Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/0ZqPH2kKccNN5MA09KfeC4cDSs4.roa
File: 0ZqPH2kKccNN5MA09KfeC4cDSs4.roa (raw, json)
Hash identifier: gVOikKZ6304vqp1Z7Xi+Cu75nx55KEsyhrEM//E2bYE=
Subject key identifier: D1:9A:8F:1F:69:0A:71:C3:4D:E4:C0:34:F4:A7:DE:0B:87:03:4A:CE
Certificate issuer: /CN=d476b006351a2f9cf2a91386de50ce27f1550595
Certificate serial: 0420629C
Authority key identifier: D4:76:B0:06:35:1A:2F:9C:F2:A9:13:86:DE:50:CE:27:F1:55:05:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/0ZqPH2kKccNN5MA09KfeC4cDSs4.roa
Signing time: Sat 01 Jan 2022 08:59:42 +0000
ROA not before: Sat 01 Jan 2022 08:59:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 178.239.96.0/20 maxlen: 24
195.12.0.0/19 maxlen: 24
195.74.128.0/19 maxlen: 24
164.40.208.0/20 maxlen: 24
212.58.32.0/19 maxlen: 24
185.13.140.0/22 maxlen: 24
84.252.192.0/18 maxlen: 24
146.255.0.0/20 maxlen: 24
213.83.64.0/18 maxlen: 24
94.250.224.0/20 maxlen: 24
62.8.96.0/19 maxlen: 24
5.102.80.0/20 maxlen: 24
37.152.32.0/20 maxlen: 24
213.246.128.0/18 maxlen: 24
2001:4160::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69231260 (0x420629c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d476b006351a2f9cf2a91386de50ce27f1550595
Validity
Not Before: Jan 1 08:59:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d19a8f1f690a71c34de4c034f4a7de0b87034ace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:74:e5:84:cc:cc:74:98:0e:94:65:e2:77:2c:
ec:0a:d9:96:3d:9d:da:16:8f:77:a8:cb:6e:a6:75:
1a:03:c3:06:bc:83:e9:7a:b0:11:a9:19:6f:4f:36:
c2:2d:61:2f:52:25:2b:22:30:a1:d1:92:e3:b7:1b:
4a:ea:82:a0:76:b7:1e:d7:17:c9:4b:c7:d7:d2:56:
a2:dc:0a:dc:96:16:13:e3:cf:dc:4a:dd:cc:ad:6d:
eb:66:bb:5d:9a:11:1a:5f:ef:cf:07:de:57:0e:93:
fa:0a:c5:a7:dc:92:0e:74:a6:01:86:c4:2c:29:ac:
c4:c9:b7:e9:3b:cd:64:f6:24:4a:ea:26:33:d0:8a:
28:3f:49:50:32:e7:34:f6:4f:c7:b6:b2:25:09:a4:
29:7a:64:dc:21:99:0a:ed:47:b3:f6:39:9f:f4:03:
60:9f:aa:61:ea:aa:40:cf:3d:5b:39:d0:40:53:1a:
62:df:8c:9f:04:69:42:0e:ba:86:56:09:00:be:8b:
58:80:46:f6:44:6a:f1:0a:8c:91:ec:63:a8:3d:54:
a4:cb:e2:af:ca:ed:b2:83:d8:77:ee:18:a7:a2:4f:
ca:01:2b:8e:bb:97:9e:de:d9:15:1e:ca:c0:a1:f1:
ac:a9:53:ad:b8:c9:95:77:91:cc:5a:b3:8b:41:75:
28:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9A:8F:1F:69:0A:71:C3:4D:E4:C0:34:F4:A7:DE:0B:87:03:4A:CE
X509v3 Authority Key Identifier:
keyid:D4:76:B0:06:35:1A:2F:9C:F2:A9:13:86:DE:50:CE:27:F1:55:05:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/0ZqPH2kKccNN5MA09KfeC4cDSs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/1HawBjUaL5zyqROG3lDOJ_FVBZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.80.0/20
37.152.32.0/20
62.8.96.0/19
84.252.192.0/18
94.250.224.0/20
146.255.0.0/20
164.40.208.0/20
178.239.96.0/20
185.13.140.0/22
195.12.0.0/19
195.74.128.0/19
212.58.32.0/19
213.83.64.0/18
213.246.128.0/18
IPv6:
2001:4160::/32
Signature Algorithm: sha256WithRSAEncryption
97:1b:06:b2:b0:81:75:cc:4a:a8:fb:8e:12:c2:e4:aa:52:4a:
d9:28:86:99:52:16:13:4b:25:9c:fc:5a:c3:5e:93:b0:49:74:
bb:52:0f:cb:12:a4:c2:20:72:38:75:b0:82:e4:e8:72:87:fc:
b1:42:39:77:16:56:e0:9f:a3:4a:97:b7:f2:b1:45:f2:d4:2d:
f1:9f:8a:50:23:22:92:ac:e5:71:f9:5b:2f:49:46:8f:81:5b:
86:f1:18:80:ba:ce:6f:75:80:7d:9f:11:25:ad:bc:37:d9:c9:
c8:db:96:13:df:4a:db:a5:44:62:67:0c:60:7d:45:09:ad:ba:
bc:d6:5d:4c:c9:86:85:1b:e3:e3:0f:6b:8c:6b:ac:0d:78:ca:
1d:e8:cb:6d:db:92:1f:0d:bd:38:71:42:0a:e2:1a:fe:9f:8c:
57:44:53:3f:46:b3:7c:f3:75:65:db:1e:4e:72:1b:d4:4c:85:
78:9a:b9:18:f4:06:70:c2:40:eb:8f:ba:f0:aa:9a:d0:f6:e8:
83:c5:60:aa:4c:a5:11:cb:da:ba:c5:5a:ad:99:59:54:89:b1:
84:a3:d1:27:6f:e6:4d:8b:5d:a3:bf:ac:ca:92:18:4c:92:2c:
b8:d3:9b:1a:1a:18:cc:05:df:1c:a5:5d:3a:be:aa:af:e8:5f:
b2:56:a1:1d
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIEBCBinDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDc2YjAwNjM1MWEyZjljZjJhOTEzODZkZTUwY2UyN2YxNTUwNTk1MB4XDTIyMDEw
MTA4NTk0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE5YThmMWY2OTBh
NzFjMzRkZTRjMDM0ZjRhN2RlMGI4NzAzNGFjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMV05YTMzHSYDpRl4ncs7ArZlj2d2haPd6jLbqZ1GgPDBryD
6XqwEakZb082wi1hL1IlKyIwodGS47cbSuqCoHa3HtcXyUvH19JWotwK3JYWE+PP
3ErdzK1t62a7XZoRGl/vzwfeVw6T+grFp9ySDnSmAYbELCmsxMm36TvNZPYkSuom
M9CKKD9JUDLnNPZPx7ayJQmkKXpk3CGZCu1Hs/Y5n/QDYJ+qYeqqQM89WznQQFMa
Yt+MnwRpQg66hlYJAL6LWIBG9kRq8QqMkexjqD1UpMvir8rtsoPYd+4Yp6JPygEr
jruXnt7ZFR7KwKHxrKlTrbjJlXeRzFqzi0F1KIkCAwEAAaOCAmYwggJiMB0GA1Ud
DgQWBBTRmo8faQpxw03kwDT0p94LhwNKzjAfBgNVHSMEGDAWgBTUdrAGNRovnPKp
E4beUM4n8VUFlTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFIYXdCalVhTDV6eXFST0czbERPSl9GVkJaVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvNDYyMDdmLTdlMzQtNDI5Mi1iMTRhLTQ0YzA3ZjMxNDkwNC8x
LzBacVBIMmtLY2NOTjVNQTA5S2ZlQzRjRFNzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
NDYyMDdmLTdlMzQtNDI5Mi1iMTRhLTQ0YzA3ZjMxNDkwNC8xLzFIYXdCalVhTDV6
eXFST0czbERPSl9GVkJaVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB8
BggrBgEFBQcBBwEB/wRtMGswWgQCAAEwVAMEBAVmUAMEBCWYIAMEBT4IYAMEBlT8
wAMEBF764AMEBJL/AAMEBKQo0AMEBLLvYAMEArkNjAMEBcMMAAMEBcNKgAMEBdQ6
IAMEBtVTQAMEBtX2gDANBAIAAjAHAwUAIAFBYDANBgkqhkiG9w0BAQsFAAOCAQEA
lxsGsrCBdcxKqPuOEsLkqlJK2SiGmVIWE0slnPxaw16TsEl0u1IPyxKkwiByOHWw
guTocof8sUI5dxZW4J+jSpe38rFF8tQt8Z+KUCMikqzlcflbL0lGj4FbhvEYgLrO
b3WAfZ8RJa28N9nJyNuWE99K26VEYmcMYH1FCa26vNZdTMmGhRvj4w9rjGusDXjK
HejLbduSHw29OHFCCuIa/p+MV0RTP0azfPN1ZdseTnIb1EyFeJq5GPQGcMJA64+6
8Kqa0Pbog8VgqkylEcvausVarZlZVImxhKPRJ2/mTYtdo7+sypIYTJIsuNObGhoY
zAXfHKVdOr6qr+hfslahHQ==
-----END CERTIFICATE-----
Generated at Tue Apr 15 05:00:59 2025 by rpki-client