Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZJWLf5CtLc2hYchh9swJS73n95Y.roa
File: ZJWLf5CtLc2hYchh9swJS73n95Y.roa (raw, json)
Hash identifier: rN/wFRkvOVQGsY89o+kJtiQCuiiRrVQSZXJutybIkz4=
Subject key identifier: 64:95:8B:7F:90:AD:2D:CD:A1:61:C8:61:F6:CC:09:4B:BD:E7:F7:96
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C7C401FBA0D54910F8DE57D67690580FB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZJWLf5CtLc2hYchh9swJS73n95Y.roa
Signing time: Mon 18 Dec 2023 09:27:06 +0000
ROA not before: Mon 18 Dec 2023 09:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:40:1f:ba:0d:54:91:0f:8d:e5:7d:67:69:05:80:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 18 09:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64958b7f90ad2dcda161c861f6cc094bbde7f796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c8:39:45:5e:08:d3:21:23:46:7b:de:db:34:
00:8c:be:19:07:07:4e:3b:d5:7c:d4:5b:ce:63:38:
c7:d9:8c:ea:22:2c:3c:98:e6:60:13:9f:c4:e8:a6:
bc:aa:32:18:db:36:a0:1b:c8:58:aa:01:91:0b:b5:
67:4f:4f:4f:cf:4c:36:3a:c1:fc:4d:ec:2f:7c:84:
b3:68:5c:0d:11:1b:80:43:2e:08:62:62:57:e4:d9:
64:b1:8a:6f:19:a2:d6:86:18:03:47:e3:07:f3:8c:
37:87:84:70:76:6f:63:d2:a2:e0:e4:e9:12:71:a5:
29:52:5e:08:98:c4:0c:b3:53:a5:17:7b:d5:15:98:
42:e7:a2:96:f7:9f:67:d1:e0:ae:2a:0a:bb:43:9d:
18:c1:cd:de:cf:6c:b7:0b:20:d8:10:77:1f:21:6a:
90:f1:df:1a:a9:cb:03:f6:ab:ea:02:05:de:5e:cc:
9f:99:fe:61:d9:f9:c1:2b:29:f3:fb:f2:54:08:34:
f2:08:74:0e:1e:ac:4d:af:64:ab:17:9c:7c:01:07:
4b:5c:8d:80:b0:73:15:2d:2d:35:eb:b8:bf:50:96:
71:84:fe:c7:70:ed:c5:47:77:a1:01:9e:23:61:4b:
d5:4a:07:e0:4c:e6:c6:d4:8c:c7:cd:57:e3:69:19:
03:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:95:8B:7F:90:AD:2D:CD:A1:61:C8:61:F6:CC:09:4B:BD:E7:F7:96
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZJWLf5CtLc2hYchh9swJS73n95Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.116.0/24
81.168.119.0-81.168.120.255
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.4.0/24
89.213.6.0/23
89.213.130.0/24
89.213.161.0/24
89.213.190.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
44:82:df:b1:32:84:80:34:4d:58:69:23:52:ca:bd:3f:6f:68:
89:c0:98:6e:c9:66:6e:61:8d:f7:b5:55:f9:43:ff:b5:32:87:
40:08:5c:39:dd:7e:09:3d:9d:84:cc:1a:f3:ac:00:11:28:ea:
c3:94:0c:b3:d6:36:5d:bf:7d:7b:b8:c9:62:35:9b:d4:8a:ff:
ce:52:f5:af:55:33:8a:9f:cb:40:36:7f:13:68:c7:f8:45:b2:
98:84:87:e2:81:2b:3c:5d:71:54:c9:0f:ca:3a:3b:b1:64:8d:
e1:bb:da:04:0d:e1:59:dd:69:63:1d:fc:f5:36:e3:31:bd:34:
74:6f:5d:ba:ae:b3:02:99:6f:b2:82:37:3f:c8:1b:aa:39:3f:
d0:54:bf:3e:0f:cf:fc:22:52:7c:d0:82:04:f2:59:49:07:37:
81:49:09:68:f9:66:c0:ab:b7:a2:4d:80:10:4a:ee:f0:97:31:
67:aa:f6:d0:e4:03:b1:fe:57:05:d6:d8:12:db:8c:9c:99:3e:
d4:86:d5:d1:f4:10:2f:30:5c:1a:7f:d2:cc:f9:6c:73:14:af:
16:13:0d:41:3d:53:0c:c3:85:bf:38:d3:63:7a:a3:dc:a9:ad:
0b:18:3c:55:b2:b5:de:3e:56:b5:17:a4:a6:46:f1:e1:99:7f:
68:9e:a4:ee
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYx8QB+6DVSRD43lfWdpBYD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE4MDkyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDk1OGI3ZjkwYWQyZGNkYTE2MWM4NjFmNmNjMDk0YmJkZTdmNzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocg5RV4I0yEjRnve2zQAjL4ZBwdO
O9V81FvOYzjH2YzqIiw8mOZgE5/E6Ka8qjIY2zagG8hYqgGRC7VnT09Pz0w2OsH8
TewvfISzaFwNERuAQy4IYmJX5NlksYpvGaLWhhgDR+MH84w3h4Rwdm9j0qLg5OkS
caUpUl4ImMQMs1OlF3vVFZhC56KW959n0eCuKgq7Q50Ywc3ez2y3CyDYEHcfIWqQ
8d8aqcsD9qvqAgXeXsyfmf5h2fnBKynz+/JUCDTyCHQOHqxNr2SrF5x8AQdLXI2A
sHMVLS0167i/UJZxhP7HcO3FR3ehAZ4jYUvVSgfgTObG1IzHzVfjaRkDnwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFGSVi3+QrS3NoWHIYfbMCUu95/eWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWkpXTGY1Q3RMYzJoWWNoaDlzd0pTNzNuOTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFGodDAM
AwQAUah3AwQAUah4AwQAUpj4AwQAUpj7AwQAUpj+AwQAUplFAwQAUplIAwQAUplP
AwQAUpmEAwQAUpngAwQAWdUEAwQBWdUGAwQAWdWCAwQAWdWhAwQAWdW+AwQAbbD3
AwQAbbD7AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQBEgt+xMoSANE1YaSNSyr0/
b2iJwJhuyWZuYY33tVX5Q/+1ModACFw53X4JPZ2EzBrzrAARKOrDlAyz1jZdv317
uMliNZvUiv/OUvWvVTOKn8tANn8TaMf4RbKYhIfigSs8XXFUyQ/KOjuxZI3hu9oE
DeFZ3WljHfz1NuMxvTR0b126rrMCmW+ygjc/yBuqOT/QVL8+D8/8IlJ80IIE8llJ
BzeBSQlo+WbAq7eiTYAQSu7wlzFnqvbQ5AOx/lcF1tgS24ycmT7UhtXR9BAvMFwa
f9LM+WxzFK8WEw1BPVMMw4W/ONNjeqPcqa0LGDxVsrXePla1F6SmRvHhmX9onqTu
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:30:59 2025 by rpki-client