Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/zktSVXzN796aMw3qrYTmdfUZloA.roa
File: zktSVXzN796aMw3qrYTmdfUZloA.roa (raw, json)
Hash identifier: Tjso8xythWMI9SIdlAvsGYmuQ0bNXeTEF3oWfCSMhXI=
Subject key identifier: CE:4B:52:55:7C:CD:EF:DE:9A:33:0D:EA:AD:84:E6:75:F5:19:96:80
Certificate issuer: /CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Certificate serial: 32C068BA
Authority key identifier: 9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/zktSVXzN796aMw3qrYTmdfUZloA.roa
Signing time: Sat 01 Jan 2022 11:56:54 +0000
ROA not before: Sat 01 Jan 2022 11:56:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31638
IP address blocks: 93.115.170.0/23 maxlen: 23
89.39.224.0/20 maxlen: 21
188.241.190.0/23 maxlen: 24
46.255.80.0/21 maxlen: 24
89.44.206.0/24 maxlen: 24
5.144.184.0/21 maxlen: 24
89.45.95.0/24 maxlen: 24
37.156.148.0/22 maxlen: 23
89.47.32.0/23 maxlen: 24
86.105.179.0/24 maxlen: 24
188.215.44.0/22 maxlen: 23
89.45.24.0/21 maxlen: 21
89.45.24.0/24 maxlen: 24
89.45.26.0/24 maxlen: 24
89.45.25.0/24 maxlen: 24
89.45.27.0/24 maxlen: 24
176.223.164.0/24 maxlen: 24
188.215.65.0/24 maxlen: 24
37.156.96.0/22 maxlen: 23
94.177.18.0/23 maxlen: 23
93.118.37.0/24 maxlen: 24
195.62.160.0/19 maxlen: 20
89.45.216.0/22 maxlen: 23
188.215.248.0/24 maxlen: 24
188.212.153.0/24 maxlen: 24
188.215.247.0/24 maxlen: 24
188.210.239.0/24 maxlen: 24
37.156.168.0/22 maxlen: 23
185.82.168.0/22 maxlen: 23
185.82.170.0/24 maxlen: 24
185.82.169.0/24 maxlen: 24
185.82.171.0/24 maxlen: 24
188.241.4.0/23 maxlen: 24
37.156.208.0/22 maxlen: 23
94.177.151.0/24 maxlen: 24
89.42.230.0/24 maxlen: 24
188.209.80.0/20 maxlen: 24
86.104.229.0/24 maxlen: 24
188.209.88.0/21 maxlen: 21
93.113.89.0/24 maxlen: 24
86.105.8.0/24 maxlen: 24
2a02:20d8::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 851470522 (0x32c068ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Validity
Not Before: Jan 1 11:56:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce4b52557ccdefde9a330deaad84e675f5199680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:85:49:9a:bb:d4:dc:59:ab:e3:93:46:e5:2c:
23:fa:45:20:c7:fa:e6:8b:ff:d6:1b:ba:90:78:f1:
95:46:02:28:97:0d:0c:3f:84:1e:fb:5b:fc:fd:04:
76:47:ea:2a:0c:ef:20:be:5e:68:7e:a5:69:01:9e:
b4:c1:b2:37:dd:ed:ed:80:b4:f7:ce:72:fc:33:96:
5b:e0:50:fd:63:74:62:c7:e1:6d:90:62:45:6a:23:
71:6e:68:1c:a9:a5:2b:76:fa:71:e4:4f:f9:f6:c9:
04:72:7f:74:bc:03:05:1b:00:75:8f:34:8b:cd:6d:
4e:f3:d7:a4:44:f9:30:1e:12:c1:a2:16:54:64:65:
ce:e0:d6:01:d8:dd:16:72:07:41:1d:32:cf:7e:23:
43:fe:21:6b:e8:f7:7a:bb:3b:14:a4:b2:51:34:ec:
47:6b:d5:10:74:d7:9b:fe:46:a7:16:b1:af:57:d1:
02:36:28:b2:19:cc:70:f5:a9:ca:0a:fd:0c:49:a2:
d8:a5:fb:81:c7:7b:36:b5:41:0e:77:32:9e:4b:fb:
20:99:f1:6d:50:51:73:8b:c8:56:5e:7f:30:58:4a:
69:3b:ea:64:44:fa:a5:ef:b3:43:e1:35:af:dc:1e:
69:7e:86:0c:55:bc:8d:39:55:b9:7a:ff:16:5b:0b:
89:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4B:52:55:7C:CD:EF:DE:9A:33:0D:EA:AD:84:E6:75:F5:19:96:80
X509v3 Authority Key Identifier:
keyid:9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/zktSVXzN796aMw3qrYTmdfUZloA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.184.0/21
37.156.96.0/22
37.156.148.0/22
37.156.168.0/22
37.156.208.0/22
46.255.80.0/21
86.104.229.0/24
86.105.8.0/24
86.105.179.0/24
89.39.224.0/20
89.42.230.0/24
89.44.206.0/24
89.45.24.0/21
89.45.95.0/24
89.45.216.0/22
89.47.32.0/23
93.113.89.0/24
93.115.170.0/23
93.118.37.0/24
94.177.18.0/23
94.177.151.0/24
176.223.164.0/24
185.82.168.0/22
188.209.80.0/20
188.210.239.0/24
188.212.153.0/24
188.215.44.0/22
188.215.65.0/24
188.215.247.0-188.215.248.255
188.241.4.0/23
188.241.190.0/23
195.62.160.0/19
IPv6:
2a02:20d8::/29
Signature Algorithm: sha256WithRSAEncryption
35:23:76:6c:9e:66:1d:dc:46:fe:fc:d0:36:bd:4f:c3:19:be:
3a:b7:ac:c0:d0:16:c5:d5:57:81:2e:6e:de:0e:f4:08:30:8b:
1f:6f:f9:39:a8:4b:e1:74:82:0f:93:7e:d1:04:a3:6d:0a:79:
3e:83:f5:83:f6:0b:35:13:40:e0:c6:ac:06:a4:2e:19:a3:32:
07:44:de:47:86:ca:b8:36:74:c7:a4:22:4c:c5:ab:61:c5:67:
bf:4b:cd:3e:fa:f5:6e:84:ec:44:4a:52:00:6d:1d:9d:ff:0f:
43:f5:7c:a4:3f:52:e6:2f:6a:4a:6b:6e:7a:f3:d3:60:8b:45:
4d:6d:fd:21:f5:1f:41:f1:1f:39:bc:df:0d:80:25:76:d6:da:
ec:c0:6e:cf:7f:30:a9:4c:e7:41:3d:34:04:9b:2a:c2:6a:af:
ff:27:88:48:46:82:08:28:59:35:a4:7d:59:04:d3:6a:2d:ca:
e1:ed:a0:9a:2c:3e:ad:19:cf:fb:fc:71:d5:9c:da:ff:fc:c9:
2f:e2:85:d3:49:0e:ce:92:80:17:ec:b8:0b:48:e5:39:0a:93:
4b:92:25:7b:61:1f:73:16:bf:94:ba:8c:43:50:a5:9d:9b:a1:
72:2c:77:af:02:78:9c:d2:15:c2:ce:db:26:44:65:76:66:58:
14:d1:31:99
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIEMsBoujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjIwMGQwZTdhZDNjZWY3MjIzOGI1MTY0YzRiMmNkZGUyM2E2YTFlMB4XDTIyMDEw
MTExNTY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2U0YjUyNTU3Y2Nk
ZWZkZTlhMzMwZGVhYWQ4NGU2NzVmNTE5OTY4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeFSZq71NxZq+OTRuUsI/pFIMf65ov/1hu6kHjxlUYCKJcN
DD+EHvtb/P0EdkfqKgzvIL5eaH6laQGetMGyN93t7YC0985y/DOWW+BQ/WN0Ysfh
bZBiRWojcW5oHKmlK3b6ceRP+fbJBHJ/dLwDBRsAdY80i81tTvPXpET5MB4SwaIW
VGRlzuDWAdjdFnIHQR0yz34jQ/4ha+j3ers7FKSyUTTsR2vVEHTXm/5Gpxaxr1fR
AjYoshnMcPWpygr9DEmi2KX7gcd7NrVBDncynkv7IJnxbVBRc4vIVl5/MFhKaTvq
ZET6pe+zQ+E1r9weaX6GDFW8jTlVuXr/FlsLibECAwEAAaOCAt8wggLbMB0GA1Ud
DgQWBBTOS1JVfM3v3pozDeqthOZ19RmWgDAfBgNVHSMEGDAWgBSbIA0OetPO9yI4
tRZMSyzd4jpqHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L215QU5EbnJUenZjaU9MVVdURXNzM2VJNmFoNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvZmNiY2M2LTczOWItNGY1Yy1hZTNjLWE0ZjA4ZGJiODVhNS8x
L3prdFNWWHpONzk2YU13M3FyWVRtZGZVWmxvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
ZmNiY2M2LTczOWItNGY1Yy1hZTNjLWE0ZjA4ZGJiODVhNS8xL215QU5EbnJUenZj
aU9MVVdURXNzM2VJNmFoNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
9AYIKwYBBQUHAQcBAf8EgeQwgeEwgc8EAgABMIHIAwQDBZC4AwQCJZxgAwQCJZyU
AwQCJZyoAwQCJZzQAwQDLv9QAwQAVmjlAwQAVmkIAwQAVmmzAwQEWSfgAwQAWSrm
AwQAWSzOAwQDWS0YAwQAWS1fAwQCWS3YAwQBWS8gAwQAXXFZAwQBXXOqAwQAXXYl
AwQBXrESAwQAXrGXAwQAsN+kAwQCuVKoAwQEvNFQAwQAvNLvAwQAvNSZAwQCvNcs
AwQAvNdBMAwDBAC81/cDBAC81/gDBAG88QQDBAG88b4DBAXDPqAwDQQCAAIwBwMF
AyoCINgwDQYJKoZIhvcNAQELBQADggEBADUjdmyeZh3cRv780Da9T8MZvjq3rMDQ
FsXVV4Eubt4O9Agwix9v+TmoS+F0gg+TftEEo20KeT6D9YP2CzUTQODGrAakLhmj
MgdE3keGyrg2dMekIkzFq2HFZ79LzT769W6E7ERKUgBtHZ3/D0P1fKQ/UuYvakpr
bnrz02CLRU1t/SH1H0HxHzm83w2AJXbW2uzAbs9/MKlM50E9NASbKsJqr/8niEhG
gggoWTWkfVkE02otyuHtoJosPq0Zz/v8cdWc2v/8yS/ihdNJDs6SgBfsuAtI5TkK
k0uSJXthH3MWv5S6jENQpZ2boXIsd68CeJzSFcLO2yZEZXZmWBTRMZk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:40 2023 by rpki-client on console-fra.rpki-client.org