Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/ZX7mbr0-gOqPg6JTkUyTHiTzs48.roa
File: ZX7mbr0-gOqPg6JTkUyTHiTzs48.roa (raw, json)
Hash identifier: z1LzIyUT91R7+Iotvvwd5rjGe3wBfZlqWmi8uCDym1g=
Subject key identifier: 65:7E:E6:6E:BD:3E:80:EA:8F:83:A2:53:91:4C:93:1E:24:F3:B3:8F
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 1571AB32
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/ZX7mbr0-gOqPg6JTkUyTHiTzs48.roa
Signing time: Sat 01 Jan 2022 14:03:37 +0000
ROA not before: Sat 01 Jan 2022 14:03:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41564
IP address blocks: 23.92.127.0/24 maxlen: 24
192.40.88.0/24 maxlen: 24
158.222.0.0/20 maxlen: 20
158.222.3.0/24 maxlen: 24
158.222.7.0/24 maxlen: 24
158.222.5.0/24 maxlen: 24
151.237.186.0/24 maxlen: 24
5.157.4.0/24 maxlen: 24
5.157.8.0/24 maxlen: 24
104.160.2.0/24 maxlen: 24
104.160.6.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
104.160.12.0/24 maxlen: 24
104.160.20.0/24 maxlen: 24
5.153.236.0/24 maxlen: 24
5.153.239.0/24 maxlen: 24
5.157.17.0/24 maxlen: 24
5.157.13.0/24 maxlen: 24
5.157.14.0/24 maxlen: 24
5.157.22.0/24 maxlen: 24
5.157.27.0/24 maxlen: 24
5.157.30.0/24 maxlen: 24
5.157.41.0/24 maxlen: 24
5.157.42.0/24 maxlen: 24
5.157.45.0/24 maxlen: 24
5.157.58.0/24 maxlen: 24
5.157.56.0/24 maxlen: 24
5.157.59.0/24 maxlen: 24
5.157.61.0/24 maxlen: 24
5.157.63.0/24 maxlen: 24
5.157.62.0/24 maxlen: 24
5.157.60.0/24 maxlen: 24
2a02:5740:3::/48 maxlen: 48
2a02:5740::/48 maxlen: 48
2a02:5740:11::/48 maxlen: 48
2a02:5740:5::/48 maxlen: 48
2a02:5740:18::/48 maxlen: 48
2a02:5740:2::/48 maxlen: 48
2a02:5740:6::/48 maxlen: 48
2a02:5740:1::/48 maxlen: 48
2a02:5740:21::/48 maxlen: 48
2a02:5740:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 359770930 (0x1571ab32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Jan 1 14:03:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=657ee66ebd3e80ea8f83a253914c931e24f3b38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ed:89:c4:a6:f1:65:37:03:8b:1d:79:06:f7:
a7:2c:4e:d7:40:62:7a:1c:26:ab:7c:d2:f2:78:ff:
92:7e:5e:90:03:49:95:85:ce:85:1b:da:76:d5:12:
96:b1:e3:8d:72:36:47:9e:2b:b1:3c:be:1f:08:05:
9e:90:0c:08:a7:88:fd:e6:41:c6:87:4a:d3:a8:83:
d8:9b:69:a3:51:0b:82:00:f1:8d:d7:1e:77:8f:c1:
80:7a:1c:85:e2:f7:39:3c:a3:4d:72:f4:14:54:90:
72:00:7f:68:ec:32:37:f9:38:80:8e:02:8d:d0:2a:
a9:48:6a:34:b0:1f:83:df:34:01:5b:10:44:de:85:
6f:3d:2b:45:f6:e5:9f:ca:80:e6:17:bf:e1:5e:86:
51:72:d0:52:01:bc:0b:29:c3:e0:58:84:b3:ee:e9:
78:dd:65:4d:51:80:6f:2a:19:e3:3f:2d:4e:9a:b5:
39:1b:e7:77:57:fe:89:73:55:a8:33:25:dd:58:6c:
f1:e2:4d:f8:fd:89:e2:cb:f1:31:f9:e4:66:bb:35:
a2:39:28:87:22:70:78:22:12:24:62:4e:de:45:16:
ad:e8:90:31:d5:5f:9a:38:f2:95:14:b1:0b:8d:80:
2b:23:1b:1f:62:cc:81:66:2f:a5:a8:67:91:33:8d:
0f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:7E:E6:6E:BD:3E:80:EA:8F:83:A2:53:91:4C:93:1E:24:F3:B3:8F
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/ZX7mbr0-gOqPg6JTkUyTHiTzs48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.236.0/24
5.153.239.0/24
5.157.4.0/24
5.157.8.0/24
5.157.13.0-5.157.14.255
5.157.17.0/24
5.157.22.0/24
5.157.27.0/24
5.157.30.0/24
5.157.41.0-5.157.42.255
5.157.45.0/24
5.157.56.0/24
5.157.58.0-5.157.63.255
23.92.127.0/24
104.160.2.0/24
104.160.6.0/24
104.160.10.0/24
104.160.12.0/24
104.160.20.0/24
151.237.186.0/24
158.222.0.0/20
192.40.88.0/24
IPv6:
2a02:5740::-2a02:5740:6:ffff:ffff:ffff:ffff:ffff
2a02:5740:11::/48
2a02:5740:18::/48
2a02:5740:21::/48
Signature Algorithm: sha256WithRSAEncryption
34:4d:72:a9:01:5a:37:ec:4b:a8:66:29:d8:59:66:a2:51:94:
6f:5d:a1:6d:fb:60:a8:c5:b7:d4:e4:0d:92:7c:c9:67:f2:8c:
d0:1a:f7:9b:17:93:db:a9:5d:51:f6:48:b5:5f:52:e9:04:23:
75:b6:7a:17:3e:e1:1a:7b:d6:0e:d9:65:0a:a3:da:e7:7c:2f:
9f:b7:52:d2:78:a2:cc:20:f1:be:0f:a0:78:fa:d8:d8:26:06:
d8:1e:cb:87:59:e9:7d:fa:48:a8:d5:52:29:eb:42:64:03:4f:
c4:d3:bf:c1:43:54:5d:1f:23:60:96:d2:6e:fe:a2:45:b7:0d:
dc:bb:f9:6a:bd:d7:9e:ee:de:2a:d7:52:52:e8:f2:c8:52:c1:
4f:25:0b:11:a5:e1:69:45:6f:de:85:4a:84:60:ca:a5:5d:be:
4f:d7:95:ef:9d:32:c2:ae:cb:9a:52:f4:05:c4:e4:bb:21:ee:
97:1d:28:ec:e6:85:5b:20:a3:85:8a:6c:e6:8c:04:e8:46:3d:
ad:a4:01:ac:38:e2:8a:5f:44:34:5f:8a:68:e5:4e:03:69:51:
22:80:c1:21:a4:ad:89:c8:c5:14:d6:b1:f7:a7:57:1c:9a:fa:
c7:2f:ce:1e:79:7e:65:59:46:8b:9d:30:c0:e4:68:67:a5:70:
bb:04:c1:5e
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIEFXGrMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGYzNzZkZjVmOWVmNDg3YzgyYjMxYTg3NWM2YTQ5NmQ3OWNhMGQ3MB4XDTIyMDEw
MTE0MDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjU3ZWU2NmViZDNl
ODBlYThmODNhMjUzOTE0YzkzMWUyNGYzYjM4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/ticSm8WU3A4sdeQb3pyxO10Biehwmq3zS8nj/kn5ekANJ
lYXOhRvadtUSlrHjjXI2R54rsTy+HwgFnpAMCKeI/eZBxodK06iD2Jtpo1ELggDx
jdced4/BgHocheL3OTyjTXL0FFSQcgB/aOwyN/k4gI4CjdAqqUhqNLAfg980AVsQ
RN6Fbz0rRfbln8qA5he/4V6GUXLQUgG8CynD4FiEs+7peN1lTVGAbyoZ4z8tTpq1
ORvnd1f+iXNVqDMl3Vhs8eJN+P2J4svxMfnkZrs1ojkohyJweCISJGJO3kUWreiQ
MdVfmjjylRSxC42AKyMbH2LMgWYvpahnkTOND9sCAwEAAaOCAtkwggLVMB0GA1Ud
DgQWBBRlfuZuvT6A6o+DolORTJMeJPOzjzAfBgNVHSMEGDAWgBSA83bfX570h8gr
Mah1xqSW15yg1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dQTjIzMS1lOUlmSUt6R29kY2FrbHRlY29OYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvNzk1ZGVkLWZjZGYtNDdjZi1hZjgzLWE0YmMyODE2NjQzYS8x
L1pYN21icjAtZ09xUGc2SlRrVXlUSGlUenM0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Nzk1ZGVkLWZjZGYtNDdjZi1hZjgzLWE0YmMyODE2NjQzYS8xL2dQTjIzMS1lOUlm
SUt6R29kY2FrbHRlY29OYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
7gYIKwYBBQUHAQcBAf8Egd4wgdswgaMEAgABMIGcAwQABZnsAwQABZnvAwQABZ0E
AwQABZ0IMAwDBAAFnQ0DBAAFnQ4DBAAFnREDBAAFnRYDBAAFnRsDBAAFnR4wDAME
AAWdKQMEAAWdKgMEAAWdLQMEAAWdODAMAwQBBZ06AwQGBZ0AAwQAF1x/AwQAaKAC
AwQAaKAGAwQAaKAKAwQAaKAMAwQAaKAUAwQAl+26AwQEnt4AAwQAwChYMDMEAgAC
MC0wEAMFBioCV0ADBwAqAldAAAYDBwAqAldAABEDBwAqAldAABgDBwAqAldAACEw
DQYJKoZIhvcNAQELBQADggEBADRNcqkBWjfsS6hmKdhZZqJRlG9doW37YKjFt9Tk
DZJ8yWfyjNAa95sXk9upXVH2SLVfUukEI3W2ehc+4Rp71g7ZZQqj2ud8L5+3UtJ4
oswg8b4PoHj62NgmBtgey4dZ6X36SKjVUinrQmQDT8TTv8FDVF0fI2CW0m7+okW3
Ddy7+Wq9157u3irXUlLo8shSwU8lCxGl4WlFb96FSoRgyqVdvk/Xle+dMsKuy5pS
9AXE5Lsh7pcdKOzmhVsgo4WKbOaMBOhGPa2kAaw44opfRDRfimjlTgNpUSKAwSGk
rYnIxRTWsfenVxya+scvzh55fmVZRoudMMDkaGelcLsEwV4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:25 2023 by rpki-client on console-ams.rpki-client.org