Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/CZSnRuNV4m7AHq5MffK7mxdVYPQ.roa
File: CZSnRuNV4m7AHq5MffK7mxdVYPQ.roa (raw, json)
Hash identifier: 59zho11/ahOh2tEr/ttQWlSg4H8sJenUqmqU7GIWLFM=
Subject key identifier: 09:94:A7:46:E3:55:E2:6E:C0:1E:AE:4C:7D:F2:BB:9B:17:55:60:F4
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 36FE6B29
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/CZSnRuNV4m7AHq5MffK7mxdVYPQ.roa
Signing time: Tue 26 Apr 2022 13:00:23 +0000
ROA not before: Tue 26 Apr 2022 13:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24785
IP address blocks: 213.207.3.0/24 maxlen: 24
213.207.4.0/24 maxlen: 24
213.207.0.0/24 maxlen: 24
213.207.8.0/24 maxlen: 24
213.207.9.0/24 maxlen: 24
213.207.11.0/24 maxlen: 24
213.207.7.0/24 maxlen: 24
213.207.12.0/24 maxlen: 24
217.170.0.0/24 maxlen: 24
217.170.0.0/19 maxlen: 19
213.207.15.0/24 maxlen: 24
213.207.16.0/24 maxlen: 24
213.207.17.0/24 maxlen: 24
217.170.9.0/24 maxlen: 24
217.170.10.0/24 maxlen: 24
217.170.11.0/24 maxlen: 24
213.207.18.0/24 maxlen: 24
213.207.19.0/24 maxlen: 24
217.170.22.0/24 maxlen: 24
217.170.23.0/24 maxlen: 24
217.170.18.0/24 maxlen: 24
217.170.19.0/24 maxlen: 24
217.170.20.0/24 maxlen: 24
2a02:10::/29 maxlen: 29
2a02:10:31::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 922643241 (0x36fe6b29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Apr 26 13:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0994a746e355e26ec01eae4c7df2bb9b175560f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:bd:a3:2e:cc:d3:11:58:e4:03:5b:b5:04:52:
74:72:e7:7d:1a:e5:86:3b:d8:d3:46:65:cb:6e:6b:
b5:0d:ad:69:8f:f4:01:dd:a8:0f:c0:ae:50:a4:08:
bc:b3:54:7c:fd:54:0e:53:a3:81:fc:b0:d2:5d:0a:
14:0a:f0:8c:85:6b:d3:a3:ad:76:bf:8c:15:67:b0:
54:52:0c:ea:c9:a1:f2:3e:80:44:88:f4:dc:2b:d8:
93:57:0e:72:e4:aa:ac:cc:f4:52:79:6e:e4:14:59:
fd:14:6d:74:9e:89:1f:d7:19:b0:fc:f9:93:43:97:
fd:62:20:d8:1d:74:34:1a:49:5c:9f:66:7b:ec:0f:
a8:06:bd:a8:92:7f:6f:e8:58:8d:04:af:81:ac:cd:
aa:0c:75:42:f0:dc:5f:70:71:89:93:9d:d2:38:13:
21:18:b0:bc:a2:74:ef:15:a6:b9:2b:53:17:d6:e7:
e6:cb:7e:f0:8e:1d:bc:27:c7:61:44:0d:23:f6:f9:
92:97:a3:5f:d0:2b:65:fe:94:b9:d7:a1:8b:d7:50:
10:33:99:ff:c6:98:7f:f9:07:f0:cd:98:9c:63:0a:
35:70:28:7c:0d:7c:51:9f:c9:f4:db:43:b8:09:33:
c5:3b:12:68:91:bd:09:37:58:40:5c:02:b4:31:03:
99:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:94:A7:46:E3:55:E2:6E:C0:1E:AE:4C:7D:F2:BB:9B:17:55:60:F4
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/CZSnRuNV4m7AHq5MffK7mxdVYPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.207.0.0/24
213.207.3.0-213.207.4.255
213.207.7.0-213.207.9.255
213.207.11.0-213.207.12.255
213.207.15.0-213.207.19.255
217.170.0.0/19
IPv6:
2a02:10::/29
Signature Algorithm: sha256WithRSAEncryption
3c:77:5d:74:49:11:c9:86:9d:6f:92:cc:34:70:c1:26:df:07:
4b:21:76:52:ed:82:ae:ae:c3:10:ba:30:52:bc:55:09:4d:a8:
7e:b0:ba:aa:bb:e1:a6:b3:9c:2f:e1:52:05:69:ed:c6:52:c2:
97:13:b5:7b:61:8c:20:73:c3:4a:d8:39:f5:b6:7f:0b:ec:80:
bf:7f:a0:15:cc:2e:0c:92:cf:1a:d9:31:b7:0f:0b:2f:c2:45:
06:5e:29:35:98:56:86:76:8d:49:2e:c0:fe:c1:0a:4a:53:df:
37:13:ff:ce:7f:24:ae:79:dc:04:1f:72:f3:29:0d:3a:92:94:
a5:29:9f:7b:94:c3:59:5f:41:52:3a:e2:2f:fe:bc:4e:85:61:
d4:a2:b0:63:dd:f8:e7:75:b8:1f:a7:fe:de:9b:8e:00:fb:0b:
88:c7:fb:a6:19:bf:bf:71:d2:d6:d1:fa:e9:7f:57:54:b6:9f:
0c:8d:0f:94:0d:39:88:21:26:96:72:d8:61:9d:77:09:07:88:
5c:38:87:69:41:26:4c:88:a3:6f:69:97:42:db:4d:3d:13:39:
b7:54:09:36:05:8a:26:69:76:0b:0b:7a:55:86:9f:30:11:72:
16:a7:55:a1:fc:8d:f0:15:97:1c:1b:ee:a4:d9:e5:65:0b:d1:
fe:1b:b9:8b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIENv5rKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDFmZTMwZmM2YjRiMGQwZjZkYjRlMWJmYmJkNTAxOTVkY2E1NzVjMB4XDTIyMDQy
NjEzMDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk5NGE3NDZlMzU1
ZTI2ZWMwMWVhZTRjN2RmMmJiOWIxNzU1NjBmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANm9oy7M0xFY5ANbtQRSdHLnfRrlhjvY00Zly25rtQ2taY/0
Ad2oD8CuUKQIvLNUfP1UDlOjgfyw0l0KFArwjIVr06Otdr+MFWewVFIM6smh8j6A
RIj03CvYk1cOcuSqrMz0Unlu5BRZ/RRtdJ6JH9cZsPz5k0OX/WIg2B10NBpJXJ9m
e+wPqAa9qJJ/b+hYjQSvgazNqgx1QvDcX3BxiZOd0jgTIRiwvKJ07xWmuStTF9bn
5st+8I4dvCfHYUQNI/b5kpejX9ArZf6Uudehi9dQEDOZ/8aYf/kH8M2YnGMKNXAo
fA18UZ/J9NtDuAkzxTsSaJG9CTdYQFwCtDEDmRcCAwEAAaOCAlYwggJSMB0GA1Ud
DgQWBBQJlKdG41XibsAerkx98rubF1Vg9DAfBgNVHSMEGDAWgBQgH+MPxrSw0Pbb
Thv7vVAZXcpXXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lCX2pEOGEwc05EMjIwNGItNzFRR1YzS1Yxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvOGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8x
L0NaU25SdU5WNG03QUhxNU1mZks3bXhkVllQUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
OGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8xL0lCX2pEOGEwc05E
MjIwNGItNzFRR1YzS1Yxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBs
BggrBgEFBQcBBwEB/wRdMFswSgQCAAEwRAMEANXPADAMAwQA1c8DAwQA1c8EMAwD
BADVzwcDBAHVzwgwDAMEANXPCwMEANXPDDAMAwQA1c8PAwQC1c8QAwQF2aoAMA0E
AgACMAcDBQMqAgAQMA0GCSqGSIb3DQEBCwUAA4IBAQA8d110SRHJhp1vksw0cMEm
3wdLIXZS7YKursMQujBSvFUJTah+sLqqu+Gms5wv4VIFae3GUsKXE7V7YYwgc8NK
2Dn1tn8L7IC/f6AVzC4Mks8a2TG3DwsvwkUGXik1mFaGdo1JLsD+wQpKU983E//O
fySuedwEH3LzKQ06kpSlKZ97lMNZX0FSOuIv/rxOhWHUorBj3fjndbgfp/7em44A
+wuIx/umGb+/cdLW0frpf1dUtp8MjQ+UDTmIISaWcthhnXcJB4hcOIdpQSZMiKNv
aZdC2009Ezm3VAk2BYomaXYLC3pVhp8wEXIWp1Wh/I3wFZccG+6k2eVlC9H+G7mL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:54 2023 by rpki-client on console-ams.rpki-client.org