Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/z7wvn9GOMco_qZSpNA5-AfGFMxo.roa
File: z7wvn9GOMco_qZSpNA5-AfGFMxo.roa (raw, json)
Hash identifier: wRt8kjp7dbDTzb2Ll2n89Tn2cg8+d0owrjJG0fISij0=
Subject key identifier: CF:BC:2F:9F:D1:8E:31:CA:3F:A9:94:A9:34:0E:7E:01:F1:85:33:1A
Certificate issuer: /CN=0dc2061405956993cc63a60db0f963525d357731
Certificate serial: 12EB16C8
Authority key identifier: 0D:C2:06:14:05:95:69:93:CC:63:A6:0D:B0:F9:63:52:5D:35:77:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DcIGFAWVaZPMY6YNsPljUl01dzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/z7wvn9GOMco_qZSpNA5-AfGFMxo.roa
Signing time: Sat 01 Jan 2022 08:05:53 +0000
ROA not before: Sat 01 Jan 2022 08:05:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24853
IP address blocks: 185.139.80.0/22 maxlen: 22
193.111.162.0/24 maxlen: 24
2a07:1400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317396680 (0x12eb16c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dc2061405956993cc63a60db0f963525d357731
Validity
Not Before: Jan 1 08:05:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfbc2f9fd18e31ca3fa994a9340e7e01f185331a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:81:ed:6c:7a:b7:bd:67:cb:0f:16:81:4a:10:
0b:4b:a0:39:07:da:e4:56:ff:94:79:fe:39:1e:e1:
9b:70:18:45:ed:70:c0:6b:6e:bf:2b:99:20:6d:d5:
84:fa:15:c7:dc:6f:d4:0f:c2:21:73:45:0b:c9:b0:
6d:e0:34:d4:89:67:6d:30:8d:d7:3d:3e:8f:d1:45:
67:30:9d:dc:93:ba:a5:82:5e:ef:6b:15:f2:e0:e5:
ce:34:bf:c4:df:d5:e9:b7:bd:b1:da:98:21:03:9b:
b4:47:4e:58:cf:b4:20:f8:55:7f:07:94:b5:6c:f2:
65:93:0a:6a:3f:89:16:94:bb:0c:ac:5e:fd:9f:81:
4f:08:69:44:83:ea:44:94:06:56:a4:81:b8:43:4b:
5c:55:9a:9f:76:85:38:a9:bf:8b:3c:93:19:ef:b8:
e4:c7:0f:52:83:3a:8c:a2:39:b1:b3:89:53:87:42:
34:6a:eb:4b:dd:89:6c:35:f2:64:44:b2:b4:b1:09:
73:bc:81:90:71:b4:00:47:ff:26:d0:bc:d7:ac:dc:
d1:3b:91:5f:28:83:a3:65:29:c1:de:d3:ae:c4:b4:
e7:21:55:09:f3:2c:9e:73:c8:01:a3:61:5f:98:19:
4d:d8:9c:79:9d:b9:93:a6:d7:11:c8:ef:6f:5a:38:
9e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:BC:2F:9F:D1:8E:31:CA:3F:A9:94:A9:34:0E:7E:01:F1:85:33:1A
X509v3 Authority Key Identifier:
keyid:0D:C2:06:14:05:95:69:93:CC:63:A6:0D:B0:F9:63:52:5D:35:77:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcIGFAWVaZPMY6YNsPljUl01dzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/z7wvn9GOMco_qZSpNA5-AfGFMxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/DcIGFAWVaZPMY6YNsPljUl01dzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.80.0/22
193.111.162.0/24
IPv6:
2a07:1400::/29
Signature Algorithm: sha256WithRSAEncryption
1c:f7:5f:5c:15:cf:6d:61:03:0f:ed:7e:43:2f:ce:ce:2d:2f:
bf:2a:be:9d:84:a6:21:33:6a:83:ff:38:de:c6:1b:4f:8a:82:
d4:8b:9d:e5:5c:d4:8f:20:91:be:53:ad:5f:57:f1:be:00:5f:
f9:5a:de:09:53:25:97:f1:63:77:e1:32:7f:b1:1b:7e:e6:00:
a7:f8:5c:c4:4f:38:13:6d:7a:85:a5:9f:85:e4:1e:6d:ba:da:
cf:77:fc:c4:40:15:4e:48:fa:d5:b9:6f:9c:7f:b0:f7:fa:84:
f0:e3:45:17:3a:3c:25:d2:c1:5b:08:ae:52:eb:05:4a:ca:2e:
0f:4f:1b:ee:d8:8f:21:f9:fb:62:fa:46:a8:a2:1d:42:18:fc:
5b:ac:08:26:ef:e9:43:0e:19:0b:50:f3:c1:c3:83:50:63:8d:
04:36:c7:6f:06:bb:e7:dd:4c:6c:99:f0:f3:f8:7c:1c:88:32:
40:00:2f:a5:95:ce:3b:bd:6b:03:c4:36:2f:44:70:32:1d:6f:
01:bd:01:10:96:87:ac:40:62:a2:f4:09:95:ed:58:7b:a6:47:
93:9b:82:16:f6:bd:d5:fc:60:7b:4d:d2:85:6a:bc:25:63:1e:
65:93:c7:71:7b:0e:52:d9:f4:46:cc:91:b5:f7:40:fb:0c:41:
87:70:ed:71
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEEusWyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZGMyMDYxNDA1OTU2OTkzY2M2M2E2MGRiMGY5NjM1MjVkMzU3NzMxMB4XDTIyMDEw
MTA4MDU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2ZiYzJmOWZkMThl
MzFjYTNmYTk5NGE5MzQwZTdlMDFmMTg1MzMxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmB7Wx6t71nyw8WgUoQC0ugOQfa5Fb/lHn+OR7hm3AYRe1w
wGtuvyuZIG3VhPoVx9xv1A/CIXNFC8mwbeA01IlnbTCN1z0+j9FFZzCd3JO6pYJe
72sV8uDlzjS/xN/V6be9sdqYIQObtEdOWM+0IPhVfweUtWzyZZMKaj+JFpS7DKxe
/Z+BTwhpRIPqRJQGVqSBuENLXFWan3aFOKm/izyTGe+45McPUoM6jKI5sbOJU4dC
NGrrS92JbDXyZESytLEJc7yBkHG0AEf/JtC816zc0TuRXyiDo2Upwd7TrsS05yFV
CfMsnnPIAaNhX5gZTdiceZ25k6bXEcjvb1o4nlkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTPvC+f0Y4xyj+plKk0Dn4B8YUzGjAfBgNVHSMEGDAWgBQNwgYUBZVpk8xj
pg2w+WNSXTV3MTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RjSUdGQVdWYVpQTVk2WU5zUGxqVWwwMWR6RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvOWRlNzY3LTNhMjgtNDlhYi1hZTI4LTIzNDhiYTZmYjRjMy8x
L3o3d3ZuOUdPTWNvX3FaU3BOQTUtQWZHRk14by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
OWRlNzY3LTNhMjgtNDlhYi1hZTI4LTIzNDhiYTZmYjRjMy8xL0RjSUdGQVdWYVpQ
TVk2WU5zUGxqVWwwMWR6RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArmLUAMEAMFvojANBAIAAjAHAwUD
KgcUADANBgkqhkiG9w0BAQsFAAOCAQEAHPdfXBXPbWEDD+1+Qy/Ozi0vvyq+nYSm
ITNqg/843sYbT4qC1Iud5VzUjyCRvlOtX1fxvgBf+VreCVMll/Fjd+Eyf7EbfuYA
p/hcxE84E216haWfheQebbraz3f8xEAVTkj61blvnH+w9/qE8ONFFzo8JdLBWwiu
UusFSsouD08b7tiPIfn7YvpGqKIdQhj8W6wIJu/pQw4ZC1DzwcODUGONBDbHbwa7
591MbJnw8/h8HIgyQAAvpZXOO71rA8Q2L0RwMh1vAb0BEJaHrEBiovQJle1Ye6ZH
k5uCFva91fxge03ShWq8JWMeZZPHcXsOUtn0RsyRtfdA+wxBh3DtcQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:37 2023 by rpki-client on console.sobornost.net