Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/zQfx-PERGjZ4qsBbGR6BTJKE6Bc.roa
File: zQfx-PERGjZ4qsBbGR6BTJKE6Bc.roa (raw, json)
Hash identifier: rTX1ERrjPTcjTWZHVKf97Cv7A195XCLppY40RlJgzAs=
Subject key identifier: CD:07:F1:F8:F1:11:1A:36:78:AA:C0:5B:19:1E:81:4C:92:84:E8:17
Certificate issuer: /CN=1ae9db29aa9308e1751b03d0d6999bb868805886
Certificate serial: 0D8D01DD
Authority key identifier: 1A:E9:DB:29:AA:93:08:E1:75:1B:03:D0:D6:99:9B:B8:68:80:58:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GunbKaqTCOF1GwPQ1pmbuGiAWIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/zQfx-PERGjZ4qsBbGR6BTJKE6Bc.roa
Signing time: Mon 03 Jan 2022 14:10:51 +0000
ROA not before: Mon 03 Jan 2022 14:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199939
IP address blocks: 89.19.60.0/22 maxlen: 24
141.98.2.0/23 maxlen: 24
185.42.8.0/22 maxlen: 24
185.156.160.0/22 maxlen: 24
45.133.248.0/23 maxlen: 24
212.237.253.0/24 maxlen: 24
45.139.120.0/23 maxlen: 24
2a0d:bb40::/32 maxlen: 48
2a01:5860::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227344861 (0xd8d01dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ae9db29aa9308e1751b03d0d6999bb868805886
Validity
Not Before: Jan 3 14:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd07f1f8f1111a3678aac05b191e814c9284e817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e0:43:5e:ef:3e:ff:3e:43:e8:28:9d:79:4e:
8c:df:69:3e:6e:f0:4b:ea:05:7c:c5:5d:ae:be:80:
fa:f7:b1:60:9e:4a:15:65:45:6c:af:88:0d:d9:0f:
a7:ab:af:67:14:96:78:9b:12:fd:de:64:a0:0d:92:
56:8d:8d:f8:b2:1f:d3:92:ea:6a:6c:42:5c:18:0f:
0d:a4:92:16:45:85:37:6a:d9:e9:ee:ef:66:03:0d:
bd:0c:e5:04:d1:82:41:89:28:5a:34:24:8c:98:e3:
54:e0:37:d9:f0:56:38:2a:e6:0c:22:d0:0d:90:e2:
b0:a9:c9:01:49:18:4a:54:f9:c1:e0:64:09:1d:54:
9e:53:f8:8d:f6:52:ef:15:af:2b:d2:b8:73:87:aa:
aa:91:ef:66:c8:4e:ee:45:b0:fc:7d:6c:f9:61:a8:
b8:05:57:e3:6d:ae:63:7a:9e:18:0a:91:13:18:65:
84:73:f6:53:f9:67:e8:5e:33:19:8c:66:ba:ab:c3:
2a:e1:3e:df:14:07:f8:08:71:3f:a0:f1:39:38:47:
a0:a0:62:c0:14:d3:80:25:c1:36:14:73:dd:64:4c:
26:06:90:68:d2:6b:f4:97:01:c8:f7:c4:3a:ec:14:
7f:85:88:2c:93:83:9e:f8:d2:1e:6a:c7:54:b6:3a:
b9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:07:F1:F8:F1:11:1A:36:78:AA:C0:5B:19:1E:81:4C:92:84:E8:17
X509v3 Authority Key Identifier:
keyid:1A:E9:DB:29:AA:93:08:E1:75:1B:03:D0:D6:99:9B:B8:68:80:58:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GunbKaqTCOF1GwPQ1pmbuGiAWIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/zQfx-PERGjZ4qsBbGR6BTJKE6Bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/GunbKaqTCOF1GwPQ1pmbuGiAWIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.248.0/23
45.139.120.0/23
89.19.60.0/22
141.98.2.0/23
185.42.8.0/22
185.156.160.0/22
212.237.253.0/24
IPv6:
2a01:5860::/32
2a0d:bb40::/32
Signature Algorithm: sha256WithRSAEncryption
f3:e8:ac:3c:6c:47:e1:ac:ab:f2:61:91:3a:06:3f:10:d0:39:
4b:2f:b6:a3:dc:4f:90:a8:e0:cd:b0:11:35:55:f6:6c:19:aa:
ef:2f:d0:8a:36:fa:38:12:ee:7c:22:c5:cf:60:fb:06:8d:7b:
6c:82:a8:da:0c:93:f5:45:39:13:9b:87:af:7d:2b:73:17:9a:
e2:7d:c0:8a:23:a5:48:2e:48:b1:ca:9b:86:b9:76:e9:95:82:
19:72:68:7d:a2:07:53:fb:37:5b:ac:e7:72:22:32:44:12:e4:
f1:73:2f:27:6b:07:93:77:b8:9b:45:ed:0e:03:c9:e0:18:ba:
2a:7d:56:85:c1:9b:7c:57:b7:d1:92:4c:44:fb:e4:aa:72:25:
14:96:24:25:3f:1d:aa:3b:81:f7:6d:c8:70:6e:06:3d:fc:9c:
16:8c:23:c7:98:6a:5f:85:50:cc:18:3a:a4:73:6f:54:e6:d2:
ba:ff:65:26:26:c3:d7:79:3a:17:1a:66:83:71:6f:31:0a:e2:
41:c2:e7:33:70:8e:09:62:8c:70:db:c2:53:fd:72:53:25:4f:
e3:30:78:7f:96:3c:c8:3f:59:ed:8d:22:8a:d5:fd:f5:9c:18:
ec:b2:61:7c:c6:23:31:6f:cf:19:fc:0d:80:77:f2:00:58:8e:
be:ab:45:b3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEDY0B3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWU5ZGIyOWFhOTMwOGUxNzUxYjAzZDBkNjk5OWJiODY4ODA1ODg2MB4XDTIyMDEw
MzE0MTA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QwN2YxZjhmMTEx
MWEzNjc4YWFjMDViMTkxZTgxNGM5Mjg0ZTgxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfgQ17vPv8+Q+gonXlOjN9pPm7wS+oFfMVdrr6A+vexYJ5K
FWVFbK+IDdkPp6uvZxSWeJsS/d5koA2SVo2N+LIf05LqamxCXBgPDaSSFkWFN2rZ
6e7vZgMNvQzlBNGCQYkoWjQkjJjjVOA32fBWOCrmDCLQDZDisKnJAUkYSlT5weBk
CR1UnlP4jfZS7xWvK9K4c4eqqpHvZshO7kWw/H1s+WGouAVX422uY3qeGAqRExhl
hHP2U/ln6F4zGYxmuqvDKuE+3xQH+AhxP6DxOThHoKBiwBTTgCXBNhRz3WRMJgaQ
aNJr9JcByPfEOuwUf4WILJODnvjSHmrHVLY6uc8CAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBTNB/H48REaNniqwFsZHoFMkoToFzAfBgNVHSMEGDAWgBQa6dspqpMI4XUb
A9DWmZu4aIBYhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d1bmJLYXFUQ09GMUd3UFExcG1idUdpQVdJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvZWI3ODM1LWQzNjQtNGUyOC05YTgyLWVkOTIzMWZiYWVkMS8x
L3pRZngtUEVSR2paNHFzQmJHUjZCVEpLRTZCYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
ZWI3ODM1LWQzNjQtNGUyOC05YTgyLWVkOTIzMWZiYWVkMS8xL0d1bmJLYXFUQ09G
MUd3UFExcG1idUdpQVdJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEAS2F+AMEAS2LeAMEAlkTPAMEAY1i
AgMEArkqCAMEArmcoAMEANTt/TAUBAIAAjAOAwUAKgFYYAMFACoNu0AwDQYJKoZI
hvcNAQELBQADggEBAPPorDxsR+Gsq/JhkToGPxDQOUsvtqPcT5Co4M2wETVV9mwZ
qu8v0Io2+jgS7nwixc9g+waNe2yCqNoMk/VFORObh699K3MXmuJ9wIojpUguSLHK
m4a5dumVghlyaH2iB1P7N1us53IiMkQS5PFzLydrB5N3uJtF7Q4DyeAYuip9VoXB
m3xXt9GSTET75KpyJRSWJCU/Hao7gfdtyHBuBj38nBaMI8eYal+FUMwYOqRzb1Tm
0rr/ZSYmw9d5OhcaZoNxbzEK4kHC5zNwjglijHDbwlP9clMlT+MweH+WPMg/We2N
IorV/fWcGOyyYXzGIzFvzxn8DYB38gBYjr6rRbM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:16 2025 by rpki-client