Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/2ztXde0NUofNMJOlDglyNFTrMpA.roa
File: 2ztXde0NUofNMJOlDglyNFTrMpA.roa (raw, json)
Hash identifier: h5XMI7YBKwnwvZAX8EzMYWAIMVFP7JzWZK+p3lYIJXo=
Subject key identifier: DB:3B:57:75:ED:0D:52:87:CD:30:93:A5:0E:09:72:34:54:EB:32:90
Certificate issuer: /CN=01335442514d5249b5143cfdf821216bb5c52940
Certificate serial: 03E34ABA
Authority key identifier: 01:33:54:42:51:4D:52:49:B5:14:3C:FD:F8:21:21:6B:B5:C5:29:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/2ztXde0NUofNMJOlDglyNFTrMpA.roa
Signing time: Sat 01 Jan 2022 06:57:06 +0000
ROA not before: Sat 01 Jan 2022 06:57:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7979
IP address blocks: 23.105.231.0/24 maxlen: 24
23.105.232.0/24 maxlen: 24
23.105.240.0/24 maxlen: 24
23.105.252.0/24 maxlen: 24
23.105.248.0/24 maxlen: 24
23.111.32.0/19 maxlen: 24
23.105.225.0/24 maxlen: 24
23.105.224.0/19 maxlen: 24
23.111.96.0/19 maxlen: 24
23.111.103.0/24 maxlen: 24
23.111.108.0/24 maxlen: 24
23.111.106.0/24 maxlen: 24
23.111.116.0/24 maxlen: 24
23.111.206.0/24 maxlen: 24
23.111.204.0/24 maxlen: 24
23.111.205.0/24 maxlen: 24
23.111.202.0/24 maxlen: 24
23.111.203.0/24 maxlen: 24
23.111.201.0/24 maxlen: 24
23.111.200.0/24 maxlen: 24
23.111.207.0/24 maxlen: 24
23.111.213.0/24 maxlen: 24
23.111.211.0/24 maxlen: 24
23.111.212.0/24 maxlen: 24
23.111.209.0/24 maxlen: 24
23.111.210.0/24 maxlen: 24
23.111.208.0/24 maxlen: 24
88.212.232.0/21 maxlen: 24
23.111.215.0/24 maxlen: 24
23.111.214.0/24 maxlen: 24
88.212.239.0/24 maxlen: 24
88.212.238.0/24 maxlen: 24
88.212.240.0/21 maxlen: 24
88.212.241.0/24 maxlen: 24
88.212.248.0/21 maxlen: 24
88.212.254.0/24 maxlen: 24
23.111.192.0/24 maxlen: 24
23.111.199.0/24 maxlen: 24
23.111.197.0/24 maxlen: 24
23.111.198.0/24 maxlen: 24
23.111.196.0/24 maxlen: 24
23.111.194.0/24 maxlen: 24
23.111.195.0/24 maxlen: 24
23.111.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65227450 (0x3e34aba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01335442514d5249b5143cfdf821216bb5c52940
Validity
Not Before: Jan 1 06:57:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db3b5775ed0d5287cd3093a50e09723454eb3290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b4:39:4e:7b:23:b8:ae:e3:af:a6:9e:b0:dc:
4b:78:e9:49:7f:60:91:f0:27:c2:55:4c:9d:b5:d2:
c9:59:0b:b8:91:a7:89:66:ba:14:c2:cc:47:ee:e4:
1a:a2:7b:37:26:d2:99:d1:69:b3:92:40:e2:ec:80:
78:95:b9:93:f3:e5:1b:90:59:58:94:12:b7:1f:99:
96:0f:79:7c:5c:1a:4f:a5:cf:77:16:4c:f4:dc:ae:
77:8a:b7:d5:be:2c:69:ae:83:be:4e:c7:49:87:79:
1b:e6:11:1f:e9:6f:a7:d2:42:84:ba:e9:cb:6e:6a:
73:a3:35:41:9b:53:3c:21:f6:cd:96:f7:95:58:57:
8f:bc:a8:d9:84:32:b2:fe:f5:7d:eb:a5:36:c4:46:
8e:94:99:8b:86:f1:29:24:5e:7d:64:5f:c0:da:e6:
5a:47:24:82:55:bd:30:64:8b:cb:37:3e:06:c3:94:
f5:ef:b4:e6:76:15:c8:c2:dd:22:43:0b:12:c1:e0:
79:f2:29:ee:92:7b:7a:11:bc:d2:58:a9:0c:37:d4:
d2:d1:07:7e:4e:85:cf:58:aa:12:3a:9e:1a:93:ed:
df:f5:ef:a5:ac:f0:d3:91:cb:e0:d9:22:57:83:59:
db:2b:b9:4d:e9:4e:5a:db:c5:c1:3e:2c:74:16:f6:
e7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3B:57:75:ED:0D:52:87:CD:30:93:A5:0E:09:72:34:54:EB:32:90
X509v3 Authority Key Identifier:
keyid:01:33:54:42:51:4D:52:49:B5:14:3C:FD:F8:21:21:6B:B5:C5:29:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/2ztXde0NUofNMJOlDglyNFTrMpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/ATNUQlFNUkm1FDz9-CEha7XFKUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.105.224.0/19
23.111.32.0/19
23.111.96.0/19
23.111.192.0-23.111.215.255
88.212.232.0-88.212.255.255
Signature Algorithm: sha256WithRSAEncryption
5b:f5:27:da:9a:d3:6e:e9:44:51:86:e9:84:1e:e6:70:43:9d:
ed:22:04:34:6a:8d:8c:45:f1:b1:0e:dd:ee:66:94:08:77:75:
a2:c9:b0:90:2f:1f:52:a7:76:f4:99:04:db:6e:18:d8:11:65:
16:8c:75:90:58:b5:25:99:5f:28:73:af:42:ab:5e:3e:9f:2f:
5f:37:47:84:99:bb:3b:9e:92:06:dc:f2:6e:21:20:4f:66:51:
65:5e:9e:6f:24:3d:bf:36:a8:a7:d5:74:5e:8c:41:ca:e9:57:
71:3c:44:d0:5e:00:50:f1:d6:2e:0f:30:30:2a:e2:40:c5:1f:
e0:3a:3d:e0:9c:45:87:da:0f:1b:18:9c:de:0b:92:af:ce:96:
42:ac:46:5a:2b:67:da:6d:fe:f5:b3:b0:07:af:c0:9a:eb:78:
23:f6:f4:47:5a:c2:ff:4f:81:93:b5:88:01:ea:58:6e:3d:11:
e9:b4:de:95:0e:89:6b:03:9a:39:2e:bc:5a:07:a5:e9:fc:0c:
15:23:2b:43:f7:dd:0f:59:61:a7:ce:a7:0c:e9:85:cc:fc:7c:
5c:d5:6a:00:ed:75:2e:dc:57:4e:f6:43:3b:fc:30:c5:c8:d5:
b1:d5:90:2a:4e:a6:b8:91:e7:f7:3b:24:86:e0:f4:e4:97:6a:
30:a9:ee:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEA+NKujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTMzNTQ0MjUxNGQ1MjQ5YjUxNDNjZmRmODIxMjE2YmI1YzUyOTQwMB4XDTIyMDEw
MTA2NTcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIzYjU3NzVlZDBk
NTI4N2NkMzA5M2E1MGUwOTcyMzQ1NGViMzI5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKO0OU57I7iu46+mnrDcS3jpSX9gkfAnwlVMnbXSyVkLuJGn
iWa6FMLMR+7kGqJ7NybSmdFps5JA4uyAeJW5k/PlG5BZWJQStx+Zlg95fFwaT6XP
dxZM9Nyud4q31b4saa6Dvk7HSYd5G+YRH+lvp9JChLrpy25qc6M1QZtTPCH2zZb3
lVhXj7yo2YQysv71feulNsRGjpSZi4bxKSRefWRfwNrmWkckglW9MGSLyzc+BsOU
9e+05nYVyMLdIkMLEsHgefIp7pJ7ehG80lipDDfU0tEHfk6Fz1iqEjqeGpPt3/Xv
pazw05HL4NkiV4NZ2yu5TelOWtvFwT4sdBb25zECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTbO1d17Q1Sh80wk6UOCXI0VOsykDAfBgNVHSMEGDAWgBQBM1RCUU1SSbUU
PP34ISFrtcUpQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FUTlVRbEZOVWttMUZEejktQ0VoYTdYRktVQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYzdhNjhmLTdiZjgtNGY4MC1hOWEyLTgxNWQyYzAyNjY0Ni8x
LzJ6dFhkZTBOVW9mTk1KT2xEZ2x5TkZUck1wQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YzdhNjhmLTdiZjgtNGY4MC1hOWEyLTgxNWQyYzAyNjY0Ni8xL0FUTlVRbEZOVWtt
MUZEejktQ0VoYTdYRktVQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwMwQCAAEwLQMEBRdp4AMEBRdvIAMEBRdvYDAMAwQG
F2/AAwQDF2/QMAsDBANY1OgDAwBY1DANBgkqhkiG9w0BAQsFAAOCAQEAW/Un2prT
bulEUYbphB7mcEOd7SIENGqNjEXxsQ7d7maUCHd1osmwkC8fUqd29JkE224Y2BFl
Fox1kFi1JZlfKHOvQqtePp8vXzdHhJm7O56SBtzybiEgT2ZRZV6ebyQ9vzaop9V0
XoxByulXcTxE0F4AUPHWLg8wMCriQMUf4Do94JxFh9oPGxic3guSr86WQqxGWitn
2m3+9bOwB6/Amut4I/b0R1rC/0+Bk7WIAepYbj0R6bTelQ6JawOaOS68Wgel6fwM
FSMrQ/fdD1lhp86nDOmFzPx8XNVqAO11LtxXTvZDO/wwxcjVsdWQKk6muJHn9zsk
huD05JdqMKnubg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:32:37 2025 by rpki-client