Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/8loze8gBujh_iJjxwyor8qXdiTQ.roa
File: 8loze8gBujh_iJjxwyor8qXdiTQ.roa (raw, json)
Hash identifier: xl0jvBdJs+QDNpwJVVxTfQ5JTebvnpQNkCUR/AidEdQ=
Subject key identifier: F2:5A:33:7B:C8:01:BA:38:7F:88:98:F1:C3:2A:2B:F2:A5:DD:89:34
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 01898BDB74EDC20E00912B24D13CB6402E75
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/8loze8gBujh_iJjxwyor8qXdiTQ.roa
Signing time: Tue 25 Jul 2023 07:02:42 +0000
ROA not before: Tue 25 Jul 2023 07:02:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49367
IP address blocks: 89.43.52.0/24 maxlen: 24
188.215.7.0/24 maxlen: 24
188.215.6.0/23 maxlen: 23
188.215.6.0/24 maxlen: 24
85.204.255.0/24 maxlen: 24
89.34.236.0/23 maxlen: 23
89.34.239.0/24 maxlen: 24
188.208.17.0/24 maxlen: 24
188.208.16.0/23 maxlen: 23
188.208.16.0/24 maxlen: 24
89.43.35.0/24 maxlen: 24
94.176.212.0/24 maxlen: 24
89.39.254.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
185.184.240.0/22 maxlen: 22
185.184.240.0/24 maxlen: 24
185.184.241.0/24 maxlen: 24
185.184.243.0/24 maxlen: 24
185.184.242.0/24 maxlen: 24
188.211.248.0/24 maxlen: 24
94.177.48.0/23 maxlen: 23
193.239.140.0/23 maxlen: 23
91.212.52.0/24 maxlen: 24
188.240.229.0/24 maxlen: 24
188.240.228.0/23 maxlen: 23
188.240.228.0/24 maxlen: 24
37.156.174.0/24 maxlen: 24
89.40.142.0/23 maxlen: 23
45.86.144.0/22 maxlen: 22
91.229.186.0/24 maxlen: 24
45.83.56.0/22 maxlen: 22
93.113.145.0/24 maxlen: 24
93.113.144.0/21 maxlen: 21
93.113.144.0/22 maxlen: 22
93.113.144.0/24 maxlen: 24
93.113.149.0/24 maxlen: 24
93.113.148.0/24 maxlen: 24
93.113.150.0/24 maxlen: 24
93.113.151.0/24 maxlen: 24
93.113.147.0/24 maxlen: 24
93.113.146.0/24 maxlen: 24
89.42.134.0/24 maxlen: 24
89.40.227.0/24 maxlen: 24
77.81.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8b:db:74:ed:c2:0e:00:91:2b:24:d1:3c:b6:40:2e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Jul 25 07:02:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f25a337bc801ba387f8898f1c32a2bf2a5dd8934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8c:52:a0:1e:ab:bf:db:38:69:89:48:48:1b:
db:53:d8:10:b7:01:bd:ff:ac:82:b3:e5:7e:8c:2c:
44:ba:e5:8d:af:f3:7d:40:c0:95:d7:9d:3b:f6:d1:
35:7e:43:ba:7c:b9:77:ee:ab:e7:22:41:57:f5:be:
22:65:14:5a:06:0f:1c:6e:18:c0:94:76:80:22:3a:
4a:8e:9b:d2:de:7b:c4:d3:da:c0:51:21:c7:2d:f5:
86:68:16:53:ec:15:af:df:7c:cc:24:ab:44:91:51:
da:04:c2:94:53:6d:bd:7d:b6:c2:8e:e0:cf:ac:6a:
d2:e2:d6:fb:31:da:25:fb:f3:a8:d6:d6:9e:33:9c:
11:35:95:86:91:c3:e3:cc:a6:2a:f4:be:a6:20:8e:
13:83:4f:cf:9d:78:3a:a3:a5:91:99:ad:57:0c:16:
03:33:30:1c:99:93:fd:4c:e6:f0:01:1d:fe:3a:97:
3d:be:61:84:f8:dd:f4:03:f2:57:ab:11:b4:47:40:
22:e0:a1:25:fc:f0:82:86:c0:a4:d6:e4:9c:cc:51:
a3:3a:a7:86:94:5c:94:e6:fd:37:38:da:e9:fc:64:
35:ba:c1:26:82:59:8c:f8:86:57:6a:4f:ce:ed:82:
10:ee:65:f6:5c:18:40:09:8f:72:ee:fa:d1:48:13:
96:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5A:33:7B:C8:01:BA:38:7F:88:98:F1:C3:2A:2B:F2:A5:DD:89:34
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/8loze8gBujh_iJjxwyor8qXdiTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.174.0/24
45.83.56.0/22
45.86.144.0/22
77.81.103.0/24
85.204.255.0/24
86.107.110.0/24
89.34.236.0/23
89.34.239.0/24
89.39.254.0/24
89.40.142.0/23
89.40.227.0/24
89.42.134.0/24
89.43.35.0/24
89.43.52.0/24
91.212.52.0/24
91.229.186.0/24
93.113.144.0/21
94.176.212.0/24
94.177.48.0/23
185.184.240.0/22
188.208.16.0/23
188.211.248.0/24
188.215.6.0/23
188.240.228.0/23
193.239.140.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:4d:9c:2a:dd:1a:f9:aa:00:35:27:5a:67:62:48:23:92:13:
ff:53:b7:f1:67:31:b7:74:4d:6e:b5:77:f7:4e:84:69:22:94:
de:7c:57:c8:95:4f:90:70:dd:ce:1e:33:03:7d:7f:4a:f7:8d:
cd:d0:c2:7d:80:e2:86:d5:83:9e:13:61:9a:67:38:6a:d9:90:
03:f3:d0:0d:2d:ef:ea:1f:92:2d:0f:73:f9:ca:69:be:c3:fc:
b2:26:6e:80:1b:dc:53:7e:48:43:bc:5f:5e:b4:01:77:8a:00:
c4:d2:d7:d6:ed:d3:e1:08:2d:13:fc:02:67:e7:5a:0a:56:22:
e7:47:99:8f:47:72:e6:11:ff:9e:8a:22:01:05:4c:b1:55:c0:
6e:c6:e9:65:eb:93:87:60:3a:76:ce:6b:72:4b:de:db:72:47:
39:d3:0f:7b:53:2f:21:e8:f7:24:6c:94:a3:18:f5:ac:e7:c6:
31:89:08:38:5d:5b:9a:90:0f:30:ee:c1:5b:fe:15:32:3a:67:
75:e5:3a:c7:f5:51:c0:a8:29:77:88:85:4b:2a:bb:31:50:cf:
87:bd:5d:a2:e9:32:0e:99:cc:af:cc:70:99:2c:ac:c2:76:2d:
d9:c5:58:29:8e:9b:81:d6:8a:27:e2:9a:15:ee:77:e5:9b:47:
e3:e4:5e:d0
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYmL23Ttwg4AkSsk0Ty2QC51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjMwNzI1MDcwMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjVhMzM3YmM4MDFiYTM4N2Y4ODk4ZjFjMzJhMmJmMmE1ZGQ4OTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIxSoB6rv9s4aYlISBvbU9gQtwG9
/6yCs+V+jCxEuuWNr/N9QMCV15079tE1fkO6fLl37qvnIkFX9b4iZRRaBg8cbhjA
lHaAIjpKjpvS3nvE09rAUSHHLfWGaBZT7BWv33zMJKtEkVHaBMKUU229fbbCjuDP
rGrS4tb7Mdol+/Oo1taeM5wRNZWGkcPjzKYq9L6mII4Tg0/PnXg6o6WRma1XDBYD
MzAcmZP9TObwAR3+Opc9vmGE+N30A/JXqxG0R0Ai4KEl/PCChsCk1uSczFGjOqeG
lFyU5v03ONrp/GQ1usEmglmM+IZXak/O7YIQ7mX2XBhACY9y7vrRSBOWsQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFPJaM3vIAbo4f4iY8cMqK/Kl3Yk0MB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvOGxvemU4Z0J1amhfaUpqeHd5b3I4cVhkaVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAAl
nK4DBAItUzgDBAItVpADBABNUWcDBABVzP8DBABWa24DBAFZIuwDBABZIu8DBABZ
J/4DBAFZKI4DBABZKOMDBABZKoYDBABZKyMDBABZKzQDBABb1DQDBABb5boDBANd
cZADBABesNQDBAFesTADBAK5uPADBAG80BADBAC80/gDBAG81wYDBAG88OQDBAHB
74wwDQYJKoZIhvcNAQELBQADggEBAJpNnCrdGvmqADUnWmdiSCOSE/9Tt/FnMbd0
TW61d/dOhGkilN58V8iVT5Bw3c4eMwN9f0r3jc3Qwn2A4obVg54TYZpnOGrZkAPz
0A0t7+ofki0Pc/nKab7D/LImboAb3FN+SEO8X160AXeKAMTS19bt0+EILRP8Amfn
WgpWIudHmY9HcuYR/56KIgEFTLFVwG7G6WXrk4dgOnbOa3JL3ttyRznTD3tTLyHo
9yRslKMY9aznxjGJCDhdW5qQDzDuwVv+FTI6Z3XlOsf1UcCoKXeIhUsquzFQz4e9
XaLpMg6ZzK/McJksrMJ2LdnFWCmOm4HWiifimhXud+WbR+PkXtA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:29 2025 by rpki-client