Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ZrcdWFz1CF5yOaPxkWnVc8xnDyg.roa
File: ZrcdWFz1CF5yOaPxkWnVc8xnDyg.roa (raw, json)
Hash identifier: AfoDzPyQuEk5a9vipp2m9Ff5DrfbUEHK7jrWXl9DD9I=
Subject key identifier: 66:B7:1D:58:5C:F5:08:5E:72:39:A3:F1:91:69:D5:73:CC:67:0F:28
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018373D20A7AD855D1D98D64F3E801C9666B
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ZrcdWFz1CF5yOaPxkWnVc8xnDyg.roa
Signing time: Sun 25 Sep 2022 08:44:48 +0000
ROA not before: Sun 25 Sep 2022 08:44:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 185.95.102.0/23 maxlen: 24
185.95.101.0/24 maxlen: 24
185.76.240.0/23 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/24 maxlen: 24
185.81.187.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
185.97.1.0/24 maxlen: 24
185.68.246.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
185.89.42.0/24 maxlen: 24
185.68.247.0/24 maxlen: 24
194.104.10.0/24 maxlen: 24
185.73.182.0/23 maxlen: 24
185.68.184.0/24 maxlen: 24
185.75.132.0/23 maxlen: 24
185.75.134.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
5.181.168.0/24 maxlen: 24
185.96.80.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
213.232.120.0/24 maxlen: 24
83.171.226.0/24 maxlen: 24
83.171.224.0/24 maxlen: 24
83.171.227.0/24 maxlen: 24
185.96.38.0/24 maxlen: 24
185.89.104.0/23 maxlen: 24
185.89.108.0/22 maxlen: 24
141.98.87.0/24 maxlen: 24
185.81.172.0/23 maxlen: 24
5.183.255.0/24 maxlen: 24
185.88.38.0/24 maxlen: 24
185.88.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:73:d2:0a:7a:d8:55:d1:d9:8d:64:f3:e8:01:c9:66:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Sep 25 08:44:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66b71d585cf5085e7239a3f19169d573cc670f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dc:7a:76:5d:81:53:ba:36:80:d1:11:32:03:
44:09:68:56:d8:ec:0d:29:74:07:b0:2a:b2:37:87:
ed:fd:4a:c1:69:66:5a:20:78:a7:fc:8a:07:50:45:
68:09:bc:b2:50:c5:18:72:87:91:2c:06:b6:2e:21:
a9:3e:91:78:c2:92:3d:c9:a1:13:2e:1d:fc:97:60:
2d:69:03:b9:b2:30:80:f7:c6:d7:10:fc:56:f5:25:
80:95:fb:d9:0a:8a:27:f1:be:93:15:e5:b8:b2:eb:
94:3c:fe:da:f5:64:ce:bf:9e:88:8a:a3:56:1b:3d:
e3:fd:27:6b:cf:07:92:f4:ea:09:87:c3:70:8e:24:
ba:66:cb:87:ed:a6:a5:c1:d3:2e:f3:d3:27:8f:8f:
72:f8:33:d6:5a:4a:03:f5:e4:ee:10:af:25:67:f1:
0b:c9:15:88:fe:59:17:22:de:e3:f0:41:82:a1:6c:
1c:68:08:68:35:52:66:87:cc:4c:aa:ef:0b:da:29:
d6:12:6d:54:85:b6:05:45:7f:c0:fa:09:c1:a7:05:
c1:b2:17:17:3b:b2:4c:71:3b:8d:1b:3b:9a:2f:37:
13:99:1a:e7:05:fc:9e:f0:04:41:72:a2:06:70:9d:
ff:6b:1e:55:41:ef:35:15:6e:8d:a3:65:f1:4e:ef:
69:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B7:1D:58:5C:F5:08:5E:72:39:A3:F1:91:69:D5:73:CC:67:0F:28
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ZrcdWFz1CF5yOaPxkWnVc8xnDyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.255.0/24
83.171.224.0/24
83.171.226.0/23
141.98.87.0/24
185.68.184.0/24
185.68.246.0/23
185.73.182.0/23
185.75.132.0-185.75.134.255
185.76.240.0/23
185.81.172.0-185.81.174.255
185.81.184.0/24
185.81.187.0/24
185.88.36.0/24
185.88.38.0/24
185.89.42.0/23
185.89.104.0/23
185.89.108.0/22
185.95.101.0-185.95.103.255
185.96.38.0/24
185.96.80.0/24
185.97.1.0/24
185.97.3.0/24
194.104.10.0/24
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
82:4e:68:e6:00:83:18:09:95:c4:98:81:04:cf:cc:8a:76:29:
61:bb:82:28:10:5f:93:66:d8:a0:4a:6e:5c:b7:f6:53:a1:1d:
14:89:3a:77:2d:97:ba:03:bd:46:81:72:1f:ca:14:d8:91:20:
6e:d7:40:29:a2:27:9e:29:4a:a8:0f:61:60:8d:90:31:31:aa:
9b:b6:69:1c:1c:66:eb:56:a4:7c:58:0f:20:d5:aa:94:69:b3:
1f:4f:68:36:f8:c8:a5:85:e3:86:21:16:02:1b:03:1e:6b:f0:
aa:71:4c:ab:f7:83:c3:9f:c9:20:4e:e8:44:f7:43:51:45:d4:
9c:a1:8d:c7:ee:2b:c0:0f:31:59:fd:85:10:5d:fd:db:19:37:
12:ca:c8:4b:9d:92:93:73:40:b0:7f:40:ea:b1:54:42:9e:a7:
d7:18:95:81:99:04:19:3b:a1:b8:d4:ad:15:78:04:ab:46:9c:
f0:8b:19:a3:0d:f1:88:c7:73:b0:08:d4:ba:00:b6:71:57:3f:
81:16:bc:9f:8c:22:c4:c7:4c:ff:3b:28:52:69:4d:24:70:b5:
23:d0:09:8d:3b:2c:d2:b9:91:85:06:f1:1a:f8:03:39:41:ab:
87:be:ec:45:06:8c:f2:0d:e7:b7:b0:8a:e0:c7:50:8d:db:e7:
99:4d:3f:06
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYNz0gp62FXR2Y1k8+gByWZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIwOTI1MDg0NDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmI3MWQ1ODVjZjUwODVlNzIzOWEzZjE5MTY5ZDU3M2NjNjcwZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNx6dl2BU7o2gNERMgNECWhW2OwN
KXQHsCqyN4ft/UrBaWZaIHin/IoHUEVoCbyyUMUYcoeRLAa2LiGpPpF4wpI9yaET
Lh38l2AtaQO5sjCA98bXEPxW9SWAlfvZCoon8b6TFeW4suuUPP7a9WTOv56IiqNW
Gz3j/SdrzweS9OoJh8NwjiS6ZsuH7aalwdMu89Mnj49y+DPWWkoD9eTuEK8lZ/EL
yRWI/lkXIt7j8EGCoWwcaAhoNVJmh8xMqu8L2inWEm1UhbYFRX/A+gnBpwXBshcX
O7JMcTuNGzuaLzcTmRrnBfye8ARBcqIGcJ3/ax5VQe81FW6No2XxTu9pUQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFGa3HVhc9Qhecjmj8ZFp1XPMZw8oMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvWnJjZFdGejFDRjV5T2FQeGtXblZjOHhuRHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAEF
tagDBAAFt/8DBABTq+ADBAFTq+IDBACNYlcDBAC5RLgDBAG5RPYDBAG5SbYwDAME
ArlLhAMEALlLhgMEAblM8DAMAwQCuVGsAwQAuVGuAwQAuVG4AwQAuVG7AwQAuVgk
AwQAuVgmAwQBuVkqAwQBuVloAwQCuVlsMAwDBAC5X2UDBAO5X2ADBAC5YCYDBAC5
YFADBAC5YQEDBAC5YQMDBADCaAoDBADV6HgDBADV6HowDQYJKoZIhvcNAQELBQAD
ggEBAIJOaOYAgxgJlcSYgQTPzIp2KWG7gigQX5Nm2KBKbly39lOhHRSJOnctl7oD
vUaBch/KFNiRIG7XQCmiJ54pSqgPYWCNkDExqpu2aRwcZutWpHxYDyDVqpRpsx9P
aDb4yKWF44YhFgIbAx5r8KpxTKv3g8OfySBO6ET3Q1FF1JyhjcfuK8APMVn9hRBd
/dsZNxLKyEudkpNzQLB/QOqxVEKep9cYlYGZBBk7objUrRV4BKtGnPCLGaMN8YjH
c7AI1LoAtnFXP4EWvJ+MIsTHTP87KFJpTSRwtSPQCY07LNK5kYUG8Rr4AzlBq4e+
7EUGjPIN57ewiuDHUI3b55lNPwY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org