Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/pZn-tWZV9pKXg8aBNgTIM0QwC5o.roa
File: pZn-tWZV9pKXg8aBNgTIM0QwC5o.roa (raw, json)
Hash identifier: 9MLGkFJWTOrsKanUUKPTUnIobQVdKf+F0t1bGzXlShY=
Subject key identifier: A5:99:FE:B5:66:55:F6:92:97:83:C6:81:36:04:C8:33:44:30:0B:9A
Certificate issuer: /CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Certificate serial: 129571C1
Authority key identifier: A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/pZn-tWZV9pKXg8aBNgTIM0QwC5o.roa
Signing time: Fri 13 May 2022 09:40:49 +0000
ROA not before: Fri 13 May 2022 09:40:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29484
IP address blocks: 185.73.22.128/25 maxlen: 25
185.73.23.0/24 maxlen: 24
185.73.22.0/25 maxlen: 25
185.73.20.0/23 maxlen: 23
185.73.20.0/22 maxlen: 22
134.147.0.0/16 maxlen: 16
2a05:3e04::/32 maxlen: 32
2a05:3e06::/31 maxlen: 31
2a05:3e05::/32 maxlen: 32
2a05:3e00::/30 maxlen: 30
2a05:3e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 311783873 (0x129571c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Validity
Not Before: May 13 09:40:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a599feb56655f6929783c6813604c83344300b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a2:aa:21:75:db:0c:ea:cf:09:18:b2:d1:e4:
e9:f4:8c:cd:6d:6e:bf:9b:a5:bd:b8:be:47:9b:70:
84:16:f8:ec:ba:d3:3d:a9:fd:64:be:4a:e8:32:73:
62:02:86:18:f2:0e:74:ae:13:0d:42:0a:b4:60:9c:
05:ca:92:5b:27:ac:b9:8d:c4:f9:6f:d3:18:50:1e:
f1:97:4f:81:65:7f:48:7a:cd:e7:4d:78:83:53:db:
c8:8b:39:4e:9b:7e:b4:6c:5f:58:9c:fa:44:7b:e1:
96:be:4d:74:ea:03:4a:00:c6:9d:55:5f:2d:c0:13:
00:b7:f6:be:92:5b:92:55:da:ad:f5:01:89:fa:3f:
45:1c:79:a3:58:64:9f:34:93:e3:b2:1f:12:dd:26:
4d:2e:4e:64:ba:4a:54:87:6c:29:10:39:04:22:72:
b7:67:a3:08:65:f8:c6:9a:be:65:10:da:2b:e5:13:
8d:c5:23:df:6b:28:8f:ce:4a:d3:29:b6:9d:14:be:
45:ae:69:0d:32:54:33:5d:57:22:f1:c6:70:d6:14:
2f:d7:56:dc:49:c9:4c:2d:e8:14:5d:8a:51:f2:97:
2f:8e:a1:b2:4f:a5:ac:f7:28:6c:16:be:fb:4a:4b:
ac:f2:e4:92:ce:69:d2:8d:c1:57:03:82:9d:90:21:
72:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:99:FE:B5:66:55:F6:92:97:83:C6:81:36:04:C8:33:44:30:0B:9A
X509v3 Authority Key Identifier:
keyid:A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/pZn-tWZV9pKXg8aBNgTIM0QwC5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.147.0.0/16
185.73.20.0/22
IPv6:
2a05:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
81:7a:21:62:51:98:2e:3c:bc:6f:4e:c8:45:c4:d1:77:47:42:
14:92:f2:63:f5:b3:7e:7e:c8:e9:ed:be:b8:33:a1:40:1c:9e:
56:9f:f9:2a:8c:b2:f7:60:20:05:67:03:a4:86:c4:23:73:40:
59:96:10:03:b7:ad:38:48:83:41:2a:e2:cc:6a:ff:8e:f1:35:
96:a4:28:a4:3a:65:8e:45:50:41:64:fa:a6:9f:ec:52:7d:c0:
aa:f2:fb:74:d4:58:d2:02:68:ec:92:f3:c5:e3:b7:90:14:8d:
0b:f9:54:99:e1:cf:8c:eb:ec:70:8e:38:72:96:e6:b5:67:bc:
9a:4b:be:a5:d1:a0:3c:f1:1f:53:b1:bf:b9:fa:39:27:7d:ff:
14:33:eb:e5:a2:1b:8a:df:7f:3f:9f:7b:19:a6:ce:a4:b3:41:
a4:a0:80:93:7f:dc:05:62:31:f3:fe:51:85:05:ec:84:e7:0d:
32:66:35:2f:fc:9d:dd:6e:0c:e6:4d:16:02:bc:e4:3c:40:d7:
7e:29:f5:77:18:36:6e:60:8a:a5:2f:22:c2:79:d6:59:5c:87:
4c:a2:28:4e:63:8a:08:95:ab:e9:f6:45:79:2d:fb:f3:68:58:
db:e9:86:bb:75:2c:91:f1:46:fe:aa:4c:03:66:07:4c:86:71:
9d:7a:55:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEEpVxwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzBkZGFhNzQ5NGQ2OWJhMWNhY2I0NTdlZjkxYjZkY2QyMmU4ZGQ5MB4XDTIyMDUx
MzA5NDA0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU5OWZlYjU2NjU1
ZjY5Mjk3ODNjNjgxMzYwNGM4MzM0NDMwMGI5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKiqiF12wzqzwkYstHk6fSMzW1uv5ulvbi+R5twhBb47LrT
Pan9ZL5K6DJzYgKGGPIOdK4TDUIKtGCcBcqSWyesuY3E+W/TGFAe8ZdPgWV/SHrN
5014g1PbyIs5Tpt+tGxfWJz6RHvhlr5NdOoDSgDGnVVfLcATALf2vpJbklXarfUB
ifo/RRx5o1hknzST47IfEt0mTS5OZLpKVIdsKRA5BCJyt2ejCGX4xpq+ZRDaK+UT
jcUj32soj85K0ym2nRS+Ra5pDTJUM11XIvHGcNYUL9dW3EnJTC3oFF2KUfKXL46h
sk+lrPcobBa++0pLrPLkks5p0o3BVwOCnZAhciMCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSlmf61ZlX2kpeDxoE2BMgzRDALmjAfBgNVHSMEGDAWgBSjDdqnSU1puhys
tFfvkbbc0i6N2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L293M2FwMGxOYWJvY3JMUlg3NUcyM05JdWpkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzYxMTJjLWYxN2UtNGRjMS1iYTUyLTY1NDRhMmI5OTgxNy8x
L3Babi10V1pWOXBLWGc4YUJOZ1RJTTBRd0M1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzYxMTJjLWYxN2UtNGRjMS1iYTUyLTY1NDRhMmI5OTgxNy8xL293M2FwMGxOYWJv
Y3JMUlg3NUcyM05JdWpkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMDAIaTAwQCuUkUMA0EAgACMAcDBQMq
BT4AMA0GCSqGSIb3DQEBCwUAA4IBAQCBeiFiUZguPLxvTshFxNF3R0IUkvJj9bN+
fsjp7b64M6FAHJ5Wn/kqjLL3YCAFZwOkhsQjc0BZlhADt604SINBKuLMav+O8TWW
pCikOmWORVBBZPqmn+xSfcCq8vt01FjSAmjskvPF47eQFI0L+VSZ4c+M6+xwjjhy
lua1Z7yaS76l0aA88R9Tsb+5+jknff8UM+vlohuK338/n3sZps6ks0GkoICTf9wF
YjHz/lGFBeyE5w0yZjUv/J3dbgzmTRYCvOQ8QNd+KfV3GDZuYIqlLyLCedZZXIdM
oihOY4oIlavp9kV5LfvzaFjb6Ya7dSyR8Ub+qkwDZgdMhnGdelWD
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:08:38 2025 by rpki-client