Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/DTZdzDszw436fRYCB2Qw8qWtgVI.roa
File: DTZdzDszw436fRYCB2Qw8qWtgVI.roa (raw, json)
Hash identifier: Bg605QQTHyT2O9CQ+ZlfmMOQy+F2S0A+KSbNx/yLq5Y=
Subject key identifier: 0D:36:5D:CC:3B:33:C3:8D:FA:7D:16:02:07:64:30:F2:A5:AD:81:52
Certificate issuer: /CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Certificate serial: 01856F1D82C2AB4BD9BDE614CDC5CA3CD200
Authority key identifier: 97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/DTZdzDszw436fRYCB2Qw8qWtgVI.roa
Signing time: Sun 01 Jan 2023 20:54:43 +0000
ROA not before: Sun 01 Jan 2023 20:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41833
IP address blocks: 95.141.48.0/20 maxlen: 20
95.141.49.0/24 maxlen: 24
95.141.57.0/24 maxlen: 24
95.141.58.0/24 maxlen: 24
95.141.55.0/24 maxlen: 24
95.141.56.0/24 maxlen: 24
95.141.62.0/24 maxlen: 24
95.141.63.0/24 maxlen: 24
95.141.61.0/24 maxlen: 24
95.141.59.0/24 maxlen: 24
95.141.60.0/24 maxlen: 24
46.227.255.0/24 maxlen: 24
46.227.254.0/24 maxlen: 24
46.227.253.0/24 maxlen: 24
46.227.251.0/24 maxlen: 24
46.227.249.0/24 maxlen: 24
46.227.248.0/21 maxlen: 21
46.227.248.0/24 maxlen: 24
46.227.252.0/24 maxlen: 24
185.58.201.0/24 maxlen: 24
185.58.202.0/24 maxlen: 24
185.58.200.0/24 maxlen: 24
185.58.200.0/22 maxlen: 22
93.185.229.0/24 maxlen: 24
93.185.233.0/24 maxlen: 24
93.185.231.0/24 maxlen: 24
141.138.191.0/24 maxlen: 24
93.185.232.0/24 maxlen: 24
141.138.189.0/24 maxlen: 24
93.185.230.0/24 maxlen: 24
141.138.187.0/24 maxlen: 24
141.138.188.0/24 maxlen: 24
93.185.228.0/24 maxlen: 24
93.185.227.0/24 maxlen: 24
93.185.238.0/24 maxlen: 24
93.185.239.0/24 maxlen: 24
93.185.236.0/24 maxlen: 24
93.185.237.0/24 maxlen: 24
93.185.235.0/24 maxlen: 24
89.249.212.0/24 maxlen: 24
89.249.213.0/24 maxlen: 24
89.249.210.0/24 maxlen: 24
89.249.211.0/24 maxlen: 24
89.249.208.0/24 maxlen: 24
89.249.209.0/24 maxlen: 24
89.249.208.0/20 maxlen: 20
141.138.179.0/24 maxlen: 24
141.138.178.0/24 maxlen: 24
89.249.219.0/24 maxlen: 24
141.138.176.0/20 maxlen: 20
89.249.217.0/24 maxlen: 24
141.138.177.0/24 maxlen: 24
89.249.218.0/24 maxlen: 24
89.249.215.0/24 maxlen: 24
141.138.176.0/24 maxlen: 24
89.249.214.0/24 maxlen: 24
141.138.182.0/24 maxlen: 24
89.249.222.0/24 maxlen: 24
89.249.223.0/24 maxlen: 24
141.138.183.0/24 maxlen: 24
141.138.184.0/24 maxlen: 24
141.138.185.0/24 maxlen: 24
141.138.186.0/24 maxlen: 24
141.138.180.0/24 maxlen: 24
93.185.226.0/24 maxlen: 24
93.185.224.0/24 maxlen: 24
93.185.225.0/24 maxlen: 24
89.249.221.0/24 maxlen: 24
141.138.181.0/24 maxlen: 24
89.249.220.0/24 maxlen: 24
2a02:f50::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:82:c2:ab:4b:d9:bd:e6:14:cd:c5:ca:3c:d2:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Validity
Not Before: Jan 1 20:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d365dcc3b33c38dfa7d1602076430f2a5ad8152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5b:a8:da:c4:09:51:27:99:f5:ca:e2:93:24:
44:d5:d2:29:ab:8d:f2:f5:19:fe:22:b4:64:92:2b:
ea:e6:da:52:df:40:e9:1b:9f:28:88:e4:cc:5f:32:
b4:08:a3:08:0a:a0:e5:42:27:e0:1f:48:9b:23:f7:
41:78:b6:14:0e:31:f5:f6:20:7e:ab:95:eb:7f:2d:
a2:ff:3d:39:f3:50:3f:40:a8:66:8a:db:5e:b9:cd:
33:4c:f7:d8:dc:75:c7:c9:81:e5:82:9f:de:3c:66:
06:1e:66:49:22:92:fc:6a:4e:cc:cb:4c:8a:ca:01:
4e:8e:b3:57:54:5a:78:36:2a:9c:ca:e9:67:56:11:
ee:a2:47:f0:5e:f8:a4:d0:fc:a7:eb:76:4a:91:11:
f0:a3:b2:d1:96:68:6d:b4:dd:d3:95:4e:82:be:cc:
a6:20:af:69:5e:27:aa:c4:1b:df:2c:af:68:0c:03:
d6:f9:41:c2:6f:44:54:5a:88:6c:77:80:ce:3a:63:
59:18:cd:50:c0:ac:6f:a0:dc:7b:2f:19:b3:32:55:
5b:d7:f2:b8:99:4f:f5:76:4f:ba:40:da:a3:6f:df:
af:04:5c:e8:76:0f:5b:68:d1:7a:fc:8e:9d:fd:43:
16:01:94:0f:a5:5e:d4:71:b7:63:8c:04:ee:28:e3:
13:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:36:5D:CC:3B:33:C3:8D:FA:7D:16:02:07:64:30:F2:A5:AD:81:52
X509v3 Authority Key Identifier:
keyid:97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/DTZdzDszw436fRYCB2Qw8qWtgVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.248.0/21
89.249.208.0/20
93.185.224.0-93.185.233.255
93.185.235.0-93.185.239.255
95.141.48.0/20
141.138.176.0/20
185.58.200.0/22
IPv6:
2a02:f50::/32
Signature Algorithm: sha256WithRSAEncryption
93:bf:a8:aa:c7:78:af:28:48:34:0f:df:f8:cd:e8:83:1c:e6:
c4:30:a4:18:73:a3:77:e7:79:4f:51:0f:28:a4:05:70:22:b6:
c4:52:c4:11:b6:58:a3:3a:60:22:b1:5a:cf:ca:14:18:a8:b9:
c9:85:0b:47:31:27:61:e3:cb:3b:f4:fb:63:c4:88:92:31:dc:
c1:08:de:1b:e4:f4:a0:2b:44:8f:1d:2b:25:19:26:1c:a4:1c:
09:75:7c:c4:85:4c:7f:17:5d:6e:63:f3:5c:a1:54:4c:03:57:
ca:a3:de:10:35:01:8f:87:b1:26:99:f4:25:49:2d:57:08:d9:
b5:83:6a:66:f0:50:e0:13:1c:9f:51:d0:0b:30:49:ff:2e:89:
fe:6c:67:33:76:29:46:27:90:4b:e7:c3:29:25:79:b1:3a:e4:
41:94:cb:93:61:41:0b:43:87:dc:df:94:58:2f:b0:cb:87:ac:
13:ed:05:15:70:e1:c3:99:86:5b:b0:ba:f2:1e:eb:e8:eb:49:
28:0d:a7:9a:67:26:46:9e:ab:81:f4:11:4c:29:8d:10:dd:fb:
17:ba:4f:dc:36:27:33:d8:a3:e7:86:8c:4e:77:03:5e:9e:2b:
59:4d:10:f3:aa:6c:76:cd:26:f7:e5:c2:ca:8f:23:ec:30:5c:
e4:b6:a4:78
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYVvHYLCq0vZveYUzcXKPNIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDI5ZGU4YmNjM2JlNDc0YWJiZGEyYmUyYTg5ZDBmMzIw
OGMzODUwHhcNMjMwMTAxMjA1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDM2NWRjYzNiMzNjMzhkZmE3ZDE2MDIwNzY0MzBmMmE1YWQ4MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1uo2sQJUSeZ9crikyRE1dIpq43y
9Rn+IrRkkivq5tpS30DpG58oiOTMXzK0CKMICqDlQifgH0ibI/dBeLYUDjH19iB+
q5Xrfy2i/z0581A/QKhmitteuc0zTPfY3HXHyYHlgp/ePGYGHmZJIpL8ak7My0yK
ygFOjrNXVFp4NiqcyulnVhHuokfwXvik0Pyn63ZKkRHwo7LRlmhttN3TlU6Cvsym
IK9pXieqxBvfLK9oDAPW+UHCb0RUWohsd4DOOmNZGM1QwKxvoNx7LxmzMlVb1/K4
mU/1dk+6QNqjb9+vBFzodg9baNF6/I6d/UMWAZQPpV7UcbdjjATuKOMT5wIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFA02Xcw7M8ON+n0WAgdkMPKlrYFSMB8GA1UdIwQY
MBaAFJdCnei8w75HSrvaK+KonQ8yCMOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMt
MDQ5YmRjNmI4ZWYzLzEvRFRaZHpEc3p3NDM2ZlJZQ0IyUXc4cVd0Z1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMtMDQ5YmRjNmI4ZWYz
LzEvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6AwQDLuP4AwQE
WfnQMAwDBAVdueADBAFduegwDAMEAF256wMEBF254AMEBF+NMAMEBI2KsAMEArk6
yDANBAIAAjAHAwUAKgIPUDANBgkqhkiG9w0BAQsFAAOCAQEAk7+oqsd4ryhINA/f
+M3ogxzmxDCkGHOjd+d5T1EPKKQFcCK2xFLEEbZYozpgIrFaz8oUGKi5yYULRzEn
YePLO/T7Y8SIkjHcwQjeG+T0oCtEjx0rJRkmHKQcCXV8xIVMfxddbmPzXKFUTANX
yqPeEDUBj4exJpn0JUktVwjZtYNqZvBQ4BMcn1HQCzBJ/y6J/mxnM3YpRieQS+fD
KSV5sTrkQZTLk2FBC0OH3N+UWC+wy4esE+0FFXDhw5mGW7C68h7r6OtJKA2nmmcm
Rp6rgfQRTCmNEN37F7pP3DYnM9ij54aMTncDXp4rWU0Q86psds0m9+XCyo8j7DBc
5LakeA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:33 2025 by rpki-client