Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/ZFCBZwfom7kPGadDDlxYBeCPvzw.roa
File: ZFCBZwfom7kPGadDDlxYBeCPvzw.roa (raw, json)
Hash identifier: t13yncEFuOhKJdo+Vp0RZF8DhXvEv143HddjmWw8ZuY=
Subject key identifier: 64:50:81:67:07:E8:9B:B9:0F:19:A7:43:0E:5C:58:05:E0:8F:BF:3C
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018C020BDEBCB132FF7F9884C57D28D69316
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/ZFCBZwfom7kPGadDDlxYBeCPvzw.roa
Signing time: Fri 24 Nov 2023 15:56:21 +0000
ROA not before: Fri 24 Nov 2023 15:56:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12663
IP address blocks: 46.108.0.0/16 maxlen: 24
37.25.128.0/17 maxlen: 24
188.240.84.0/22 maxlen: 22
92.114.8.0/21 maxlen: 21
176.125.0.0/19 maxlen: 24
85.205.0.0/16 maxlen: 24
130.195.96.0/19 maxlen: 19
195.232.128.0/17 maxlen: 24
145.230.0.0/16 maxlen: 24
130.195.128.0/18 maxlen: 24
89.32.48.0/21 maxlen: 21
46.190.128.0/17 maxlen: 24
130.195.64.0/19 maxlen: 19
108.179.64.0/18 maxlen: 19
130.195.200.0/21 maxlen: 21
86.104.216.0/22 maxlen: 22
208.53.128.0/18 maxlen: 18
62.213.128.0/19 maxlen: 19
195.233.0.0/16 maxlen: 24
130.195.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:0b:de:bc:b1:32:ff:7f:98:84:c5:7d:28:d6:93:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 24 15:56:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6450816707e89bb90f19a7430e5c5805e08fbf3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:93:3e:0b:76:f9:53:db:4e:48:9e:87:cd:
20:db:c7:67:63:56:4e:b9:04:7f:eb:b0:ce:a6:b3:
b8:9c:98:f8:82:75:d3:73:9d:1b:05:41:29:fe:76:
4f:bd:4e:bf:30:59:ed:a6:92:0b:02:9a:c2:8f:64:
a9:f9:cd:e0:e2:b1:9b:96:29:6f:c6:5b:55:ee:89:
1d:27:40:53:ab:58:ba:6c:f6:d2:c8:e8:aa:98:12:
09:51:5a:19:8a:fc:03:a2:f2:d0:11:11:e5:62:aa:
87:76:7b:9b:e8:d0:4f:8e:2d:b9:27:37:af:68:dc:
67:b5:14:33:f7:0b:ef:bf:4a:71:b5:65:c9:1b:22:
6f:19:0d:a1:99:d2:8f:e3:83:96:6b:c6:41:41:ed:
05:fa:40:ce:04:f2:d0:3d:3f:c2:90:c9:e0:72:b4:
86:6c:1f:31:58:8b:e6:c9:d0:a2:e5:79:88:ca:72:
32:9e:b7:5e:03:e9:05:f7:d1:f3:f2:d8:3a:db:a0:
34:92:a7:0c:d2:09:af:86:75:25:32:7e:a7:8e:c0:
69:b4:5d:0e:b8:1a:84:7d:6a:a8:ea:cb:16:33:bf:
18:89:04:f8:a3:6b:df:cc:90:cc:60:8e:5f:40:65:
c2:a0:cb:58:69:f1:3d:a6:64:a8:60:65:15:fc:7d:
9b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:50:81:67:07:E8:9B:B9:0F:19:A7:43:0E:5C:58:05:E0:8F:BF:3C
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/ZFCBZwfom7kPGadDDlxYBeCPvzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
46.108.0.0/16
46.190.128.0/17
62.213.128.0/19
85.205.0.0/16
86.104.216.0/22
89.32.48.0/21
92.114.8.0/21
108.179.64.0/18
130.195.32.0/20
130.195.64.0-130.195.191.255
130.195.200.0/21
145.230.0.0/16
176.125.0.0/19
188.240.84.0/22
195.232.128.0-195.233.255.255
208.53.128.0/18
Signature Algorithm: sha256WithRSAEncryption
10:a3:16:71:08:4d:65:4a:d8:dc:d6:98:73:5e:06:a1:22:2b:
bb:32:34:74:b3:56:1b:68:3f:f2:f6:8b:dd:ed:03:be:bb:8e:
ca:11:e1:7c:d9:30:a2:43:27:30:29:24:8e:e2:3c:d6:6c:c0:
38:62:45:a0:02:d7:25:76:96:16:a7:d0:a7:6e:d4:45:f8:1d:
58:0f:2d:6b:8d:8a:0b:bc:b6:c7:ca:5f:16:4e:57:ca:ae:d4:
96:82:29:f9:8d:9e:bb:a6:3c:7f:e0:f6:5e:e9:ec:fa:ec:0e:
aa:02:1b:7a:38:64:85:4a:33:3c:bb:24:84:6d:17:4a:3c:75:
16:0a:71:62:23:4b:d0:fb:33:ff:1d:7b:ec:cf:f3:cf:87:95:
41:07:20:c4:c4:39:b3:19:6f:9a:d4:4e:48:55:cd:eb:86:a6:
e3:d7:87:7b:fd:cd:89:8c:9e:c2:cc:7a:2a:4a:f3:0d:93:85:
bd:fc:84:73:d0:17:c8:d3:1e:72:8d:b7:fa:23:2c:30:14:aa:
16:60:c2:b2:3f:3b:a6:82:db:29:bb:fa:3e:3c:0a:d6:54:eb:
6f:28:21:df:5f:2d:dd:9f:28:19:81:41:35:a9:b2:22:1c:88:
d0:f5:ac:68:a0:fc:0c:03:97:0c:61:19:2e:25:23:cc:4f:f5:
06:94:01:09
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYwCC968sTL/f5iExX0o1pMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTI0MTU1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDUwODE2NzA3ZTg5YmI5MGYxOWE3NDMwZTVjNTgwNWUwOGZiZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzqTPgt2+VPbTkieh80g28dnY1ZO
uQR/67DOprO4nJj4gnXTc50bBUEp/nZPvU6/MFntppILAprCj2Sp+c3g4rGblilv
xltV7okdJ0BTq1i6bPbSyOiqmBIJUVoZivwDovLQERHlYqqHdnub6NBPji25Jzev
aNxntRQz9wvvv0pxtWXJGyJvGQ2hmdKP44OWa8ZBQe0F+kDOBPLQPT/CkMngcrSG
bB8xWIvmydCi5XmIynIynrdeA+kF99Hz8tg626A0kqcM0gmvhnUlMn6njsBptF0O
uBqEfWqo6ssWM78YiQT4o2vfzJDMYI5fQGXCoMtYafE9pmSoYGUV/H2bmQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFGRQgWcH6Ju5DxmnQw5cWAXgj788MB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvWkZDQlp3Zm9tN2tQR2FkRERseFlCZUNQdnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEByUZgAMD
AC5sAwQHLr6AAwQFPtWAAwMAVc0DBAJWaNgDBANZIDADBANccggDBAZss0ADBASC
wyAwDAMEBoLDQAMEBoLDgAMEA4LDyAMDAJHmAwQFsH0AAwQCvPBUMAsDBAfD6IAD
AwHD6AMEBtA1gDANBgkqhkiG9w0BAQsFAAOCAQEAEKMWcQhNZUrY3NaYc14GoSIr
uzI0dLNWG2g/8vaL3e0DvruOyhHhfNkwokMnMCkkjuI81mzAOGJFoALXJXaWFqfQ
p27URfgdWA8ta42KC7y2x8pfFk5Xyq7UloIp+Y2eu6Y8f+D2Xuns+uwOqgIbejhk
hUozPLskhG0XSjx1FgpxYiNL0Psz/x177M/zz4eVQQcgxMQ5sxlvmtROSFXN64am
49eHe/3NiYyewsx6KkrzDZOFvfyEc9AXyNMeco23+iMsMBSqFmDCsj87poLbKbv6
PjwK1lTrbygh318t3Z8oGYFBNamyIhyI0PWsaKD8DAOXDGEZLiUjzE/1BpQBCQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:17:20 2025 by rpki-client