Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Z-LS6J24o3kUJ4bsqEehuZTch6s.roa
File: Z-LS6J24o3kUJ4bsqEehuZTch6s.roa (raw, json)
Hash identifier: 8htx27U5iP+uDwIEaVq9ieLDqjkgTIua8Hee+nzaMDs=
Subject key identifier: 67:E2:D2:E8:9D:B8:A3:79:14:27:86:EC:A8:47:A1:B9:94:DC:87:AB
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01834FC7F273617ACBC0DD890007CFD79645
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Z-LS6J24o3kUJ4bsqEehuZTch6s.roa
Signing time: Sun 18 Sep 2022 08:47:27 +0000
ROA not before: Sun 18 Sep 2022 08:47:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/22 maxlen: 22
2a0d:4a40::/29 maxlen: 29
2a04:27c0::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:4f:c7:f2:73:61:7a:cb:c0:dd:89:00:07:cf:d7:96:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Sep 18 08:47:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67e2d2e89db8a379142786eca847a1b994dc87ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b9:ee:02:e8:6d:4a:e7:9d:0f:06:c5:28:a4:
2e:80:f3:14:77:c2:fd:d4:cc:f4:a1:74:13:28:9c:
37:3b:0a:83:2e:28:b3:6a:63:80:78:24:a8:47:3d:
f2:74:70:2d:a9:e4:82:12:5b:15:3d:cc:c5:f5:87:
18:17:73:2a:3d:06:3f:37:08:6d:23:01:a1:7b:11:
9c:1a:8a:f7:4f:eb:6b:da:c0:0d:5e:b1:a0:c9:45:
0f:03:49:c9:dd:17:42:5a:91:45:7f:10:a2:8e:a7:
4f:8e:d1:34:af:e9:ee:2c:5c:11:be:e0:36:42:ef:
a5:9f:f7:46:9f:3b:89:1d:29:81:fb:17:33:30:44:
e5:6e:5d:4a:3d:f6:c3:db:d2:fd:3f:d5:1c:81:00:
28:48:25:5a:21:e2:e5:db:fa:c6:f1:25:af:e9:dc:
47:ab:05:4d:f7:34:52:b9:a3:77:ca:23:c2:ad:59:
86:f2:72:ed:37:8e:84:ea:d7:27:00:de:cf:95:26:
69:3d:09:b2:a9:03:7e:0c:ba:17:2e:e7:52:bf:cb:
f5:29:f3:39:d0:06:01:6f:ee:9a:9c:5e:9d:06:07:
be:cf:46:2e:b7:96:f2:7b:08:78:a2:c9:7b:9c:63:
64:e6:52:dc:5d:5b:6f:95:a0:52:f4:77:5e:24:08:
bd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E2:D2:E8:9D:B8:A3:79:14:27:86:EC:A8:47:A1:B9:94:DC:87:AB
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Z-LS6J24o3kUJ4bsqEehuZTch6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/22
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
19:9e:f8:7c:54:18:f6:ff:26:73:5a:4e:57:d9:36:12:67:ac:
92:ba:48:f4:e3:b6:65:78:96:26:a9:75:35:ed:bb:ee:ad:d9:
7e:58:b0:ea:b0:34:e2:65:c5:43:ad:3b:05:9f:0c:bb:5c:a9:
74:f2:a6:83:f0:16:08:4a:dc:17:7f:ff:c3:2b:d6:99:22:ad:
b3:19:f0:e7:03:7e:d5:4b:25:a1:07:c6:3e:fa:36:9c:92:0f:
ce:f3:60:cb:11:b3:41:40:5e:ad:72:64:b6:a4:cd:d8:9d:4f:
9d:67:df:14:6c:92:db:d5:e7:51:ff:21:48:40:c8:bd:af:46:
5d:76:b5:0d:77:3d:4e:c5:c1:17:f1:a4:44:00:61:6b:bf:1e:
10:77:3b:3f:2c:b2:89:b3:e1:4c:de:27:55:75:96:df:31:3d:
44:5f:7b:0d:e7:68:30:54:97:64:e9:42:56:b6:39:8e:12:db:
03:12:31:fc:4e:97:7f:2a:04:14:d4:0b:1b:44:77:99:6d:4e:
01:7e:c1:ab:93:c4:12:0f:71:8c:2d:67:81:09:54:a6:7c:a0:
c5:bd:09:22:62:05:12:0f:14:a8:74:41:b5:f7:ca:23:81:cf:
51:90:f7:c8:f1:1d:dc:2f:b9:76:28:31:01:98:b4:d4:23:65:
1f:d5:2e:e8
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYNPx/JzYXrLwN2JAAfP15ZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjIwOTE4MDg0NzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2UyZDJlODlkYjhhMzc5MTQyNzg2ZWNhODQ3YTFiOTk0ZGM4N2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbnuAuhtSuedDwbFKKQugPMUd8L9
1Mz0oXQTKJw3OwqDLiizamOAeCSoRz3ydHAtqeSCElsVPczF9YcYF3MqPQY/Nwht
IwGhexGcGor3T+tr2sANXrGgyUUPA0nJ3RdCWpFFfxCijqdPjtE0r+nuLFwRvuA2
Qu+ln/dGnzuJHSmB+xczMETlbl1KPfbD29L9P9UcgQAoSCVaIeLl2/rG8SWv6dxH
qwVN9zRSuaN3yiPCrVmG8nLtN46E6tcnAN7PlSZpPQmyqQN+DLoXLudSv8v1KfM5
0AYBb+6anF6dBge+z0Yut5byewh4osl7nGNk5lLcXVtvlaBS9HdeJAi9wQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFGfi0uiduKN5FCeG7KhHobmU3IerMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvWi1MUzZKMjRvM2tVSjRic3FFZWh1WlRjaDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQDH6uYAwQC
LUL8AwQCLY4YAwQCbUocAwQCuTVkAwQCuel8AwQBwnFQAwQBwnFeMCIEAgACMBwD
BQMqBCfAAwUDKg1CwAMFAyoNSkADBQMqDtTAMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
nvh8VBj2/yZzWk5X2TYSZ6ySukj047ZleJYmqXU17bvurdl+WLDqsDTiZcVDrTsF
nwy7XKl08qaD8BYIStwXf//DK9aZIq2zGfDnA37VSyWhB8Y++jackg/O82DLEbNB
QF6tcmS2pM3YnU+dZ98UbJLb1edR/yFIQMi9r0ZddrUNdz1OxcEX8aREAGFrvx4Q
dzs/LLKJs+FM3idVdZbfMT1EX3sN52gwVJdk6UJWtjmOEtsDEjH8Tpd/KgQU1Asb
RHeZbU4BfsGrk8QSD3GMLWeBCVSmfKDFvQkiYgUSDxSodEG198ojgc9RkPfI8R3c
L7l2KDEBmLTUI2Uf1S7o
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:52 2025 by rpki-client