Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/dZzmKvOrWYi60JAXzwi44GqxGF8.roa
File: dZzmKvOrWYi60JAXzwi44GqxGF8.roa (raw, json)
Hash identifier: maPiTgXD7Yd0tKujzWSq0oixPRfRvhs5JnGuNqIgeJ4=
Subject key identifier: 75:9C:E6:2A:F3:AB:59:88:BA:D0:90:17:CF:08:B8:E0:6A:B1:18:5F
Certificate issuer: /CN=ff29e70af2f7e18cbc19f97cca8fd6c05099741d
Certificate serial: 01870F18F6A1DCD4C07A1D5EC1237E09847C
Authority key identifier: FF:29:E7:0A:F2:F7:E1:8C:BC:19:F9:7C:CA:8F:D6:C0:50:99:74:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/dZzmKvOrWYi60JAXzwi44GqxGF8.roa
Signing time: Thu 23 Mar 2023 15:31:46 +0000
ROA not before: Thu 23 Mar 2023 15:31:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13178
IP address blocks: 185.61.192.0/24 maxlen: 24
185.61.195.0/24 maxlen: 24
91.204.20.0/24 maxlen: 24
91.204.21.0/24 maxlen: 24
185.58.124.0/22 maxlen: 22
93.88.128.0/20 maxlen: 20
185.175.72.0/22 maxlen: 22
185.59.192.0/22 maxlen: 22
185.55.40.0/22 maxlen: 22
185.58.152.0/22 maxlen: 22
91.205.44.0/22 maxlen: 22
93.187.120.0/21 maxlen: 21
2a0b:d700::/29 maxlen: 29
2a04:ed40::/29 maxlen: 29
2a04:e080::/29 maxlen: 29
2a03:6c0::/32 maxlen: 32
2a00:8040::/32 maxlen: 32
2a02:6160::/32 maxlen: 32
2a03:ed80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0f:18:f6:a1:dc:d4:c0:7a:1d:5e:c1:23:7e:09:84:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff29e70af2f7e18cbc19f97cca8fd6c05099741d
Validity
Not Before: Mar 23 15:31:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=759ce62af3ab5988bad09017cf08b8e06ab1185f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:21:f8:f1:1b:65:b4:1d:ba:7c:c2:7a:98:4d:
37:de:3f:5c:98:0d:e2:b1:45:7d:e9:ae:61:b1:fe:
81:6a:b5:eb:dd:5c:1e:b4:62:87:5a:15:9f:ee:e7:
09:66:f2:8d:f4:4a:b4:dc:ef:5b:1c:81:9e:b4:f3:
21:8b:b2:aa:6a:bc:48:25:e5:01:11:dc:77:42:3f:
7f:5a:3f:a3:bb:fc:75:19:63:db:3a:08:6a:3e:2a:
26:c1:f3:b6:ba:15:b9:fd:34:ff:5d:5a:13:e9:47:
bf:28:f7:d9:e1:df:3e:5a:de:b6:8b:4c:d1:9a:d5:
b9:d9:42:42:71:60:3a:c6:ad:ae:44:e7:6c:5c:8b:
a0:ca:6f:8d:f2:f3:63:11:89:5c:55:b2:f9:d0:a9:
85:5b:36:d3:df:73:98:9c:2e:3c:c2:f0:13:88:a7:
17:0a:90:73:00:d6:5f:ca:b1:60:36:94:e6:08:cf:
8a:f7:98:98:12:97:cd:58:95:70:d1:56:53:57:66:
cc:37:3e:09:32:dc:11:ca:f2:48:d7:68:c9:9d:6d:
e9:51:19:aa:ee:63:c3:2f:e6:9b:34:e4:f4:da:23:
0e:97:63:16:9b:2a:f4:a3:78:c7:dc:5e:27:7b:f0:
8a:2a:e3:26:62:19:63:82:e0:3b:f2:4c:78:f1:48:
37:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:9C:E6:2A:F3:AB:59:88:BA:D0:90:17:CF:08:B8:E0:6A:B1:18:5F
X509v3 Authority Key Identifier:
keyid:FF:29:E7:0A:F2:F7:E1:8C:BC:19:F9:7C:CA:8F:D6:C0:50:99:74:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/dZzmKvOrWYi60JAXzwi44GqxGF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.20.0/23
91.205.44.0/22
93.88.128.0/20
93.187.120.0/21
185.55.40.0/22
185.58.124.0/22
185.58.152.0/22
185.59.192.0/22
185.61.192.0/24
185.61.195.0/24
185.175.72.0/22
IPv6:
2a00:8040::/32
2a02:6160::/32
2a03:6c0::/32
2a03:ed80::/32
2a04:e080::/29
2a04:ed40::/29
2a0b:d700::/29
Signature Algorithm: sha256WithRSAEncryption
16:45:18:0c:84:2c:78:54:1b:16:2e:27:1d:37:60:84:40:2a:
1c:f8:e2:a5:60:f7:0a:1e:77:0c:56:25:37:c4:f8:bd:f6:30:
00:be:fd:05:32:5a:68:fc:d8:a9:26:d8:d6:65:bb:79:a9:5b:
31:92:a1:e8:12:60:ae:59:09:45:cb:b7:ca:62:34:ab:82:5a:
a7:39:10:b9:f6:d4:a7:1d:27:da:6a:fd:c6:0e:c9:28:44:f1:
9b:1a:47:e9:b0:b6:90:88:22:3d:eb:28:c5:bf:a9:7e:9b:0d:
bd:b1:8d:58:68:f6:71:83:aa:2f:09:0f:e8:9f:40:5a:c2:bb:
3e:fb:54:e6:7e:92:ef:53:87:a4:eb:1d:da:e4:29:b2:d0:17:
da:97:41:e7:7a:44:37:31:3e:06:98:b0:08:3b:e2:67:80:6b:
a5:c2:00:02:41:9b:c4:cc:cc:dd:94:29:22:3b:b5:25:67:ef:
98:0c:7e:3e:cc:c8:4b:bb:59:55:7c:8d:80:ae:35:c6:e5:61:
53:30:35:19:00:57:d8:09:0b:f6:c9:3e:2c:9b:74:d1:d1:ed:
d6:27:82:fe:6c:5e:f2:b6:9c:bc:53:09:4f:bc:55:96:31:99:
6d:71:e1:92:f1:c0:3a:41:5a:5b:69:ed:9e:22:fb:42:3f:a8:
63:84:4a:b2
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYcPGPah3NTAeh1ewSN+CYR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjllNzBhZjJmN2UxOGNiYzE5Zjk3Y2NhOGZkNmMwNTA5
OTc0MWQwHhcNMjMwMzIzMTUzMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTljZTYyYWYzYWI1OTg4YmFkMDkwMTdjZjA4YjhlMDZhYjExODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSH48RtltB26fMJ6mE033j9cmA3i
sUV96a5hsf6BarXr3VwetGKHWhWf7ucJZvKN9Eq03O9bHIGetPMhi7KqarxIJeUB
Edx3Qj9/Wj+ju/x1GWPbOghqPiomwfO2uhW5/TT/XVoT6Ue/KPfZ4d8+Wt62i0zR
mtW52UJCcWA6xq2uROdsXIugym+N8vNjEYlcVbL50KmFWzbT33OYnC48wvATiKcX
CpBzANZfyrFgNpTmCM+K95iYEpfNWJVw0VZTV2bMNz4JMtwRyvJI12jJnW3pURmq
7mPDL+abNOT02iMOl2MWmyr0o3jH3F4ne/CKKuMmYhljguA78kx48Ug3LQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFHWc5irzq1mIutCQF88IuOBqsRhfMB8GA1UdIwQY
MBaAFP8p5wry9+GMvBn5fMqP1sBQmXQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lubkN2TDM0WXk4R2ZsOHlvX1d3RkNaZEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lYzJkODktNDRkZC00YmFiLWFlN2Et
Y2YyMGU1YjY3ZmM4LzEvZFp6bUt2T3JXWWk2MEpBWHp3aTQ0R3F4R0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lYzJkODktNDRkZC00YmFiLWFlN2EtY2YyMGU1YjY3ZmM4
LzEvX3lubkN2TDM0WXk4R2ZsOHlvX1d3RkNaZEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzBIBAIAATBCAwQBW8wU
AwQCW80sAwQEXViAAwQDXbt4AwQCuTcoAwQCuTp8AwQCuTqYAwQCuTvAAwQAuT3A
AwQAuT3DAwQCua9IMDcEAgACMDEDBQAqAIBAAwUAKgJhYAMFACoDBsADBQAqA+2A
AwUDKgTggAMFAyoE7UADBQMqC9cAMA0GCSqGSIb3DQEBCwUAA4IBAQAWRRgMhCx4
VBsWLicdN2CEQCoc+OKlYPcKHncMViU3xPi99jAAvv0FMlpo/NipJtjWZbt5qVsx
kqHoEmCuWQlFy7fKYjSrglqnORC59tSnHSfaav3GDskoRPGbGkfpsLaQiCI96yjF
v6l+mw29sY1YaPZxg6ovCQ/on0Bawrs++1TmfpLvU4ek6x3a5Cmy0Bfal0HnekQ3
MT4GmLAIO+JngGulwgACQZvEzMzdlCkiO7UlZ++YDH4+zMhLu1lVfI2ArjXG5WFT
MDUZAFfYCQv2yT4sm3TR0e3WJ4L+bF7ytpy8UwlPvFWWMZltceGS8cA6QVpbae2e
IvtCP6hjhEqy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:51 2025 by rpki-client