Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/zume2OSQ6wcQJ2OExZ6II3POMk4.roa
File: zume2OSQ6wcQJ2OExZ6II3POMk4.roa (raw, json)
Hash identifier: 0gqaFUOOIRuch1pIsE0wc9yEa6+7Dcr+kDZL0gx1a2E=
Subject key identifier: CE:E9:9E:D8:E4:90:EB:07:10:27:63:84:C5:9E:88:23:73:CE:32:4E
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 01879308839E28130BE6F9AEB3EAF424057D
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/zume2OSQ6wcQJ2OExZ6II3POMk4.roa
Signing time: Tue 18 Apr 2023 06:23:41 +0000
ROA not before: Tue 18 Apr 2023 06:23:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15774
IP address blocks: 178.76.216.0/21 maxlen: 21
178.76.214.0/24 maxlen: 24
178.76.224.0/19 maxlen: 24
178.76.234.0/24 maxlen: 24
185.43.86.0/23 maxlen: 32
83.234.240.0/21 maxlen: 21
178.76.194.0/23 maxlen: 23
178.76.196.0/22 maxlen: 22
178.76.205.0/24 maxlen: 24
178.76.208.0/23 maxlen: 23
178.76.210.0/23 maxlen: 23
178.76.207.0/24 maxlen: 24
178.76.212.0/24 maxlen: 24
62.33.122.0/23 maxlen: 32
83.234.54.0/24 maxlen: 32
83.234.136.0/23 maxlen: 23
83.234.168.0/23 maxlen: 32
91.204.96.0/22 maxlen: 32
37.61.176.0/21 maxlen: 32
31.216.170.0/24 maxlen: 24
46.166.65.0/24 maxlen: 24
109.233.172.0/22 maxlen: 32
83.234.10.0/24 maxlen: 24
81.18.128.0/19 maxlen: 32
89.186.234.0/24 maxlen: 24
46.166.80.0/23 maxlen: 24
46.166.84.0/22 maxlen: 23
46.226.240.0/21 maxlen: 32
46.166.80.0/24 maxlen: 24
46.166.79.0/24 maxlen: 24
46.166.83.0/24 maxlen: 24
46.166.82.0/24 maxlen: 24
46.166.81.0/24 maxlen: 24
46.166.88.0/23 maxlen: 23
46.166.91.0/24 maxlen: 24
46.166.95.0/24 maxlen: 24
46.166.94.0/24 maxlen: 24
46.166.93.0/24 maxlen: 24
81.4.192.0/18 maxlen: 32
176.104.160.0/22 maxlen: 22
176.104.164.0/22 maxlen: 22
46.20.64.0/20 maxlen: 32
176.104.128.0/21 maxlen: 21
176.104.152.0/22 maxlen: 22
185.6.236.0/22 maxlen: 32
176.104.156.0/22 maxlen: 22
176.125.64.0/18 maxlen: 18
185.61.24.0/22 maxlen: 32
46.182.128.0/22 maxlen: 22
46.182.131.0/24 maxlen: 24
2a03:3700:6000::/36 maxlen: 128
2a03:3700:2000::/36 maxlen: 128
2a03:3700::/36 maxlen: 128
2a03:3700:1000::/36 maxlen: 128
2a03:3700:4000::/36 maxlen: 128
2a03:3700:5000::/36 maxlen: 128
2a03:3700:3000::/36 maxlen: 128
2a03:3700:7000::/36 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:08:83:9e:28:13:0b:e6:f9:ae:b3:ea:f4:24:05:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Apr 18 06:23:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cee99ed8e490eb0710276384c59e882373ce324e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ef:5b:6c:10:88:60:ab:bf:92:69:f5:38:76:
12:4a:2f:cb:26:3f:a3:d4:5d:b4:8e:3c:8c:cd:06:
b9:ae:c2:57:15:b6:f8:1e:40:e2:6c:79:22:28:04:
6d:a1:f4:94:16:86:a1:cb:40:51:a7:9a:37:12:39:
c1:be:21:3e:80:86:f9:ad:13:08:a3:8c:19:1a:c3:
3c:07:3f:a5:5f:bb:7c:70:cd:c8:e9:8d:3e:ff:1d:
a8:2c:0b:e7:68:da:2e:66:49:39:19:d1:87:e4:f5:
7c:c9:57:ee:46:f7:fb:3e:ab:d4:35:6d:ce:13:28:
f9:38:9c:31:06:28:b3:1a:6c:5d:42:e5:34:76:3b:
09:cc:ab:fe:90:5c:4e:a6:85:28:65:48:c2:55:c9:
73:b9:0e:06:81:66:26:ba:40:9d:78:41:9b:3c:aa:
75:8a:bb:da:49:d1:19:84:f2:96:9b:c4:0a:a2:43:
95:43:09:52:be:a6:fd:38:a2:ce:0b:a5:23:4e:c5:
57:38:06:88:98:b9:e7:91:59:37:ea:37:9b:e2:63:
bb:57:f3:27:b9:83:f7:5a:f7:dd:8f:ff:5f:df:c6:
d2:5e:25:46:38:0c:05:43:15:73:3b:85:36:fc:af:
f5:25:b8:f2:aa:44:3c:26:4e:57:96:43:bc:9e:76:
60:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E9:9E:D8:E4:90:EB:07:10:27:63:84:C5:9E:88:23:73:CE:32:4E
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/zume2OSQ6wcQJ2OExZ6II3POMk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.170.0/24
37.61.176.0/21
46.20.64.0/20
46.166.65.0/24
46.166.79.0-46.166.89.255
46.166.91.0/24
46.166.93.0-46.166.95.255
46.182.128.0/22
46.226.240.0/21
62.33.122.0/23
81.4.192.0/18
81.18.128.0/19
83.234.10.0/24
83.234.54.0/24
83.234.136.0/23
83.234.168.0/23
83.234.240.0/21
89.186.234.0/24
91.204.96.0/22
109.233.172.0/22
176.104.128.0/21
176.104.152.0-176.104.167.255
176.125.64.0/18
178.76.194.0-178.76.199.255
178.76.205.0/24
178.76.207.0-178.76.212.255
178.76.214.0/24
178.76.216.0-178.76.255.255
185.6.236.0/22
185.43.86.0/23
185.61.24.0/22
IPv6:
2a03:3700::/33
Signature Algorithm: sha256WithRSAEncryption
8b:1c:08:75:c4:7b:c9:79:aa:a2:24:c9:82:d9:df:40:40:fe:
4b:5b:ec:06:d5:b5:37:44:1a:45:37:bb:fa:20:93:80:db:3c:
93:25:95:92:c9:ea:c5:2b:ca:4c:61:f1:c8:d0:69:a8:d9:3f:
62:3f:58:d9:ff:00:46:ac:4b:66:e4:ac:ff:5b:4f:b8:5b:10:
86:4e:fd:a5:50:53:5b:e5:e6:59:cf:7e:65:6e:ba:9f:87:82:
4f:2c:c9:2f:50:cf:bf:ec:94:8f:4d:27:d0:9d:3b:8e:da:82:
24:e4:53:fe:45:b0:a0:35:9c:93:89:70:51:30:5c:f0:6f:45:
f5:3b:c9:2e:6a:37:2a:f9:2c:40:14:b3:4c:75:f5:be:73:e4:
64:23:d4:01:9f:3d:4f:4f:26:a3:fd:57:98:d5:7e:3f:70:ff:
92:55:f9:4c:61:e7:f7:5e:e2:97:91:47:d5:ac:56:89:0e:ce:
8a:d1:52:b3:ab:f1:21:b3:8a:af:9a:b7:46:5c:b9:b8:54:fa:
22:66:0b:64:4c:fa:25:1c:99:54:09:04:fd:4d:eb:73:81:26:
6f:51:8d:bc:51:0d:01:d1:e0:51:17:2d:8e:16:b1:b6:a8:a1:
79:c6:3e:5a:c2:fb:20:f3:50:d3:6a:28:dd:88:64:22:98:40:
d1:d7:2b:46
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAYeTCIOeKBML5vmus+r0JAV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjMwNDE4MDYyMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWU5OWVkOGU0OTBlYjA3MTAyNzYzODRjNTllODgyMzczY2UzMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO9bbBCIYKu/kmn1OHYSSi/LJj+j
1F20jjyMzQa5rsJXFbb4HkDibHkiKARtofSUFoahy0BRp5o3EjnBviE+gIb5rRMI
o4wZGsM8Bz+lX7t8cM3I6Y0+/x2oLAvnaNouZkk5GdGH5PV8yVfuRvf7PqvUNW3O
Eyj5OJwxBiizGmxdQuU0djsJzKv+kFxOpoUoZUjCVclzuQ4GgWYmukCdeEGbPKp1
irvaSdEZhPKWm8QKokOVQwlSvqb9OKLOC6UjTsVXOAaImLnnkVk36jeb4mO7V/Mn
uYP3Wvfdj/9f38bSXiVGOAwFQxVzO4U2/K/1JbjyqkQ8Jk5XlkO8nnZgOQIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFM7pntjkkOsHECdjhMWeiCNzzjJOMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvenVtZTJPU1E2d2NRSjJPRXhaNklJM1BPTWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB8AQCAAEwgekD
BAAf2KoDBAMlPbADBAQuFEADBAAupkEwDAMEAC6mTwMEAS6mWAMEAC6mWzAMAwQA
LqZdAwQFLqZAAwQCLraAAwQDLuLwAwQBPiF6AwQGUQTAAwQFURKAAwQAU+oKAwQA
U+o2AwQBU+qIAwQBU+qoAwQDU+rwAwQAWbrqAwQCW8xgAwQCbemsAwQDsGiAMAwD
BAOwaJgDBAOwaKADBAawfUAwDAMEAbJMwgMEA7JMwAMEALJMzTAMAwQAskzPAwQA
skzUAwQAskzWMAsDBAOyTNgDAwCyTAMEArkG7AMEAbkrVgMEArk9GDAOBAIAAjAI
AwYHKgM3AAAwDQYJKoZIhvcNAQELBQADggEBAIscCHXEe8l5qqIkyYLZ30BA/ktb
7AbVtTdEGkU3u/ogk4DbPJMllZLJ6sUrykxh8cjQaajZP2I/WNn/AEasS2bkrP9b
T7hbEIZO/aVQU1vl5lnPfmVuup+Hgk8syS9Qz7/slI9NJ9CdO47agiTkU/5FsKA1
nJOJcFEwXPBvRfU7yS5qNyr5LEAUs0x19b5z5GQj1AGfPU9PJqP9V5jVfj9w/5JV
+Uxh5/de4peRR9WsVokOzorRUrOr8SGziq+at0ZcubhU+iJmC2RM+iUcmVQJBP1N
63OBJm9RjbxRDQHR4FEXLY4WsbaooXnGPlrC+yDzUNNqKN2IZCKYQNHXK0Y=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:12 2025 by rpki-client