Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/ZJ3u_cGG75cJIjDuil--ZAItJK8.roa
File: ZJ3u_cGG75cJIjDuil--ZAItJK8.roa (raw, json)
Hash identifier: KzUrnNa8dQ3fI0EtKdJarGxR2gZIyFAts/xOZH3sI74=
Subject key identifier: 64:9D:EE:FD:C1:86:EF:97:09:22:30:EE:8A:5F:BE:64:02:2D:24:AF
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 01856C65EF110BD1B15B4C246783715700E6
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/ZJ3u_cGG75cJIjDuil--ZAItJK8.roa
Signing time: Sun 01 Jan 2023 08:14:57 +0000
ROA not before: Sun 01 Jan 2023 08:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43297
IP address blocks: 95.85.86.0/24 maxlen: 24
95.85.87.0/24 maxlen: 24
79.133.98.0/24 maxlen: 24
185.13.35.0/24 maxlen: 24
185.13.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:ef:11:0b:d1:b1:5b:4c:24:67:83:71:57:00:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 08:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=649deefdc186ef97092230ee8a5fbe64022d24af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:24:ef:0f:0d:07:b2:5b:67:05:80:4e:76:f7:
29:b3:8f:d1:f0:e2:d8:89:31:ad:08:95:6b:2b:a9:
4e:ae:cc:5d:f6:54:94:a3:a4:29:69:3b:ef:af:3f:
5f:e8:b4:6b:93:85:10:72:f6:dd:3b:1d:7a:95:ae:
98:54:83:65:6a:93:3e:44:0b:62:07:14:b4:84:4b:
d0:d4:21:9a:a2:f1:70:34:08:72:13:af:8a:b2:ea:
b8:5d:58:75:6b:3f:03:a4:a0:10:18:00:ec:62:e3:
b3:3d:e4:8b:00:fa:f0:d7:23:b3:69:2e:ee:5b:e4:
2e:cb:10:c9:6a:49:db:00:a2:70:13:60:0c:be:2f:
ba:38:3f:87:74:3f:43:8c:d3:84:ed:ad:d5:28:d4:
cd:97:48:d7:93:f7:51:ab:3d:38:21:a1:fe:b1:93:
e3:e5:b4:fe:7a:df:3d:5b:3e:be:ad:5d:a6:d9:8e:
dd:08:7b:d2:54:04:79:bd:fe:6d:df:f2:09:35:7d:
4d:d9:f7:b7:bd:73:f3:5b:ec:40:e1:6d:c6:31:7e:
cd:68:55:65:fb:7f:ea:bc:f0:c3:c3:3a:6b:79:aa:
99:46:1c:be:38:4e:6a:86:85:96:0a:02:cc:df:3a:
f0:fb:68:88:cf:1f:d5:7e:b3:24:15:01:81:17:6c:
09:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9D:EE:FD:C1:86:EF:97:09:22:30:EE:8A:5F:BE:64:02:2D:24:AF
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/ZJ3u_cGG75cJIjDuil--ZAItJK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.98.0/24
95.85.86.0/23
185.13.32.0/24
185.13.35.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:d5:f8:1a:c2:73:e7:58:e4:d1:9a:4d:63:a6:af:a6:10:d2:
f2:fa:8b:5f:e6:bb:d0:d5:ac:de:84:ed:dd:16:58:c7:13:1e:
f9:35:0a:4d:95:1c:4d:d6:fb:85:88:38:4f:4e:6a:5b:c8:bb:
41:f8:73:a1:73:6d:6a:42:c1:ee:d3:0d:47:2f:ca:d8:cc:8e:
c7:3c:54:61:c3:f9:51:07:0c:cf:f7:25:40:c9:61:57:a2:22:
f9:0a:14:13:c1:8e:77:35:e9:7e:c3:44:0d:0f:fb:ab:df:08:
96:5b:d0:85:c4:13:7a:d4:b4:a3:34:b6:94:a9:bf:33:b6:d5:
5b:8e:4a:2f:46:78:a7:b4:55:8f:56:a5:b5:8b:6b:62:5b:f6:
eb:86:8e:53:6d:1d:5c:da:37:1b:ff:40:9b:ed:9f:31:11:eb:
1e:69:37:a9:8a:9b:47:1e:62:ff:18:a2:27:08:c6:b7:24:0c:
7e:20:cf:4e:4f:16:3a:51:f8:18:33:0f:24:df:00:6a:1b:4f:
6b:92:b8:f7:9f:ab:5b:12:5a:0f:5f:d0:e7:60:42:8b:f7:04:
86:e2:49:ff:91:c6:4c:11:67:7c:7c:9f:88:a6:76:11:68:4d:
59:a6:2a:42:c5:eb:cf:77:c8:6b:44:06:27:db:60:64:56:21:
72:ea:58:38
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsZe8RC9GxW0wkZ4NxVwDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjMwMTAxMDgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDlkZWVmZGMxODZlZjk3MDkyMjMwZWU4YTVmYmU2NDAyMmQyNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSTvDw0HsltnBYBOdvcps4/R8OLY
iTGtCJVrK6lOrsxd9lSUo6QpaTvvrz9f6LRrk4UQcvbdOx16la6YVINlapM+RAti
BxS0hEvQ1CGaovFwNAhyE6+Ksuq4XVh1az8DpKAQGADsYuOzPeSLAPrw1yOzaS7u
W+QuyxDJaknbAKJwE2AMvi+6OD+HdD9DjNOE7a3VKNTNl0jXk/dRqz04IaH+sZPj
5bT+et89Wz6+rV2m2Y7dCHvSVAR5vf5t3/IJNX1N2fe3vXPzW+xA4W3GMX7NaFVl
+3/qvPDDwzpreaqZRhy+OE5qhoWWCgLM3zrw+2iIzx/VfrMkFQGBF2wJCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGSd7v3Bhu+XCSIw7opfvmQCLSSvMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvWkozdV9jR0c3NWNKSWpEdWlsLS1aQUl0Sks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT4ViAwQB
X1VWAwQAuQ0gAwQAuQ0jMA0GCSqGSIb3DQEBCwUAA4IBAQAO1fgawnPnWOTRmk1j
pq+mENLy+otf5rvQ1azehO3dFljHEx75NQpNlRxN1vuFiDhPTmpbyLtB+HOhc21q
QsHu0w1HL8rYzI7HPFRhw/lRBwzP9yVAyWFXoiL5ChQTwY53Nel+w0QND/ur3wiW
W9CFxBN61LSjNLaUqb8zttVbjkovRnintFWPVqW1i2tiW/brho5TbR1c2jcb/0Cb
7Z8xEeseaTepiptHHmL/GKInCMa3JAx+IM9OTxY6UfgYMw8k3wBqG09rkrj3n6tb
EloPX9DnYEKL9wSG4kn/kcZMEWd8fJ+IpnYRaE1ZpipCxevPd8hrRAYn22BkViFy
6lg4
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:28:41 2025 by rpki-client