Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/zfy7UZ6Cz4Zv3jwWQhzoyatnoqU.roa
File: zfy7UZ6Cz4Zv3jwWQhzoyatnoqU.roa (raw, json)
Hash identifier: 5ZYHMOn/fZoP4X5mbfedGISC5GfuHk57XH83LQ9AEsk=
Subject key identifier: CD:FC:BB:51:9E:82:CF:86:6F:DE:3C:16:42:1C:E8:C9:AB:67:A2:A5
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 0188BE4C2DC767248F4FFF9D2FD3F201D867
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/zfy7UZ6Cz4Zv3jwWQhzoyatnoqU.roa
Signing time: Thu 15 Jun 2023 09:04:03 +0000
ROA not before: Thu 15 Jun 2023 09:04:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200738
IP address blocks: 45.129.20.0/24 maxlen: 24
45.129.21.0/24 maxlen: 24
188.215.8.0/22 maxlen: 22
77.83.124.0/22 maxlen: 22
176.100.224.0/24 maxlen: 24
176.100.225.0/24 maxlen: 24
176.100.224.0/20 maxlen: 20
185.97.168.0/22 maxlen: 22
193.26.148.0/22 maxlen: 22
193.35.14.0/23 maxlen: 23
193.35.26.0/23 maxlen: 23
176.100.212.0/22 maxlen: 22
176.100.208.0/22 maxlen: 22
93.114.240.0/22 maxlen: 22
193.31.36.0/22 maxlen: 22
185.170.147.0/24 maxlen: 24
2a06:6c0:24::/48 maxlen: 48
2a06:6c0:2::/48 maxlen: 48
2a06:6c0:22::/48 maxlen: 48
2a06:6c0:26::/48 maxlen: 48
2a06:6c0:1::/48 maxlen: 48
2a06:6c0:255::/48 maxlen: 48
2a06:6c0:3::/48 maxlen: 48
2a06:6c0:23::/48 maxlen: 48
2a06:6c0:254::/48 maxlen: 48
2a06:6c0:25::/48 maxlen: 48
2a06:6c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:4c:2d:c7:67:24:8f:4f:ff:9d:2f:d3:f2:01:d8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Jun 15 09:04:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdfcbb519e82cf866fde3c16421ce8c9ab67a2a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3f:98:67:ad:91:73:ca:c0:b6:1c:48:7b:0e:
52:66:2a:45:c4:35:05:58:9d:f0:0a:76:56:dc:27:
21:c2:d6:27:df:7d:85:99:56:93:59:1f:92:9a:1e:
17:6c:ec:b2:c2:aa:b2:42:20:fc:26:6c:94:8e:d0:
6b:1d:c6:9e:49:72:27:ff:a8:da:f6:c8:20:07:3b:
9e:87:51:8b:3b:1e:25:72:3a:6f:9b:64:0e:2b:77:
4a:37:5f:af:2e:7a:48:72:26:68:0b:49:16:10:5d:
35:41:2b:c9:54:04:0c:bf:e7:2d:ee:1a:93:da:bd:
b0:03:05:59:45:46:fc:1f:3b:ce:33:78:94:42:1e:
60:87:25:d5:d1:f0:4c:10:4e:19:35:e3:38:46:de:
ec:15:c8:1d:ca:8e:86:cb:d0:db:1f:da:93:9b:47:
b1:d4:a6:dd:c2:73:5e:bc:8f:ea:47:ca:fb:d4:34:
f4:96:cd:e4:51:74:92:a7:db:11:78:07:2c:93:95:
58:5e:5b:17:5e:0a:4a:87:ff:d1:32:ed:be:0c:8e:
bc:80:c8:84:50:e9:5e:85:ca:d6:ba:15:75:d1:55:
a6:2d:26:92:28:80:b3:db:38:f0:16:be:8a:42:c7:
a6:61:65:f9:f3:10:47:b9:63:a6:12:be:4e:06:7b:
de:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FC:BB:51:9E:82:CF:86:6F:DE:3C:16:42:1C:E8:C9:AB:67:A2:A5
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/zfy7UZ6Cz4Zv3jwWQhzoyatnoqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.20.0/23
77.83.124.0/22
93.114.240.0/22
176.100.208.0/21
176.100.224.0/20
185.97.168.0/22
185.170.147.0/24
188.215.8.0/22
193.26.148.0/22
193.31.36.0/22
193.35.14.0/23
193.35.26.0/23
IPv6:
2a06:6c0::/46
2a06:6c0:22::-2a06:6c0:26:ffff:ffff:ffff:ffff:ffff
2a06:6c0:254::/47
Signature Algorithm: sha256WithRSAEncryption
5f:f8:03:8c:be:5c:24:ff:b3:26:70:06:2b:9e:59:15:1a:cc:
ef:07:95:ba:97:6f:19:2c:a7:45:de:db:31:8b:8e:07:97:7c:
f2:97:3f:7c:63:9e:d4:6e:80:44:57:9b:f7:1b:11:11:c3:a1:
71:11:0d:d6:65:fe:99:84:ab:9d:61:b5:17:52:ad:87:23:52:
d5:07:3a:6f:76:71:87:b9:a2:c2:46:80:1f:bf:e0:49:38:9a:
15:0e:04:d7:a6:d6:68:1c:00:af:18:cb:fe:46:ae:d1:7c:7f:
76:01:b1:e3:23:9f:6c:af:1f:ad:4c:9e:ad:9b:aa:9e:47:54:
bf:be:8d:8e:71:83:a3:b3:2a:13:70:43:43:d1:75:07:22:33:
b8:f4:3d:5b:1e:0e:0f:ae:6b:bd:b1:8e:02:8f:5d:f5:b2:dc:
47:2a:ce:51:e9:bf:f2:4d:ac:e1:65:2b:cd:f1:18:e5:17:00:
9b:f4:14:1a:42:a4:95:97:c0:65:9a:87:32:19:66:0d:83:b5:
e9:78:eb:7b:54:a8:5f:29:98:a0:11:46:2f:bf:dc:cf:8d:c7:
09:65:f4:ed:34:df:28:a4:56:83:6a:23:de:22:c1:d8:c2:36:
55:c2:20:95:68:64:53:1f:6b:88:27:5c:a8:ef:0c:0e:6d:67:
95:08:5c:8d
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYi+TC3HZySPT/+dL9PyAdhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjMwNjE1MDkwNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGZjYmI1MTllODJjZjg2NmZkZTNjMTY0MjFjZThjOWFiNjdhMmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT+YZ62Rc8rAthxIew5SZipFxDUF
WJ3wCnZW3CchwtYn332FmVaTWR+Smh4XbOyywqqyQiD8JmyUjtBrHcaeSXIn/6ja
9sggBzueh1GLOx4lcjpvm2QOK3dKN1+vLnpIciZoC0kWEF01QSvJVAQMv+ct7hqT
2r2wAwVZRUb8HzvOM3iUQh5ghyXV0fBMEE4ZNeM4Rt7sFcgdyo6Gy9DbH9qTm0ex
1KbdwnNevI/qR8r71DT0ls3kUXSSp9sReAcsk5VYXlsXXgpKh//RMu2+DI68gMiE
UOlehcrWuhV10VWmLSaSKICz2zjwFr6KQsemYWX58xBHuWOmEr5OBnveHwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFM38u1Gegs+Gb948FkIc6MmrZ6KlMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvemZ5N1VaNkN6NFp2M2p3V1Foem95YXRub3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+ME4EAgABMEgDBAEtgRQD
BAJNU3wDBAJdcvADBAOwZNADBASwZOADBAK5YagDBAC5qpMDBAK81wgDBALBGpQD
BALBHyQDBAHBIw4DBAHBIxowLAQCAAIwJgMHAioGBsAAADASAwcBKgYGwAAiAwcA
KgYGwAAmAwcBKgYGwAJUMA0GCSqGSIb3DQEBCwUAA4IBAQBf+AOMvlwk/7MmcAYr
nlkVGszvB5W6l28ZLKdF3tsxi44Hl3zylz98Y57UboBEV5v3GxERw6FxEQ3WZf6Z
hKudYbUXUq2HI1LVBzpvdnGHuaLCRoAfv+BJOJoVDgTXptZoHACvGMv+Rq7RfH92
AbHjI59srx+tTJ6tm6qeR1S/vo2OcYOjsyoTcEND0XUHIjO49D1bHg4Prmu9sY4C
j131stxHKs5R6b/yTazhZSvN8RjlFwCb9BQaQqSVl8BlmocyGWYNg7XpeOt7VKhf
KZigEUYvv9zPjccJZfTtNN8opFaDaiPeIsHYwjZVwiCVaGRTH2uIJ1yo7wwObWeV
CFyN
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:37:15 2025 by rpki-client