Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/ZA8lC9OSCc5PSNVigb0eLdh9_I0.roa
File: ZA8lC9OSCc5PSNVigb0eLdh9_I0.roa (raw, json)
Hash identifier: UE5W0CwWf1+wJsUBq7exu3ilIEBU+Cfud00OXi9pPfI=
Subject key identifier: 64:0F:25:0B:D3:92:09:CE:4F:48:D5:62:81:BD:1E:2D:D8:7D:FC:8D
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 3A8006CB
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/ZA8lC9OSCc5PSNVigb0eLdh9_I0.roa
Signing time: Sat 01 Jan 2022 05:59:59 +0000
ROA not before: Sat 01 Jan 2022 05:59:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42388
IP address blocks: 213.227.160.0/24 maxlen: 24
188.172.248.0/24 maxlen: 24
213.227.191.0/24 maxlen: 24
217.146.18.0/24 maxlen: 24
217.146.26.216/32 maxlen: 32
188.172.219.64/32 maxlen: 32
185.81.208.0/24 maxlen: 24
188.172.235.188/32 maxlen: 32
217.146.22.170/32 maxlen: 32
213.227.168.222/32 maxlen: 32
2a00:11c0:e:ffff:1::1000/128 maxlen: 128
2a00:11c0:d::1a/128 maxlen: 128
2a05:8900:aa1::/48 maxlen: 48
2a00:11c0:aa1::/48 maxlen: 48
2a00:11c0:63:350::1000/128 maxlen: 128
2a00:11c0:11c0::/48 maxlen: 128
2a00:11c0:1010::/48 maxlen: 48
2a00:11c0:82:359::1000/128 maxlen: 128
2a00:11c0:5:613::1000/128 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 981468875 (0x3a8006cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 05:59:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=640f250bd39209ce4f48d56281bd1e2dd87dfc8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2d:c9:33:81:e7:65:56:ed:db:28:b1:89:9c:
90:28:23:1d:d4:b0:50:e7:f2:b0:c1:1e:56:9a:a8:
24:9d:52:d2:d0:25:8a:80:9e:d9:da:ed:a3:9b:3d:
8b:af:b4:69:fb:38:39:e2:9c:7d:7a:ba:67:d8:5d:
60:01:69:2c:18:5f:76:c1:de:7c:1c:a7:b5:4e:15:
9e:74:27:04:11:99:f3:89:4b:05:87:2a:ce:cf:25:
96:0d:70:a1:1d:b2:f9:80:b0:f9:25:25:72:71:a9:
cf:2d:71:3b:db:80:96:a7:50:17:92:a5:be:38:98:
52:cf:9d:f3:ac:b9:ff:5b:8e:5b:ec:b1:6b:a6:84:
00:a6:8b:8a:75:1a:3f:dd:8c:18:f7:8a:5b:74:94:
9d:23:97:a6:d0:dc:f1:5e:6d:ab:c9:f1:d0:80:33:
aa:fc:7c:ea:85:dc:66:e6:c6:8c:3f:b9:5c:e3:73:
d5:e3:0a:7e:ae:36:db:89:dc:df:5e:3f:43:39:ec:
d9:95:9f:7c:c9:cb:bb:51:cf:78:81:f2:1e:ad:dd:
e8:1a:68:61:e8:a3:31:8d:27:d6:3e:8b:9f:94:1e:
9d:b2:7e:f9:12:a1:6b:ea:eb:b2:c4:78:ae:65:04:
24:d8:ea:7a:aa:83:79:9b:b0:e1:65:2a:b4:94:cc:
d1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0F:25:0B:D3:92:09:CE:4F:48:D5:62:81:BD:1E:2D:D8:7D:FC:8D
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/ZA8lC9OSCc5PSNVigb0eLdh9_I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.208.0/24
188.172.219.64/32
188.172.235.188/32
188.172.248.0/24
213.227.160.0/24
213.227.168.222/32
213.227.191.0/24
217.146.18.0/24
217.146.22.170/32
217.146.26.216/32
IPv6:
2a00:11c0:5:613:0:0:0:1000/128
2a00:11c0:d:0:0:0:0:1a/128
2a00:11c0:e:ffff:1:0:0:1000/128
2a00:11c0:63:350:0:0:0:1000/128
2a00:11c0:82:359:0:0:0:1000/128
2a00:11c0:aa1::/48
2a00:11c0:1010::/48
2a00:11c0:11c0::/48
2a05:8900:aa1::/48
Signature Algorithm: sha256WithRSAEncryption
ba:c3:c3:9e:73:75:13:ee:36:9e:f2:ee:8b:9d:b6:c6:1e:03:
eb:66:7a:d4:55:bb:d7:80:dd:50:e0:a7:a1:98:45:d4:32:c1:
3b:ff:c9:78:89:ff:04:0c:20:be:b8:95:ee:69:ba:45:c0:ac:
90:81:a2:6d:99:6b:ca:6c:c1:d5:cf:4c:7f:06:20:2c:9f:6f:
77:79:cb:89:a4:57:75:16:2b:99:bb:67:43:22:b6:9d:47:63:
c8:fe:60:e0:3c:23:4b:b4:01:6f:19:08:87:5c:62:22:c8:05:
75:23:9f:3e:cf:d0:32:a6:98:4b:4f:72:4f:f2:47:47:a2:04:
75:af:f5:30:65:e2:2f:f0:be:29:b3:6b:1e:33:b6:97:e1:6f:
5a:9b:8a:a3:eb:d1:08:c9:44:dd:82:e2:fb:e4:b0:08:24:c6:
0a:52:9b:64:43:84:5f:11:18:e5:1c:53:49:7e:5b:db:b6:24:
72:f1:0c:61:a4:78:d1:1a:c9:12:e3:39:2b:75:68:6d:b1:3d:
e1:e6:8e:0d:05:b5:53:d3:4f:dc:cb:f1:2c:e1:2b:c8:25:89:
0d:06:a5:74:d8:1c:88:da:a2:43:b3:31:a4:c1:5b:19:a3:ba:
cd:1b:11:52:67:a3:04:eb:f1:91:2d:b6:59:83:95:d6:4f:e2:
d9:35:4c:6d
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIEOoAGyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTM5YWZlYmFjZTg5OWE4ZWUwYmI0ZjhiYjQ0NzVmZTI0N2ExNTI4MB4XDTIyMDEw
MTA1NTk1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQwZjI1MGJkMzky
MDljZTRmNDhkNTYyODFiZDFlMmRkODdkZmM4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8tyTOB52VW7dsosYmckCgjHdSwUOfysMEeVpqoJJ1S0tAl
ioCe2drto5s9i6+0afs4OeKcfXq6Z9hdYAFpLBhfdsHefByntU4VnnQnBBGZ84lL
BYcqzs8llg1woR2y+YCw+SUlcnGpzy1xO9uAlqdQF5KlvjiYUs+d86y5/1uOW+yx
a6aEAKaLinUaP92MGPeKW3SUnSOXptDc8V5tq8nx0IAzqvx86oXcZubGjD+5XONz
1eMKfq4224nc314/Qzns2ZWffMnLu1HPeIHyHq3d6BpoYeijMY0n1j6Ln5QenbJ+
+RKha+rrssR4rmUEJNjqeqqDeZuw4WUqtJTM0dMCAwEAAaOCAtQwggLQMB0GA1Ud
DgQWBBRkDyUL05IJzk9I1WKBvR4t2H38jTAfBgNVHSMEGDAWgBSlOa/rrOiZqO4L
tPi7RHX+JHoVKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BUbXY2NnpvbWFqdUM3VDR1MFIxX2lSNkZTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvOThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8x
L1pBOGxDOU9TQ2M1UFNOVmlnYjBlTGRoOV9JMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
OThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8xL3BUbXY2NnpvbWFq
dUM3VDR1MFIxX2lSNkZTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
6QYIKwYBBQUHAQcBAf8EgdkwgdYwRwQCAAEwQQMEALlR0AMFALys20ADBQC8rOu8
AwQAvKz4AwQA1eOgAwUA1eOo3gMEANXjvwMEANmSEgMFANmSFqoDBQDZkhrYMIGK
BAIAAjCBgwMRACoAEcAABQYTAAAAAAAAEAADEQAqABHAAA0AAAAAAAAAAAAaAxEA
KgARwAAO//8AAQAAAAAQAAMRACoAEcAAYwNQAAAAAAAAEAADEQAqABHAAIIDWQAA
AAAAABAAAwcAKgARwAqhAwcAKgARwBAQAwcAKgARwBHAAwcAKgWJAAqhMA0GCSqG
SIb3DQEBCwUAA4IBAQC6w8Oec3UT7jae8u6LnbbGHgPrZnrUVbvXgN1Q4KehmEXU
MsE7/8l4if8EDCC+uJXuabpFwKyQgaJtmWvKbMHVz0x/BiAsn293ecuJpFd1FiuZ
u2dDIradR2PI/mDgPCNLtAFvGQiHXGIiyAV1I58+z9AypphLT3JP8kdHogR1r/Uw
ZeIv8L4ps2seM7aX4W9am4qj69EIyUTdguL75LAIJMYKUptkQ4RfERjlHFNJflvb
tiRy8QxhpHjRGskS4zkrdWhtsT3h5o4NBbVT00/cy/Es4SvIJYkNBqV02ByI2qJD
szGkwVsZo7rNGxFSZ6ME6/GRLbZZg5XWT+LZNUxt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:50 2024 by rpki-client on console-ams.rpki-client.org