Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/zYhk3sRmeCXKHR2HA8oYSJMh2QM.roa
File: zYhk3sRmeCXKHR2HA8oYSJMh2QM.roa (raw, json)
Hash identifier: /14g3JTsI1+iRTF6Ew5uXQE//iBfOta5I4mJF/70xfk=
Subject key identifier: CD:88:64:DE:C4:66:78:25:CA:1D:1D:87:03:CA:18:48:93:21:D9:03
Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial: 01D914A3
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/zYhk3sRmeCXKHR2HA8oYSJMh2QM.roa
Signing time: Sat 01 Jan 2022 00:59:07 +0000
ROA not before: Sat 01 Jan 2022 00:59:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21334
IP address blocks: 195.184.160.0/20 maxlen: 20
195.184.160.0/19 maxlen: 19
195.184.176.0/20 maxlen: 20
176.63.128.0/17 maxlen: 17
89.134.0.0/15 maxlen: 15
86.101.0.0/17 maxlen: 17
130.43.192.0/18 maxlen: 18
86.101.0.0/16 maxlen: 16
185.33.80.0/23 maxlen: 23
185.33.80.0/24 maxlen: 24
185.33.81.0/24 maxlen: 24
37.188.80.0/22 maxlen: 22
37.188.80.0/21 maxlen: 21
37.188.84.0/22 maxlen: 22
5.63.192.0/18 maxlen: 18
212.48.240.0/21 maxlen: 21
212.48.240.0/20 maxlen: 20
37.220.192.0/18 maxlen: 18
212.96.32.0/20 maxlen: 20
212.48.248.0/21 maxlen: 21
212.96.32.0/19 maxlen: 19
80.244.96.0/20 maxlen: 20
212.96.48.0/20 maxlen: 20
37.191.0.0/19 maxlen: 19
176.63.0.0/17 maxlen: 17
37.191.0.0/18 maxlen: 18
176.63.0.0/16 maxlen: 16
37.191.32.0/19 maxlen: 19
188.142.160.0/20 maxlen: 20
188.142.160.0/19 maxlen: 19
89.223.128.0/17 maxlen: 17
89.223.128.0/18 maxlen: 18
188.142.176.0/20 maxlen: 20
178.48.0.0/17 maxlen: 17
178.48.0.0/16 maxlen: 16
78.139.0.0/19 maxlen: 19
78.139.0.0/18 maxlen: 18
78.139.32.0/19 maxlen: 19
5.206.128.0/18 maxlen: 18
188.142.192.0/19 maxlen: 19
188.142.192.0/18 maxlen: 18
80.99.0.0/16 maxlen: 16
178.48.128.0/17 maxlen: 17
188.142.224.0/19 maxlen: 19
89.223.192.0/18 maxlen: 18
94.44.0.0/17 maxlen: 17
94.44.0.0/16 maxlen: 16
151.0.64.0/18 maxlen: 18
213.222.160.0/19 maxlen: 19
88.87.240.0/22 maxlen: 22
80.98.0.0/16 maxlen: 16
88.87.240.0/21 maxlen: 21
88.87.244.0/22 maxlen: 22
80.98.0.0/15 maxlen: 15
185.10.124.0/22 maxlen: 22
185.10.124.0/23 maxlen: 23
185.10.126.0/23 maxlen: 23
213.222.128.0/19 maxlen: 19
213.222.128.0/18 maxlen: 18
5.148.224.0/19 maxlen: 19
89.132.0.0/15 maxlen: 15
94.44.128.0/17 maxlen: 17
89.132.0.0/14 maxlen: 14
86.101.128.0/17 maxlen: 17
5.148.192.0/19 maxlen: 19
5.148.192.0/18 maxlen: 18
2a02:ab80::/29 maxlen: 29
2a02:ab80::/28 maxlen: 28
2a02:ab88::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31003811 (0x1d914a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
Validity
Not Before: Jan 1 00:59:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd8864dec4667825ca1d1d8703ca18489321d903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:65:f7:d1:d2:f4:d7:34:cf:a1:72:ae:95:50:
6a:b3:0f:a4:a0:7c:7e:b6:5d:ca:c9:7e:bf:9e:03:
49:64:fd:ea:ee:c6:35:00:d5:3f:35:74:9f:b0:6f:
6f:26:23:ef:fd:74:52:f4:05:e3:30:6b:d5:75:77:
35:97:f8:a6:19:2e:2f:98:98:0c:f6:cb:ab:f5:3d:
94:3d:da:fb:df:b2:f3:71:ec:4f:9d:7a:24:68:42:
f6:fb:00:c4:6d:38:22:0a:32:52:0a:2b:63:f1:78:
86:a2:1f:5d:46:6e:c2:e4:ac:5b:4c:c8:bf:67:66:
6f:c0:47:fa:67:42:c6:92:fd:ab:a3:ee:44:49:73:
a0:db:01:ee:58:c3:f9:02:0e:52:02:21:c2:1c:c9:
78:e5:46:ce:3f:fa:ff:17:8d:b2:e0:9e:08:80:0b:
6a:02:0f:0a:ab:db:6a:ce:b7:7a:a4:76:3c:f5:d9:
f5:7c:3f:58:ce:af:eb:87:b3:88:21:d5:1d:a6:bd:
78:52:01:d1:21:42:4b:27:0c:7e:e7:63:9c:54:e7:
06:e4:66:e9:1e:71:21:87:4c:93:b1:29:59:5e:d3:
ec:9f:f3:06:b2:b2:26:68:87:f0:8a:4a:d5:5c:21:
09:d1:32:d3:55:37:1e:91:a2:ab:df:0c:b0:50:0c:
ee:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:88:64:DE:C4:66:78:25:CA:1D:1D:87:03:CA:18:48:93:21:D9:03
X509v3 Authority Key Identifier:
keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/zYhk3sRmeCXKHR2HA8oYSJMh2QM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.192.0/18
5.148.192.0/18
5.206.128.0/18
37.188.80.0/21
37.191.0.0/18
37.220.192.0/18
78.139.0.0/18
80.98.0.0/15
80.244.96.0/20
86.101.0.0/16
88.87.240.0/21
89.132.0.0/14
89.223.128.0/17
94.44.0.0/16
130.43.192.0/18
151.0.64.0/18
176.63.0.0/16
178.48.0.0/16
185.10.124.0/22
185.33.80.0/23
188.142.160.0-188.142.255.255
195.184.160.0/19
212.48.240.0/20
212.96.32.0/19
213.222.128.0/18
IPv6:
2a02:ab80::/28
Signature Algorithm: sha256WithRSAEncryption
c0:af:d1:40:44:26:c4:55:6d:bc:5c:d6:aa:40:73:95:41:53:
90:e1:9e:80:e0:d8:05:09:9a:2f:be:d6:ce:f0:36:96:32:5d:
84:60:85:75:55:a8:f8:06:05:5a:96:0c:80:8c:17:df:a3:43:
d3:ef:87:39:8d:ac:5a:1a:4a:63:7c:0f:7e:b4:62:27:4a:d3:
b1:10:43:02:71:10:f1:89:77:44:c8:a0:03:f2:4b:ca:e5:08:
a5:81:64:dd:fe:65:02:23:99:7a:c3:7b:a2:4c:65:b1:9b:49:
53:3a:e6:f1:38:d6:4e:39:24:c0:a9:d0:9d:8a:48:7c:d9:7f:
b8:72:69:90:6d:92:26:74:f6:25:6f:ac:9c:e9:e0:a8:0c:a6:
18:f7:67:4b:da:05:33:1c:81:86:c6:3d:cd:7d:71:1b:67:e5:
25:a5:f8:3b:b2:9a:99:4a:d7:c4:d4:ed:a7:9f:de:4d:81:10:
d1:8b:cb:10:3a:4a:ca:e4:f4:a0:23:8d:68:67:3b:2f:97:81:
1d:2d:34:15:cf:6d:dc:e7:95:76:e1:ba:f9:e6:12:eb:3a:84:
7d:66:e5:48:43:9a:b7:8f:b7:67:f9:da:c5:8c:77:60:94:10:
e4:4b:50:ee:fc:48:89:ba:13:97:5e:28:2f:7c:d9:32:1b:a5:
ba:22:6b:b6
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIEAdkUozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZjAxOThhN2IzYWZkY2RkNzAwMzU2MmEwODcxODc4ZTIzODc2MGFkMB4XDTIyMDEw
MTAwNTkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q4ODY0ZGVjNDY2
NzgyNWNhMWQxZDg3MDNjYTE4NDg5MzIxZDkwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtl99HS9Nc0z6FyrpVQarMPpKB8frZdysl+v54DSWT96u7G
NQDVPzV0n7BvbyYj7/10UvQF4zBr1XV3NZf4phkuL5iYDPbLq/U9lD3a+9+y83Hs
T516JGhC9vsAxG04IgoyUgorY/F4hqIfXUZuwuSsW0zIv2dmb8BH+mdCxpL9q6Pu
RElzoNsB7ljD+QIOUgIhwhzJeOVGzj/6/xeNsuCeCIALagIPCqvbas63eqR2PPXZ
9Xw/WM6v64eziCHVHaa9eFIB0SFCSycMfudjnFTnBuRm6R5xIYdMk7EpWV7T7J/z
BrKyJmiH8IpK1VwhCdEy01U3HpGiq98MsFAM7oUCAwEAAaOCAq4wggKqMB0GA1Ud
DgQWBBTNiGTexGZ4JcodHYcDyhhIkyHZAzAfBgNVHSMEGDAWgBTfAZins6/c3XAD
VioIcYeOI4dgrTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzN3R1lwN092M04xd0ExWXFDSEdIamlPSFlLMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvZDNmY2E2LWVjYjUtNDNhYS04YzlkLTBmY2M2YzMwMTFmYy8x
L3pZaGszc1JtZUNYS0hSMkhBOG9ZU0pNaDJRTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
ZDNmY2E2LWVjYjUtNDNhYS04YzlkLTBmY2M2YzMwMTFmYy8xLzN3R1lwN092M04x
d0ExWXFDSEdIamlPSFlLMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wwYIKwYBBQUHAQcBAf8EgbMwgbAwgZ4EAgABMIGXAwQGBT/AAwQGBZTAAwQGBc6A
AwQDJbxQAwQGJb8AAwQGJdzAAwQGTosAAwMBUGIDBARQ9GADAwBWZQMEA1hX8AMD
AlmEAwQHWd+AAwMAXiwDBAaCK8ADBAaXAEADAwCwPwMDALIwAwQCuQp8AwQBuSFQ
MAsDBAW8jqADAwC8jgMEBcO4oAMEBNQw8AMEBdRgIAMEBtXegDANBAIAAjAHAwUE
KgKrgDANBgkqhkiG9w0BAQsFAAOCAQEAwK/RQEQmxFVtvFzWqkBzlUFTkOGegODY
BQmaL77WzvA2ljJdhGCFdVWo+AYFWpYMgIwX36ND0++HOY2sWhpKY3wPfrRiJ0rT
sRBDAnEQ8Yl3RMigA/JLyuUIpYFk3f5lAiOZesN7okxlsZtJUzrm8TjWTjkkwKnQ
nYpIfNl/uHJpkG2SJnT2JW+snOngqAymGPdnS9oFMxyBhsY9zX1xG2flJaX4O7Ka
mUrXxNTtp5/eTYEQ0YvLEDpKyuT0oCONaGc7L5eBHS00Fc9t3OeVduG6+eYS6zqE
fWblSEOat4+3Z/naxYx3YJQQ5EtQ7vxIiboTl14oL3zZMhuluiJrtg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:09 2025 by rpki-client