Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/sZ8DYLlkx-Q9xPKN0grH95N3op4.roa
File: sZ8DYLlkx-Q9xPKN0grH95N3op4.roa (raw, json)
Hash identifier: kX2e1Sk0lMbM0jRvLRhNslusRyKFyxPowrgIh90KFTU=
Subject key identifier: B1:9F:03:60:B9:64:C7:E4:3D:C4:F2:8D:D2:0A:C7:F7:93:77:A2:9E
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 01873AE00D9998498F0C70452D1205A1220B
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/sZ8DYLlkx-Q9xPKN0grH95N3op4.roa
Signing time: Sat 01 Apr 2023 03:32:54 +0000
ROA not before: Sat 01 Apr 2023 03:32:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5578
IP address blocks: 84.245.64.0/18 maxlen: 18
84.245.97.0/24 maxlen: 24
84.245.94.0/24 maxlen: 24
185.130.220.0/22 maxlen: 22
193.110.186.0/23 maxlen: 23
62.168.64.0/18 maxlen: 18
94.124.144.0/21 maxlen: 21
92.60.56.0/21 maxlen: 21
84.245.126.0/24 maxlen: 24
195.168.0.0/16 maxlen: 16
85.248.234.0/24 maxlen: 24
85.248.235.0/24 maxlen: 24
217.67.16.0/20 maxlen: 20
212.26.160.0/19 maxlen: 19
213.215.64.0/18 maxlen: 18
213.215.72.0/22 maxlen: 22
212.26.176.0/20 maxlen: 20
194.1.230.0/24 maxlen: 24
194.1.231.0/24 maxlen: 24
194.1.228.0/24 maxlen: 24
194.1.229.0/24 maxlen: 24
194.1.227.0/24 maxlen: 24
82.119.224.0/20 maxlen: 20
80.250.240.0/20 maxlen: 20
194.1.224.0/24 maxlen: 24
194.1.225.0/24 maxlen: 24
194.1.226.0/24 maxlen: 24
62.197.192.0/18 maxlen: 18
195.12.128.0/19 maxlen: 19
195.46.64.0/19 maxlen: 19
62.197.222.0/24 maxlen: 24
85.248.0.0/16 maxlen: 16
217.75.64.0/19 maxlen: 19
217.75.82.0/23 maxlen: 23
81.88.128.0/20 maxlen: 20
193.58.192.0/22 maxlen: 22
193.58.196.0/23 maxlen: 23
185.220.120.0/22 maxlen: 22
62.65.160.0/19 maxlen: 19
194.1.172.0/22 maxlen: 22
195.72.0.0/19 maxlen: 19
62.152.224.0/19 maxlen: 19
195.98.0.0/19 maxlen: 19
83.168.128.0/18 maxlen: 18
212.81.0.0/19 maxlen: 19
217.172.144.0/20 maxlen: 20
217.118.96.0/20 maxlen: 20
2001:1ba0::/32 maxlen: 32
2a06:dbc0::/29 maxlen: 29
2a02:770::/32 maxlen: 32
2a00:1298::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3a:e0:0d:99:98:49:8f:0c:70:45:2d:12:05:a1:22:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Apr 1 03:32:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b19f0360b964c7e43dc4f28dd20ac7f79377a29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:db:26:33:10:14:f9:25:6a:f2:35:86:18:3c:
8c:ba:ad:f3:18:57:3a:9a:a9:cd:5d:57:97:d6:30:
94:12:c9:1f:0b:df:dc:96:9f:9c:85:38:04:e9:ce:
22:d4:40:b3:17:f0:f1:54:ac:6a:61:69:93:a5:56:
80:bc:95:4b:eb:fa:71:d0:e4:e3:5d:ad:89:4b:41:
3f:ac:2d:a6:5c:40:98:cc:e9:1b:3d:86:5b:1b:96:
13:d4:fd:5c:1e:12:20:d8:3c:3d:c8:b5:21:7b:17:
5f:74:8f:d3:0e:88:c1:bf:4a:71:b9:91:25:11:40:
e1:7f:f2:c6:28:3f:2e:75:db:e0:3f:ed:91:95:7f:
98:6b:f6:f0:87:fe:2f:52:4e:c3:8e:ef:be:7a:06:
75:db:97:f9:98:ee:bb:2a:49:65:9f:28:7c:71:e9:
be:00:8d:46:b4:8d:e3:a8:ee:75:84:cf:ed:21:fe:
4f:9c:79:03:ac:0b:6c:e4:6e:92:f1:14:af:75:4f:
e0:68:c5:99:95:4a:ad:fb:3b:a3:02:f6:4e:3f:21:
de:43:80:3f:1a:5d:ab:41:73:46:9b:0c:43:83:70:
bc:0c:3d:4e:95:49:38:94:a5:15:33:ee:da:de:4d:
61:b8:b0:14:a9:59:38:4b:29:10:76:80:c2:0c:1f:
ab:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:9F:03:60:B9:64:C7:E4:3D:C4:F2:8D:D2:0A:C7:F7:93:77:A2:9E
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/sZ8DYLlkx-Q9xPKN0grH95N3op4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.160.0/19
62.152.224.0/19
62.168.64.0/18
62.197.192.0/18
80.250.240.0/20
81.88.128.0/20
82.119.224.0/20
83.168.128.0/18
84.245.64.0/18
85.248.0.0/16
92.60.56.0/21
94.124.144.0/21
185.130.220.0/22
185.220.120.0/22
193.58.192.0-193.58.197.255
193.110.186.0/23
194.1.172.0/22
194.1.224.0/21
195.12.128.0/19
195.46.64.0/19
195.72.0.0/19
195.98.0.0/19
195.168.0.0/16
212.26.160.0/19
212.81.0.0/19
213.215.64.0/18
217.67.16.0/20
217.75.64.0/19
217.118.96.0/20
217.172.144.0/20
IPv6:
2001:1ba0::/32
2a00:1298::/32
2a02:770::/32
2a06:dbc0::/29
Signature Algorithm: sha256WithRSAEncryption
60:28:81:30:33:13:91:be:23:9c:29:61:13:dd:78:c6:58:5c:
78:d2:41:fd:df:3d:ce:b6:40:e1:1f:32:02:c1:75:9d:81:f5:
66:7b:6c:e8:69:4b:42:56:bd:c4:bd:96:75:14:97:b1:f0:f5:
7c:c4:53:33:82:6c:14:0b:01:47:c7:68:9d:c4:5b:7b:bc:3c:
47:9d:ed:e8:17:7c:02:15:fe:13:d3:f0:e7:fe:f8:1f:66:30:
a2:76:e8:59:f5:a8:12:a2:37:15:1a:9e:f6:68:78:7d:03:26:
98:5e:01:f3:7a:f2:2f:72:83:2c:b0:d3:67:5d:87:a3:2f:da:
45:61:e4:19:dc:0d:33:7c:4d:63:a0:06:7a:52:6e:79:43:84:
be:44:f9:fd:a7:f0:db:6f:ba:e6:00:89:c1:41:f0:df:92:ae:
e5:db:8b:b6:c3:e1:9f:85:57:b4:ef:7d:83:48:08:e9:fb:a7:
4f:ba:74:ff:52:b2:6f:83:ea:23:a1:19:f1:a7:81:9a:35:dc:
0d:bc:b4:36:12:0f:30:17:9c:37:58:75:36:9f:33:c2:eb:26:
af:b6:70:be:6b:d6:00:3c:41:f5:cc:dc:21:93:c7:16:67:21:
14:9f:d2:1c:e0:7f:c8:d2:7f:d2:8a:a4:9f:4b:44:d2:76:f0:
b6:97:76:1b
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAYc64A2ZmEmPDHBFLRIFoSILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjMwNDAxMDMzMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTlmMDM2MGI5NjRjN2U0M2RjNGYyOGRkMjBhYzdmNzkzNzdhMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtsmMxAU+SVq8jWGGDyMuq3zGFc6
mqnNXVeX1jCUEskfC9/clp+chTgE6c4i1ECzF/DxVKxqYWmTpVaAvJVL6/px0OTj
Xa2JS0E/rC2mXECYzOkbPYZbG5YT1P1cHhIg2Dw9yLUhexdfdI/TDojBv0pxuZEl
EUDhf/LGKD8uddvgP+2RlX+Ya/bwh/4vUk7Dju++egZ125f5mO67Kkllnyh8cem+
AI1GtI3jqO51hM/tIf5PnHkDrAts5G6S8RSvdU/gaMWZlUqt+zujAvZOPyHeQ4A/
Gl2rQXNGmwxDg3C8DD1OlUk4lKUVM+7a3k1huLAUqVk4SykQdoDCDB+r2QIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFLGfA2C5ZMfkPcTyjdIKx/eTd6KeMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvc1o4RFlMbGt4LVE5eFBLTjBnckg5NU4zb3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCBwQQCAAEwgboDBAU+
QaADBAU+mOADBAY+qEADBAY+xcADBARQ+vADBARRWIADBARSd+ADBAZTqIADBAZU
9UADAwBV+AMEA1w8OAMEA158kAMEArmC3AMEArnceDAMAwQGwTrAAwQBwTrEAwQB
wW66AwQCwgGsAwQDwgHgAwQFwwyAAwQFwy5AAwQFw0gAAwQFw2IAAwMAw6gDBAXU
GqADBAXUUQADBAbV10ADBATZQxADBAXZS0ADBATZdmADBATZrJAwIgQCAAIwHAMF
ACABG6ADBQAqABKYAwUAKgIHcAMFAyoG28AwDQYJKoZIhvcNAQELBQADggEBAGAo
gTAzE5G+I5wpYRPdeMZYXHjSQf3fPc62QOEfMgLBdZ2B9WZ7bOhpS0JWvcS9lnUU
l7Hw9XzEUzOCbBQLAUfHaJ3EW3u8PEed7egXfAIV/hPT8Of++B9mMKJ26Fn1qBKi
NxUanvZoeH0DJpheAfN68i9ygyyw02ddh6Mv2kVh5BncDTN8TWOgBnpSbnlDhL5E
+f2n8NtvuuYAicFB8N+SruXbi7bD4Z+FV7TvfYNICOn7p0+6dP9Ssm+D6iOhGfGn
gZo13A28tDYSDzAXnDdYdTafM8LrJq+2cL5r1gA8QfXM3CGTxxZnIRSf0hzgf8jS
f9KKpJ9LRNJ28LaXdhs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:44 2025 by rpki-client