Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/Z1NjKBgt43C-Y2KnqXm1OZysoUQ.roa
File: Z1NjKBgt43C-Y2KnqXm1OZysoUQ.roa (raw, json)
Hash identifier: NaeCKOgFd9L+xBsMUPd5rGAwmFBgJmgq8yXm3zO4n4w=
Subject key identifier: 67:53:63:28:18:2D:E3:70:BE:63:62:A7:A9:79:B5:39:9C:AC:A1:44
Certificate issuer: /CN=33954330349f57502a76ae6e99987efc3e3b8109
Certificate serial: 3FB9CC08
Authority key identifier: 33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/Z1NjKBgt43C-Y2KnqXm1OZysoUQ.roa
Signing time: Sat 01 Jan 2022 03:01:44 +0000
ROA not before: Sat 01 Jan 2022 03:01:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198330
IP address blocks: 185.55.96.0/22 maxlen: 24
185.104.172.0/22 maxlen: 24
185.128.64.0/22 maxlen: 24
45.12.224.0/22 maxlen: 24
134.90.136.0/21 maxlen: 24
45.10.180.0/22 maxlen: 24
2a03:c280::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1069141000 (0x3fb9cc08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33954330349f57502a76ae6e99987efc3e3b8109
Validity
Not Before: Jan 1 03:01:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67536328182de370be6362a7a979b5399caca144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:20:68:5c:6e:bf:fd:86:50:35:f6:b6:80:38:
28:8e:70:82:fc:57:40:38:51:29:8a:a5:ef:d6:15:
fb:ac:ed:d7:75:0d:c5:4b:49:6d:bf:07:bc:4b:ee:
65:d8:2b:1d:e0:7e:a9:ce:ab:e0:24:6d:ec:de:3f:
88:d1:f4:53:e2:aa:dc:00:35:fd:af:a9:0a:2f:f8:
09:8e:7b:5c:1f:7d:52:2a:5b:7a:ed:13:09:ce:62:
09:74:6f:db:b7:eb:d0:7d:42:eb:a7:65:c1:91:17:
98:57:b9:f3:8f:2e:b2:30:09:9f:9d:d0:75:b0:f7:
8a:3f:63:06:44:a2:2a:9d:c5:0f:da:60:1e:29:eb:
53:5b:85:bf:18:d6:67:b6:ec:49:0d:61:08:ea:96:
cc:9f:44:a0:ec:ad:0f:d1:5b:54:d2:b5:42:9b:86:
50:a2:f2:91:34:28:55:92:70:5e:c7:e7:5e:c9:b0:
82:57:db:ea:b3:73:07:23:2a:bb:2a:b1:97:e2:e1:
bb:a7:8f:24:7c:ae:12:30:3c:f7:c9:7a:1d:97:e7:
3f:4e:db:d2:25:43:a2:2f:fc:46:cf:68:58:63:99:
a8:2c:90:97:4a:62:9c:5e:2d:19:bb:d8:65:fe:03:
a3:dc:c4:d6:a7:22:3b:51:e4:68:ad:bf:07:4d:7d:
ee:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:53:63:28:18:2D:E3:70:BE:63:62:A7:A9:79:B5:39:9C:AC:A1:44
X509v3 Authority Key Identifier:
keyid:33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/Z1NjKBgt43C-Y2KnqXm1OZysoUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/M5VDMDSfV1Aqdq5umZh-_D47gQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.180.0/22
45.12.224.0/22
134.90.136.0/21
185.55.96.0/22
185.104.172.0/22
185.128.64.0/22
IPv6:
2a03:c280::/32
Signature Algorithm: sha256WithRSAEncryption
51:48:1e:0f:6c:20:a3:f0:62:3c:e7:f1:b4:12:04:f9:b5:33:
c0:16:2f:40:72:9d:4d:0f:3e:68:8f:cb:2b:5c:6a:60:9d:c8:
1b:09:9f:60:79:ee:ab:8b:38:e2:83:7a:5c:55:56:e4:e1:d0:
64:ae:29:1a:26:f3:13:14:1a:de:ae:b6:4b:99:ae:0d:6c:46:
ec:b9:d8:71:c5:18:f6:43:77:0e:7d:79:21:a6:66:a6:8f:95:
db:b1:16:e9:a1:b6:4c:30:3e:17:9d:4a:b6:ba:8a:9a:38:e5:
15:25:a7:3f:b6:ad:13:7c:19:dc:5a:fa:b2:12:6a:52:c0:00:
4e:e8:d0:b3:01:4f:8b:37:c1:ba:20:b9:c5:32:26:93:7a:51:
b1:38:8d:3b:a7:94:83:be:8f:ea:08:a2:00:81:43:b3:33:17:
97:12:3e:9a:11:70:a7:75:1c:fc:90:5b:2e:4d:1f:bf:a1:ba:
a4:f2:a4:1d:f7:aa:7d:1a:00:07:94:c9:8d:d3:a1:54:dd:f1:
31:81:fc:25:dc:41:fb:9d:a5:3f:63:2b:c0:1f:0e:85:35:10:
5e:7a:bc:b7:ee:68:48:7c:02:1f:f8:39:2d:f9:4c:0d:dc:f2:
4e:f4:cb:46:af:50:f8:43:13:55:25:f7:24:3c:ab:9b:38:d6:
a7:49:6b:d2
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEP7nMCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Mzk1NDMzMDM0OWY1NzUwMmE3NmFlNmU5OTk4N2VmYzNlM2I4MTA5MB4XDTIyMDEw
MTAzMDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc1MzYzMjgxODJk
ZTM3MGJlNjM2MmE3YTk3OWI1Mzk5Y2FjYTE0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQgaFxuv/2GUDX2toA4KI5wgvxXQDhRKYql79YV+6zt13UN
xUtJbb8HvEvuZdgrHeB+qc6r4CRt7N4/iNH0U+Kq3AA1/a+pCi/4CY57XB99Uipb
eu0TCc5iCXRv27fr0H1C66dlwZEXmFe5848usjAJn53QdbD3ij9jBkSiKp3FD9pg
HinrU1uFvxjWZ7bsSQ1hCOqWzJ9EoOytD9FbVNK1QpuGUKLykTQoVZJwXsfnXsmw
glfb6rNzByMquyqxl+Lhu6ePJHyuEjA898l6HZfnP07b0iVDoi/8Rs9oWGOZqCyQ
l0pinF4tGbvYZf4Do9zE1qciO1HkaK2/B0197m8CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRnU2MoGC3jcL5jYqepebU5nKyhRDAfBgNVHSMEGDAWgBQzlUMwNJ9XUCp2
rm6ZmH78PjuBCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L001VkRNRFNmVjFBcWRxNXVtWmgtX0Q0N2dRay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvMGYxOWU5LTFiMmItNDgxMi1hYjVhLWZkZjg0ZjgzYTI3NC8x
L1oxTmpLQmd0NDNDLVkyS25xWG0xT1p5c29VUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
MGYxOWU5LTFiMmItNDgxMi1hYjVhLWZkZjg0ZjgzYTI3NC8xL001VkRNRFNmVjFB
cWRxNXVtWmgtX0Q0N2dRay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAi0KtAMEAi0M4AMEA4ZaiAMEArk3
YAMEArlorAMEArmAQDANBAIAAjAHAwUAKgPCgDANBgkqhkiG9w0BAQsFAAOCAQEA
UUgeD2wgo/BiPOfxtBIE+bUzwBYvQHKdTQ8+aI/LK1xqYJ3IGwmfYHnuq4s44oN6
XFVW5OHQZK4pGibzExQa3q62S5muDWxG7LnYccUY9kN3Dn15IaZmpo+V27EW6aG2
TDA+F51KtrqKmjjlFSWnP7atE3wZ3Fr6shJqUsAATujQswFPizfBuiC5xTImk3pR
sTiNO6eUg76P6giiAIFDszMXlxI+mhFwp3Uc/JBbLk0fv6G6pPKkHfeqfRoAB5TJ
jdOhVN3xMYH8JdxB+52lP2MrwB8OhTUQXnq8t+5oSHwCH/g5LflMDdzyTvTLRq9Q
+EMTVSX3JDyrmzjWp0lr0g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:05 2025 by rpki-client