Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/zF4xv5jna5IkPPeyM3AsKxcetxs.roa
File: zF4xv5jna5IkPPeyM3AsKxcetxs.roa (raw, json)
Hash identifier: 987f1RQfspttV53MP+f2LNBuZEJ6N667T+RNHH1ZL8k=
Subject key identifier: CC:5E:31:BF:98:E7:6B:92:24:3C:F7:B2:33:70:2C:2B:17:1E:B7:1B
Certificate issuer: /CN=17c203e3f365923a843d3220317a1c68cf74de0f
Certificate serial: 1AA773BE
Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/zF4xv5jna5IkPPeyM3AsKxcetxs.roa
Signing time: Sat 01 Jan 2022 06:52:03 +0000
ROA not before: Sat 01 Jan 2022 06:52:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12993
IP address blocks: 185.34.24.0/22 maxlen: 22
185.34.24.0/23 maxlen: 23
178.16.16.0/20 maxlen: 20
193.108.185.0/24 maxlen: 24
37.203.32.0/21 maxlen: 21
37.203.32.0/23 maxlen: 23
185.219.156.0/22 maxlen: 22
89.111.0.0/18 maxlen: 18
193.108.144.0/22 maxlen: 24
193.108.144.0/23 maxlen: 23
89.111.38.0/24 maxlen: 24
194.9.175.0/24 maxlen: 24
185.34.26.0/23 maxlen: 23
81.94.224.0/20 maxlen: 20
81.94.229.0/24 maxlen: 24
2a00:17c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447181758 (0x1aa773be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f
Validity
Not Before: Jan 1 06:52:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc5e31bf98e76b92243cf7b233702c2b171eb71b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:51:1e:5d:76:f6:52:05:44:29:c1:44:49:7f:
a6:d2:74:37:9c:39:4a:72:51:32:52:4d:fd:be:2e:
06:e0:4d:9a:3a:bf:25:cf:c6:8a:0c:79:52:bb:da:
80:4a:c5:c5:86:a1:5f:4a:4c:4a:e1:a5:fb:5e:29:
43:11:31:1b:ad:d0:ad:92:d1:2b:15:f3:ac:a5:1e:
cf:4a:57:b5:fd:e3:9d:d9:ca:17:8e:8d:ce:03:8f:
53:36:87:8d:1d:c4:bf:47:00:e4:ea:65:1f:23:93:
5b:00:4c:fa:b8:eb:e1:bd:19:1d:07:93:dc:59:b2:
ca:c9:0c:91:8e:88:52:74:fb:5f:bb:bb:89:12:30:
11:93:bf:82:35:fb:55:79:9e:95:35:b1:d6:93:ce:
f3:24:e5:2a:40:05:0d:31:f7:4d:b4:02:b2:50:01:
62:18:f0:7e:3b:6c:25:18:d1:09:de:39:89:54:c4:
3d:7f:b7:73:cc:01:c0:48:c0:d2:f8:88:de:0b:2b:
10:08:b1:2c:37:73:94:8a:0d:50:e6:1b:17:05:7d:
2d:dd:63:e9:2f:f4:55:47:64:83:86:fe:7f:76:a9:
b7:39:38:36:a1:3b:02:7d:9a:f7:1a:de:2b:6a:1b:
69:8a:d8:fc:dd:f3:21:44:1d:b6:06:3d:07:09:8c:
17:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:5E:31:BF:98:E7:6B:92:24:3C:F7:B2:33:70:2C:2B:17:1E:B7:1B
X509v3 Authority Key Identifier:
keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/zF4xv5jna5IkPPeyM3AsKxcetxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.32.0/21
81.94.224.0/20
89.111.0.0/18
178.16.16.0/20
185.34.24.0/22
185.219.156.0/22
193.108.144.0/22
193.108.185.0/24
194.9.175.0/24
IPv6:
2a00:17c0::/32
Signature Algorithm: sha256WithRSAEncryption
93:17:ac:f1:b2:2a:80:91:68:68:82:9f:9d:44:4a:da:78:b3:
84:58:5b:cb:c6:06:b5:1c:f3:d6:99:b0:2c:09:27:b3:ad:56:
a9:ef:57:6e:27:ec:8b:8d:04:f0:d3:60:79:1b:4c:34:ef:52:
78:9c:d0:fd:a4:91:6c:65:b1:ef:29:74:98:bc:03:3f:3b:b7:
ed:ab:dd:20:7e:d6:2d:b9:6c:fd:bf:60:e5:59:84:d9:8b:9a:
66:8e:43:c5:ab:77:12:b3:4d:6e:6f:eb:bb:da:80:49:86:e2:
76:fa:97:10:70:da:c2:3b:5c:45:1e:6e:d2:4a:0c:14:26:73:
fd:af:19:dc:9d:8e:f8:73:5d:37:3f:f8:e1:26:1f:6c:07:bf:
43:a8:c4:4c:3c:fa:a9:be:d4:8e:c3:e7:39:0b:7d:2b:18:5f:
c5:99:c2:2e:f5:cb:7d:5e:ec:c2:6a:57:48:7a:9d:d1:41:37:
39:f2:1f:4c:4e:14:39:63:56:d4:4e:dc:5b:79:76:c3:24:79:
29:96:53:76:c3:f5:df:ea:0a:21:b5:92:48:dc:b3:6d:ab:3f:
bf:81:3a:ad:ed:68:9e:50:2b:28:69:77:23:39:28:58:77:92:
38:e2:11:2a:f0:72:3e:f7:56:2d:12:2d:35:4d:a1:36:cc:4f:
6a:a9:46:e5
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEGqdzvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
N2MyMDNlM2YzNjU5MjNhODQzZDMyMjAzMTdhMWM2OGNmNzRkZTBmMB4XDTIyMDEw
MTA2NTIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M1ZTMxYmY5OGU3
NmI5MjI0M2NmN2IyMzM3MDJjMmIxNzFlYjcxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxRHl129lIFRCnBREl/ptJ0N5w5SnJRMlJN/b4uBuBNmjq/
Jc/Gigx5UrvagErFxYahX0pMSuGl+14pQxExG63QrZLRKxXzrKUez0pXtf3jndnK
F46NzgOPUzaHjR3Ev0cA5OplHyOTWwBM+rjr4b0ZHQeT3FmyyskMkY6IUnT7X7u7
iRIwEZO/gjX7VXmelTWx1pPO8yTlKkAFDTH3TbQCslABYhjwfjtsJRjRCd45iVTE
PX+3c8wBwEjA0viI3gsrEAixLDdzlIoNUOYbFwV9Ld1j6S/0VUdkg4b+f3aptzk4
NqE7An2a9xreK2obaYrY/N3zIUQdtgY9BwmMFyMCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBTMXjG/mOdrkiQ897IzcCwrFx63GzAfBgNVHSMEGDAWgBQXwgPj82WSOoQ9
MiAxehxoz3TeDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y4SUQ0X05sa2pxRVBUSWdNWG9jYU05MDNnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvODlhZThlLTQ2NzQtNDU1ZC05ZjIzLWFjNjdhMzZlNGFhYi8x
L3pGNHh2NWpuYTVJa1BQZXlNM0FzS3hjZXR4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
ODlhZThlLTQ2NzQtNDU1ZC05ZjIzLWFjNjdhMzZlNGFhYi8xL0Y4SUQ0X05sa2px
RVBUSWdNWG9jYU05MDNnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAyXLIAMEBFFe4AMEBllvAAMEBLIQ
EAMEArkiGAMEArnbnAMEAsFskAMEAMFsuQMEAMIJrzANBAIAAjAHAwUAKgAXwDAN
BgkqhkiG9w0BAQsFAAOCAQEAkxes8bIqgJFoaIKfnURK2nizhFhby8YGtRzz1pmw
LAkns61Wqe9Xbifsi40E8NNgeRtMNO9SeJzQ/aSRbGWx7yl0mLwDPzu37avdIH7W
Lbls/b9g5VmE2YuaZo5Dxat3ErNNbm/ru9qASYbidvqXEHDawjtcRR5u0koMFCZz
/a8Z3J2O+HNdNz/44SYfbAe/Q6jETDz6qb7UjsPnOQt9KxhfxZnCLvXLfV7swmpX
SHqd0UE3OfIfTE4UOWNW1E7cW3l2wyR5KZZTdsP13+oKIbWSSNyzbas/v4E6re1o
nlArKGl3IzkoWHeSOOIRKvByPvdWLRItNU2hNsxPaqlG5Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:43 2025 by rpki-client