Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/pzaVCiCPSuqg4ZzMC41criyJsA8.roa
File: pzaVCiCPSuqg4ZzMC41criyJsA8.roa (raw, json)
Hash identifier: lQc1XFnATpYstyWxjtNjh1YBFv3ZlFYKBt7caJ2jSm0=
Subject key identifier: A7:36:95:0A:20:8F:4A:EA:A0:E1:9C:CC:0B:8D:5C:AE:2C:89:B0:0F
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 03E388B1
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/pzaVCiCPSuqg4ZzMC41criyJsA8.roa
Signing time: Sat 01 Jan 2022 06:57:57 +0000
ROA not before: Sat 01 Jan 2022 06:57:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28917
IP address blocks: 82.194.244.0/22 maxlen: 22
89.188.164.0/22 maxlen: 22
89.188.176.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65243313 (0x3e388b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 1 06:57:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a736950a208f4aeaa0e19ccc0b8d5cae2c89b00f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f3:89:a7:85:2d:06:b2:c9:ef:87:48:24:38:
fa:8c:0b:bd:53:65:60:3d:eb:b0:e2:25:e5:78:cc:
04:13:d9:89:fd:a6:f8:5c:e0:58:8b:63:04:24:56:
fe:89:b5:87:a1:04:f3:bf:b0:5b:27:7b:75:ad:dc:
a9:9b:31:89:cf:e0:99:4e:3b:e5:e0:c4:10:3f:1b:
d8:47:eb:27:6e:a7:9b:37:fc:a4:cf:19:08:97:05:
66:46:84:10:61:ce:7a:ba:94:69:15:a1:9e:9e:5b:
0a:2e:3b:0b:f6:ee:9d:e9:0a:fe:6f:88:28:49:c2:
64:d8:e9:ab:3f:02:55:9b:5f:42:64:5d:ae:af:ae:
21:aa:00:6d:b4:33:57:91:e4:49:e2:8b:65:2f:4a:
fd:46:ff:35:b0:3a:8b:a2:a2:55:9f:6a:46:c3:10:
2a:ef:8e:48:21:5b:96:a3:4e:2c:89:96:fe:0e:36:
7a:dd:dc:3a:7f:f8:c4:90:94:10:b8:42:fd:18:49:
b1:14:b5:67:7e:ea:d8:c8:1e:d5:a8:ff:f5:8e:87:
11:0d:c1:e0:4f:50:27:29:f9:f5:e5:22:5f:6f:08:
7b:c2:81:36:0c:2d:12:3a:ce:8b:c7:07:f9:ee:e5:
d9:f2:71:8a:c0:13:6e:39:3d:82:9f:91:24:62:3f:
ee:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:36:95:0A:20:8F:4A:EA:A0:E1:9C:CC:0B:8D:5C:AE:2C:89:B0:0F
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/pzaVCiCPSuqg4ZzMC41criyJsA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.194.244.0/22
89.188.164.0/22
89.188.176.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:a8:63:f4:c2:c2:3c:43:8a:92:f9:68:7c:11:81:8b:30:6a:
6d:3f:80:84:49:af:68:b2:e6:58:b4:3a:fd:ed:23:ee:c0:31:
01:3d:64:c4:ec:a9:aa:ff:e1:ad:57:d0:42:26:99:39:51:1f:
1c:f6:ed:34:9a:91:40:86:b4:c7:be:87:d3:53:34:e4:5f:05:
eb:c9:8b:92:86:ae:da:28:bd:cc:f6:7b:70:01:2f:66:57:bb:
96:27:88:fd:7f:34:9d:11:9f:06:d5:ec:54:43:97:af:5e:3a:
d3:80:35:36:f9:c4:b2:f8:72:a2:11:b3:a9:96:47:af:f8:d9:
c7:34:0c:5a:e1:21:3d:ac:41:52:ce:ca:96:da:b8:a5:de:73:
97:50:c3:56:c8:42:86:2f:b5:94:51:62:06:32:15:2f:0c:43:
8f:2c:20:52:4e:03:36:51:27:62:0c:b1:6b:03:ca:63:f2:b8:
9a:a4:5d:30:56:43:26:03:f4:52:05:09:d1:9a:ef:5d:ba:95:
aa:ea:ba:66:b0:b2:4a:4c:57:db:a5:f8:d4:6c:66:34:a8:15:
49:38:96:df:ab:49:91:d6:91:0c:ae:e0:02:75:41:7b:6b:cb:
b8:eb:a4:bd:3c:91:2b:06:c5:36:79:a9:7a:ed:91:ff:ec:87:
fe:bf:a4:d3
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA+OIsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2UzZDkyYmZlMTY2MTljYTUwMGMwMzI2N2VmZmE5YWE3Y2EwYzQ3MB4XDTIyMDEw
MTA2NTc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTczNjk1MGEyMDhm
NGFlYWEwZTE5Y2NjMGI4ZDVjYWUyYzg5YjAwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjziaeFLQayye+HSCQ4+owLvVNlYD3rsOIl5XjMBBPZif2m
+FzgWItjBCRW/om1h6EE87+wWyd7da3cqZsxic/gmU475eDEED8b2EfrJ26nmzf8
pM8ZCJcFZkaEEGHOerqUaRWhnp5bCi47C/bunekK/m+IKEnCZNjpqz8CVZtfQmRd
rq+uIaoAbbQzV5HkSeKLZS9K/Ub/NbA6i6KiVZ9qRsMQKu+OSCFblqNOLImW/g42
et3cOn/4xJCUELhC/RhJsRS1Z37q2Mge1aj/9Y6HEQ3B4E9QJyn59eUiX28Ie8KB
NgwtEjrOi8cH+e7l2fJxisATbjk9gp+RJGI/7ssCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSnNpUKII9K6qDhnMwLjVyuLImwDzAfBgNVHSMEGDAWgBQj49kr/hZhnKUA
wDJn7/qap8oMRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ktUFpLXzRXWVp5bEFNQXlaLV82bXFmS0RFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvOWMyYzkwLWM3ZDQtNDhiNy05YmFmLWYxYmYwYzMzYTkwOC8x
L3B6YVZDaUNQU3VxZzRaek1DNDFjcml5SnNBOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
OWMyYzkwLWM3ZDQtNDhiNy05YmFmLWYxYmYwYzMzYTkwOC8xL0ktUFpLXzRXWVp5
bEFNQXlaLV82bXFmS0RFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAlLC9AMEAlm8pAMEAlm8sDANBgkq
hkiG9w0BAQsFAAOCAQEALKhj9MLCPEOKkvlofBGBizBqbT+AhEmvaLLmWLQ6/e0j
7sAxAT1kxOypqv/hrVfQQiaZOVEfHPbtNJqRQIa0x76H01M05F8F68mLkoau2ii9
zPZ7cAEvZle7lieI/X80nRGfBtXsVEOXr14604A1NvnEsvhyohGzqZZHr/jZxzQM
WuEhPaxBUs7Kltq4pd5zl1DDVshChi+1lFFiBjIVLwxDjywgUk4DNlEnYgyxawPK
Y/K4mqRdMFZDJgP0UgUJ0ZrvXbqVquq6ZrCySkxX26X41GxmNKgVSTiW36tJkdaR
DK7gAnVBe2vLuOukvTyRKwbFNnmpeu2R/+yH/r+k0w==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:23 2025 by rpki-client