Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/zdj83hrxGS-3b87x8Gm-DBtpIek.roa
File: zdj83hrxGS-3b87x8Gm-DBtpIek.roa (raw, json)
Hash identifier: PF9HG2DufVVXgTCMOSZnsqo/PCfxFl5nTLygczmnyAM=
Subject key identifier: CD:D8:FC:DE:1A:F1:19:2F:B7:6F:CE:F1:F0:69:BE:0C:1B:69:21:E9
Certificate issuer: /CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Certificate serial: 0186E4D8A02123F31D038E06614C0B08C6C6
Authority key identifier: AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/zdj83hrxGS-3b87x8Gm-DBtpIek.roa
Signing time: Wed 15 Mar 2023 10:37:27 +0000
ROA not before: Wed 15 Mar 2023 10:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34960
IP address blocks: 194.126.145.0/24 maxlen: 24
194.126.144.0/23 maxlen: 23
194.126.144.0/24 maxlen: 24
185.122.48.0/22 maxlen: 22
185.122.48.0/24 maxlen: 24
5.149.4.0/24 maxlen: 24
5.149.3.0/24 maxlen: 24
5.149.2.0/24 maxlen: 24
5.149.1.0/24 maxlen: 24
5.149.0.0/24 maxlen: 24
5.149.0.0/21 maxlen: 21
185.120.92.0/22 maxlen: 22
5.149.7.0/24 maxlen: 24
5.149.6.0/24 maxlen: 24
5.149.5.0/24 maxlen: 24
2a01:48c0::/32 maxlen: 32
2a01:48c0:200::/40 maxlen: 40
2a01:48c0:100::/40 maxlen: 40
2a01:48c0::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:d8:a0:21:23:f3:1d:03:8e:06:61:4c:0b:08:c6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Validity
Not Before: Mar 15 10:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdd8fcde1af1192fb76fcef1f069be0c1b6921e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6b:51:22:08:4a:0f:3b:90:d3:8e:df:4d:93:
a8:fd:6a:c0:ad:cf:ed:81:38:7c:df:40:f5:75:29:
a6:cb:da:37:22:f6:f1:25:82:f1:ed:6e:4b:fd:80:
30:4b:a4:44:da:e0:ae:52:d1:b9:01:35:ee:d0:59:
14:e2:35:69:ad:e5:cd:9a:0e:d4:bb:e2:29:65:84:
c3:02:b6:bc:4b:10:55:22:ea:6e:2c:52:98:4d:d1:
11:11:c2:db:c0:74:84:6c:6a:86:27:b2:12:f1:27:
98:3b:71:26:b9:48:8a:02:f6:61:59:08:d9:66:06:
06:15:64:71:8d:45:95:af:6f:ee:cc:82:0e:e2:a5:
41:1d:9e:f5:35:e0:28:a3:e9:72:4c:13:83:e9:2a:
58:4f:fa:20:17:81:ea:31:ac:e9:a6:5d:26:3e:72:
a8:ff:22:02:52:df:c2:ce:fa:7a:6a:e6:83:9b:01:
0f:67:41:fc:f0:8f:95:ec:fe:7a:e5:1a:f1:aa:00:
27:b0:57:50:4d:ba:5b:f7:a3:2c:25:54:08:90:92:
f4:67:ba:8d:a0:55:d1:38:ed:09:e8:a8:b5:18:8c:
b2:26:51:ce:19:d5:54:90:e9:0b:ea:30:75:26:55:
5c:2f:32:c3:19:cf:9a:5c:61:6a:d5:9f:5c:e7:b5:
8a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D8:FC:DE:1A:F1:19:2F:B7:6F:CE:F1:F0:69:BE:0C:1B:69:21:E9
X509v3 Authority Key Identifier:
keyid:AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/zdj83hrxGS-3b87x8Gm-DBtpIek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.0.0/21
185.120.92.0/22
185.122.48.0/22
194.126.144.0/23
IPv6:
2a01:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
27:60:2c:f6:9d:f2:02:68:ae:33:d2:13:30:4b:24:18:cc:5b:
45:46:a0:5e:1f:e7:3f:aa:9e:58:f4:48:d7:04:89:ad:e9:10:
28:93:ed:30:ee:53:03:2a:c8:fd:dc:eb:12:b9:f0:59:c8:77:
25:19:ad:8f:1b:16:40:2c:60:14:d4:af:f1:c0:91:25:82:c3:
19:39:18:49:b3:cc:27:46:01:f8:58:3b:96:c1:84:e5:e3:48:
60:70:ed:04:38:68:a2:45:15:d7:af:9f:4f:b5:72:d4:ff:22:
c4:95:6c:9d:dd:9c:f2:f2:57:4a:cd:03:95:8f:45:6b:b3:c8:
ce:3d:7e:04:ce:a8:8f:7c:61:4c:1f:9b:50:e6:50:5d:78:ef:
26:40:c1:7e:ca:7c:fc:06:36:09:ea:04:63:69:43:b5:0a:12:
8f:83:50:6c:37:46:65:da:92:41:f6:1d:86:ce:50:45:f4:98:
46:bc:96:a9:f8:ff:66:83:ee:7a:9e:46:85:8f:f9:d5:87:5c:
6d:28:5a:5a:a3:43:ec:93:eb:91:a8:cb:d4:b2:a8:15:7b:96:
58:60:af:21:93:bd:9a:0c:2f:4e:14:44:35:52:b1:f5:18:5d:
69:d8:73:53:f6:e2:4e:86:f0:32:c8:b1:e4:23:d2:c6:e2:9f:
dc:42:5c:4d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYbk2KAhI/MdA44GYUwLCMbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMzA5MjFkMjhjNzhlZGU4MTg0MmY3MTJlNmNmNzJiZGU1
YTYwODAwHhcNMjMwMzE1MTAzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQ4ZmNkZTFhZjExOTJmYjc2ZmNlZjFmMDY5YmUwYzFiNjkyMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6GtRIghKDzuQ047fTZOo/WrArc/t
gTh830D1dSmmy9o3IvbxJYLx7W5L/YAwS6RE2uCuUtG5ATXu0FkU4jVpreXNmg7U
u+IpZYTDAra8SxBVIupuLFKYTdEREcLbwHSEbGqGJ7IS8SeYO3EmuUiKAvZhWQjZ
ZgYGFWRxjUWVr2/uzIIO4qVBHZ71NeAoo+lyTBOD6SpYT/ogF4HqMazppl0mPnKo
/yICUt/Czvp6auaDmwEPZ0H88I+V7P565RrxqgAnsFdQTbpb96MsJVQIkJL0Z7qN
oFXROO0J6Ki1GIyyJlHOGdVUkOkL6jB1JlVcLzLDGc+aXGFq1Z9c57WKawIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM3Y/N4a8Rkvt2/O8fBpvgwbaSHpMB8GA1UdIwQY
MBaAFKswkh0ox47egYQvcS5s9yveWmCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2Et
MzU0Mzk5NzI0YjFlLzEvemRqODNocnhHUy0zYjg3eDhHbS1EQnRwSWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2EtMzU0Mzk5NzI0YjFl
LzEvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZUAAwQC
uXhcAwQCuXowAwQBwn6QMA0EAgACMAcDBQAqAUjAMA0GCSqGSIb3DQEBCwUAA4IB
AQAnYCz2nfICaK4z0hMwSyQYzFtFRqBeH+c/qp5Y9EjXBImt6RAok+0w7lMDKsj9
3OsSufBZyHclGa2PGxZALGAU1K/xwJElgsMZORhJs8wnRgH4WDuWwYTl40hgcO0E
OGiiRRXXr59PtXLU/yLElWyd3Zzy8ldKzQOVj0Vrs8jOPX4EzqiPfGFMH5tQ5lBd
eO8mQMF+ynz8BjYJ6gRjaUO1ChKPg1BsN0Zl2pJB9h2GzlBF9JhGvJap+P9mg+56
nkaFj/nVh1xtKFpao0Psk+uRqMvUsqgVe5ZYYK8hk72aDC9OFEQ1UrH1GF1p2HNT
9uJOhvAyyLHkI9LG4p/cQlxN
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:17:55 2025 by rpki-client