Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/zYO5pVfD80qkoVdhVXcvlAFu3js.roa
File: zYO5pVfD80qkoVdhVXcvlAFu3js.roa (raw, json)
Hash identifier: XwWby8QlUJ/lkGho/h4vnlc47p/qg9I5amZO3uaK03k=
Subject key identifier: CD:83:B9:A5:57:C3:F3:4A:A4:A1:57:61:55:77:2F:94:01:6E:DE:3B
Certificate issuer: /CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Certificate serial: 018CA9B7194FCEF5975B827D277840056281
Authority key identifier: 6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/zYO5pVfD80qkoVdhVXcvlAFu3js.roa
Signing time: Wed 27 Dec 2023 05:19:58 +0000
ROA not before: Wed 27 Dec 2023 05:19:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38917
IP address blocks: 185.24.112.0/22 maxlen: 24
109.111.64.0/19 maxlen: 24
87.255.224.0/20 maxlen: 24
87.255.224.0/19 maxlen: 24
149.255.16.0/22 maxlen: 22
87.255.240.0/20 maxlen: 24
87.255.252.0/24 maxlen: 24
217.175.32.0/20 maxlen: 24
87.255.248.0/22 maxlen: 24
176.110.192.0/21 maxlen: 21
176.110.200.0/22 maxlen: 22
176.110.206.0/23 maxlen: 23
176.110.208.0/21 maxlen: 24
185.86.112.0/20 maxlen: 24
194.32.156.0/22 maxlen: 22
2a04:2cc0::/32 maxlen: 32
2a04:2cc3::/32 maxlen: 32
2a04:2cc5::/32 maxlen: 32
2a04:2cc6::/32 maxlen: 32
2a04:2cc2::/32 maxlen: 32
2a04:2cc1::/32 maxlen: 32
2a04:2cc7::/32 maxlen: 32
2a04:2cc4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a9:b7:19:4f:ce:f5:97:5b:82:7d:27:78:40:05:62:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Validity
Not Before: Dec 27 05:19:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd83b9a557c3f34aa4a1576155772f94016ede3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:14:40:72:8f:10:06:c9:f0:ca:24:a1:20:39:
5a:29:37:60:2a:51:d9:6b:44:03:c5:7b:41:1c:36:
b7:f1:41:db:99:85:65:65:64:54:69:5a:55:9e:6e:
4a:ad:fd:b8:2f:ba:1b:27:47:17:50:e9:8c:11:a3:
15:50:23:13:49:92:0e:50:d9:ff:2a:ea:3b:f5:c3:
a7:1d:7e:1c:63:31:6a:1b:fb:28:82:0c:1a:5f:4b:
0b:70:1a:98:81:1d:8c:86:1d:cb:49:2e:7c:d2:f9:
5e:35:fc:a7:b5:21:e9:eb:e9:fb:28:0a:2e:28:f3:
5c:32:10:7b:0e:9c:f1:35:19:48:8b:58:a3:3b:cb:
a7:1e:1c:40:83:b0:04:65:14:a2:f9:0d:34:75:9e:
bc:e6:19:91:97:e5:0f:08:b6:f7:dc:c7:38:97:6f:
d5:60:27:10:78:4f:83:f4:de:c4:38:33:93:13:b1:
0c:0d:31:a3:60:fe:f2:7e:4b:09:89:16:5e:30:51:
04:bb:ea:fd:80:4c:19:2a:fd:66:7f:3e:6e:92:60:
6a:e3:a5:94:ac:9c:f5:3d:66:c2:5c:3e:03:61:84:
40:5c:0f:da:12:83:9d:50:c2:65:b0:eb:64:62:7b:
f8:c8:0e:13:39:10:cf:53:40:fe:5f:b6:00:8c:44:
3c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:83:B9:A5:57:C3:F3:4A:A4:A1:57:61:55:77:2F:94:01:6E:DE:3B
X509v3 Authority Key Identifier:
keyid:6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/zYO5pVfD80qkoVdhVXcvlAFu3js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/b1xXEvu82DJBnUxYhK47w8Shbns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.255.224.0/19
109.111.64.0/19
149.255.16.0/22
176.110.192.0-176.110.203.255
176.110.206.0-176.110.215.255
185.24.112.0/22
185.86.112.0/20
194.32.156.0/22
217.175.32.0/20
IPv6:
2a04:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:0e:5e:7a:cd:4f:b1:9c:57:fe:43:65:c3:e4:ef:30:21:83:
4f:71:94:a6:a8:7f:c8:6f:22:33:b1:77:b0:75:ef:91:a8:ca:
8a:ec:30:98:75:c2:d8:65:fc:27:21:81:ec:7a:73:37:6a:23:
fe:ac:6c:0c:4f:b7:36:0b:36:3d:6a:f9:b4:4e:f7:ab:14:e6:
aa:ac:37:d7:cc:c1:3e:97:12:8e:1c:81:ef:1a:28:63:ef:0e:
82:6b:a9:39:4f:d2:54:7f:52:75:84:cf:0f:48:63:31:cf:d8:
28:3f:41:39:9e:ed:9d:85:ad:99:2a:41:af:d7:06:29:51:43:
7e:4f:3e:1b:a1:cd:af:8e:78:5b:71:89:25:10:83:48:ec:3b:
4e:f3:a9:75:74:fa:ee:2c:5c:91:50:0c:e5:4b:fe:91:fa:33:
b0:b2:d8:8e:99:5a:34:1a:9e:77:da:ac:85:89:78:b4:c6:8f:
d0:af:39:4e:d7:76:ba:f2:19:e5:64:46:2d:e6:44:f4:8b:ce:
87:a9:44:65:39:72:c9:42:1c:13:19:ff:8f:8a:ae:db:6d:f2:
a0:c0:9b:d4:71:cb:b6:68:c2:09:18:87:94:da:50:27:3b:66:
23:ab:3c:ca:81:d6:e5:52:6f:d5:bc:17:05:78:03:38:83:d3:
9a:dc:87:f0
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYyptxlPzvWXW4J9J3hABWKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWM1NzEyZmJiY2Q4MzI0MTlkNGM1ODg0YWUzYmMzYzRh
MTZlN2IwHhcNMjMxMjI3MDUxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDgzYjlhNTU3YzNmMzRhYTRhMTU3NjE1NTc3MmY5NDAxNmVkZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRRAco8QBsnwyiShIDlaKTdgKlHZ
a0QDxXtBHDa38UHbmYVlZWRUaVpVnm5Krf24L7obJ0cXUOmMEaMVUCMTSZIOUNn/
Kuo79cOnHX4cYzFqG/soggwaX0sLcBqYgR2Mhh3LSS580vleNfyntSHp6+n7KAou
KPNcMhB7DpzxNRlIi1ijO8unHhxAg7AEZRSi+Q00dZ685hmRl+UPCLb33Mc4l2/V
YCcQeE+D9N7EODOTE7EMDTGjYP7yfksJiRZeMFEEu+r9gEwZKv1mfz5ukmBq46WU
rJz1PWbCXD4DYYRAXA/aEoOdUMJlsOtkYnv4yA4TORDPU0D+X7YAjEQ8twIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFM2DuaVXw/NKpKFXYVV3L5QBbt47MB8GA1UdIwQY
MBaAFG9cVxL7vNgyQZ1MWISuO8PEoW57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEt
NzU1MDUyOWQ4NDdhLzEvellPNXBWZkQ4MHFrb1ZkaFZYY3ZsQUZ1M2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEtNzU1MDUyOWQ4NDdh
LzEvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQFV//gAwQF
bW9AAwQClf8QMAwDBAawbsADBAKwbsgwDAMEAbBuzgMEA7Bu0AMEArkYcAMEBLlW
cAMEAsIgnAMEBNmvIDANBAIAAjAHAwUDKgQswDANBgkqhkiG9w0BAQsFAAOCAQEA
HA5ees1PsZxX/kNlw+TvMCGDT3GUpqh/yG8iM7F3sHXvkajKiuwwmHXC2GX8JyGB
7HpzN2oj/qxsDE+3Ngs2PWr5tE73qxTmqqw318zBPpcSjhyB7xooY+8OgmupOU/S
VH9SdYTPD0hjMc/YKD9BOZ7tnYWtmSpBr9cGKVFDfk8+G6HNr454W3GJJRCDSOw7
TvOpdXT67ixckVAM5Uv+kfozsLLYjplaNBqed9qshYl4tMaP0K85Ttd2uvIZ5WRG
LeZE9IvOh6lEZTlyyUIcExn/j4qu223yoMCb1HHLtmjCCRiHlNpQJztmI6s8yoHW
5VJv1bwXBXgDOIPTmtyH8A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:50 2025 by rpki-client