Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/02445c-81f9-47b3-9385-34f7d5131367/1/zerFitlfjTjJMBtasEcjiWK4aS8.roa
File: zerFitlfjTjJMBtasEcjiWK4aS8.roa (raw, json)
Hash identifier: bpcUvdW9IWOnPqc89RtjVv/4wcDX89A567O6+uLLQCk=
Subject key identifier: CD:EA:C5:8A:D9:5F:8D:38:C9:30:1B:5A:B0:47:23:89:62:B8:69:2F
Certificate issuer: /CN=07887ceb1cbd1029ef8a76df77f1152bb473b643
Certificate serial: 01875C1A0842CAE091C99CBFCFB1A4460F6B
Authority key identifier: 07:88:7C:EB:1C:BD:10:29:EF:8A:76:DF:77:F1:15:2B:B4:73:B6:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B4h86xy9ECnvinbfd_EVK7RztkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/02445c-81f9-47b3-9385-34f7d5131367/1/zerFitlfjTjJMBtasEcjiWK4aS8.roa
Signing time: Fri 07 Apr 2023 14:23:42 +0000
ROA not before: Fri 07 Apr 2023 14:23:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21409
IP address blocks: 213.246.32.0/19 maxlen: 32
213.246.33.0/24 maxlen: 32
213.246.35.0/24 maxlen: 32
213.246.36.0/22 maxlen: 32
213.246.42.0/24 maxlen: 32
185.10.99.0/24 maxlen: 24
213.246.51.0/24 maxlen: 32
213.246.49.0/24 maxlen: 32
213.246.55.0/24 maxlen: 32
213.246.52.0/23 maxlen: 32
213.246.56.0/22 maxlen: 32
213.246.61.0/24 maxlen: 32
213.246.62.0/23 maxlen: 32
213.246.60.0/24 maxlen: 32
78.24.128.0/21 maxlen: 32
94.125.160.0/21 maxlen: 32
80.93.80.0/20 maxlen: 32
178.170.0.0/17 maxlen: 32
185.246.84.0/22 maxlen: 22
109.238.0.0/20 maxlen: 32
109.238.15.0/24 maxlen: 32
2a00:c70::/32 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5c:1a:08:42:ca:e0:91:c9:9c:bf:cf:b1:a4:46:0f:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07887ceb1cbd1029ef8a76df77f1152bb473b643
Validity
Not Before: Apr 7 14:23:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdeac58ad95f8d38c9301b5ab047238962b8692f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d2:2c:8d:fc:e2:fa:72:8f:f4:9a:d4:c4:b3:
29:b5:59:8b:9d:f7:fa:0c:82:44:13:89:90:47:cf:
ee:8c:10:4c:d4:9f:54:38:a1:47:0a:a2:52:5d:16:
45:4f:48:96:0c:dc:9f:57:5a:8b:88:58:73:9f:93:
5b:85:ce:f3:04:48:0c:4c:28:c4:25:a2:97:ff:2e:
0f:d4:94:42:86:7c:8c:c0:8a:6c:e6:72:41:a4:37:
55:30:89:a3:99:2f:5f:62:76:d0:15:33:6b:e5:02:
86:59:8e:ea:e1:f3:4b:10:41:ed:8f:c7:b4:f8:11:
3c:ed:e3:c3:22:80:71:d5:be:a3:65:9d:32:36:90:
a6:01:90:70:2a:03:f2:bb:28:dd:db:e0:3f:9e:69:
d8:3e:20:5f:d9:cd:bf:4e:26:46:2e:62:81:25:ce:
f6:fe:f7:95:24:db:c2:e2:ab:67:58:82:86:f7:e5:
c1:e1:8b:c1:dc:02:8f:0a:ae:c2:93:7c:93:4e:41:
e0:4e:75:f1:ec:31:83:3e:88:41:3e:b3:93:cb:ee:
87:9f:0e:4d:f6:44:9f:29:84:4d:67:c9:d9:94:81:
8d:7d:b9:b0:65:97:68:0b:c7:84:cc:7d:97:a2:fd:
9d:28:31:1d:6d:95:66:54:33:2d:a3:fb:be:0c:3b:
7e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:EA:C5:8A:D9:5F:8D:38:C9:30:1B:5A:B0:47:23:89:62:B8:69:2F
X509v3 Authority Key Identifier:
keyid:07:88:7C:EB:1C:BD:10:29:EF:8A:76:DF:77:F1:15:2B:B4:73:B6:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B4h86xy9ECnvinbfd_EVK7RztkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/02445c-81f9-47b3-9385-34f7d5131367/1/zerFitlfjTjJMBtasEcjiWK4aS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/02445c-81f9-47b3-9385-34f7d5131367/1/B4h86xy9ECnvinbfd_EVK7RztkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.128.0/21
80.93.80.0/20
94.125.160.0/21
109.238.0.0/20
178.170.0.0/17
185.10.99.0/24
185.246.84.0/22
213.246.32.0/19
IPv6:
2a00:c70::/32
Signature Algorithm: sha256WithRSAEncryption
59:ea:76:68:d7:f1:a6:5c:4d:7f:87:58:96:58:e6:06:7b:58:
94:b9:d0:be:0a:dc:de:36:c8:18:b1:73:8f:ee:83:aa:18:6e:
46:06:f5:5c:30:7f:d9:17:9a:58:0b:6b:ea:19:6c:5f:4e:9b:
39:be:64:93:15:45:52:93:bd:48:a0:17:0c:59:5b:1b:0a:01:
3a:86:1e:cf:ef:3a:18:23:88:44:34:f9:58:59:e9:23:10:4e:
1d:9e:cf:c8:dc:ec:94:d5:25:c7:6a:ca:8a:d6:86:48:6d:55:
89:87:dd:69:b7:53:a5:79:c1:4d:db:6b:32:a9:cd:c9:99:bc:
ce:d0:36:f9:33:7a:f2:03:c2:e4:58:ea:b0:a5:0b:41:6c:d2:
0f:ac:f0:8c:3f:eb:4c:e1:a5:c2:4b:64:e4:69:7d:4b:c4:a5:
93:e3:53:7a:d3:46:86:29:0a:c9:9f:d2:2b:ad:08:56:50:94:
08:32:6c:62:36:d1:04:d8:04:ba:10:44:a3:bb:7b:1a:4a:55:
ad:1d:7f:f6:83:0f:ff:93:69:c7:33:77:b3:5e:f6:c6:6d:2d:
18:1a:87:47:db:b6:72:ef:b2:71:fe:1f:4d:d3:27:39:a8:4e:
87:59:70:37:d7:2e:3d:9f:8f:c2:d2:98:f9:68:6d:7a:88:09:
d4:cb:4b:5e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYdcGghCyuCRyZy/z7GkRg9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ODg3Y2ViMWNiZDEwMjllZjhhNzZkZjc3ZjExNTJiYjQ3
M2I2NDMwHhcNMjMwNDA3MTQyMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGVhYzU4YWQ5NWY4ZDM4YzkzMDFiNWFiMDQ3MjM4OTYyYjg2OTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdIsjfzi+nKP9JrUxLMptVmLnff6
DIJEE4mQR8/ujBBM1J9UOKFHCqJSXRZFT0iWDNyfV1qLiFhzn5Nbhc7zBEgMTCjE
JaKX/y4P1JRChnyMwIps5nJBpDdVMImjmS9fYnbQFTNr5QKGWY7q4fNLEEHtj8e0
+BE87ePDIoBx1b6jZZ0yNpCmAZBwKgPyuyjd2+A/nmnYPiBf2c2/TiZGLmKBJc72
/veVJNvC4qtnWIKG9+XB4YvB3AKPCq7Ck3yTTkHgTnXx7DGDPohBPrOTy+6Hnw5N
9kSfKYRNZ8nZlIGNfbmwZZdoC8eEzH2Xov2dKDEdbZVmVDMto/u+DDt+xQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFM3qxYrZX404yTAbWrBHI4liuGkvMB8GA1UdIwQY
MBaAFAeIfOscvRAp74p233fxFSu0c7ZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjRoODZ4eTlFQ252aW5iZmRfRVZLN1J6dGtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8wMjQ0NWMtODFmOS00N2IzLTkzODUt
MzRmN2Q1MTMxMzY3LzEvemVyRml0bGZqVGpKTUJ0YXNFY2ppV0s0YVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8wMjQ0NWMtODFmOS00N2IzLTkzODUtMzRmN2Q1MTMxMzY3
LzEvQjRoODZ4eTlFQ252aW5iZmRfRVZLN1J6dGtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDThiAAwQE
UF1QAwQDXn2gAwQEbe4AAwQHsqoAAwQAuQpjAwQCufZUAwQF1fYgMA0EAgACMAcD
BQAqAAxwMA0GCSqGSIb3DQEBCwUAA4IBAQBZ6nZo1/GmXE1/h1iWWOYGe1iUudC+
CtzeNsgYsXOP7oOqGG5GBvVcMH/ZF5pYC2vqGWxfTps5vmSTFUVSk71IoBcMWVsb
CgE6hh7P7zoYI4hENPlYWekjEE4dns/I3OyU1SXHasqK1oZIbVWJh91pt1OlecFN
22syqc3JmbzO0Db5M3ryA8LkWOqwpQtBbNIPrPCMP+tM4aXCS2TkaX1LxKWT41N6
00aGKQrJn9IrrQhWUJQIMmxiNtEE2AS6EESju3saSlWtHX/2gw//k2nHM3ezXvbG
bS0YGodH27Zy77Jx/h9N0yc5qE6HWXA31y49n4/C0pj5aG16iAnUy0te
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:52 2025 by rpki-client