Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/SzBghdztsvOeHQxRQjXmB0bqVVw.roa
File: SzBghdztsvOeHQxRQjXmB0bqVVw.roa (raw, json)
Hash identifier: ep1X61c/fw5CvY6uwa5FJ63gfrIGQY4svPmzMWJ/X54=
Subject key identifier: 4B:30:60:85:DC:ED:B2:F3:9E:1D:0C:51:42:35:E6:07:46:EA:55:5C
Certificate issuer: /CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Certificate serial: 01857082D3DDCC9B7E89F6317FFCA9B6A528
Authority key identifier: 50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/SzBghdztsvOeHQxRQjXmB0bqVVw.roa
Signing time: Mon 02 Jan 2023 03:25:00 +0000
ROA not before: Mon 02 Jan 2023 03:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41722
IP address blocks: 185.174.165.0/24 maxlen: 24
185.174.166.0/24 maxlen: 24
185.174.167.0/24 maxlen: 24
91.142.80.0/24 maxlen: 24
91.142.83.0/24 maxlen: 24
91.142.84.0/24 maxlen: 24
91.142.81.0/24 maxlen: 24
91.142.82.0/24 maxlen: 24
91.142.85.0/24 maxlen: 24
91.142.87.0/24 maxlen: 24
185.53.20.0/24 maxlen: 24
91.142.86.0/24 maxlen: 24
91.142.90.0/24 maxlen: 24
185.53.23.0/24 maxlen: 24
185.53.22.0/24 maxlen: 24
91.142.91.0/24 maxlen: 24
91.142.88.0/24 maxlen: 24
185.53.21.0/24 maxlen: 24
91.142.89.0/24 maxlen: 24
91.142.94.0/24 maxlen: 24
91.142.92.0/24 maxlen: 24
91.142.93.0/24 maxlen: 24
91.142.95.0/24 maxlen: 24
178.250.152.0/24 maxlen: 24
178.250.154.0/24 maxlen: 24
178.250.155.0/24 maxlen: 24
178.250.153.0/24 maxlen: 24
178.249.71.0/24 maxlen: 24
178.249.70.0/24 maxlen: 24
178.249.68.0/24 maxlen: 24
178.249.69.0/24 maxlen: 24
185.162.92.0/24 maxlen: 24
185.162.93.0/24 maxlen: 24
185.162.95.0/24 maxlen: 24
185.162.94.0/24 maxlen: 24
185.162.94.0/23 maxlen: 23
185.147.80.0/24 maxlen: 24
185.147.83.0/24 maxlen: 24
185.147.81.0/24 maxlen: 24
185.147.82.0/24 maxlen: 24
2a03:21c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:d3:dd:cc:9b:7e:89:f6:31:7f:fc:a9:b6:a5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Validity
Not Before: Jan 2 03:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b306085dcedb2f39e1d0c514235e60746ea555c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e2:e2:6e:f2:cb:e9:c6:7a:be:3c:82:1b:18:
cd:f8:1d:15:94:73:bf:a2:f3:18:f7:ee:47:ce:7c:
77:c1:9c:a1:ef:37:8e:23:51:f6:4f:44:63:3b:3a:
b0:b0:21:23:01:60:8e:71:5d:96:27:2a:73:6a:d5:
7d:fb:8f:7a:a2:d5:93:7a:bf:16:cb:ed:ed:b1:bc:
d0:e5:ec:b3:02:c7:81:87:f2:21:37:e2:e3:2b:48:
37:51:6a:a1:06:6d:e5:75:34:1d:2b:e3:4e:ff:37:
db:c1:c0:00:02:05:17:87:6d:4f:a2:56:66:64:89:
25:19:34:58:6a:53:4b:06:c0:28:b7:83:fe:90:47:
3c:32:d0:e4:41:63:5d:c9:1e:6c:b8:64:90:a0:20:
7f:7f:32:2f:0d:32:b3:9e:64:64:ae:b2:6f:69:f9:
66:f8:5a:86:4c:7b:45:11:37:f1:03:05:e8:ec:4a:
36:85:32:7e:d0:07:4a:b4:16:a3:75:5a:c7:19:11:
e2:23:be:d3:ad:2b:1f:9b:f0:6c:59:57:22:26:f2:
89:c2:93:e5:60:fd:77:22:42:0d:cb:fb:cc:da:af:
97:ab:fb:02:28:8f:1e:1d:03:40:a9:ea:20:1b:86:
89:a4:f0:6c:a2:c4:95:77:38:44:92:3f:dc:e1:d8:
01:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:30:60:85:DC:ED:B2:F3:9E:1D:0C:51:42:35:E6:07:46:EA:55:5C
X509v3 Authority Key Identifier:
keyid:50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/SzBghdztsvOeHQxRQjXmB0bqVVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/UPLWshZg-tH2Di350L18bM-VwxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.80.0/20
178.249.68.0/22
178.250.152.0/22
185.53.20.0/22
185.147.80.0/22
185.162.92.0/22
185.174.165.0-185.174.167.255
IPv6:
2a03:21c0::/32
Signature Algorithm: sha256WithRSAEncryption
43:20:11:c8:a9:28:b8:fd:9e:9e:5a:a3:c8:d7:08:a0:22:04:
10:fb:56:50:df:bc:09:ec:95:7b:ef:b7:d7:c5:00:53:a9:5f:
fb:c6:16:5a:b9:9d:6b:85:78:cb:fd:5b:f5:84:0a:4f:22:7a:
53:0c:59:60:18:58:e3:f4:80:e0:53:a7:3e:85:a4:90:ed:68:
57:1e:df:07:d2:61:92:ae:5b:a9:00:01:01:5e:63:a3:21:8e:
63:28:e9:e4:92:ad:cf:79:6b:ce:8d:96:19:41:7e:bd:d9:c2:
79:13:69:73:39:1a:68:41:89:73:f5:d0:3e:4d:57:55:14:43:
f7:70:d6:85:76:7a:30:18:a4:71:85:f6:7d:fb:c1:b7:6f:05:
67:e4:fb:f4:6e:cb:99:80:4a:74:46:03:ea:83:39:7f:5f:54:
2e:bc:c5:08:74:6c:19:62:2e:7a:14:7c:a2:10:cd:ae:81:87:
15:77:2c:70:96:8c:b9:20:6b:4c:fb:d8:d2:a2:3d:59:2b:ae:
34:de:f7:90:63:f9:fd:99:08:77:03:e2:97:80:4e:0c:4e:fa:
68:20:6e:65:89:6c:57:5a:83:a7:02:f7:77:48:f2:7d:00:e6:
bc:bb:48:6b:0d:78:f3:1f:93:c4:28:02:a9:47:2c:d4:97:00:
59:27:c3:23
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYVwgtPdzJt+ifYxf/yptqUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjJkNmIyMTY2MGZhZDFmNjBlMmRmOWQwYmQ3YzZjY2Y5
NWMzMTEwHhcNMjMwMTAyMDMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjMwNjA4NWRjZWRiMmYzOWUxZDBjNTE0MjM1ZTYwNzQ2ZWE1NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+LibvLL6cZ6vjyCGxjN+B0VlHO/
ovMY9+5Hznx3wZyh7zeOI1H2T0RjOzqwsCEjAWCOcV2WJypzatV9+496otWTer8W
y+3tsbzQ5eyzAseBh/IhN+LjK0g3UWqhBm3ldTQdK+NO/zfbwcAAAgUXh21PolZm
ZIklGTRYalNLBsAot4P+kEc8MtDkQWNdyR5suGSQoCB/fzIvDTKznmRkrrJvaflm
+FqGTHtFETfxAwXo7Eo2hTJ+0AdKtBajdVrHGRHiI77TrSsfm/BsWVciJvKJwpPl
YP13IkINy/vM2q+Xq/sCKI8eHQNAqeogG4aJpPBsosSVdzhEkj/c4dgBFwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFEswYIXc7bLznh0MUUI15gdG6lVcMB8GA1UdIwQY
MBaAFFDy1rIWYPrR9g4t+dC9fGzPlcMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBMV3NoWmctdEgyRGkzNTBMMThiTS1Wd3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kMGVkZDUtNjA4Ny00YmUxLWIzNmYt
YWIzZGQ1ZGM2NzA5LzEvU3pCZ2hkenRzdk9lSFF4UlFqWG1CMGJxVlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kMGVkZDUtNjA4Ny00YmUxLWIzNmYtYWIzZGQ1ZGM2NzA5
LzEvVVBMV3NoWmctdEgyRGkzNTBMMThiTS1Wd3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQEW45QAwQC
svlEAwQCsvqYAwQCuTUUAwQCuZNQAwQCuaJcMAwDBAC5rqUDBAO5rqAwDQQCAAIw
BwMFACoDIcAwDQYJKoZIhvcNAQELBQADggEBAEMgEcipKLj9np5ao8jXCKAiBBD7
VlDfvAnslXvvt9fFAFOpX/vGFlq5nWuFeMv9W/WECk8ielMMWWAYWOP0gOBTpz6F
pJDtaFce3wfSYZKuW6kAAQFeY6MhjmMo6eSSrc95a86NlhlBfr3ZwnkTaXM5GmhB
iXP10D5NV1UUQ/dw1oV2ejAYpHGF9n37wbdvBWfk+/Ruy5mASnRGA+qDOX9fVC68
xQh0bBliLnoUfKIQza6BhxV3LHCWjLkga0z72NKiPVkrrjTe95Bj+f2ZCHcD4peA
TgxO+mggbmWJbFdag6cC93dI8n0A5ry7SGsNePMfk8QoAqlHLNSXAFknwyM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:18:16 2025 by rpki-client