Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/zGiNMyRZiEin7TW9Kt0dLfRQ99Y.roa
File: zGiNMyRZiEin7TW9Kt0dLfRQ99Y.roa (raw, json)
Hash identifier: 9UnIuuU5ep9cxMkzQnXASgumF4frfWTrkZPLGqkrY1s=
Subject key identifier: CC:68:8D:33:24:59:88:48:A7:ED:35:BD:2A:DD:1D:2D:F4:50:F7:D6
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 397BEE09
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/zGiNMyRZiEin7TW9Kt0dLfRQ99Y.roa
Signing time: Tue 05 Apr 2022 13:49:07 +0000
ROA not before: Tue 05 Apr 2022 13:49:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2588
IP address blocks: 83.223.128.0/19 maxlen: 19
83.223.145.0/24 maxlen: 24
91.190.32.0/19 maxlen: 19
159.148.0.0/16 maxlen: 24
91.190.36.0/24 maxlen: 24
159.148.10.0/24 maxlen: 24
85.254.49.0/24 maxlen: 24
85.254.58.0/24 maxlen: 24
91.190.56.0/23 maxlen: 23
91.190.52.0/24 maxlen: 24
91.190.60.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
46.19.200.0/21 maxlen: 21
83.223.155.0/24 maxlen: 24
185.176.116.0/22 maxlen: 22
85.254.0.0/17 maxlen: 17
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
80.81.32.0/19 maxlen: 19
80.81.35.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
217.69.112.0/20 maxlen: 20
109.205.120.0/21 maxlen: 21
159.148.63.0/24 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
85.254.128.0/18 maxlen: 18
159.148.233.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
94.101.224.0/20 maxlen: 20
185.27.92.0/22 maxlen: 22
159.148.188.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 964423177 (0x397bee09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 5 13:49:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc688d3324598848a7ed35bd2add1d2df450f7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e6:f2:0c:c1:e5:c0:ad:f7:e1:8d:d3:db:73:
2a:56:74:90:31:eb:c9:c9:65:08:e0:96:55:67:a9:
86:73:d8:cf:b6:88:d8:89:53:34:76:76:fe:50:41:
a2:77:91:cf:63:01:3c:46:5f:7d:aa:65:a9:7a:c6:
61:14:50:23:24:ab:ac:29:fa:bc:54:b2:8e:4a:b7:
9a:73:95:a9:b2:b5:06:69:34:65:94:34:7d:d5:cf:
f8:c0:b7:40:b4:fc:27:34:d9:79:d0:80:11:a2:3d:
ec:61:c5:fe:b4:60:96:45:43:f2:b0:66:ea:86:5d:
cd:c6:2f:52:54:98:f9:7b:71:0a:05:42:6f:ae:d6:
66:66:53:7f:cc:e9:e5:ba:96:e3:7e:e5:82:c1:da:
bc:69:47:52:23:c1:09:5a:7a:02:77:92:66:83:fa:
11:e6:af:72:9f:27:c7:7a:1e:44:6c:3a:31:b8:cc:
dd:c3:08:a2:34:4e:90:58:45:3d:51:19:d0:7b:17:
06:38:d3:8b:af:a2:6d:e7:f7:9f:eb:20:a0:65:93:
3e:cf:1b:03:78:3b:3e:d3:23:2c:e3:da:75:5b:cf:
18:60:84:38:8b:72:74:36:5e:d5:12:51:c7:7f:27:
24:e3:00:0b:96:93:65:45:77:fa:19:9f:e8:1b:21:
a5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:68:8D:33:24:59:88:48:A7:ED:35:BD:2A:DD:1D:2D:F4:50:F7:D6
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/zGiNMyRZiEin7TW9Kt0dLfRQ99Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
55:5e:84:e8:90:32:a3:36:d5:5b:05:bd:65:1a:9d:f9:55:32:
54:0d:41:e7:f0:3d:04:03:01:ce:a0:39:f7:de:56:12:77:7d:
12:39:ae:64:f6:96:98:93:4c:18:6b:94:8d:3d:3e:27:42:8c:
16:17:ef:77:25:e4:06:15:80:ba:99:65:fa:4d:c0:97:cd:31:
11:ad:89:a4:7d:d2:cd:1d:29:48:6c:4b:73:40:dc:9f:ee:e3:
37:e6:47:88:c0:74:c5:ee:28:0f:a0:90:ba:83:56:73:9b:67:
0b:8c:e5:f1:18:25:3c:81:db:48:75:42:bd:00:e2:46:c6:79:
9e:e8:d5:03:52:4a:6c:52:d5:4a:82:5a:73:5c:d4:79:dc:6a:
77:a4:0f:45:f1:8b:0d:b1:7c:8a:ac:1d:d2:5d:f5:4f:da:cb:
03:5c:33:7b:fa:c8:dd:8c:77:ce:09:c9:42:dc:87:a9:ea:8d:
3b:6f:f5:41:37:63:f2:28:ab:c7:bd:32:81:69:07:2e:e5:de:
d3:88:c7:4d:4c:89:9e:39:3d:f8:52:8e:ac:e7:3a:18:9e:50:
b0:22:e5:a5:fd:34:a4:08:7d:6f:ea:3c:36:c3:e2:25:6d:f4:
3e:7f:a6:17:c0:cc:da:ec:18:b6:5d:de:12:50:c6:7d:4d:88:
a5:43:08:e8
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEOXvuCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDQw
NTEzNDkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M2ODhkMzMyNDU5
ODg0OGE3ZWQzNWJkMmFkZDFkMmRmNDUwZjdkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrm8gzB5cCt9+GN09tzKlZ0kDHrycllCOCWVWephnPYz7aI
2IlTNHZ2/lBBoneRz2MBPEZffaplqXrGYRRQIySrrCn6vFSyjkq3mnOVqbK1Bmk0
ZZQ0fdXP+MC3QLT8JzTZedCAEaI97GHF/rRglkVD8rBm6oZdzcYvUlSY+XtxCgVC
b67WZmZTf8zp5bqW437lgsHavGlHUiPBCVp6AneSZoP6Eeavcp8nx3oeRGw6MbjM
3cMIojROkFhFPVEZ0HsXBjjTi6+ibef3n+sgoGWTPs8bA3g7PtMjLOPadVvPGGCE
OItydDZe1RJRx38nJOMAC5aTZUV3+hmf6BshpecCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBTMaI0zJFmISKftNb0q3R0t9FD31jAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L3pHaU5NeVJaaUVpbjdUVzlLdDBkTGZSUTk5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAy4TyAMEBVBRIAMEBVPfgDALAwMB
Vf4DBAZV/oADBAVbviADBAReZeADBANtzXgDAwCflAMEArkbXAMEArmwdAMEBNlF
cDANBAIAAjAHAwUAKgIGEDANBgkqhkiG9w0BAQsFAAOCAQEAVV6E6JAyozbVWwW9
ZRqd+VUyVA1B5/A9BAMBzqA5995WEnd9EjmuZPaWmJNMGGuUjT0+J0KMFhfvdyXk
BhWAupll+k3Al80xEa2JpH3SzR0pSGxLc0Dcn+7jN+ZHiMB0xe4oD6CQuoNWc5tn
C4zl8RglPIHbSHVCvQDiRsZ5nujVA1JKbFLVSoJac1zUedxqd6QPRfGLDbF8iqwd
0l31T9rLA1wze/rI3Yx3zgnJQtyHqeqNO2/1QTdj8iirx70ygWkHLuXe04jHTUyJ
njk9+FKOrOc6GJ5QsCLlpf00pAh9b+o8NsPiJW30Pn+mF8DM2uwYtl3eElDGfU2I
pUMI6A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org