Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/ZNun_eoKCiidwmLaw3AKCg32F4U.roa
File: ZNun_eoKCiidwmLaw3AKCg32F4U.roa (raw, json)
Hash identifier: 6m2uSSBKxbg34+VZxMTcOEoguSkWUZ/7k4R1FDUkScM=
Subject key identifier: 64:DB:A7:FD:EA:0A:0A:28:9D:C2:62:DA:C3:70:0A:0A:0D:F6:17:85
Certificate issuer: /CN=59dda75f8110743d250c3068a356ce6acf1c4fe2
Certificate serial: 01851AD17E32D9F119F70E7D94DB9D89E142
Authority key identifier: 59:DD:A7:5F:81:10:74:3D:25:0C:30:68:A3:56:CE:6A:CF:1C:4F:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/ZNun_eoKCiidwmLaw3AKCg32F4U.roa
Signing time: Fri 16 Dec 2022 12:03:34 +0000
ROA not before: Fri 16 Dec 2022 12:03:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41897
IP address blocks: 94.248.184.0/21 maxlen: 21
46.40.56.0/22 maxlen: 22
46.40.63.0/24 maxlen: 24
46.40.60.0/23 maxlen: 23
46.40.62.0/24 maxlen: 24
46.40.0.0/18 maxlen: 18
46.40.1.0/24 maxlen: 24
46.40.8.0/22 maxlen: 22
46.40.6.0/24 maxlen: 24
94.248.233.0/24 maxlen: 24
94.248.232.0/24 maxlen: 24
46.40.16.0/21 maxlen: 21
94.248.232.0/22 maxlen: 22
94.248.232.0/21 maxlen: 21
46.40.15.0/24 maxlen: 24
46.40.12.0/23 maxlen: 23
94.248.238.0/24 maxlen: 24
94.248.239.0/24 maxlen: 24
94.248.237.0/24 maxlen: 24
94.248.235.0/24 maxlen: 24
94.248.236.0/24 maxlen: 24
94.248.234.0/24 maxlen: 24
46.40.26.0/24 maxlen: 24
46.40.27.0/24 maxlen: 24
46.40.31.0/24 maxlen: 24
46.40.30.0/24 maxlen: 24
46.40.30.0/23 maxlen: 23
46.40.29.0/24 maxlen: 24
46.40.37.0/24 maxlen: 24
46.40.35.0/24 maxlen: 24
46.40.33.0/24 maxlen: 24
46.40.34.0/24 maxlen: 24
46.40.32.0/24 maxlen: 24
91.147.244.0/22 maxlen: 22
46.40.40.0/21 maxlen: 21
46.40.48.0/21 maxlen: 21
89.147.80.0/20 maxlen: 20
89.147.80.0/22 maxlen: 22
89.147.80.0/24 maxlen: 24
195.192.244.0/22 maxlen: 22
95.85.173.0/24 maxlen: 24
95.85.176.0/22 maxlen: 22
95.85.184.0/23 maxlen: 23
95.85.186.0/23 maxlen: 23
95.85.128.0/22 maxlen: 22
95.85.128.0/18 maxlen: 18
95.85.136.0/22 maxlen: 22
95.85.135.0/24 maxlen: 24
95.85.144.0/21 maxlen: 21
95.85.152.0/23 maxlen: 23
81.24.240.0/21 maxlen: 21
95.85.156.0/22 maxlen: 22
81.24.247.0/24 maxlen: 24
95.85.154.0/23 maxlen: 23
95.85.172.0/24 maxlen: 24
185.10.204.0/22 maxlen: 22
185.10.204.0/24 maxlen: 24
217.17.97.0/24 maxlen: 24
217.17.98.0/24 maxlen: 24
217.17.96.0/24 maxlen: 24
217.17.96.0/20 maxlen: 24
217.17.100.0/24 maxlen: 24
217.17.111.0/24 maxlen: 24
217.17.110.0/24 maxlen: 24
217.17.107.0/24 maxlen: 24
217.17.108.0/24 maxlen: 24
185.37.168.0/22 maxlen: 22
80.245.96.0/22 maxlen: 22
45.158.16.0/22 maxlen: 22
46.251.8.0/22 maxlen: 22
91.102.224.0/21 maxlen: 21
91.102.229.0/24 maxlen: 24
185.231.128.0/22 maxlen: 22
185.169.248.0/22 maxlen: 22
185.169.248.0/24 maxlen: 24
185.156.152.0/22 maxlen: 22
185.141.198.0/24 maxlen: 24
185.141.199.0/24 maxlen: 24
185.141.196.0/22 maxlen: 22
185.141.196.0/23 maxlen: 23
85.222.178.0/24 maxlen: 24
85.222.179.0/24 maxlen: 24
85.222.176.0/20 maxlen: 20
85.222.176.0/21 maxlen: 21
85.222.176.0/24 maxlen: 24
85.222.180.0/22 maxlen: 22
185.6.190.0/24 maxlen: 24
185.6.191.0/24 maxlen: 24
185.6.189.0/24 maxlen: 24
185.6.188.0/24 maxlen: 24
185.6.188.0/22 maxlen: 22
178.20.200.0/24 maxlen: 24
178.20.202.0/23 maxlen: 23
178.20.201.0/24 maxlen: 24
2a00:ad07:3000::/36 maxlen: 36
2a00:ad00::/29 maxlen: 29
2a00:ad03::/32 maxlen: 32
2a00:ad00:2010::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:d1:7e:32:d9:f1:19:f7:0e:7d:94:db:9d:89:e1:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dda75f8110743d250c3068a356ce6acf1c4fe2
Validity
Not Before: Dec 16 12:03:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64dba7fdea0a0a289dc262dac3700a0a0df61785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:af:2f:77:29:8c:d4:ab:5f:72:78:3e:3b:14:
ae:6c:85:5b:8b:1d:07:69:5c:38:93:4e:6e:ed:75:
4c:52:2d:04:d3:dc:2a:d9:f3:53:58:5d:6f:8c:84:
b3:96:5b:dc:f2:ba:ce:2d:d8:fb:f2:35:ce:f7:ee:
c5:4f:e2:71:b9:2d:39:86:33:05:44:6b:12:85:56:
b8:d7:d7:68:67:e4:a6:4c:2f:a1:d0:d2:21:ca:93:
af:73:7f:5b:b4:4a:32:2d:cd:43:bf:bc:97:26:2e:
6c:59:64:a7:c8:c1:5d:4c:24:1e:18:d1:a4:3a:98:
66:be:c6:12:b4:45:6c:9a:29:dd:f8:dd:72:d7:b3:
2a:a5:b3:d6:a0:9b:95:93:9e:93:ad:22:70:f3:1e:
a0:d5:77:cf:db:6a:a8:27:c1:f7:d5:a9:3d:24:c8:
88:98:bd:d8:8b:9e:33:aa:51:50:74:bd:22:df:62:
fa:d4:14:a4:34:bb:6a:7f:de:f1:80:9e:08:ff:7a:
6b:e3:e4:02:2b:7f:af:b5:5e:d2:a2:93:c5:47:c1:
99:a7:f0:f1:80:75:66:c4:d6:69:5a:a5:c0:33:c0:
9b:1c:88:19:70:8d:13:f5:55:52:82:1d:f3:09:76:
c9:25:3e:ba:6d:bc:c5:2e:d7:67:f2:3f:97:e7:2e:
a7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:DB:A7:FD:EA:0A:0A:28:9D:C2:62:DA:C3:70:0A:0A:0D:F6:17:85
X509v3 Authority Key Identifier:
keyid:59:DD:A7:5F:81:10:74:3D:25:0C:30:68:A3:56:CE:6A:CF:1C:4F:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/ZNun_eoKCiidwmLaw3AKCg32F4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/Wd2nX4EQdD0lDDBoo1bOas8cT-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.16.0/22
46.40.0.0/18
46.251.8.0/22
80.245.96.0/22
81.24.240.0/21
85.222.176.0/20
89.147.80.0/20
91.102.224.0/21
91.147.244.0/22
94.248.184.0/21
94.248.232.0/21
95.85.128.0/18
178.20.200.0/22
185.6.188.0/22
185.10.204.0/22
185.37.168.0/22
185.141.196.0/22
185.156.152.0/22
185.169.248.0/22
185.231.128.0/22
195.192.244.0/22
217.17.96.0/20
IPv6:
2a00:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
21:14:b2:71:b4:f3:3d:87:97:f2:6e:98:1e:a6:e9:ef:9d:1b:
58:f7:b6:19:1b:ce:0c:1b:f8:d3:a4:0c:71:28:83:ce:3a:db:
a8:34:5d:22:d5:f6:8d:ba:d7:c5:70:7e:9e:53:e5:c8:c7:c4:
af:4f:d7:d0:87:d6:4a:da:6d:16:43:a3:7b:ec:7c:0d:85:e6:
00:b2:ba:80:50:0a:01:2a:45:5c:da:4b:e5:ba:0a:79:e1:f4:
f0:23:31:cb:a3:66:52:aa:ce:f3:3d:90:ea:99:43:07:b5:8f:
d8:ec:6f:a7:70:49:68:8c:79:d2:c0:90:e3:52:d9:ca:3b:3c:
41:ac:10:db:c5:d7:1b:1a:54:71:63:56:22:50:b9:53:ca:59:
17:ba:9e:78:b4:49:be:df:55:1d:dd:14:4e:92:7c:03:4a:27:
9d:5d:14:19:68:e6:ba:a1:12:47:27:09:d7:4d:4e:04:b3:0b:
8d:f1:bc:1e:a9:d9:9b:1a:7b:43:aa:f3:4f:5d:ee:bc:e5:cb:
48:34:8d:de:c3:ac:a4:c0:72:3f:87:d6:ef:66:36:35:c8:26:
59:ca:fd:80:77:20:36:43:e6:6a:42:ed:f8:8c:af:d0:e2:c4:
83:c4:0d:08:87:78:e0:1b:b5:d0:86:28:ac:ca:17:56:9b:f1:
18:6b:76:81
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYUa0X4y2fEZ9w59lNudieFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGRhNzVmODExMDc0M2QyNTBjMzA2OGEzNTZjZTZhY2Yx
YzRmZTIwHhcNMjIxMjE2MTIwMzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGRiYTdmZGVhMGEwYTI4OWRjMjYyZGFjMzcwMGEwYTBkZjYxNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn68vdymM1Ktfcng+OxSubIVbix0H
aVw4k05u7XVMUi0E09wq2fNTWF1vjISzllvc8rrOLdj78jXO9+7FT+JxuS05hjMF
RGsShVa419doZ+SmTC+h0NIhypOvc39btEoyLc1Dv7yXJi5sWWSnyMFdTCQeGNGk
OphmvsYStEVsmind+N1y17MqpbPWoJuVk56TrSJw8x6g1XfP22qoJ8H31ak9JMiI
mL3Yi54zqlFQdL0i32L61BSkNLtqf97xgJ4I/3pr4+QCK3+vtV7SopPFR8GZp/Dx
gHVmxNZpWqXAM8CbHIgZcI0T9VVSgh3zCXbJJT66bbzFLtdn8j+X5y6nwwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFGTbp/3qCgooncJi2sNwCgoN9heFMB8GA1UdIwQY
MBaAFFndp1+BEHQ9JQwwaKNWzmrPHE/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2Qyblg0RVFkRDBsRERCb28xYk9hczhjVC1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lYmYzZjctZTNhYi00ZjhjLTg2ZTgt
NzA4N2UzZmUyYTVkLzEvWk51bl9lb0tDaWlkd21MYXczQUtDZzMyRjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lYmYzZjctZTNhYi00ZjhjLTg2ZTgtNzA4N2UzZmUyYTVk
LzEvV2Qyblg0RVFkRDBsRERCb28xYk9hczhjVC1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBAIt
nhADBAYuKAADBAIu+wgDBAJQ9WADBANRGPADBARV3rADBARZk1ADBANbZuADBAJb
k/QDBANe+LgDBANe+OgDBAZfVYADBAKyFMgDBAK5BrwDBAK5CswDBAK5JagDBAK5
jcQDBAK5nJgDBAK5qfgDBAK554ADBALDwPQDBATZEWAwDQQCAAIwBwMFAyoArQAw
DQYJKoZIhvcNAQELBQADggEBACEUsnG08z2Hl/JumB6m6e+dG1j3thkbzgwb+NOk
DHEog84626g0XSLV9o2618Vwfp5T5cjHxK9P19CH1krabRZDo3vsfA2F5gCyuoBQ
CgEqRVzaS+W6Cnnh9PAjMcujZlKqzvM9kOqZQwe1j9jsb6dwSWiMedLAkONS2co7
PEGsENvF1xsaVHFjViJQuVPKWRe6nni0Sb7fVR3dFE6SfANKJ51dFBlo5rqhEkcn
CddNTgSzC43xvB6p2Zsae0Oq809d7rzly0g0jd7DrKTAcj+H1u9mNjXIJlnK/YB3
IDZD5mpC7fiMr9DixIPEDQiHeOAbtdCGKKzKF1ab8RhrdoE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:05 2024 by rpki-client on console-fra.rpki-client.org