Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/pZIZuS_fOlZ2G3GpWKetbEjHNQ0.roa
File: pZIZuS_fOlZ2G3GpWKetbEjHNQ0.roa (raw, json)
Hash identifier: iIUIYZlIlNi3aUJGwIe8/p/gsmFKNtDG0tcLKVnzlvE=
Subject key identifier: A5:92:19:B9:2F:DF:3A:56:76:1B:71:A9:58:A7:AD:6C:48:C7:35:0D
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 01856F26E61F5DB6E945C3740A66BD777D37
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/pZIZuS_fOlZ2G3GpWKetbEjHNQ0.roa
Signing time: Sun 01 Jan 2023 21:04:58 +0000
ROA not before: Sun 01 Jan 2023 21:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44066
IP address blocks: 212.224.64.0/18 maxlen: 24
185.26.96.0/22 maxlen: 24
84.200.205.0/24 maxlen: 24
194.143.134.0/23 maxlen: 23
185.171.204.0/22 maxlen: 24
79.133.32.0/19 maxlen: 24
159.100.0.0/19 maxlen: 24
84.201.17.0/24 maxlen: 24
84.201.18.0/24 maxlen: 24
37.114.96.0/19 maxlen: 24
194.187.164.0/22 maxlen: 22
84.200.0.0/16 maxlen: 24
82.211.0.0/18 maxlen: 24
31.172.80.0/20 maxlen: 24
82.211.17.0/24 maxlen: 24
84.200.39.0/24 maxlen: 24
84.201.0.0/18 maxlen: 24
2a01:7e0:1fc::/48 maxlen: 48
2a01:7e0::/29 maxlen: 48
2a01:7e0::/32 maxlen: 32
2001:1608::/32 maxlen: 48
2a01:7e0:2f::/48 maxlen: 48
2001:1638::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e6:1f:5d:b6:e9:45:c3:74:0a:66:bd:77:7d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Jan 1 21:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a59219b92fdf3a56761b71a958a7ad6c48c7350d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2b:b7:49:31:ac:89:22:cf:db:40:59:b0:bf:
20:e9:b0:d3:5e:1f:07:4e:ba:5e:db:89:26:5f:9b:
8a:71:a8:53:7c:70:a4:dd:28:75:66:4a:06:67:ab:
12:df:b4:f4:52:99:d7:2e:82:5f:b8:cb:05:b7:7c:
00:7a:11:dc:9a:ad:a7:00:bb:ff:3a:06:01:c7:f3:
ad:bb:10:40:bd:94:1a:a6:ee:cb:31:63:f2:ed:4d:
95:78:c2:73:0f:0b:f7:33:69:d1:4e:57:52:ac:bd:
4f:a5:fb:8b:6d:fa:4d:3d:86:72:aa:b3:66:2b:63:
9f:72:f7:a1:23:2f:ec:2d:04:39:a6:9b:ba:a5:d8:
77:be:ec:40:bc:97:00:62:de:16:0b:e4:5d:8c:7e:
54:f6:8d:f8:df:0a:71:b0:16:79:60:4b:66:56:39:
c2:70:55:83:e5:cd:d9:71:b6:64:8a:e9:4b:87:74:
1a:68:31:a0:4c:6b:9e:e2:0b:87:27:1e:e2:9a:51:
ff:98:7a:bb:49:87:54:ac:5a:92:cd:f8:c7:fa:5a:
7b:c8:8a:df:ce:04:b6:d7:ec:17:b3:84:95:71:b6:
3a:a3:89:a1:8e:0c:51:a0:c4:a0:85:05:73:ca:6f:
62:1a:a7:8c:07:ed:e8:49:92:c7:00:30:e7:0b:4e:
13:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:92:19:B9:2F:DF:3A:56:76:1B:71:A9:58:A7:AD:6C:48:C7:35:0D
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/pZIZuS_fOlZ2G3GpWKetbEjHNQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.80.0/20
37.114.96.0/19
79.133.32.0/19
82.211.0.0/18
84.200.0.0-84.201.63.255
159.100.0.0/19
185.26.96.0/22
185.171.204.0/22
194.143.134.0/23
194.187.164.0/22
212.224.64.0/18
IPv6:
2001:1608::/32
2001:1638::/32
2a01:7e0::/29
Signature Algorithm: sha256WithRSAEncryption
b2:bc:aa:0e:d4:d5:53:7d:6d:86:9e:2f:ab:73:0d:9f:4a:2e:
10:3c:e5:8d:cc:ce:d9:b2:fc:fd:99:89:58:cd:b3:bf:e1:1e:
dd:16:39:40:cd:3d:ad:9a:b2:dd:6a:15:94:e9:04:4e:b0:45:
b9:e5:52:a4:3d:be:ea:10:da:46:b2:15:78:a1:03:d0:2a:e2:
bb:ab:e7:e8:d5:55:69:85:70:fb:fc:92:12:0e:52:62:52:37:
7e:c7:c4:74:c6:44:f5:ef:8e:a9:16:e1:7e:bc:33:d8:9c:9e:
ca:aa:0c:7b:d4:5f:9e:6a:60:df:5a:a8:47:ae:a6:ac:69:e5:
a3:f5:7d:46:0c:4e:a8:10:fb:e7:8f:d6:bd:d5:89:14:8f:c7:
d0:45:b7:73:e3:c0:01:b6:17:ca:34:11:8d:61:26:80:67:27:
e6:a9:ec:4b:b6:7f:c6:63:49:9d:72:82:0f:68:d7:87:e2:05:
8c:36:a8:76:62:0e:96:f4:96:d5:d2:38:fd:09:d7:80:82:18:
9f:a9:7a:fd:51:20:88:d7:3e:4d:77:cc:56:5d:9e:1a:23:40:
f8:b9:ec:6f:0d:48:ac:21:8e:9c:a7:1e:00:9d:bf:43:c3:d6:
bd:81:8d:48:a6:d4:c6:d1:22:ea:ec:90:aa:61:d4:c1:53:ce:
4a:90:78:50
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYVvJuYfXbbpRcN0Cma9d303MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjMwMTAxMjEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTkyMTliOTJmZGYzYTU2NzYxYjcxYTk1OGE3YWQ2YzQ4YzczNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSu3STGsiSLP20BZsL8g6bDTXh8H
Trpe24kmX5uKcahTfHCk3Sh1ZkoGZ6sS37T0UpnXLoJfuMsFt3wAehHcmq2nALv/
OgYBx/OtuxBAvZQapu7LMWPy7U2VeMJzDwv3M2nRTldSrL1PpfuLbfpNPYZyqrNm
K2OfcvehIy/sLQQ5ppu6pdh3vuxAvJcAYt4WC+RdjH5U9o343wpxsBZ5YEtmVjnC
cFWD5c3ZcbZkiulLh3QaaDGgTGue4guHJx7imlH/mHq7SYdUrFqSzfjH+lp7yIrf
zgS21+wXs4SVcbY6o4mhjgxRoMSghQVzym9iGqeMB+3oSZLHADDnC04TCQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFKWSGbkv3zpWdhtxqVinrWxIxzUNMB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvcFpJWnVTX2ZPbFoyRzNHcFdLZXRiRWpITlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBPBAIAATBJAwQEH6xQAwQF
JXJgAwQFT4UgAwQGUtMAMAsDAwNUyAMEBlTJAAMEBZ9kAAMEArkaYAMEArmrzAME
AcKPhgMEAsK7pAMEBtTgQDAbBAIAAjAVAwUAIAEWCAMFACABFjgDBQMqAQfgMA0G
CSqGSIb3DQEBCwUAA4IBAQCyvKoO1NVTfW2Gni+rcw2fSi4QPOWNzM7Zsvz9mYlY
zbO/4R7dFjlAzT2tmrLdahWU6QROsEW55VKkPb7qENpGshV4oQPQKuK7q+fo1VVp
hXD7/JISDlJiUjd+x8R0xkT1746pFuF+vDPYnJ7Kqgx71F+eamDfWqhHrqasaeWj
9X1GDE6oEPvnj9a91YkUj8fQRbdz48ABthfKNBGNYSaAZyfmqexLtn/GY0mdcoIP
aNeH4gWMNqh2Yg6W9JbV0jj9CdeAghifqXr9USCI1z5Nd8xWXZ4aI0D4uexvDUis
IY6cpx4Anb9Dw9a9gY1IptTG0SLq7JCqYdTBU85KkHhQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:24 2025 by rpki-client