Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/ZF6d9zwc4QA9D0vW0uYLY-OvHsA.roa
File: ZF6d9zwc4QA9D0vW0uYLY-OvHsA.roa (raw, json)
Hash identifier: 2LVmhSAZtAMDjDqIyKLEsjUMZ1WRMZBlSYi2vEupk2E=
Subject key identifier: 64:5E:9D:F7:3C:1C:E1:00:3D:0F:4B:D6:D2:E6:0B:63:E3:AF:1E:C0
Certificate issuer: /CN=591a0fef1efbaeedb3d28d439f3d5ccfadfd8873
Certificate serial: 01856B4A23E8C6612DF7418EA806FF513614
Authority key identifier: 59:1A:0F:EF:1E:FB:AE:ED:B3:D2:8D:43:9F:3D:5C:CF:AD:FD:88:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WRoP7x77ru2z0o1Dnz1cz639iHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/ZF6d9zwc4QA9D0vW0uYLY-OvHsA.roa
Signing time: Sun 01 Jan 2023 03:04:59 +0000
ROA not before: Sun 01 Jan 2023 03:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44869
IP address blocks: 5.103.0.0/16 maxlen: 16
80.208.0.0/17 maxlen: 17
37.122.240.0/21 maxlen: 21
46.21.32.0/20 maxlen: 20
212.178.160.0/19 maxlen: 19
78.143.64.0/18 maxlen: 18
80.209.0.0/17 maxlen: 17
77.33.0.0/16 maxlen: 16
5.186.0.0/16 maxlen: 16
185.202.8.0/22 maxlen: 22
87.104.0.0/18 maxlen: 18
80.71.64.0/19 maxlen: 19
89.239.192.0/18 maxlen: 18
2a02:17c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:23:e8:c6:61:2d:f7:41:8e:a8:06:ff:51:36:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=591a0fef1efbaeedb3d28d439f3d5ccfadfd8873
Validity
Not Before: Jan 1 03:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645e9df73c1ce1003d0f4bd6d2e60b63e3af1ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:23:73:db:7b:57:ea:ce:ba:dd:72:b8:bb:36:
38:a4:14:c0:3d:53:91:5d:e0:c7:21:e9:3a:74:68:
3e:32:45:c8:60:59:d7:ee:4c:27:29:6d:9d:63:2f:
85:09:b5:7a:ef:41:41:c4:dd:6e:cb:cd:b9:c6:85:
5c:37:c4:bb:4d:13:1f:73:fd:84:3e:be:24:b4:77:
91:4a:48:cd:08:0c:2a:d3:68:0c:db:df:98:b0:38:
31:d3:ad:ae:1f:75:4c:d6:e8:e3:6c:7d:40:de:d3:
28:43:b3:00:3c:2a:e4:9c:a0:ae:78:4e:33:b1:16:
99:e0:99:3e:52:45:c1:b4:57:7e:cb:62:c8:5e:4c:
5e:b8:6c:4d:27:df:52:c4:fc:89:bc:26:80:d8:4e:
71:63:09:e2:bf:ca:2d:0b:8c:96:43:03:1e:f9:74:
50:a0:2f:ad:3d:84:8d:01:16:3c:30:c2:96:50:3d:
8e:9c:7e:69:b2:a9:24:8a:d5:2a:dd:ac:f5:92:69:
fa:dc:19:bc:4d:86:fd:9b:f8:21:8e:c6:18:5c:4a:
3a:bf:21:5d:58:b2:ea:75:4f:21:f3:17:77:f4:a9:
da:5d:11:bf:47:57:67:3e:c7:b1:e2:4d:03:27:74:
eb:b7:00:3e:12:5d:9d:a8:59:0a:ea:37:d9:2c:7a:
f5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5E:9D:F7:3C:1C:E1:00:3D:0F:4B:D6:D2:E6:0B:63:E3:AF:1E:C0
X509v3 Authority Key Identifier:
keyid:59:1A:0F:EF:1E:FB:AE:ED:B3:D2:8D:43:9F:3D:5C:CF:AD:FD:88:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WRoP7x77ru2z0o1Dnz1cz639iHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/ZF6d9zwc4QA9D0vW0uYLY-OvHsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/WRoP7x77ru2z0o1Dnz1cz639iHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.103.0.0/16
5.186.0.0/16
37.122.240.0/21
46.21.32.0/20
77.33.0.0/16
78.143.64.0/18
80.71.64.0/19
80.208.0.0/17
80.209.0.0/17
87.104.0.0/18
89.239.192.0/18
185.202.8.0/22
212.178.160.0/19
IPv6:
2a02:17c0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:7c:b4:f5:d7:5f:2e:99:dc:3f:4d:2d:c7:f3:8e:be:1f:51:
06:a0:ca:e1:63:e7:df:fd:7f:36:6a:86:5f:67:ef:c8:3b:94:
a7:52:52:f1:f1:75:cd:7e:c8:41:c6:0b:9a:7f:5c:3f:f3:f1:
bc:fe:51:9f:07:e0:57:3a:c0:63:89:52:4b:06:95:9f:ec:cd:
bb:1f:e4:34:a3:2b:51:dc:8e:8e:61:d3:73:e9:83:6b:17:62:
ad:56:9b:be:61:db:d6:ad:1f:35:34:fc:b0:35:79:0c:41:62:
90:e5:46:f8:07:a0:02:07:45:c3:4d:76:04:74:3f:9c:98:e5:
9b:aa:bf:77:57:13:f7:08:05:17:6a:42:c4:f9:09:88:3c:9e:
37:b1:92:a5:26:37:e1:d9:20:62:62:27:3c:f2:d0:a3:85:d5:
e0:56:67:6b:17:93:ad:b0:0f:24:e4:b6:9f:31:a7:d2:77:f5:
9c:6c:c7:17:ba:8e:16:58:5a:46:ca:48:5d:8c:c6:62:12:70:
8d:25:9e:72:43:5f:de:77:a2:1e:1f:6d:61:db:4b:cf:2e:7e:
c0:f0:10:09:2b:39:6d:5d:ea:a2:c3:08:80:01:77:2b:cc:4c:
86:fd:21:a8:65:b8:1e:09:7c:6f:32:85:80:e7:e4:b5:0c:77:
d5:6e:d1:8d
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYVrSiPoxmEt90GOqAb/UTYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MWEwZmVmMWVmYmFlZWRiM2QyOGQ0MzlmM2Q1Y2NmYWRm
ZDg4NzMwHhcNMjMwMTAxMDMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDVlOWRmNzNjMWNlMTAwM2QwZjRiZDZkMmU2MGI2M2UzYWYxZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCNz23tX6s663XK4uzY4pBTAPVOR
XeDHIek6dGg+MkXIYFnX7kwnKW2dYy+FCbV670FBxN1uy825xoVcN8S7TRMfc/2E
Pr4ktHeRSkjNCAwq02gM29+YsDgx062uH3VM1ujjbH1A3tMoQ7MAPCrknKCueE4z
sRaZ4Jk+UkXBtFd+y2LIXkxeuGxNJ99SxPyJvCaA2E5xYwniv8otC4yWQwMe+XRQ
oC+tPYSNARY8MMKWUD2OnH5psqkkitUq3az1kmn63Bm8TYb9m/ghjsYYXEo6vyFd
WLLqdU8h8xd39KnaXRG/R1dnPsex4k0DJ3TrtwA+El2dqFkK6jfZLHr1WQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFGRenfc8HOEAPQ9L1tLmC2Pjrx7AMB8GA1UdIwQY
MBaAFFkaD+8e+67ts9KNQ589XM+t/YhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1JvUDd4NzdydTJ6MG8xRG56MWN6NjM5aUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMTdiZWUtY2FiNi00MjJmLTg4Y2Mt
YzI2NjRlMzdjMzI3LzEvWkY2ZDl6d2M0UUE5RDB2VzB1WUxZLU92SHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yMTdiZWUtY2FiNi00MjJmLTg4Y2MtYzI2NjRlMzdjMzI3
LzEvV1JvUDd4NzdydTJ6MG8xRG56MWN6NjM5aUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBRBAIAATBLAwMABWcDAwAF
ugMEAyV68AMEBC4VIAMDAE0hAwQGTo9AAwQFUEdAAwQHUNAAAwQHUNEAAwQGV2gA
AwQGWe/AAwQCucoIAwQF1LKgMA0EAgACMAcDBQAqAhfAMA0GCSqGSIb3DQEBCwUA
A4IBAQBufLT1118umdw/TS3H846+H1EGoMrhY+ff/X82aoZfZ+/IO5SnUlLx8XXN
fshBxguaf1w/8/G8/lGfB+BXOsBjiVJLBpWf7M27H+Q0oytR3I6OYdNz6YNrF2Kt
Vpu+YdvWrR81NPywNXkMQWKQ5Ub4B6ACB0XDTXYEdD+cmOWbqr93VxP3CAUXakLE
+QmIPJ43sZKlJjfh2SBiYic88tCjhdXgVmdrF5OtsA8k5LafMafSd/WcbMcXuo4W
WFpGykhdjMZiEnCNJZ5yQ1/ed6IeH21h20vPLn7A8BAJKzltXeqiwwiAAXcrzEyG
/SGoZbgeCXxvMoWA5+S1DHfVbtGN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:21 2025 by rpki-client