Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/RZTq7R8RU1Reu5dV7iGxdB5RuBg.roa
File: RZTq7R8RU1Reu5dV7iGxdB5RuBg.roa (raw, json)
Hash identifier: IW+kebD7I0j0xxHpMnktfel6gP1obhjyvWTWS48Dm7Q=
Subject key identifier: 45:94:EA:ED:1F:11:53:54:5E:BB:97:55:EE:21:B1:74:1E:51:B8:18
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 018BB3AACDF9504799943EEB0B4FB158BBFD
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/RZTq7R8RU1Reu5dV7iGxdB5RuBg.roa
Signing time: Thu 09 Nov 2023 10:39:57 +0000
ROA not before: Thu 09 Nov 2023 10:39:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49544
IP address blocks: 185.41.140.0/22 maxlen: 22
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
91.216.207.0/24 maxlen: 24
188.122.64.0/19 maxlen: 24
91.198.152.0/24 maxlen: 24
185.52.12.0/22 maxlen: 24
213.163.64.0/19 maxlen: 24
185.50.104.0/22 maxlen: 22
162.245.204.0/22 maxlen: 22
5.200.0.0/19 maxlen: 24
185.179.202.0/23 maxlen: 24
213.179.204.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
185.179.200.0/23 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.209.0/24 maxlen: 24
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/22 maxlen: 22
212.19.224.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
185.197.24.0/22 maxlen: 23
193.43.218.0/23 maxlen: 23
104.153.84.0/22 maxlen: 22
5.180.218.0/23 maxlen: 23
5.180.216.0/23 maxlen: 23
31.204.132.0/22 maxlen: 22
31.204.128.0/19 maxlen: 24
31.204.136.0/23 maxlen: 23
138.128.136.0/22 maxlen: 22
91.195.234.0/23 maxlen: 23
138.128.140.0/22 maxlen: 22
2a01:9580::/32 maxlen: 34
2a01:9580:c000::/34 maxlen: 34
2a04:c600::/29 maxlen: 34
2a00:1630::/29 maxlen: 32
2a00:1631::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d26::/32 maxlen: 34
2a00:1630::/32 maxlen: 48
2a00:1632::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:aa:cd:f9:50:47:99:94:3e:eb:0b:4f:b1:58:bb:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Nov 9 10:39:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4594eaed1f1153545ebb9755ee21b1741e51b818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0d:ac:e5:2d:49:e8:f6:f9:e3:0e:fb:1d:06:
ab:37:76:98:4f:4e:9c:b1:e8:ae:e9:21:2d:b6:7e:
b4:56:68:f9:e2:61:e7:ac:7c:3d:34:05:3c:23:67:
67:5d:c5:aa:e8:06:ce:cd:20:c6:d4:a4:cb:a7:2d:
63:bf:73:06:6f:1c:82:43:f2:26:87:e7:45:1c:18:
67:6c:c1:12:47:1e:50:c1:cc:e3:08:a8:b0:7c:e4:
5c:19:e6:96:22:4b:e9:a6:56:f2:3a:ca:49:f1:97:
8f:80:3d:2d:6b:14:bd:49:08:c1:43:be:13:62:67:
cc:da:22:24:9e:02:1c:e0:41:17:e7:38:39:7b:51:
a0:18:69:66:c5:08:3c:a2:61:d3:73:40:c2:58:2e:
42:92:71:66:ec:87:10:46:21:0d:e5:3d:50:11:29:
a9:d5:b9:b5:0e:02:4d:35:b2:9f:87:77:07:2f:70:
01:d8:a3:01:24:d8:01:eb:2d:37:84:88:d6:20:44:
a3:a8:f5:bc:08:f3:c7:57:a6:f2:a3:c9:75:3e:25:
a9:97:02:11:d2:b5:d1:e8:5d:82:14:4b:6b:df:a5:
e6:c6:a4:37:54:d0:ee:32:58:f5:3e:81:ce:33:58:
a4:ef:58:ea:6c:5c:e1:a1:3b:36:5c:65:93:90:c6:
45:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:94:EA:ED:1F:11:53:54:5E:BB:97:55:EE:21:B1:74:1E:51:B8:18
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/RZTq7R8RU1Reu5dV7iGxdB5RuBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.216.0/22
5.200.0.0/19
31.204.128.0/19
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
84:41:07:98:67:3c:55:8f:37:2b:4a:b9:56:14:47:8f:ac:38:
b7:76:1d:24:a4:5d:4b:7f:c5:8d:a7:4a:b8:a4:d3:fc:7e:ab:
38:99:81:d8:04:af:dc:24:17:a5:70:ca:1d:a9:55:8c:0c:ef:
7c:b5:ba:8f:dd:05:3f:20:31:55:dd:8d:63:57:f4:8d:b4:7c:
93:6d:b4:e6:f9:6f:35:6e:6b:08:bd:2a:8b:82:e3:8a:08:68:
b2:4b:f4:31:dc:3c:01:ac:b0:54:16:fb:f1:2b:be:73:95:08:
f3:d0:0b:12:dc:7b:15:09:d8:b5:40:6d:30:62:09:fb:bf:26:
35:8e:50:7d:c9:cb:08:87:fc:82:87:9e:2e:52:82:d5:f2:90:
d7:76:0e:ad:f5:5d:a5:cc:dc:c8:09:fd:40:66:d9:09:70:1a:
82:82:1b:29:2e:15:cc:84:d5:f7:f7:f1:bc:c2:92:b5:09:80:
bc:bd:c8:69:d8:5b:9f:5e:82:13:2a:02:35:48:48:a4:6d:d1:
5f:ff:79:f9:0f:0e:28:28:00:59:0d:dd:18:5d:e1:1b:17:44:
1c:66:c2:93:4e:e5:39:44:d4:8c:f6:08:5c:bd:7e:8a:ab:23:
db:9a:11:5a:7d:0a:d4:82:39:c3:71:50:e7:5c:b4:7c:ba:7c:
f1:23:b6:2d
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYuzqs35UEeZlD7rC0+xWLv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjMxMTA5MTAzOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk0ZWFlZDFmMTE1MzU0NWViYjk3NTVlZTIxYjE3NDFlNTFiODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsw2s5S1J6Pb54w77HQarN3aYT06c
seiu6SEttn60Vmj54mHnrHw9NAU8I2dnXcWq6AbOzSDG1KTLpy1jv3MGbxyCQ/Im
h+dFHBhnbMESRx5QwczjCKiwfORcGeaWIkvpplbyOspJ8ZePgD0taxS9SQjBQ74T
YmfM2iIkngIc4EEX5zg5e1GgGGlmxQg8omHTc0DCWC5CknFm7IcQRiEN5T1QESmp
1bm1DgJNNbKfh3cHL3AB2KMBJNgB6y03hIjWIESjqPW8CPPHV6byo8l1PiWplwIR
0rXR6F2CFEtr36XmxqQ3VNDuMlj1PoHOM1ik71jqbFzhoTs2XGWTkMZFqQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFEWU6u0fEVNUXruXVe4hsXQeUbgYMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvUlpUcTdSOFJVMVJldTVkVjdpR3hkQjVSdUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBiwQCAAEwgYQDBAIF
tNgDBAUFyAADBAUfzIADBAFbw+oDBABbxpgDBABb2M8DBAJomVQDBAVtyMADBAOK
gIgDBAKS90wDBAKi9DQDBAKi9cwDBAK5KYwDBAK5MmgDBAK5NAwDBAK5s8gDBAK5
xRgDBAW8ekADBAHBK9oDBALUE+ADBAXVo0ADBAXVs8AwIgQCAAIwHAMFAyoAFjAD
BQMqAB0gAwUAKgGVgAMFAyoExgAwDQYJKoZIhvcNAQELBQADggEBAIRBB5hnPFWP
NytKuVYUR4+sOLd2HSSkXUt/xY2nSrik0/x+qziZgdgEr9wkF6Vwyh2pVYwM73y1
uo/dBT8gMVXdjWNX9I20fJNttOb5bzVuawi9KouC44oIaLJL9DHcPAGssFQW+/Er
vnOVCPPQCxLcexUJ2LVAbTBiCfu/JjWOUH3JywiH/IKHni5SgtXykNd2Dq31XaXM
3MgJ/UBm2QlwGoKCGykuFcyE1ff38bzCkrUJgLy9yGnYW59eghMqAjVISKRt0V//
efkPDigoAFkN3Rhd4RsXRBxmwpNO5TlE1Iz2CFy9foqrI9uaEVp9CtSCOcNxUOdc
tHy6fPEjti0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:22:27 2025 by rpki-client