0:16:95:dd:4a:c0:05:04:
70:94:e8:9a:2e:7d:66:6c:7d:a5:5c:35:23:65:be:
db:6f:0e:bb:28:49:ab:3f:e4:d2:e6:6c:38:8a:bf:
b6:b5:81:53:b5:9e:29:c5:bb:60:2c:b7:79:6c:00:
24:c1:56:eb:5d:0e:75:86:c1:1e:e8:72:eb:24:22:
a7:c1:4b:7b:14:60:a2:9c:bb:ca:bc:00:3c:9d:ce:
c4:59:38:86:7f:e1:69:c6:39:e4:3e:68:e9:ef:d0:
7f:ac:8f:7b:7a:3c:da:2a:23:6a:09:ec:3b:52:54:
ca:ce:0a:ed:a1:06:3f:a3:37:de:8b:65:20:6f:d6:
ba:a3:ae:9e:16:17:6d:a5:f0:01:41:1b:fc:b1:9c:
ef:80:d6:0c:8e:85:85:b8:39:b5:99:2e:1f:5c:da:
03:8a:84:e5:81:53:d0:23:ba:95:7f:26:87:ae:04:
d3:d4:e6:04:fb:a9:c3:ee:14:04:0c:71:c6:1a:e3:
d2:b3:58:a8:d7:13:4d:4c:14:9d:08:a2:b1:4a:f4:
1a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:13:06:E1:86:A2:A7:9C:44:96:CD:F8:05:60:2C:01:33:D1:8A:78
X509v3 Authority Key Identifier:
keyid:D1:12:2A:5C:B0:64:3F:73:6C:7E:C7:96:18:09:A2:59:38:66:8F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0RIqXLBkP3NsfseWGAmiWThmjw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/ZxMG4Yaip5xEls34BWAsATPRing.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/0RIqXLBkP3NsfseWGAmiWThmjw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.113.0-185.251.115.255
IPv6:
2a0c:1940::-2a0c:1940:2f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
30:55:3a:46:dc:56:c0:6f:95:bc:3c:86:33:ed:ad:1c:9b:ac:
98:61:5e:20:30:d4:86:0e:b3:4a:e5:68:fd:79:46:75:77:59:
f5:ef:3c:d1:33:0c:bf:61:1f:97:34:a2:29:9e:ba:b8:d8:d8:
e0:82:70:cd:a9:66:ca:6d:77:ec:cd:02:b8:b3:5c:0e:92:88:
d6:97:84:b9:db:10:4e:c3:dd:a4:59:1f:57:a0:8e:5c:41:fd:
b4:bc:44:bd:fe:b1:c1:2a:af:15:ff:59:43:b1:14:29:1b:18:
46:9a:b5:25:f7:f4:31:7c:de:51:58:ec:a4:dd:00:0e:fd:f2:
10:7b:79:22:f2:7c:1f:56:75:22:f5:80:db:d3:5d:7d:61:ac:
c2:73:ab:91:e5:c2:a7:f5:78:5c:16:2e:97:ef:d9:ec:bf:bf:
67:d5:02:11:5e:33:a6:71:bc:37:83:6b:7c:c7:3a:06:06:d7:
0f:1e:48:1e:2e:72:56:8f:11:62:e1:91:e5:9a:bf:b2:2a:ba:
7b:e6:76:50:ac:e3:c6:0f:a6:46:5c:82:c7:5a:f9:02:ac:41:
7a:11:bb:c1:d4:1f:5b:e4:57:c6:8e:e3:c4:a3:9d:44:ca:b5:
e5:42:85:1e:74:aa:9e:f8:2b:7b:14:2d:1a:a9:47:46:58:16:
c4:23:eb:0f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECFZ5SjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTEyMmE1Y2IwNjQzZjczNmM3ZWM3OTYxODA5YTI1OTM4NjY4ZjBlMB4XDTIyMDEw
MTAwNTE1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjcxMzA2ZTE4NmEy
YTc5YzQ0OTZjZGY4MDU2MDJjMDEzM2QxOGE3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzF6ywFw//HOcX6b5+P3bog5HvP+/UDtYU76sk9SkFBxKdh
RLORUerU93aYA9IdC9P7G8AWld1KwAUEcJTomi59Zmx9pVw1I2W+228OuyhJqz/k
0uZsOIq/trWBU7WeKcW7YCy3eWwAJMFW610OdYbBHuhy6yQip8FLexRgopy7yrwA
PJ3OxFk4hn/hacY55D5o6e/Qf6yPe3o82iojagnsO1JUys4K7aEGP6M33otlIG/W
uqOunhYXbaXwAUEb/LGc74DWDI6Fhbg5tZkuH1zaA4qE5YFT0CO6lX8mh64E09Tm
BPupw+4UBAxxxhrj0rNYqNcTTUwUnQiisUr0GscCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRnEwbhhqKnnESWzfgFYCwBM9GKeDAfBgNVHSMEGDAWgBTREipcsGQ/c2x+
x5YYCaJZOGaPDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBSSXFYTEJrUDNOc2ZzZVdHQW1pV1RobWp3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvYWNjZDM4LTBhZTYtNGI0My1hMTY4LTExNTJmNDM5MzAyMC8x
L1p4TUc0WWFpcDV4RWxzMzRCV0FzQVRQUmluZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
YWNjZDM4LTBhZTYtNGI0My1hMTY4LTExNTJmNDM5MzAyMC8xLzBSSXFYTEJrUDNO
c2ZzZVdHQW1pV1RobWp3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwFAQCAAEwDjAMAwQAuftxAwQCuftwMBgEAgACMBIw
EAMFBioMGUADBwQqDBlAACAwDQYJKoZIhvcNAQELBQADggEBADBVOkbcVsBvlbw8
hjPtrRybrJhhXiAw1IYOs0rlaP15RnV3WfXvPNEzDL9hH5c0oimeurjY2OCCcM2p
Zsptd+zNArizXA6SiNaXhLnbEE7D3aRZH1egjlxB/bS8RL3+scEqrxX/WUOxFCkb
GEaatSX39DF83lFY7KTdAA798hB7eSLyfB9WdSL1gNvTXX1hrMJzq5Hlwqf1eFwW
Lpfv2ey/v2fVAhFeM6ZxvDeDa3zHOgYG1w8eSB4uclaPEWLhkeWav7IqunvmdlCs
48YPpkZcgsda+QKsQXoRu8HUH1vkV8aO48SjnUTKteVChR50qp74K3sULRqpR0ZY
FsQj6w8=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:43 2023 by rpki-client on console.sobornost.net