Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/t_ZlGHyP4cJveuN8Lv_gaVp_cwg.roa
File: t_ZlGHyP4cJveuN8Lv_gaVp_cwg.roa (raw, json)
Hash identifier: SlsHqRYFxwe2l53sU38S6DVex7/waNFDZsUN1ra1Obo=
Subject key identifier: B7:F6:65:18:7C:8F:E1:C2:6F:7A:E3:7C:2E:FF:E0:69:5A:7F:73:08
Certificate issuer: /CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Certificate serial: 018974FC6DEB87A4609101AAC96B1E5D2467
Authority key identifier: 9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/t_ZlGHyP4cJveuN8Lv_gaVp_cwg.roa
Signing time: Thu 20 Jul 2023 20:27:27 +0000
ROA not before: Thu 20 Jul 2023 20:27:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29802
IP address blocks: 149.255.39.0/24 maxlen: 24
45.158.38.0/24 maxlen: 24
45.158.36.0/23 maxlen: 32
45.158.39.0/24 maxlen: 24
37.72.168.0/21 maxlen: 32
37.72.172.0/23 maxlen: 23
37.72.171.0/24 maxlen: 24
37.72.170.0/23 maxlen: 23
37.72.170.0/24 maxlen: 24
37.72.174.0/23 maxlen: 23
194.126.172.0/24 maxlen: 24
194.126.172.0/22 maxlen: 24
194.126.175.0/24 maxlen: 24
194.126.173.0/24 maxlen: 24
94.100.16.0/20 maxlen: 32
94.100.16.0/24 maxlen: 24
94.100.17.0/24 maxlen: 24
94.100.23.0/24 maxlen: 24
94.100.24.0/24 maxlen: 24
94.100.21.0/24 maxlen: 24
94.100.22.0/24 maxlen: 24
94.100.19.0/24 maxlen: 24
94.100.20.0/24 maxlen: 24
94.100.18.0/24 maxlen: 24
94.100.30.0/24 maxlen: 24
94.100.31.0/24 maxlen: 24
94.100.28.0/24 maxlen: 24
94.100.29.0/24 maxlen: 24
94.100.26.0/24 maxlen: 24
94.100.27.0/24 maxlen: 24
94.100.25.0/24 maxlen: 24
217.79.240.0/24 maxlen: 24
217.79.242.0/23 maxlen: 24
217.79.240.0/20 maxlen: 24
149.255.37.0/24 maxlen: 24
149.255.38.0/24 maxlen: 24
149.255.32.0/21 maxlen: 32
149.255.35.0/24 maxlen: 24
149.255.36.0/24 maxlen: 32
178.236.176.0/20 maxlen: 20
89.233.104.0/24 maxlen: 24
89.233.104.0/21 maxlen: 24
89.233.105.0/24 maxlen: 24
89.233.106.0/24 maxlen: 24
89.233.107.0/24 maxlen: 24
46.21.144.0/24 maxlen: 24
46.21.145.0/24 maxlen: 24
46.21.144.0/20 maxlen: 32
46.21.151.0/24 maxlen: 24
46.21.152.0/24 maxlen: 24
46.21.150.0/24 maxlen: 24
46.21.148.0/24 maxlen: 24
46.21.146.0/24 maxlen: 24
46.21.147.0/24 maxlen: 24
46.21.158.0/23 maxlen: 23
46.21.156.0/24 maxlen: 24
46.21.157.0/24 maxlen: 24
46.21.153.0/24 maxlen: 24
195.242.152.0/23 maxlen: 24
195.242.153.0/24 maxlen: 24
2a02:748:f000::/36 maxlen: 36
2a02:748:c000::/35 maxlen: 35
2a02:748::/35 maxlen: 35
2a02:748:e000::/35 maxlen: 35
2a02:748::/32 maxlen: 48
2a0f:5180::/32 maxlen: 32
2a02:748:6000::/48 maxlen: 48
2a0f:5180::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:74:fc:6d:eb:87:a4:60:91:01:aa:c9:6b:1e:5d:24:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Validity
Not Before: Jul 20 20:27:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7f665187c8fe1c26f7ae37c2effe0695a7f7308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:09:ce:db:5c:90:ec:fd:0d:2f:c8:a6:27:5e:
9d:08:36:0c:08:7e:3b:13:e6:4f:41:35:fe:fd:be:
07:49:3c:02:5c:24:20:4c:4b:65:d1:33:d0:e2:d0:
b2:9e:d4:c1:e8:c6:63:dd:56:61:aa:c8:04:f9:95:
5f:f2:ae:64:88:c7:2c:76:58:86:8c:67:3e:a9:3b:
1e:9e:30:a8:1e:3f:59:a5:1e:d5:56:54:2a:53:0b:
21:8e:92:3c:ab:92:2a:68:4f:4f:9a:15:a0:44:d8:
97:55:6c:6f:76:c1:52:0a:3f:6c:c2:6b:42:dc:54:
30:7d:70:d1:9f:e1:97:19:e6:61:20:2a:ce:d6:9f:
6a:10:91:c6:8a:45:d9:63:6f:ee:db:6e:29:4c:66:
fe:a3:f2:9e:34:e7:70:12:83:74:f4:08:d0:47:d5:
75:73:1c:5c:f7:dd:e3:2b:83:ed:f1:fe:38:f4:70:
24:60:35:b6:ec:c8:a4:9f:ea:ed:e4:1c:1a:70:ca:
12:67:d2:9f:58:61:63:5d:47:e8:02:3a:51:0f:63:
9c:0f:0a:68:0d:46:17:94:e0:b3:27:78:de:63:ac:
4e:02:2a:9f:3e:41:04:8c:83:9b:84:6f:7b:df:a7:
80:e0:a4:bb:bb:44:e7:d3:ee:71:14:64:75:f4:0f:
a8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F6:65:18:7C:8F:E1:C2:6F:7A:E3:7C:2E:FF:E0:69:5A:7F:73:08
X509v3 Authority Key Identifier:
keyid:9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/t_ZlGHyP4cJveuN8Lv_gaVp_cwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.168.0/21
45.158.36.0/22
46.21.144.0/20
89.233.104.0/21
94.100.16.0/20
149.255.32.0/21
178.236.176.0/20
194.126.172.0/22
195.242.152.0/23
217.79.240.0/20
IPv6:
2a02:748::/32
2a0f:5180::/29
Signature Algorithm: sha256WithRSAEncryption
86:2c:d6:d6:03:f8:31:05:83:84:0f:bc:67:ab:c4:0d:e8:89:
0b:db:ef:5c:b7:18:0d:ba:0b:82:1c:96:6d:51:a1:3d:6c:b7:
1e:5b:b9:95:80:bd:9a:02:9c:30:32:17:fa:dd:ad:f9:0a:6a:
50:96:69:85:8f:7d:cc:c0:5f:de:72:de:ba:de:d3:9a:45:3d:
0a:c6:82:32:79:b5:d3:2a:eb:15:6e:6a:9c:2d:0e:02:bc:47:
5d:8e:5e:73:52:b6:79:ad:08:be:b0:87:bd:f8:fd:30:6e:62:
4b:88:d2:fc:97:45:43:71:a4:60:e9:02:e5:5d:57:ae:e5:78:
b8:54:64:2f:77:54:65:83:1b:67:00:fe:fb:89:7d:69:ff:f2:
f0:b3:9a:b1:8d:4c:9e:8f:21:c6:f5:73:69:37:b4:e6:72:07:
2c:a8:44:13:42:24:52:41:d6:ec:ca:10:bc:51:ea:6d:86:03:
41:8f:30:1d:ae:61:9c:57:90:53:fb:f3:84:31:d8:bd:4d:21:
de:bd:b0:49:66:91:04:ef:5d:21:c1:16:5f:bd:d5:c7:e5:8d:
f0:8a:54:33:f1:21:0f:86:ea:c8:b8:f1:b7:64:fd:dd:79:99:
c5:be:85:12:fa:4f:15:9d:0a:c8:6f:82:22:04:2b:bb:42:6a:
96:10:f2:c1
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYl0/G3rh6RgkQGqyWseXSRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjNmNGNiNGJhYjVjMTA4MDFhNzcwNjU4ZGY4OTFjZmI4
YzY4YzYwHhcNMjMwNzIwMjAyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y2NjUxODdjOGZlMWMyNmY3YWUzN2MyZWZmZTA2OTVhN2Y3MzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngnO21yQ7P0NL8imJ16dCDYMCH47
E+ZPQTX+/b4HSTwCXCQgTEtl0TPQ4tCyntTB6MZj3VZhqsgE+ZVf8q5kiMcsdliG
jGc+qTsenjCoHj9ZpR7VVlQqUwshjpI8q5IqaE9PmhWgRNiXVWxvdsFSCj9swmtC
3FQwfXDRn+GXGeZhICrO1p9qEJHGikXZY2/u224pTGb+o/KeNOdwEoN09AjQR9V1
cxxc993jK4Pt8f449HAkYDW27Mikn+rt5BwacMoSZ9KfWGFjXUfoAjpRD2OcDwpo
DUYXlOCzJ3jeY6xOAiqfPkEEjIObhG9736eA4KS7u0Tn0+5xFGR19A+o5QIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFLf2ZRh8j+HCb3rjfC7/4Glaf3MIMB8GA1UdIwQY
MBaAFJ0j9MtLq1wQgBp3BljfiRz7jGjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODkt
MDE1NzdhOTI3ZmE5LzEvdF9abEdIeVA0Y0p2ZXVOOEx2X2dhVnBfY3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODktMDE1NzdhOTI3ZmE5
LzEvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQDJUioAwQC
LZ4kAwQELhWQAwQDWeloAwQEXmQQAwQDlf8gAwQEsuywAwQCwn6sAwQBw/KYAwQE
2U/wMBQEAgACMA4DBQAqAgdIAwUDKg9RgDANBgkqhkiG9w0BAQsFAAOCAQEAhizW
1gP4MQWDhA+8Z6vEDeiJC9vvXLcYDboLghyWbVGhPWy3Hlu5lYC9mgKcMDIX+t2t
+QpqUJZphY99zMBf3nLeut7TmkU9CsaCMnm10yrrFW5qnC0OArxHXY5ec1K2ea0I
vrCHvfj9MG5iS4jS/JdFQ3GkYOkC5V1XruV4uFRkL3dUZYMbZwD++4l9af/y8LOa
sY1Mno8hxvVzaTe05nIHLKhEE0IkUkHW7MoQvFHqbYYDQY8wHa5hnFeQU/vzhDHY
vU0h3r2wSWaRBO9dIcEWX73Vx+WN8IpUM/EhD4bqyLjxt2T93XmZxb6FEvpPFZ0K
yG+CIgQru0JqlhDywQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:12 2025 by rpki-client