Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/ZoN_KCuLgQ_XLZREqsT884kSssE.roa
File: ZoN_KCuLgQ_XLZREqsT884kSssE.roa (raw, json)
Hash identifier: 2Z+Fqyz1i0+EL02fUyxtHOeWvNFQCns7XGvkES8iqgg=
Subject key identifier: 66:83:7F:28:2B:8B:81:0F:D7:2D:94:44:AA:C4:FC:F3:89:12:B2:C1
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 08FC5444
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/ZoN_KCuLgQ_XLZREqsT884kSssE.roa
Signing time: Sat 01 Jan 2022 08:59:07 +0000
ROA not before: Sat 01 Jan 2022 08:59:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49690
IP address blocks: 159.151.0.0/18 maxlen: 18
159.151.224.0/20 maxlen: 20
159.151.240.0/21 maxlen: 21
159.151.248.0/23 maxlen: 23
159.151.252.0/24 maxlen: 24
159.151.253.0/24 maxlen: 24
192.109.140.0/24 maxlen: 24
192.109.141.0/24 maxlen: 24
159.151.192.0/19 maxlen: 19
2a07:8140::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150754372 (0x8fc5444)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 08:59:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66837f282b8b810fd72d9444aac4fcf38912b2c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f2:de:22:ae:45:47:1c:bf:1a:30:dd:43:80:
ec:a9:77:d6:c4:ee:3c:c9:8b:03:01:d8:8e:0e:9f:
4f:fc:62:99:f1:4a:2a:2c:4e:28:dd:d1:af:78:06:
e0:e5:c5:57:c9:da:5b:c5:69:90:04:ab:1b:c9:b6:
8a:91:03:3f:d9:02:99:82:64:b1:33:c8:cb:44:8d:
67:00:48:47:4d:51:5f:a3:ed:5c:82:3d:8d:1c:dd:
a9:60:40:7d:ae:09:1a:7d:e4:76:da:1b:4e:3b:09:
7d:56:f5:d3:12:dc:e7:00:3d:8b:6f:f0:f8:05:14:
4c:9c:49:69:30:a5:04:fa:27:70:2b:48:ad:63:75:
7c:12:77:43:ca:99:cc:36:5c:53:14:29:a4:f6:83:
e8:55:c6:cb:18:46:80:67:7b:35:44:12:03:b1:f1:
ad:bf:0f:2d:66:de:cd:03:55:67:a1:d0:da:ed:01:
ee:71:8f:8f:0e:40:bc:e5:da:99:da:ff:6f:12:80:
0a:d4:8b:76:a5:8d:6b:22:6d:9b:0b:63:40:81:20:
10:8c:32:58:22:cd:ae:56:dc:29:6f:af:15:0e:b8:
21:36:b9:2c:e4:b1:d2:ca:3c:a7:5c:2c:f2:91:f2:
94:8f:0c:5f:c6:2a:78:2c:98:a6:c0:b4:89:ac:5e:
be:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:83:7F:28:2B:8B:81:0F:D7:2D:94:44:AA:C4:FC:F3:89:12:B2:C1
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/ZoN_KCuLgQ_XLZREqsT884kSssE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.0.0/18
159.151.192.0-159.151.249.255
159.151.252.0/23
192.109.140.0/23
IPv6:
2a07:8140::/36
Signature Algorithm: sha256WithRSAEncryption
7d:1e:1b:ab:71:ae:66:15:cb:a2:dc:00:7a:60:6d:fa:f2:a4:
3e:9a:d3:3d:1e:ca:78:23:b9:7b:de:17:bf:65:1a:af:83:67:
bd:10:b2:93:ef:99:d3:d7:d9:bf:22:f6:e6:58:a2:67:fe:b2:
4a:a3:0f:85:a8:04:c3:06:e9:a6:8b:d8:3d:a7:a8:eb:2c:a5:
9c:28:e0:60:83:16:8d:ac:82:4a:15:7a:ba:c8:41:a4:61:14:
79:62:7c:fd:05:58:ee:a9:14:98:d5:75:9f:55:1c:10:cf:67:
3c:85:f0:ec:be:e7:78:e5:12:fb:9c:4e:8e:b5:36:bd:85:64:
99:9f:59:6c:fe:46:5e:d1:38:a2:0c:c9:0b:d2:03:31:83:af:
7f:cd:e6:4a:e4:4a:cb:d3:aa:3f:ab:12:67:fa:0d:43:cf:9d:
43:14:25:9f:3b:70:3d:9f:3e:25:e6:bf:16:0d:b4:50:50:a6:
15:a3:a4:b7:39:9a:8a:89:25:9a:71:8a:39:a3:09:99:d0:61:
97:99:a1:12:a9:49:40:a1:26:48:98:d4:9f:46:12:72:ee:6e:
69:a8:62:6a:e3:2f:05:04:76:87:b0:60:b3:de:36:fa:10:cf:
f9:50:98:a6:1e:1d:10:52:13:bc:56:c5:f7:b2:0d:00:8e:71:
31:0a:1c:26
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIECPxURDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTM3ZDgwN2Q0ZjdjZGQzZTBhZmU0YWJjOGVlNWE4ODBjNjA5MGYxMB4XDTIyMDEw
MTA4NTkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY4MzdmMjgyYjhi
ODEwZmQ3MmQ5NDQ0YWFjNGZjZjM4OTEyYjJjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKby3iKuRUccvxow3UOA7Kl31sTuPMmLAwHYjg6fT/ximfFK
KixOKN3Rr3gG4OXFV8naW8VpkASrG8m2ipEDP9kCmYJksTPIy0SNZwBIR01RX6Pt
XII9jRzdqWBAfa4JGn3kdtobTjsJfVb10xLc5wA9i2/w+AUUTJxJaTClBPoncCtI
rWN1fBJ3Q8qZzDZcUxQppPaD6FXGyxhGgGd7NUQSA7Hxrb8PLWbezQNVZ6HQ2u0B
7nGPjw5AvOXamdr/bxKACtSLdqWNayJtmwtjQIEgEIwyWCLNrlbcKW+vFQ64ITa5
LOSx0so8p1ws8pHylI8MX8YqeCyYpsC0iaxevlMCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRmg38oK4uBD9ctlESqxPzziRKywTAfBgNVHSMEGDAWgBQKN9gH1PfN0+Cv
5KvI7lqIDGCQ8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqZllCOVQzemRQZ3ItU3J5TzVhaUF4Z2tQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8x
L1pvTl9LQ3VMZ1FfWExaUkVxc1Q4ODRrU3NzRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8xL0NqZllCOVQzemRQ
Z3ItU3J5TzVhaUF4Z2tQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwJgQCAAEwIAMEBp+XADAMAwQGn5fAAwQBn5f4AwQB
n5f8AwQBwG2MMA4EAgACMAgDBgQqB4FAADANBgkqhkiG9w0BAQsFAAOCAQEAfR4b
q3GuZhXLotwAemBt+vKkPprTPR7KeCO5e94Xv2Uar4NnvRCyk++Z09fZvyL25lii
Z/6ySqMPhagEwwbppovYPaeo6yylnCjgYIMWjayCShV6ushBpGEUeWJ8/QVY7qkU
mNV1n1UcEM9nPIXw7L7neOUS+5xOjrU2vYVkmZ9ZbP5GXtE4ogzJC9IDMYOvf83m
SuRKy9OqP6sSZ/oNQ8+dQxQlnztwPZ8+Jea/Fg20UFCmFaOktzmaioklmnGKOaMJ
mdBhl5mhEqlJQKEmSJjUn0YScu5uaahiauMvBQR2h7Bgs942+hDP+VCYph4dEFIT
vFbF97INAI5xMQocJg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:52 2023 by rpki-client on console.sobornost.net