Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/mza_sbEKxTZtjKjIOJEwUpg0D7I.roa
File: mza_sbEKxTZtjKjIOJEwUpg0D7I.roa (raw, json)
Hash identifier: ZTMe03pSDtoxFFikPFbGmKR/1VuGU7zbonib+tpq9AA=
Subject key identifier: 9B:36:BF:B1:B1:0A:C5:36:6D:8C:A8:C8:38:91:30:52:98:34:0F:B2
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 3658B88F
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/mza_sbEKxTZtjKjIOJEwUpg0D7I.roa
Signing time: Mon 16 May 2022 06:04:41 +0000
ROA not before: Mon 16 May 2022 06:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204650
IP address blocks: 185.243.48.0/23 maxlen: 23
185.243.48.0/22 maxlen: 22
185.215.231.0/24 maxlen: 24
185.124.172.0/22 maxlen: 22
178.239.155.0/24 maxlen: 24
178.239.154.0/24 maxlen: 24
178.239.154.0/23 maxlen: 23
185.124.175.0/24 maxlen: 24
37.32.44.0/24 maxlen: 24
37.32.44.0/22 maxlen: 22
37.32.47.0/24 maxlen: 24
37.32.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 911784079 (0x3658b88f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: May 16 06:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b36bfb1b10ac5366d8ca8c83891305298340fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:94:eb:57:10:7d:93:c7:d8:da:ff:8f:28:1e:
09:12:20:74:d5:09:a6:37:2a:70:a8:73:b9:7f:a3:
e8:ed:75:a2:bb:60:70:92:6d:56:3c:10:f7:fb:3a:
a7:2d:c7:9c:9a:45:b7:ea:e9:8a:f0:b0:51:04:e0:
bf:17:d3:6a:ca:fd:f8:d8:70:d9:a8:dd:e9:3d:30:
63:9a:d0:26:b9:f2:52:2b:31:20:49:ef:13:28:12:
08:2d:7c:cb:6c:ab:9b:2f:b3:3e:73:38:8b:c2:db:
10:59:f4:ee:54:84:24:43:75:40:e3:de:3e:72:17:
8e:c7:bc:b3:65:d6:6c:2a:d4:75:01:67:4e:15:d0:
fc:6a:55:dc:cc:b5:39:58:99:18:1a:d9:38:f1:2f:
6e:9e:07:88:a2:c1:e9:e8:45:d3:3f:e4:d7:bf:2b:
aa:0d:94:f7:50:e5:f1:04:fa:90:7f:95:d6:50:0d:
06:6c:62:2e:07:6f:81:09:9a:08:f7:5c:76:df:1b:
a5:31:d1:2c:ac:c3:92:e4:71:1e:ba:56:9b:05:ae:
c5:f4:97:24:67:3e:b2:1a:68:ac:c3:0d:93:4e:71:
11:8b:33:b3:27:31:62:1a:79:a3:68:18:a3:fb:41:
de:8c:36:79:b6:25:96:ef:a9:1f:bc:5a:38:4a:cd:
e5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:36:BF:B1:B1:0A:C5:36:6D:8C:A8:C8:38:91:30:52:98:34:0F:B2
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/mza_sbEKxTZtjKjIOJEwUpg0D7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.44.0/22
178.239.154.0/23
185.124.172.0/22
185.215.231.0/24
185.243.48.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:57:a8:a7:48:f4:f5:2b:21:be:84:a0:b2:13:79:eb:d5:79:
50:7e:06:75:97:7f:fb:8d:cc:e6:02:e2:ac:fc:e0:3c:87:29:
ac:c8:a3:07:ce:5f:6b:9b:d2:bc:79:0c:45:96:25:cf:93:f2:
8d:fd:af:b2:4b:f6:fe:4b:9e:91:10:ef:f2:15:01:fe:83:74:
54:a9:fe:53:0a:b1:8e:20:c8:ba:7c:cc:5c:d6:68:ec:4a:3a:
55:e9:be:1e:43:6b:af:3d:2c:6b:1c:c9:63:1c:73:84:bd:20:
1f:d5:8b:cb:7d:41:06:d5:5d:56:c6:ff:65:30:46:35:ff:87:
8b:3d:61:79:49:0c:88:86:12:ec:a6:62:0e:2a:29:b8:cf:1b:
56:9f:7a:91:b8:97:26:60:11:de:9b:6c:9a:cb:07:f6:62:b0:
bf:09:d8:25:b4:21:4d:c9:f2:07:40:de:f4:c4:73:82:e5:42:
02:1d:de:64:e8:51:26:f7:95:fb:5c:ec:db:7a:aa:8a:f0:f8:
7d:a0:4f:d9:73:42:f7:fb:1b:94:06:7a:df:1d:de:38:b1:a6:
23:2f:ac:02:3e:8b:8e:54:0a:eb:75:45:0b:e7:33:6a:4a:c6:
a6:35:58:8d:5c:1c:fe:ac:57:9f:b0:b9:79:17:96:f4:07:4e:
e2:fb:f9:32
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIENli4jzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTM1MzMzOTlmNTVlYjUyZTZiMjIwMGM3Y2FlNDI3MmI3NGQ2NDY0MB4XDTIyMDUx
NjA2MDQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWIzNmJmYjFiMTBh
YzUzNjZkOGNhOGM4Mzg5MTMwNTI5ODM0MGZiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIWU61cQfZPH2Nr/jygeCRIgdNUJpjcqcKhzuX+j6O11ortg
cJJtVjwQ9/s6py3HnJpFt+rpivCwUQTgvxfTasr9+Nhw2ajd6T0wY5rQJrnyUisx
IEnvEygSCC18y2yrmy+zPnM4i8LbEFn07lSEJEN1QOPePnIXjse8s2XWbCrUdQFn
ThXQ/GpV3My1OViZGBrZOPEvbp4HiKLB6ehF0z/k178rqg2U91Dl8QT6kH+V1lAN
BmxiLgdvgQmaCPdcdt8bpTHRLKzDkuRxHrpWmwWuxfSXJGc+shporMMNk05xEYsz
sycxYhp5o2gYo/tB3ow2ebYllu+pH7xaOErN5SMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSbNr+xsQrFNm2MqMg4kTBSmDQPsjAfBgNVHSMEGDAWgBTxNTM5n1XrUuay
IAx8rkJyt01kZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhUVXpPWjlWNjFMbXNpQU1mSzVDY3JkTlpHUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2OS8x
L216YV9zYkVLeFRadGpLaklPSkV3VXBnMEQ3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
ODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2OS8xLzhUVXpPWjlWNjFM
bXNpQU1mSzVDY3JkTlpHUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAiUgLAMEAbLvmgMEArl8rAMEALnX
5wMEArnzMDANBgkqhkiG9w0BAQsFAAOCAQEAsVeop0j09SshvoSgshN569V5UH4G
dZd/+43M5gLirPzgPIcprMijB85fa5vSvHkMRZYlz5Pyjf2vskv2/kuekRDv8hUB
/oN0VKn+UwqxjiDIunzMXNZo7Eo6Vem+HkNrrz0saxzJYxxzhL0gH9WLy31BBtVd
Vsb/ZTBGNf+Hiz1heUkMiIYS7KZiDiopuM8bVp96kbiXJmAR3ptsmssH9mKwvwnY
JbQhTcnyB0De9MRzguVCAh3eZOhRJveV+1zs23qqivD4faBP2XNC9/sblAZ63x3e
OLGmIy+sAj6LjlQK63VFC+czakrGpjVYjVwc/qxXn7C5eReW9AdO4vv5Mg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:40 2025 by rpki-client