Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/ZDdgrHKyTTPovAUp8_jb3C5f_2g.roa
File: ZDdgrHKyTTPovAUp8_jb3C5f_2g.roa (raw, json)
Hash identifier: fJOaRTFe3OJ7ZWRiH/0CtdRSQ+j8XAZ9VXoOMIRxruM=
Subject key identifier: 64:37:60:AC:72:B2:4D:33:E8:BC:05:29:F3:F8:DB:DC:2E:5F:FF:68
Certificate issuer: /CN=e4b1306101cc9ec9fce985280c1db0f37c135a3a
Certificate serial: 018570396E29EB8073DD925254CB84DD2DB8
Authority key identifier: E4:B1:30:61:01:CC:9E:C9:FC:E9:85:28:0C:1D:B0:F3:7C:13:5A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5LEwYQHMnsn86YUoDB2w83wTWjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/ZDdgrHKyTTPovAUp8_jb3C5f_2g.roa
Signing time: Mon 02 Jan 2023 02:04:49 +0000
ROA not before: Mon 02 Jan 2023 02:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47165
IP address blocks: 185.13.176.0/22 maxlen: 22
62.182.192.0/21 maxlen: 21
178.74.64.0/18 maxlen: 18
94.137.16.0/20 maxlen: 20
94.137.32.0/20 maxlen: 20
94.137.48.0/20 maxlen: 20
176.62.64.0/18 maxlen: 18
109.120.0.0/20 maxlen: 20
109.120.16.0/20 maxlen: 20
46.233.192.0/18 maxlen: 18
217.25.208.0/20 maxlen: 20
109.120.32.0/20 maxlen: 20
94.137.0.0/20 maxlen: 20
109.120.48.0/20 maxlen: 20
2a02:ddc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:6e:29:eb:80:73:dd:92:52:54:cb:84:dd:2d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4b1306101cc9ec9fce985280c1db0f37c135a3a
Validity
Not Before: Jan 2 02:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643760ac72b24d33e8bc0529f3f8dbdc2e5fff68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:21:8e:1b:c3:d6:46:a2:d8:f7:f2:7a:7a:1d:
70:94:6b:78:a9:30:c8:d4:b1:de:40:2d:a1:01:4e:
5f:66:dc:92:97:a7:a7:fc:fb:fe:ec:94:83:18:6f:
5e:19:2e:9f:d8:f8:11:ae:cd:9e:5a:51:1a:29:c3:
33:6e:25:ba:88:64:4c:80:71:76:44:66:15:0c:49:
15:42:23:c4:9b:95:93:ce:6e:10:cc:48:eb:6c:27:
0b:01:ef:18:07:58:98:42:d1:55:dd:22:b4:24:17:
6c:64:d0:44:13:2a:d5:d0:d3:bb:73:95:c7:6e:a9:
0d:1a:ec:9f:d6:94:9b:58:51:47:e0:e2:84:63:15:
e8:dd:8e:bb:33:a6:36:e9:16:d3:c0:25:41:43:03:
64:db:b5:d4:a9:b9:1a:83:fb:1d:ad:c3:75:67:a2:
ee:c8:8d:83:5e:71:89:33:1b:fa:f4:2a:51:ad:c1:
99:4b:7f:03:49:45:8f:77:1a:79:e7:94:a5:a1:98:
3d:80:c9:02:8d:91:ad:ff:34:82:38:ed:45:14:e8:
1c:20:25:c8:01:9e:37:6a:64:9c:5e:69:5e:99:dc:
d3:fd:67:46:1c:e5:ff:46:2f:0d:8e:ee:b5:5c:49:
7f:c7:d3:7c:93:27:5c:1c:9c:fa:4f:70:c2:9f:c8:
7c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:37:60:AC:72:B2:4D:33:E8:BC:05:29:F3:F8:DB:DC:2E:5F:FF:68
X509v3 Authority Key Identifier:
keyid:E4:B1:30:61:01:CC:9E:C9:FC:E9:85:28:0C:1D:B0:F3:7C:13:5A:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LEwYQHMnsn86YUoDB2w83wTWjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/ZDdgrHKyTTPovAUp8_jb3C5f_2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/5LEwYQHMnsn86YUoDB2w83wTWjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.192.0/18
62.182.192.0/21
94.137.0.0/18
109.120.0.0/18
176.62.64.0/18
178.74.64.0/18
185.13.176.0/22
217.25.208.0/20
IPv6:
2a02:ddc0::/29
Signature Algorithm: sha256WithRSAEncryption
c1:7b:69:dd:72:8d:44:ee:af:ea:68:fc:9f:3c:f6:42:d0:53:
25:6a:38:31:88:f1:0a:71:8a:42:c4:96:60:f8:6a:cf:a3:1a:
8b:84:80:a7:ad:1a:15:7b:9c:7a:91:31:b7:d7:e1:e2:b1:38:
05:f7:86:47:90:97:27:69:e4:41:5a:07:00:aa:86:49:39:34:
54:f0:ce:53:ea:29:3d:91:4b:43:95:b7:24:0e:03:4d:65:29:
70:64:8e:96:f6:61:af:1a:8a:68:c8:6f:df:4a:6a:54:60:e3:
11:c7:0f:48:9d:ed:50:77:d7:a9:a4:c9:63:a3:83:72:34:5c:
fe:f4:ea:02:95:d8:86:82:2a:aa:4e:46:8c:cd:cc:a3:15:c3:
7d:da:79:38:fe:0b:9c:f8:f2:2c:29:ba:31:19:40:55:46:1c:
e9:40:6c:e3:ac:89:61:95:4d:1e:92:55:08:4a:b9:cf:d2:45:
42:8c:39:06:a7:8f:e5:9c:37:84:e9:d7:23:15:6d:9c:32:d2:
52:f5:c6:19:1c:0c:b9:8f:68:2f:97:f4:0e:f4:e3:b9:c9:3e:
11:6f:3d:2c:0a:61:09:e6:6b:9f:9d:89:6f:74:a1:48:9c:e8:
d1:e1:ff:00:37:2a:fa:32:9a:92:b5:7a:f5:25:9b:7a:cc:58:
3e:0c:98:a2
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVwOW4p64Bz3ZJSVMuE3S24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjEzMDYxMDFjYzllYzlmY2U5ODUyODBjMWRiMGYzN2Mx
MzVhM2EwHhcNMjMwMTAyMDIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDM3NjBhYzcyYjI0ZDMzZThiYzA1MjlmM2Y4ZGJkYzJlNWZmZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCGOG8PWRqLY9/J6eh1wlGt4qTDI
1LHeQC2hAU5fZtySl6en/Pv+7JSDGG9eGS6f2PgRrs2eWlEaKcMzbiW6iGRMgHF2
RGYVDEkVQiPEm5WTzm4QzEjrbCcLAe8YB1iYQtFV3SK0JBdsZNBEEyrV0NO7c5XH
bqkNGuyf1pSbWFFH4OKEYxXo3Y67M6Y26RbTwCVBQwNk27XUqbkag/sdrcN1Z6Lu
yI2DXnGJMxv69CpRrcGZS38DSUWPdxp555SloZg9gMkCjZGt/zSCOO1FFOgcICXI
AZ43amScXmlemdzT/WdGHOX/Ri8Nju61XEl/x9N8kydcHJz6T3DCn8h8wQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGQ3YKxysk0z6LwFKfP429wuX/9oMB8GA1UdIwQY
MBaAFOSxMGEBzJ7J/OmFKAwdsPN8E1o6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxFd1lRSE1uc244NllVb0RCMnc4M3dUV2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80ZDA4OWUtNWQxYy00ZTM0LTk0NjUt
ZmE2MzQ4ZjY5NWI1LzEvWkRkZ3JIS3lUVFBvdkFVcDhfamIzQzVmXzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80ZDA4OWUtNWQxYy00ZTM0LTk0NjUtZmE2MzQ4ZjY5NWI1
LzEvNUxFd1lRSE1uc244NllVb0RCMnc4M3dUV2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGLunAAwQD
PrbAAwQGXokAAwQGbXgAAwQGsD5AAwQGskpAAwQCuQ2wAwQE2RnQMA0EAgACMAcD
BQMqAt3AMA0GCSqGSIb3DQEBCwUAA4IBAQDBe2ndco1E7q/qaPyfPPZC0FMlajgx
iPEKcYpCxJZg+GrPoxqLhICnrRoVe5x6kTG31+HisTgF94ZHkJcnaeRBWgcAqoZJ
OTRU8M5T6ik9kUtDlbckDgNNZSlwZI6W9mGvGopoyG/fSmpUYOMRxw9Ine1Qd9ep
pMljo4NyNFz+9OoCldiGgiqqTkaMzcyjFcN92nk4/guc+PIsKboxGUBVRhzpQGzj
rIlhlU0eklUISrnP0kVCjDkGp4/lnDeE6dcjFW2cMtJS9cYZHAy5j2gvl/QO9OO5
yT4Rbz0sCmEJ5mufnYlvdKFInOjR4f8ANyr6MpqStXr1JZt6zFg+DJii
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:46 2025 by rpki-client