Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/ZEiFvn5O9Zg965J3A7NsY-qRMfU.roa
File: ZEiFvn5O9Zg965J3A7NsY-qRMfU.roa (raw, json)
Hash identifier: La6gWlSl/qE/MtYgnAUy4xh/4bNepY3EZ47RyTKxPzk=
Subject key identifier: 64:48:85:BE:7E:4E:F5:98:3D:EB:92:77:03:B3:6C:63:EA:91:31:F5
Certificate issuer: /CN=477f4b6ec4347157c4d13ef0e7abe1290a0bf57c
Certificate serial: 018CC0923C5CA93C6BDC7D5B65406E90BBBB
Authority key identifier: 47:7F:4B:6E:C4:34:71:57:C4:D1:3E:F0:E7:AB:E1:29:0A:0B:F5:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R39LbsQ0cVfE0T7w56vhKQoL9Xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/ZEiFvn5O9Zg965J3A7NsY-qRMfU.roa
Signing time: Sun 31 Dec 2023 15:50:58 +0000
ROA not before: Sun 31 Dec 2023 15:50:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34087
IP address blocks: 152.65.32.0/19 maxlen: 19
89.151.224.0/19 maxlen: 19
185.161.56.0/23 maxlen: 23
185.161.56.0/22 maxlen: 22
152.65.64.0/19 maxlen: 19
178.164.64.0/19 maxlen: 19
94.246.0.0/18 maxlen: 18
178.164.96.0/19 maxlen: 19
152.65.0.0/19 maxlen: 19
89.151.192.0/19 maxlen: 19
178.164.0.0/17 maxlen: 17
178.164.0.0/19 maxlen: 19
84.52.224.0/19 maxlen: 19
84.16.192.0/19 maxlen: 19
217.168.80.0/20 maxlen: 20
178.164.32.0/19 maxlen: 19
148.252.64.0/19 maxlen: 19
148.252.64.0/18 maxlen: 18
152.65.96.0/19 maxlen: 19
84.52.192.0/18 maxlen: 18
148.252.96.0/19 maxlen: 19
85.89.0.0/19 maxlen: 19
2a01:560::/29 maxlen: 29
2a01:560::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c0:92:3c:5c:a9:3c:6b:dc:7d:5b:65:40:6e:90:bb:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=477f4b6ec4347157c4d13ef0e7abe1290a0bf57c
Validity
Not Before: Dec 31 15:50:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=644885be7e4ef5983deb927703b36c63ea9131f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:02:fb:57:3d:16:d6:cd:65:5c:c6:56:1a:f8:
88:9d:0b:4f:d3:1c:19:4d:64:0a:09:35:0a:2d:e4:
3b:a7:d2:c3:13:32:4d:91:eb:32:10:79:fe:37:26:
7c:27:71:83:dc:53:81:bd:0a:c9:1d:ff:b1:ca:ba:
c2:01:b9:75:64:78:61:35:50:17:e3:2c:b0:04:a7:
fc:0d:72:fc:e0:42:77:13:9d:23:22:af:8e:ea:99:
21:87:64:c9:1c:ae:65:59:57:81:2e:d3:b0:1a:a4:
86:3d:4c:a3:62:8a:e6:6b:5d:72:45:14:aa:eb:40:
8d:b8:68:44:d8:2b:69:7f:bf:d1:79:4d:aa:1f:0a:
15:62:21:ef:a3:e0:9a:f5:f2:e1:7c:28:80:5d:c3:
c7:31:4b:9f:fb:20:5c:8f:b4:aa:f0:5b:ab:e0:35:
5a:52:fc:ce:14:d3:f6:2c:4d:99:9d:20:39:c5:ad:
53:d3:b7:13:3a:71:b4:3f:8a:26:00:eb:5f:56:14:
80:bf:3c:42:f6:6a:8f:54:2c:a3:90:5a:df:94:9d:
01:70:5f:a7:71:fa:be:25:eb:f2:35:05:82:01:80:
95:22:6c:ea:c7:6c:6a:ef:94:6d:5f:0b:aa:80:13:
3c:8e:06:00:4a:5e:c7:80:fd:ea:cb:e1:7a:d6:b7:
f4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:48:85:BE:7E:4E:F5:98:3D:EB:92:77:03:B3:6C:63:EA:91:31:F5
X509v3 Authority Key Identifier:
keyid:47:7F:4B:6E:C4:34:71:57:C4:D1:3E:F0:E7:AB:E1:29:0A:0B:F5:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R39LbsQ0cVfE0T7w56vhKQoL9Xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/ZEiFvn5O9Zg965J3A7NsY-qRMfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/R39LbsQ0cVfE0T7w56vhKQoL9Xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.16.192.0/19
84.52.192.0/18
85.89.0.0/19
89.151.192.0/18
94.246.0.0/18
148.252.64.0/18
152.65.0.0/17
178.164.0.0/17
185.161.56.0/22
217.168.80.0/20
IPv6:
2a01:560::/29
Signature Algorithm: sha256WithRSAEncryption
1a:ee:7a:f0:cb:4b:19:a4:36:fb:79:aa:8d:dd:59:45:b8:5a:
18:e6:e0:2d:6c:4c:b8:ea:49:cd:da:6a:70:0d:f9:54:99:fd:
3e:e6:b8:65:f7:a6:56:b9:57:4d:31:b7:27:ac:69:11:1f:9d:
34:09:3a:9c:43:43:aa:2b:4a:30:1c:e0:76:ae:5c:7e:6b:49:
2d:88:1f:6e:a1:23:65:e0:31:96:a6:df:ba:c5:15:3c:df:2b:
72:6e:6e:4f:24:99:6d:6f:aa:69:b6:f5:c7:d9:f4:12:44:ba:
ef:04:a2:90:11:88:3f:69:43:e2:a1:79:45:0f:24:18:cf:eb:
be:a4:be:4c:7c:f3:64:f7:28:5d:62:a3:25:5f:76:d2:ce:2f:
bb:fe:e4:fa:8e:c9:13:af:e4:f1:6b:40:8a:6d:e7:1c:2d:f0:
42:ed:b4:9e:b1:52:d7:12:30:d0:be:32:81:ae:0b:24:ca:ea:
c0:17:78:fe:d6:f4:8b:3f:1c:d9:3e:d0:87:a6:12:d2:91:51:
af:c4:ac:22:fc:1f:3f:9d:5d:4e:c4:08:ce:14:ae:57:fb:a2:
c1:1b:77:cf:bb:41:30:dd:71:8b:fe:ff:31:06:6c:d3:b8:ef:
2f:f3:1f:f2:9b:a0:7d:2e:7f:c7:95:b3:e5:87:07:ac:e5:ad:
23:bd:ff:e7
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzAkjxcqTxr3H1bZUBukLu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3N2Y0YjZlYzQzNDcxNTdjNGQxM2VmMGU3YWJlMTI5MGEw
YmY1N2MwHhcNMjMxMjMxMTU1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDQ4ODViZTdlNGVmNTk4M2RlYjkyNzcwM2IzNmM2M2VhOTEzMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAL7Vz0W1s1lXMZWGviInQtP0xwZ
TWQKCTUKLeQ7p9LDEzJNkesyEHn+NyZ8J3GD3FOBvQrJHf+xyrrCAbl1ZHhhNVAX
4yywBKf8DXL84EJ3E50jIq+O6pkhh2TJHK5lWVeBLtOwGqSGPUyjYorma11yRRSq
60CNuGhE2Ctpf7/ReU2qHwoVYiHvo+Ca9fLhfCiAXcPHMUuf+yBcj7Sq8Fur4DVa
UvzOFNP2LE2ZnSA5xa1T07cTOnG0P4omAOtfVhSAvzxC9mqPVCyjkFrflJ0BcF+n
cfq+JevyNQWCAYCVImzqx2xq75RtXwuqgBM8jgYASl7HgP3qy+F61rf03wIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFGRIhb5+TvWYPeuSdwOzbGPqkTH1MB8GA1UdIwQY
MBaAFEd/S27ENHFXxNE+8Oer4SkKC/V8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjM5TGJzUTBjVmZFMFQ3dzU2dmhLUW9MOVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zOTNlMTYtODk4ZS00NWQ4LTlkNzIt
ZDhiZDI1MGI2NGY5LzEvWkVpRnZuNU85Wmc5NjVKM0E3TnNZLXFSTWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zOTNlMTYtODk4ZS00NWQ4LTlkNzItZDhiZDI1MGI2NGY5
LzEvUjM5TGJzUTBjVmZFMFQ3dzU2dmhLUW9MOVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFVBDAAwQG
VDTAAwQFVVkAAwQGWZfAAwQGXvYAAwQGlPxAAwQHmEEAAwQHsqQAAwQCuaE4AwQE
2ahQMA0EAgACMAcDBQMqAQVgMA0GCSqGSIb3DQEBCwUAA4IBAQAa7nrwy0sZpDb7
eaqN3VlFuFoY5uAtbEy46knN2mpwDflUmf0+5rhl96ZWuVdNMbcnrGkRH500CTqc
Q0OqK0owHOB2rlx+a0ktiB9uoSNl4DGWpt+6xRU83ytybm5PJJltb6pptvXH2fQS
RLrvBKKQEYg/aUPioXlFDyQYz+u+pL5MfPNk9yhdYqMlX3bSzi+7/uT6jskTr+Tx
a0CKbeccLfBC7bSesVLXEjDQvjKBrgskyurAF3j+1vSLPxzZPtCHphLSkVGvxKwi
/B8/nV1OxAjOFK5X+6LBG3fPu0Ew3XGL/v8xBmzTuO8v8x/ym6B9Ln/HlbPlhwes
5a0jvf/n
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:20 2025 by rpki-client