Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zwLpCNuTePVwuKzVm6E97dDF1iw.roa
File: zwLpCNuTePVwuKzVm6E97dDF1iw.roa (raw, json)
Hash identifier: YZ9rEWx/ZCwe6SUYwdGJ5rpkhhicduAZme2x8J16tD8=
Subject key identifier: CF:02:E9:08:DB:93:78:F5:70:B8:AC:D5:9B:A1:3D:ED:D0:C5:D6:2C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C7C42DED5290E8D5A46ADEEE041B19533
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zwLpCNuTePVwuKzVm6E97dDF1iw.roa
Signing time: Mon 18 Dec 2023 09:30:06 +0000
ROA not before: Mon 18 Dec 2023 09:30:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:42:de:d5:29:0e:8d:5a:46:ad:ee:e0:41:b1:95:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 18 09:30:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf02e908db9378f570b8acd59ba13dedd0c5d62c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:67:1b:28:f1:49:84:e6:b0:82:3d:e3:89:84:
72:85:94:ce:7e:59:28:c5:1b:e1:22:ba:55:c6:7b:
7a:9c:3c:55:89:b3:04:f6:83:ec:d0:32:c8:d4:3f:
4b:f9:b6:14:e2:2c:04:6d:fc:55:7f:b0:ae:e8:c0:
dd:d0:12:4e:89:38:31:82:a1:c7:c3:88:7b:50:32:
2d:b9:9e:60:50:48:9a:5e:7a:8f:f4:ce:84:85:dd:
9a:db:d1:fb:e9:50:8e:81:16:28:da:3d:14:19:19:
19:f2:b1:2b:30:22:00:67:1e:f4:3c:9c:97:04:ae:
f8:8b:cf:a8:d0:2d:8a:1c:a8:cc:a0:1e:76:8f:d0:
2a:5b:42:55:10:15:8f:4f:6e:56:c0:43:0b:4f:a3:
51:58:a6:ab:07:4c:13:bb:d7:db:5f:d4:41:47:03:
a2:83:e0:a9:37:f0:5c:12:71:78:e4:6e:19:06:0d:
05:16:71:bf:7b:a7:74:98:e1:df:5f:6a:7d:df:c5:
8e:99:b8:db:75:0a:f4:06:5a:23:07:d5:b8:22:74:
4f:34:27:c1:5a:13:83:74:cc:a4:a8:e5:d6:6f:8c:
e1:d7:29:f0:6c:5d:8b:f0:16:e4:9e:8f:d4:93:5e:
51:54:fc:3f:26:5c:c7:46:cb:57:3d:83:5d:97:62:
0f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:02:E9:08:DB:93:78:F5:70:B8:AC:D5:9B:A1:3D:ED:D0:C5:D6:2C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zwLpCNuTePVwuKzVm6E97dDF1iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0-81.168.120.255
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.4.0/24
89.213.6.0/23
89.213.130.0/24
89.213.161.0/24
89.213.190.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
89:df:c3:16:8e:54:29:37:7c:d6:a3:fd:37:1c:93:9c:a3:dd:
cb:3b:7e:7d:41:e5:92:65:6e:fe:8c:fc:3a:ba:90:67:97:d6:
5e:87:1f:7c:43:7e:48:1f:f1:37:24:18:da:17:65:7b:c0:40:
7e:52:21:05:de:c0:dd:6f:bb:8f:e5:18:c2:db:c3:51:80:28:
e6:fc:bf:cd:45:17:6a:05:e9:97:06:88:fb:60:c7:7d:76:62:
bd:f1:a4:86:48:a2:99:2d:4a:ad:56:cc:5b:85:2e:f5:96:ab:
64:cb:0f:ac:1f:5f:91:40:31:04:d6:11:db:df:ee:09:5e:fd:
fe:7e:38:f9:a6:c4:53:8d:91:0c:e9:f1:51:32:d1:c4:32:f3:
d4:35:3d:26:65:9f:aa:14:e7:58:ca:01:35:dc:aa:ae:58:a9:
99:21:c3:50:ac:ad:0e:c2:33:ad:96:d4:cf:cc:33:dd:53:70:
ca:5b:b5:f9:af:3b:67:2e:29:40:70:11:0b:3a:66:e0:61:cb:
be:24:1a:d5:69:1e:24:15:55:2d:29:53:ff:aa:53:80:8c:c8:
20:da:2b:ba:05:73:e0:69:61:68:e6:a8:06:8e:33:b8:f7:ed:
20:cf:e9:df:7b:fa:56:70:15:e5:8f:ba:39:78:ad:61:33:11:
f2:43:31:45
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYx8Qt7VKQ6NWkat7uBBsZUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE4MDkzMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjAyZTkwOGRiOTM3OGY1NzBiOGFjZDU5YmExM2RlZGQwYzVkNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWcbKPFJhOawgj3jiYRyhZTOflko
xRvhIrpVxnt6nDxVibME9oPs0DLI1D9L+bYU4iwEbfxVf7Cu6MDd0BJOiTgxgqHH
w4h7UDItuZ5gUEiaXnqP9M6Ehd2a29H76VCOgRYo2j0UGRkZ8rErMCIAZx70PJyX
BK74i8+o0C2KHKjMoB52j9AqW0JVEBWPT25WwEMLT6NRWKarB0wTu9fbX9RBRwOi
g+CpN/BcEnF45G4ZBg0FFnG/e6d0mOHfX2p938WOmbjbdQr0BlojB9W4InRPNCfB
WhODdMykqOXWb4zh1ynwbF2L8Bbkno/Uk15RVPw/JlzHRstXPYNdl2IPGQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFM8C6Qjbk3j1cLis1ZuhPe3QxdYsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvendMcENOdVRlUFZ3dUt6Vm02RTk3ZERGMWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbjAMAwQAUah3
AwQAUah4AwQAUpj4AwQAUpj7AwQAUpj+AwQAUplFAwQAUplIAwQAUplPAwQAUpmE
AwQAUpngAwQAWdUEAwQBWdUGAwQAWdWCAwQAWdWhAwQAWdW+AwQAbbD3AwQAbbD7
AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQCJ38MWjlQpN3zWo/03HJOco93LO359
QeWSZW7+jPw6upBnl9Zehx98Q35IH/E3JBjaF2V7wEB+UiEF3sDdb7uP5RjC28NR
gCjm/L/NRRdqBemXBoj7YMd9dmK98aSGSKKZLUqtVsxbhS71lqtkyw+sH1+RQDEE
1hHb3+4JXv3+fjj5psRTjZEM6fFRMtHEMvPUNT0mZZ+qFOdYygE13KquWKmZIcNQ
rK0OwjOtltTPzDPdU3DKW7X5rztnLilAcBELOmbgYcu+JBrVaR4kFVUtKVP/qlOA
jMgg2iu6BXPgaWFo5qgGjjO49+0gz+nfe/pWcBXlj7o5eK1hMxHyQzFF
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:10 2025 by rpki-client