Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/Z-2kpnEi3pBJ5JPwdlzr7oBwAdY.roa
File: Z-2kpnEi3pBJ5JPwdlzr7oBwAdY.roa (raw, json)
Hash identifier: UGwIg2I9pKo0S53yvju+UoFBc5gTsnOv/dyls9gCTyY=
Subject key identifier: 67:ED:A4:A6:71:22:DE:90:49:E4:93:F0:76:5C:EB:EE:80:70:01:D6
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: 0189BAF447A5B29E5912DE0D5F73AD38767E
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/Z-2kpnEi3pBJ5JPwdlzr7oBwAdY.roa
Signing time: Thu 03 Aug 2023 10:31:58 +0000
ROA not before: Thu 03 Aug 2023 10:31:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 185.15.102.0/23 maxlen: 23
5.152.170.0/24 maxlen: 24
5.152.169.0/24 maxlen: 24
5.152.171.0/24 maxlen: 24
185.15.101.0/24 maxlen: 24
5.152.168.0/24 maxlen: 24
5.152.168.0/21 maxlen: 21
5.8.184.0/24 maxlen: 24
5.8.185.0/24 maxlen: 24
5.8.186.0/24 maxlen: 24
5.8.191.0/24 maxlen: 24
5.8.190.0/24 maxlen: 24
5.8.187.0/24 maxlen: 24
37.1.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:f4:47:a5:b2:9e:59:12:de:0d:5f:73:ad:38:76:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Aug 3 10:31:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67eda4a67122de9049e493f0765cebee807001d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ee:26:7c:f0:82:fb:6f:3c:ec:34:31:09:06:
d6:ec:cb:c0:c3:3f:ab:09:66:93:2d:40:8a:7a:8d:
11:14:95:4f:5c:05:f0:34:8e:b3:bf:10:0c:50:88:
0f:e0:e8:37:89:3a:94:b7:01:e8:81:b3:2d:21:32:
9f:6d:90:b7:12:28:3d:11:40:4c:a2:79:69:40:01:
27:94:7f:ce:06:fb:c3:ad:09:21:e5:ee:47:1c:3f:
c7:1a:22:a3:74:cd:83:bb:0c:6c:05:01:f6:7f:88:
0e:49:a9:0d:fc:d3:36:bd:1f:f2:55:ec:b3:93:e1:
19:70:8e:d1:8d:81:0f:42:d4:e2:b1:be:59:a9:9f:
88:a1:8c:0d:69:c7:06:5d:11:ef:df:cb:bc:ce:76:
cb:2f:a8:22:8d:8b:0d:64:3c:7b:33:09:72:ca:f3:
d7:7a:0b:3b:50:61:42:c8:a8:58:57:63:9e:43:f8:
51:6e:28:0f:82:fd:30:d6:16:72:08:ea:0c:5b:0f:
77:20:7e:c4:e0:49:5b:a2:ca:ce:df:6e:7a:3e:ad:
f4:4a:3f:fe:ec:c7:ad:65:0a:7e:06:1d:96:3e:05:
54:dd:55:47:d1:81:e4:83:12:0b:46:a3:ad:9c:50:
42:9e:5d:4c:94:8e:6f:7f:14:03:83:68:9b:ef:d5:
79:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:ED:A4:A6:71:22:DE:90:49:E4:93:F0:76:5C:EB:EE:80:70:01:D6
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/Z-2kpnEi3pBJ5JPwdlzr7oBwAdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/22
5.8.190.0/23
5.152.168.0/21
37.1.183.0/24
185.15.101.0-185.15.103.255
Signature Algorithm: sha256WithRSAEncryption
d5:09:14:69:4d:b3:b4:81:56:4c:93:e2:80:78:6a:df:a5:d8:
dd:51:d3:16:de:74:69:11:a0:a8:5a:75:fa:9c:ff:15:3c:b9:
4d:ef:a1:be:0f:b6:03:1e:5f:24:7a:b6:6d:3b:8c:6d:2a:ba:
c6:2c:5f:51:0d:fc:ff:bd:c3:8c:94:1a:f3:5c:31:d5:d4:b2:
3d:e3:89:92:55:96:42:e7:bb:14:89:b0:34:e9:92:2f:59:30:
1b:b5:c3:91:84:74:a6:5f:ed:c7:c7:4c:91:cc:af:b4:87:42:
e7:86:69:70:39:8b:47:5b:58:43:5c:e8:cf:64:5c:71:d0:10:
c4:fd:b9:54:2f:13:e0:c6:a5:b6:e0:12:f3:4f:ae:ef:53:e8:
58:e4:97:ff:65:8e:e3:91:f5:d1:c8:09:5d:d4:a1:9b:94:e4:
d2:74:ef:9d:a2:18:c8:20:1d:45:8e:dc:ac:66:05:0e:9f:4c:
21:c6:f0:42:f2:c5:e8:e3:71:ae:89:1f:cf:b0:94:f5:89:74:
bf:d3:14:f2:5c:dc:5f:80:58:da:e5:f8:5a:a1:d6:e3:6f:01:
ce:bc:86:3f:27:2b:8a:bd:ba:4d:2f:de:55:b7:17:19:2b:eb:
2b:e5:07:1e:95:80:bc:ec:61:f9:e9:2b:a5:e2:11:53:41:da:
72:9b:08:f0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYm69Eelsp5ZEt4NX3OtOHZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTg5YjY3YzY2ZGViZjVkZWQzZjI4ODBiYjQ5NDFkMzA0
MTEyNTcwHhcNMjMwODAzMTAzMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2VkYTRhNjcxMjJkZTkwNDllNDkzZjA3NjVjZWJlZTgwNzAwMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO4mfPCC+2887DQxCQbW7MvAwz+r
CWaTLUCKeo0RFJVPXAXwNI6zvxAMUIgP4Og3iTqUtwHogbMtITKfbZC3Eig9EUBM
onlpQAEnlH/OBvvDrQkh5e5HHD/HGiKjdM2DuwxsBQH2f4gOSakN/NM2vR/yVeyz
k+EZcI7RjYEPQtTisb5ZqZ+IoYwNaccGXRHv38u8znbLL6gijYsNZDx7MwlyyvPX
egs7UGFCyKhYV2OeQ/hRbigPgv0w1hZyCOoMWw93IH7E4ElbosrO3256Pq30Sj/+
7MetZQp+Bh2WPgVU3VVH0YHkgxILRqOtnFBCnl1MlI5vfxQDg2ib79V55wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGftpKZxIt6QSeST8HZc6+6AcAHWMB8GA1UdIwQY
MBaAFLGom2fGbev13tPyiAu0lB0wQRJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTct
MjEwMGJmMGYxNDBhLzEvWi0ya3BuRWkzcEJKNUpQd2RsenI3b0J3QWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTctMjEwMGJmMGYxNDBh
LzEvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBQi4AwQB
BQi+AwQDBZioAwQAJQG3MAwDBAC5D2UDBAO5D2AwDQYJKoZIhvcNAQELBQADggEB
ANUJFGlNs7SBVkyT4oB4at+l2N1R0xbedGkRoKhadfqc/xU8uU3vob4PtgMeXyR6
tm07jG0qusYsX1EN/P+9w4yUGvNcMdXUsj3jiZJVlkLnuxSJsDTpki9ZMBu1w5GE
dKZf7cfHTJHMr7SHQueGaXA5i0dbWENc6M9kXHHQEMT9uVQvE+DGpbbgEvNPru9T
6Fjkl/9ljuOR9dHICV3UoZuU5NJ0752iGMggHUWO3KxmBQ6fTCHG8ELyxejjca6J
H8+wlPWJdL/TFPJc3F+AWNrl+Fqh1uNvAc68hj8nK4q9uk0v3lW3Fxkr6yvlBx6V
gLzsYfnpK6XiEVNB2nKbCPA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:55 2025 by rpki-client