Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/zRw5LUBGgaVPPYfYp4ah72M_cYA.roa
File: zRw5LUBGgaVPPYfYp4ah72M_cYA.roa (raw, json)
Hash identifier: tG2G5yUioEnaHeR5tsLTN4WANE+NKPYSGXqC+JZSmHk=
Subject key identifier: CD:1C:39:2D:40:46:81:A5:4F:3D:87:D8:A7:86:A1:EF:63:3F:71:80
Certificate issuer: /CN=33ea08efa9b3f78c9ef9db767adc21dd61834e0f
Certificate serial: 0CA38767
Authority key identifier: 33:EA:08:EF:A9:B3:F7:8C:9E:F9:DB:76:7A:DC:21:DD:61:83:4E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-oI76mz94ye-dt2etwh3WGDTg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/zRw5LUBGgaVPPYfYp4ah72M_cYA.roa
Signing time: Sat 01 Jan 2022 12:02:53 +0000
ROA not before: Sat 01 Jan 2022 12:02:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198944
IP address blocks: 185.247.100.0/22 maxlen: 22
185.82.228.0/22 maxlen: 22
81.161.96.0/23 maxlen: 23
185.137.112.0/23 maxlen: 23
185.137.114.0/23 maxlen: 23
2a03:6960::/32 maxlen: 32
2001:67c:2a68::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212043623 (0xca38767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea08efa9b3f78c9ef9db767adc21dd61834e0f
Validity
Not Before: Jan 1 12:02:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd1c392d404681a54f3d87d8a786a1ef633f7180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3b:45:99:25:29:76:20:23:94:1c:85:0b:fc:
34:ac:c0:0d:fe:44:6f:78:6c:35:f8:7f:9c:de:2e:
98:87:24:fb:85:32:9d:bc:36:b4:c5:a3:89:ed:d1:
68:3b:79:67:9c:2b:db:9c:63:fe:90:9c:94:81:d7:
d0:89:88:b2:e6:28:9f:22:08:8c:b9:72:36:13:b6:
85:92:b9:f8:9b:2e:82:75:8b:e3:99:13:fa:e5:94:
03:7a:2f:ae:2d:1f:9d:e2:2c:7a:da:eb:07:e0:4e:
d1:91:ac:b2:90:27:b7:19:79:f7:f7:c8:bc:81:7c:
f0:f1:20:8b:a6:e8:67:d1:33:f4:fe:a8:92:21:b4:
44:9b:36:55:73:93:1f:b2:fb:e8:13:e8:5e:60:d1:
0d:82:0c:2f:e0:53:24:59:92:d2:31:af:80:91:af:
9e:c0:90:19:f5:f8:b4:4d:0a:12:b4:e8:b4:85:24:
10:5d:9b:c8:47:de:7f:a8:b5:a6:f0:f5:2e:ee:a9:
12:0e:97:4d:e3:b7:89:c5:0e:7c:ce:5e:69:98:56:
8c:dd:dd:ca:d1:f7:5d:39:c4:dc:a9:c2:dc:d7:b8:
17:6f:c4:24:36:eb:3f:65:e2:33:cf:63:e6:1d:74:
bb:5c:f3:fb:0a:39:d1:54:c3:df:5e:b6:04:ee:5d:
7f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:1C:39:2D:40:46:81:A5:4F:3D:87:D8:A7:86:A1:EF:63:3F:71:80
X509v3 Authority Key Identifier:
keyid:33:EA:08:EF:A9:B3:F7:8C:9E:F9:DB:76:7A:DC:21:DD:61:83:4E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-oI76mz94ye-dt2etwh3WGDTg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/zRw5LUBGgaVPPYfYp4ah72M_cYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/M-oI76mz94ye-dt2etwh3WGDTg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.96.0/23
185.82.228.0/22
185.137.112.0/22
185.247.100.0/22
IPv6:
2001:67c:2a68::/48
2a03:6960::/32
Signature Algorithm: sha256WithRSAEncryption
5c:aa:25:0f:44:5a:d0:52:d8:fb:f6:c4:54:bd:a3:3f:b8:cf:
cb:6e:4f:b4:2a:b4:e3:d8:f7:a2:4b:ee:a3:3c:41:7d:61:48:
aa:c3:ca:c5:94:28:a7:ed:10:ec:5e:8f:ab:9e:d1:0e:76:3d:
e9:26:19:e0:05:e8:a1:ad:53:bb:bc:ba:49:d5:f0:43:08:b1:
07:a0:6f:7e:1e:6e:41:15:18:f3:dd:a9:39:d2:f8:ba:45:dd:
9e:c3:98:62:be:d5:6a:a7:c5:98:be:d7:fa:51:60:4d:22:50:
00:54:76:31:3b:05:1d:83:d6:65:1f:97:07:aa:9f:3f:76:1d:
e3:db:99:d6:cb:45:58:6d:fa:11:40:d9:13:83:a1:fd:37:9e:
4c:01:30:32:4a:c4:ba:5f:56:e4:6b:54:f1:6e:ac:26:a4:d5:
14:1e:33:9c:4d:62:82:8d:6a:1c:64:16:49:40:af:f3:d1:11:
2f:0e:29:de:ab:86:45:d7:f0:72:de:29:2d:74:2a:2b:98:1b:
d4:11:c7:34:25:52:3a:9b:ef:60:d6:49:51:bb:2a:f1:4e:d1:
12:1a:5e:41:58:bb:1b:8d:91:ae:57:f9:89:1b:c4:05:a3:e1:
b9:d0:18:dc:7d:d4:69:a9:49:3f:8f:9a:a9:44:82:70:a6:e8:
f8:ee:16:6d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEDKOHZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2VhMDhlZmE5YjNmNzhjOWVmOWRiNzY3YWRjMjFkZDYxODM0ZTBmMB4XDTIyMDEw
MTEyMDI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QxYzM5MmQ0MDQ2
ODFhNTRmM2Q4N2Q4YTc4NmExZWY2MzNmNzE4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMA7RZklKXYgI5QchQv8NKzADf5Eb3hsNfh/nN4umIck+4Uy
nbw2tMWjie3RaDt5Z5wr25xj/pCclIHX0ImIsuYonyIIjLlyNhO2hZK5+JsugnWL
45kT+uWUA3ovri0fneIsetrrB+BO0ZGsspAntxl59/fIvIF88PEgi6boZ9Ez9P6o
kiG0RJs2VXOTH7L76BPoXmDRDYIML+BTJFmS0jGvgJGvnsCQGfX4tE0KErTotIUk
EF2byEfef6i1pvD1Lu6pEg6XTeO3icUOfM5eaZhWjN3dytH3XTnE3KnC3Ne4F2/E
JDbrP2XiM89j5h10u1zz+wo50VTD3162BO5dfw0CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBTNHDktQEaBpU89h9inhqHvYz9xgDAfBgNVHSMEGDAWgBQz6gjvqbP3jJ75
23Z63CHdYYNODzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L00tb0k3Nm16OTR5ZS1kdDJldHdoM1dHRFRnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNjg4NDI1LTE0Y2ItNGZkNi04ZjI3LWRlY2NmYTNlYTYzNS8x
L3pSdzVMVUJHZ2FWUFBZZllwNGFoNzJNX2NZQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
Njg4NDI1LTE0Y2ItNGZkNi04ZjI3LWRlY2NmYTNlYTYzNS8xL00tb0k3Nm16OTR5
ZS1kdDJldHdoM1dHRFRnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwHgQCAAEwGAMEAVGhYAMEArlS5AMEArmJcAMEArn3
ZDAWBAIAAjAQAwcAIAEGfCpoAwUAKgNpYDANBgkqhkiG9w0BAQsFAAOCAQEAXKol
D0Ra0FLY+/bEVL2jP7jPy25PtCq049j3okvuozxBfWFIqsPKxZQop+0Q7F6Pq57R
DnY96SYZ4AXooa1Tu7y6SdXwQwixB6Bvfh5uQRUY892pOdL4ukXdnsOYYr7VaqfF
mL7X+lFgTSJQAFR2MTsFHYPWZR+XB6qfP3Yd49uZ1stFWG36EUDZE4Oh/TeeTAEw
MkrEul9W5GtU8W6sJqTVFB4znE1igo1qHGQWSUCv89ERLw4p3quGRdfwct4pLXQq
K5gb1BHHNCVSOpvvYNZJUbsq8U7REhpeQVi7G42Rrlf5iRvEBaPhudAY3H3UaalJ
P4+aqUSCcKbo+O4WbQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:38 2025 by rpki-client