Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/zbazdgZlROT2qirnrmF_DCnPXFs.roa
File: zbazdgZlROT2qirnrmF_DCnPXFs.roa (raw, json)
Hash identifier: pzpsQ//BjF0lgFOF+udQahGDxa5OvBJ7Emv8klsZyKY=
Subject key identifier: CD:B6:B3:76:06:65:44:E4:F6:AA:2A:E7:AE:61:7F:0C:29:CF:5C:5B
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 0D13C7BA
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/zbazdgZlROT2qirnrmF_DCnPXFs.roa
Signing time: Sat 01 Jan 2022 03:53:52 +0000
ROA not before: Sat 01 Jan 2022 03:53:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204873
IP address blocks: 46.238.240.0/21 maxlen: 21
185.174.152.0/23 maxlen: 24
94.101.16.0/20 maxlen: 20
89.191.152.0/23 maxlen: 23
46.238.236.0/22 maxlen: 22
2001:90f::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 219400122 (0xd13c7ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jan 1 03:53:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdb6b376066544e4f6aa2ae7ae617f0c29cf5c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:41:56:55:e9:71:57:1b:5a:41:65:f8:de:c4:
45:2c:51:f2:91:5d:14:9b:f7:46:9b:70:25:ab:a3:
47:3b:0f:5c:b7:24:0d:26:7d:b4:d5:2d:55:15:e2:
08:fb:01:db:db:f8:a7:7e:fa:3b:4d:b9:50:ac:0b:
11:39:c1:e7:91:2d:f8:e9:ef:9c:75:15:90:4b:ad:
d7:f8:f6:ee:2c:dd:71:80:01:26:fc:a2:2c:40:33:
be:e0:55:20:ed:c6:81:18:d8:05:42:12:9a:07:15:
35:12:7f:fb:36:ee:0f:5f:cf:28:ec:2e:8e:a4:bf:
2f:e5:e1:51:d7:8f:bf:5d:bd:15:43:1f:a3:47:16:
96:5e:8e:14:9c:66:99:aa:84:67:5f:74:7d:2f:16:
1d:af:7f:7c:7d:c4:4d:8b:6f:d9:b9:6b:db:27:5d:
ac:f3:5b:65:a0:1e:97:64:32:59:9e:78:5d:a3:a0:
46:78:87:9e:a1:44:f3:94:2c:08:c6:d6:c5:83:12:
1b:a5:80:2f:b4:6f:b7:e5:b5:e6:85:50:db:30:44:
10:54:a5:f3:00:17:a5:3d:c9:b3:5f:46:1e:47:e7:
0e:5a:2b:84:ad:73:c2:95:73:21:d4:16:95:ad:53:
4c:21:c4:04:99:44:e8:18:67:a4:ae:ec:04:d3:54:
10:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B6:B3:76:06:65:44:E4:F6:AA:2A:E7:AE:61:7F:0C:29:CF:5C:5B
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/zbazdgZlROT2qirnrmF_DCnPXFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.238.236.0-46.238.247.255
89.191.152.0/23
94.101.16.0/20
185.174.152.0/23
IPv6:
2001:90f::/32
Signature Algorithm: sha256WithRSAEncryption
92:7c:ab:16:9e:8b:35:d4:19:b1:ff:64:b2:9d:44:84:82:84:
92:1f:c3:ff:b9:ab:9a:cc:48:07:21:35:c2:10:ac:59:5c:55:
0d:57:44:b2:33:04:92:ea:ec:9a:af:c3:af:6d:39:a6:8d:91:
7a:bd:48:20:5f:e3:2a:a4:9b:e5:16:8f:22:c1:8e:83:e0:f0:
ed:4e:a4:b2:d6:dc:81:b0:45:5d:1e:f1:d6:7d:ce:85:58:d8:
08:a0:54:37:63:bd:96:b2:cb:31:b7:ba:02:a0:b9:a6:d5:31:
d5:79:24:87:10:39:2e:5f:80:c0:6e:3d:a5:7d:eb:c5:91:70:
e6:0f:2a:9e:27:7a:43:58:fe:34:6b:e1:80:23:a5:89:48:b4:
1e:fb:39:f4:73:f7:52:09:83:e1:b9:b8:aa:f5:42:4a:7d:8d:
8a:88:86:e1:03:04:4d:ca:ef:7b:23:e4:bd:58:cb:dc:6e:19:
a7:df:e7:5b:ba:78:32:d1:4a:12:7a:fc:37:da:18:5a:fe:31:
d4:7a:19:e3:bd:d8:b1:2d:36:d2:c0:99:d4:79:9d:c7:ac:8f:
e6:72:91:ed:b8:20:cc:c0:48:d2:21:f2:51:d9:44:29:a8:5f:
8c:35:6b:6c:a3:bc:f3:40:22:df:c6:d8:99:94:1c:a3:78:93:
8b:a3:20:cf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEDRPHujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmU4ZjU2YmMxZjUwMTAyOTE2ODFiYzJkOGMwMmY5YWNiZjcxNGEwMB4XDTIyMDEw
MTAzNTM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RiNmIzNzYwNjY1
NDRlNGY2YWEyYWU3YWU2MTdmMGMyOWNmNWM1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpBVlXpcVcbWkFl+N7ERSxR8pFdFJv3RptwJaujRzsPXLck
DSZ9tNUtVRXiCPsB29v4p376O025UKwLETnB55Et+OnvnHUVkEut1/j27izdcYAB
JvyiLEAzvuBVIO3GgRjYBUISmgcVNRJ/+zbuD1/PKOwujqS/L+XhUdePv129FUMf
o0cWll6OFJxmmaqEZ190fS8WHa9/fH3ETYtv2blr2yddrPNbZaAel2QyWZ54XaOg
RniHnqFE85QsCMbWxYMSG6WAL7Rvt+W15oVQ2zBEEFSl8wAXpT3Js19GHkfnDlor
hK1zwpVzIdQWla1TTCHEBJlE6BhnpK7sBNNUEFMCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBTNtrN2BmVE5PaqKueuYX8MKc9cWzAfBgNVHSMEGDAWgBTi6PVrwfUBApFo
G8LYwC+ay/cUoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR1ajFhOEgxQVFLUmFCdkMyTUF2bXN2M0ZLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvODA0MmJmLTcxYmEtNGZiZC05ZTE3LTQ0N2VkYzRmOWFmNi8x
L3piYXpkZ1psUk9UMnFpcm5ybUZfRENuUFhGcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
ODA0MmJmLTcxYmEtNGZiZC05ZTE3LTQ0N2VkYzRmOWFmNi8xLzR1ajFhOEgxQVFL
UmFCdkMyTUF2bXN2M0ZLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIDAMAwQCLu7sAwQDLu7wAwQBWb+YAwQE
XmUQAwQBua6YMA0EAgACMAcDBQAgAQkPMA0GCSqGSIb3DQEBCwUAA4IBAQCSfKsW
nos11Bmx/2SynUSEgoSSH8P/uauazEgHITXCEKxZXFUNV0SyMwSS6uyar8OvbTmm
jZF6vUggX+MqpJvlFo8iwY6D4PDtTqSy1tyBsEVdHvHWfc6FWNgIoFQ3Y72Wsssx
t7oCoLmm1THVeSSHEDkuX4DAbj2lfevFkXDmDyqeJ3pDWP40a+GAI6WJSLQe+zn0
c/dSCYPhubiq9UJKfY2KiIbhAwRNyu97I+S9WMvcbhmn3+dbungy0UoSevw32hha
/jHUehnjvdixLTbSwJnUeZ3HrI/mcpHtuCDMwEjSIfJR2UQpqF+MNWtso7zzQCLf
xtiZlByjeJOLoyDP
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:27 2025 by rpki-client