Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Dzi8a-btlj0AxWf-X9pmqw6UxOI.roa
File: Dzi8a-btlj0AxWf-X9pmqw6UxOI.roa (raw, json)
Hash identifier: +J7GxfVqdpKJYYmer4H7POSnf1KJ7x5vmNYwiexGZ50=
Subject key identifier: 0F:38:BC:6B:E6:ED:96:3D:00:C5:67:FE:5F:DA:66:AB:0E:94:C4:E2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 078FA8D7
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Dzi8a-btlj0AxWf-X9pmqw6UxOI.roa
Signing time: Wed 16 Feb 2022 13:25:06 +0000
ROA not before: Wed 16 Feb 2022 13:25:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.191.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126855383 (0x78fa8d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 16 13:25:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f38bc6be6ed963d00c567fe5fda66ab0e94c4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:71:14:23:22:dd:ec:04:61:da:c2:61:4e:d0:
ca:6c:94:8b:99:ac:d7:6a:a3:7c:d9:ac:c8:9b:11:
28:14:44:bd:5c:ba:fd:7e:9c:a2:d7:39:f0:3b:c9:
37:a4:72:e8:f0:79:e8:77:9d:c5:03:5b:f7:fd:9e:
dc:49:7b:8a:a7:eb:42:27:bc:68:7d:a6:07:d7:bc:
12:b1:47:f6:34:86:4e:90:eb:93:7b:5f:f9:54:63:
ab:bc:88:a5:da:d9:eb:06:37:a5:a0:69:32:fb:f6:
b3:f1:16:fe:48:86:40:cb:e3:c3:a9:5e:32:1d:cf:
b0:5d:d6:ff:95:a6:4d:ca:27:b6:08:91:98:40:d9:
36:e0:84:0e:ef:f2:db:9f:ee:3e:ee:7f:7f:b9:08:
3b:63:6f:32:a8:da:43:f2:45:08:63:31:21:7d:0b:
8d:22:a2:40:16:51:8e:d1:8e:4c:bd:8d:4b:1e:7b:
23:49:ed:9b:4c:49:f4:ea:a7:3e:1d:e5:93:c3:0a:
24:a0:c1:4d:b7:6f:a2:da:d3:c2:33:2d:a6:5e:8c:
29:4b:1d:09:f9:49:53:9c:61:ad:93:97:51:cd:76:
72:87:0b:57:73:6c:1f:e0:cd:67:15:04:77:03:cb:
70:9c:77:f2:3e:34:36:9a:a8:8d:ad:db:f3:f8:7e:
1c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:38:BC:6B:E6:ED:96:3D:00:C5:67:FE:5F:DA:66:AB:0E:94:C4:E2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Dzi8a-btlj0AxWf-X9pmqw6UxOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.29.0/24
45.13.191.0/24
45.88.137.0/24
45.88.139.0/24
45.144.212.0/23
77.83.37.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/24
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.93.0/24
195.177.95.0/24
195.211.190.0/24
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
3c:64:2f:11:44:42:81:84:fe:5b:25:f4:a8:2a:34:5a:a4:38:
32:47:7d:ed:9b:6a:68:a3:81:c9:1c:ff:e0:4c:59:7b:5f:ba:
70:88:be:bb:0a:8b:65:d9:77:c5:8c:9b:98:67:8c:04:41:77:
9b:cf:92:bb:38:cc:53:04:66:29:4c:92:56:d0:cd:dd:b8:1c:
35:1b:a4:14:ab:08:1e:49:70:9c:d4:bd:f5:43:b5:ac:ab:32:
f9:6c:f3:37:bf:70:c9:4d:6a:86:20:ef:95:a1:cb:84:6f:96:
a8:be:ca:57:57:5c:6f:e1:41:ce:0c:0b:13:15:5d:6a:96:69:
64:84:7b:81:e1:be:b6:00:7c:d2:5a:00:13:90:8d:0e:7c:d7:
82:62:2d:a0:fd:72:38:05:20:62:2f:5a:06:1c:9c:fb:77:bc:
1c:b6:dc:89:43:80:60:0d:54:d0:d6:f8:b9:4d:fc:56:2b:09:
4e:bc:e3:53:64:a4:1d:74:da:9e:ca:cd:f8:5c:4d:2a:70:75:
3a:fe:d4:fb:ea:aa:78:dd:b9:2a:0a:37:29:59:33:3f:73:7e:
bc:4a:f8:eb:a1:db:09:9e:0a:11:df:4b:53:d0:e6:3e:73:05:
3c:5e:e4:39:20:b5:2a:e9:4c:5b:1c:f5:63:cb:cf:58:1f:2e:
22:0b:76:7e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIEB4+o1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDIx
NjEzMjUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGYzOGJjNmJlNmVk
OTYzZDAwYzU2N2ZlNWZkYTY2YWIwZTk0YzRlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJxFCMi3ewEYdrCYU7QymyUi5ms12qjfNmsyJsRKBREvVy6
/X6cotc58DvJN6Ry6PB56HedxQNb9/2e3El7iqfrQie8aH2mB9e8ErFH9jSGTpDr
k3tf+VRjq7yIpdrZ6wY3paBpMvv2s/EW/kiGQMvjw6leMh3PsF3W/5WmTcontgiR
mEDZNuCEDu/y25/uPu5/f7kIO2NvMqjaQ/JFCGMxIX0LjSKiQBZRjtGOTL2NSx57
I0ntm0xJ9OqnPh3lk8MKJKDBTbdvotrTwjMtpl6MKUsdCflJU5xhrZOXUc12cocL
V3NsH+DNZxUEdwPLcJx38j40Npqoja3b8/h+HJUCAwEAAaOCAp0wggKZMB0GA1Ud
DgQWBBQPOLxr5u2WPQDFZ/5f2marDpTE4jAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L0R6aThhLWJ0bGowQXhXZi1YOXBtcXc2VXhPSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sgYIKwYBBQUHAQcBAf8EgaIwgZ8wcgQCAAEwbAMEAC0JHQMEAC0NvwMEAC1YiQME
AC1YiwMEAS2Q1AMEAE1TJQMEAlXReAMEAbkr+AMEALkr+wMEALnIPgMEAsEe8AME
AME5KQMEAME5KwMEAsLyYAMEAMM+GAMEAMOxXQMEAMOxXwMEAMPTvjApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBADxkLxFEQoGE/lsl9KgqNFqkODJHfe2bamijgckc/+BMWXtfunCIvrsK
i2XZd8WMm5hnjARBd5vPkrs4zFMEZilMklbQzd24HDUbpBSrCB5JcJzUvfVDtayr
Mvls8ze/cMlNaoYg75Why4Rvlqi+yldXXG/hQc4MCxMVXWqWaWSEe4HhvrYAfNJa
ABOQjQ5814JiLaD9cjgFIGIvWgYcnPt3vBy23IlDgGANVNDW+LlN/FYrCU6841Nk
pB102p7KzfhcTSpwdTr+1PvqqnjduSoKNylZMz9zfrxK+Ouh2wmeChHfS1PQ5j5z
BTxe5DkgtSrpTFsc9WPLz1gfLiILdn4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org