Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/3VZFoW9n2JNY8PVQM4bxheg6BNc.roa
File: 3VZFoW9n2JNY8PVQM4bxheg6BNc.roa (raw, json)
Hash identifier: zth83S/aw9JxE2X7Xyid6GiOXw9sv+Q06OpLzMMTUqQ=
Subject key identifier: DD:56:45:A1:6F:67:D8:93:58:F0:F5:50:33:86:F1:85:E8:3A:04:D7
Certificate issuer: /CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Certificate serial: 01886BB63B56520C455F49D7C3BFB0B09D56
Authority key identifier: 05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/3VZFoW9n2JNY8PVQM4bxheg6BNc.roa
Signing time: Tue 30 May 2023 08:11:24 +0000
ROA not before: Tue 30 May 2023 08:11:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29422
IP address blocks: 194.29.192.0/21 maxlen: 21
77.91.212.0/22 maxlen: 22
81.17.192.0/21 maxlen: 21
83.145.192.0/18 maxlen: 18
217.149.48.0/20 maxlen: 20
194.79.16.0/22 maxlen: 22
94.101.0.0/20 maxlen: 20
193.104.38.0/24 maxlen: 24
84.20.128.0/19 maxlen: 19
84.239.128.0/17 maxlen: 17
217.30.176.0/20 maxlen: 20
83.150.64.0/18 maxlen: 18
109.75.224.0/21 maxlen: 21
84.239.208.0/20 maxlen: 20
188.117.0.0/18 maxlen: 18
185.123.116.0/22 maxlen: 22
80.69.160.0/21 maxlen: 21
77.86.128.0/17 maxlen: 17
213.157.64.0/19 maxlen: 19
80.69.168.0/22 maxlen: 22
2001:67c:70::/48 maxlen: 48
2a01:51c0::/29 maxlen: 29
2001:1bc8::/32 maxlen: 32
2a01:51c1::/32 maxlen: 32
2001:1bc8::/29 maxlen: 29
2a01:51c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6b:b6:3b:56:52:0c:45:5f:49:d7:c3:bf:b0:b0:9d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Validity
Not Before: May 30 08:11:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd5645a16f67d89358f0f5503386f185e83a04d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:72:6d:ad:d1:34:86:76:e2:5f:6f:db:14:a5:
a0:3e:84:32:b6:7f:52:eb:31:32:e9:21:02:cf:f8:
3c:fe:b4:2d:f0:cf:d0:97:7a:96:e6:a4:7d:c3:ee:
5b:c8:67:41:8c:e3:6d:1a:d5:c5:34:b5:3a:78:1b:
92:1e:9b:42:a4:fa:e7:04:98:57:2e:71:8d:8c:0e:
48:65:b4:75:42:72:2a:a1:9c:f2:db:00:27:e2:b3:
40:be:7a:c2:c6:00:b2:ab:72:02:26:93:f1:0f:d9:
64:b2:f4:09:24:d9:09:cb:87:6e:95:2b:59:4b:c1:
2f:53:25:fe:1d:45:c3:ea:1f:15:28:89:8b:a1:16:
77:aa:83:24:0e:ba:31:cb:f1:2f:36:c0:f6:20:3a:
6a:ed:7d:06:4e:61:92:7d:d1:a9:f2:e3:31:86:58:
9e:db:80:13:3d:80:a0:a6:d4:d7:d4:8f:52:34:69:
94:a0:7e:08:d7:aa:4c:b8:54:c5:5f:4f:92:6d:ad:
6b:9b:81:5f:f4:04:91:8c:aa:91:21:6e:c4:a2:25:
28:af:73:f7:11:6a:b4:e5:b0:71:51:3f:3c:4c:f2:
f6:dc:f6:e8:f8:15:b6:10:f6:b5:cd:07:59:aa:c9:
6d:d7:6d:a2:4c:18:1e:6c:73:05:f3:0c:a4:57:c4:
a0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:56:45:A1:6F:67:D8:93:58:F0:F5:50:33:86:F1:85:E8:3A:04:D7
X509v3 Authority Key Identifier:
keyid:05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/3VZFoW9n2JNY8PVQM4bxheg6BNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.86.128.0/17
77.91.212.0/22
80.69.160.0-80.69.171.255
81.17.192.0/21
83.145.192.0/18
83.150.64.0/18
84.20.128.0/19
84.239.128.0/17
94.101.0.0/20
109.75.224.0/21
185.123.116.0/22
188.117.0.0/18
193.104.38.0/24
194.29.192.0/21
194.79.16.0/22
213.157.64.0/19
217.30.176.0/20
217.149.48.0/20
IPv6:
2001:67c:70::/48
2001:1bc8::/29
2a01:51c0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:2d:81:88:08:a2:79:b2:39:0d:67:ac:a8:ba:77:10:99:cb:
1f:67:96:b0:a4:d1:ec:c3:6e:99:8c:49:9c:36:20:59:4f:68:
2e:29:fe:c0:0c:08:c3:fe:f0:62:0b:08:a7:8c:81:2c:59:02:
3a:66:87:17:59:88:99:b1:43:ca:18:f7:e3:27:f7:26:40:3d:
af:c9:60:c8:80:db:c8:f4:4c:33:de:37:ae:fc:19:ac:c4:71:
b0:4f:2a:35:82:61:4a:4b:4d:6b:0d:37:ea:50:dd:e4:2c:41:
7b:73:18:21:60:4a:0d:a1:df:e2:62:fa:9d:fc:b0:70:87:83:
2c:98:cb:3b:63:af:f3:84:c1:0a:35:dd:8b:d5:4c:c8:db:0c:
c7:fa:9c:d3:3b:62:14:96:ad:83:e5:07:2a:2f:9a:aa:23:46:
90:14:3a:6a:3a:d5:f6:3c:34:4e:69:14:fd:2c:c8:c8:42:c6:
6b:1c:15:b9:e8:e6:8f:7c:86:68:d3:2c:9e:79:78:0f:d4:53:
35:94:52:35:d5:49:d9:e7:49:d2:66:f0:46:8c:54:d9:21:c2:
ee:24:fc:7f:17:62:ca:91:6b:cc:df:d4:ff:11:dc:c0:58:11:
7a:b1:6f:9c:ef:43:15:48:5d:8c:2d:c8:aa:50:a1:fa:2c:f4:
38:b8:02:85
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYhrtjtWUgxFX0nXw7+wsJ1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2QwNGU3MmJiMjQ5Yzc5ZWIxMTY4Y2YxZDQzYTNjYTU0
OGMyMDYwHhcNMjMwNTMwMDgxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDU2NDVhMTZmNjdkODkzNThmMGY1NTAzMzg2ZjE4NWU4M2EwNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXJtrdE0hnbiX2/bFKWgPoQytn9S
6zEy6SECz/g8/rQt8M/Ql3qW5qR9w+5byGdBjONtGtXFNLU6eBuSHptCpPrnBJhX
LnGNjA5IZbR1QnIqoZzy2wAn4rNAvnrCxgCyq3ICJpPxD9lksvQJJNkJy4dulStZ
S8EvUyX+HUXD6h8VKImLoRZ3qoMkDroxy/EvNsD2IDpq7X0GTmGSfdGp8uMxhlie
24ATPYCgptTX1I9SNGmUoH4I16pMuFTFX0+Sba1rm4Ff9ASRjKqRIW7EoiUor3P3
EWq05bBxUT88TPL23Pbo+BW2EPa1zQdZqslt122iTBgebHMF8wykV8SgIQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFN1WRaFvZ9iTWPD1UDOG8YXoOgTXMB8GA1UdIwQY
MBaAFAU9BOcrsknHnrEWjPHUOjylSMIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjIt
MmE4MTNkYmY0NTgyLzEvM1ZaRm9XOW4ySk5ZOFBWUU00YnhoZWc2Qk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjItMmE4MTNkYmY0NTgy
LzEvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzB6BAIAATB0AwQHTVaA
AwQCTVvUMAwDBAVQRaADBAJQRagDBANREcADBAZTkcADBAZTlkADBAVUFIADBAdU
74ADBAReZQADBANtS+ADBAK5e3QDBAa8dQADBADBaCYDBAPCHcADBALCTxADBAXV
nUADBATZHrADBATZlTAwHQQCAAIwFwMHACABBnwAcAMFAyABG8gDBQMqAVHAMA0G
CSqGSIb3DQEBCwUAA4IBAQB9LYGICKJ5sjkNZ6youncQmcsfZ5awpNHsw26ZjEmc
NiBZT2guKf7ADAjD/vBiCwinjIEsWQI6ZocXWYiZsUPKGPfjJ/cmQD2vyWDIgNvI
9Ewz3jeu/BmsxHGwTyo1gmFKS01rDTfqUN3kLEF7cxghYEoNod/iYvqd/LBwh4Ms
mMs7Y6/zhMEKNd2L1UzI2wzH+pzTO2IUlq2D5QcqL5qqI0aQFDpqOtX2PDROaRT9
LMjIQsZrHBW56OaPfIZo0yyeeXgP1FM1lFI11UnZ50nSZvBGjFTZIcLuJPx/F2LK
kWvM39T/EdzAWBF6sW+c70MVSF2MLciqUKH6LPQ4uAKF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:48 2025 by rpki-client