Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/zp8RgABq82JpiTI9NbhWxExoX-8.roa
File: zp8RgABq82JpiTI9NbhWxExoX-8.roa (raw, json)
Hash identifier: D55737uKeHcA8cNEaZoCY1W6rxhm2YjiDeV8Ku9xyCs=
Subject key identifier: CE:9F:11:80:00:6A:F3:62:69:89:32:3D:35:B8:56:C4:4C:68:5F:EF
Certificate issuer: /CN=668e9b2eefb205342382b6072a903f9d9837071a
Certificate serial: 0184657FC49A72DCE43F6FA07DE29C4D8032
Authority key identifier: 66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/zp8RgABq82JpiTI9NbhWxExoX-8.roa
Signing time: Fri 11 Nov 2022 07:03:02 +0000
ROA not before: Fri 11 Nov 2022 07:03:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44056
IP address blocks: 176.125.192.0/19 maxlen: 19
91.230.146.0/24 maxlen: 24
31.135.224.0/20 maxlen: 20
46.148.128.0/22 maxlen: 22
46.148.128.0/20 maxlen: 20
46.148.143.0/24 maxlen: 24
195.2.238.0/23 maxlen: 23
109.196.64.0/22 maxlen: 22
109.196.64.0/20 maxlen: 24
109.196.68.0/22 maxlen: 22
91.195.130.0/23 maxlen: 23
83.97.104.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:65:7f:c4:9a:72:dc:e4:3f:6f:a0:7d:e2:9c:4d:80:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668e9b2eefb205342382b6072a903f9d9837071a
Validity
Not Before: Nov 11 07:03:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce9f1180006af3626989323d35b856c44c685fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:39:cd:3b:f1:49:5c:ae:87:22:7b:46:8a:f2:
d2:50:12:2e:bc:05:76:27:17:ea:0c:93:ac:36:f8:
a1:01:d2:94:75:71:e4:4e:67:27:eb:f1:1a:a0:2f:
1e:ee:67:f5:97:12:70:30:ee:28:85:2c:be:63:1a:
5b:d3:ba:73:ce:8b:c2:be:7b:00:1c:bf:51:d4:ab:
f5:1b:2d:37:f9:d3:b6:dd:dc:03:82:ea:29:d2:60:
f2:34:30:ed:8b:96:36:c8:c7:05:bb:f4:11:1a:88:
36:42:2f:c8:45:63:38:b9:1b:6d:46:6b:57:ae:89:
e6:56:42:5c:b0:e4:3d:37:2e:30:d0:e4:21:91:40:
b6:f3:be:a2:e1:09:63:a0:75:34:6d:0d:52:56:f6:
e5:3a:73:cc:5b:be:b1:7b:62:b8:15:66:86:a7:36:
83:00:0b:91:a7:72:fa:22:86:ce:7d:5d:c7:f2:9b:
e7:d2:4a:a1:61:59:00:90:bc:59:6d:08:3e:a8:64:
d9:c6:36:25:9d:22:77:68:96:28:d9:db:31:f2:68:
03:59:52:c3:59:60:42:06:90:a5:a9:e5:15:ec:75:
1b:ea:23:06:11:fb:95:26:e8:9d:12:cc:a9:a2:35:
3a:08:bf:c5:c8:a8:60:e4:2f:26:2e:8f:dc:ad:54:
80:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9F:11:80:00:6A:F3:62:69:89:32:3D:35:B8:56:C4:4C:68:5F:EF
X509v3 Authority Key Identifier:
keyid:66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/zp8RgABq82JpiTI9NbhWxExoX-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.224.0/20
46.148.128.0/20
83.97.104.0/21
91.195.130.0/23
91.230.146.0/24
109.196.64.0/20
176.125.192.0/19
195.2.238.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:98:be:5f:54:c9:06:9e:bc:07:5f:2d:f6:97:a7:10:f5:3c:
8d:12:76:be:64:f8:d0:2e:2c:98:50:8f:c7:8e:c8:2a:a9:03:
c5:79:86:a0:27:fb:f1:95:bd:3f:7c:d7:ec:db:2f:ff:47:2c:
61:08:ce:ad:da:7d:f3:18:0b:43:2d:8f:21:2f:1c:55:4e:c3:
de:84:53:78:92:f8:af:49:ee:8a:76:20:d1:5b:c0:e9:75:0d:
9c:e1:8f:f3:c0:eb:8b:d1:e4:5f:37:9b:9e:15:d0:a5:3a:7d:
95:fe:dd:ee:fa:fa:a4:93:d6:64:35:6b:db:85:9d:23:66:d2:
81:61:92:6b:81:32:60:81:f0:ab:5e:58:79:b0:78:55:10:62:
67:d4:c4:ca:f8:90:6d:02:c6:d0:46:6c:9c:8f:b5:40:37:c9:
bb:6f:9e:8d:a4:b4:eb:ee:aa:08:ae:7c:18:45:df:99:12:83:
89:13:72:81:0b:7b:86:b9:12:db:65:49:69:65:08:d3:ae:99:
33:79:29:87:d7:59:14:30:00:22:d3:84:7b:26:44:f2:d9:12:
ab:51:ac:bc:9b:cb:df:af:3d:57:df:93:de:b0:42:8e:9f:e5:
d8:64:3e:db:7b:8c:12:1b:41:3b:3d:31:5d:2d:76:39:d9:99:
7a:a6:11:9c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYRlf8SactzkP2+gfeKcTYAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGU5YjJlZWZiMjA1MzQyMzgyYjYwNzJhOTAzZjlkOTgz
NzA3MWEwHhcNMjIxMTExMDcwMzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTlmMTE4MDAwNmFmMzYyNjk4OTMyM2QzNWI4NTZjNDRjNjg1ZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jnNO/FJXK6HIntGivLSUBIuvAV2
JxfqDJOsNvihAdKUdXHkTmcn6/EaoC8e7mf1lxJwMO4ohSy+Yxpb07pzzovCvnsA
HL9R1Kv1Gy03+dO23dwDguop0mDyNDDti5Y2yMcFu/QRGog2Qi/IRWM4uRttRmtX
ronmVkJcsOQ9Ny4w0OQhkUC2876i4QljoHU0bQ1SVvblOnPMW76xe2K4FWaGpzaD
AAuRp3L6IobOfV3H8pvn0kqhYVkAkLxZbQg+qGTZxjYlnSJ3aJYo2dsx8mgDWVLD
WWBCBpClqeUV7HUb6iMGEfuVJuidEsypojU6CL/FyKhg5C8mLo/crVSAZwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFM6fEYAAavNiaYkyPTW4VsRMaF/vMB8GA1UdIwQY
MBaAFGaOmy7vsgU0I4K2ByqQP52YNwcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMt
NGMwOGZmZTEwMDc2LzEvenA4UmdBQnE4MkpwaVRJOU5iaFd4RXhvWC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMtNGMwOGZmZTEwMDc2
LzEvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEH4fgAwQE
LpSAAwQDU2FoAwQBW8OCAwQAW+aSAwQEbcRAAwQFsH3AAwQBwwLuMA0GCSqGSIb3
DQEBCwUAA4IBAQB7mL5fVMkGnrwHXy32l6cQ9TyNEna+ZPjQLiyYUI/HjsgqqQPF
eYagJ/vxlb0/fNfs2y//RyxhCM6t2n3zGAtDLY8hLxxVTsPehFN4kvivSe6KdiDR
W8DpdQ2c4Y/zwOuL0eRfN5ueFdClOn2V/t3u+vqkk9ZkNWvbhZ0jZtKBYZJrgTJg
gfCrXlh5sHhVEGJn1MTK+JBtAsbQRmycj7VAN8m7b56NpLTr7qoIrnwYRd+ZEoOJ
E3KBC3uGuRLbZUlpZQjTrpkzeSmH11kUMAAi04R7JkTy2RKrUay8m8vfrz1X35Pe
sEKOn+XYZD7be4wSG0E7PTFdLXY52Zl6phGc
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:37 2025 by rpki-client