Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/ZoBAzvbHU3qJucoOqXDEbekHD4E.roa
File: ZoBAzvbHU3qJucoOqXDEbekHD4E.roa (raw, json)
Hash identifier: 4rU4qv8SwHWRUjEH+L8cqpUcGTrl+ZQxsV3aoZHbD2c=
Subject key identifier: 66:80:40:CE:F6:C7:53:7A:89:B9:CA:0E:A9:70:C4:6D:E9:07:0F:81
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 0182ABE700F2AA25CA20415E5C3C164D5D40
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/ZoBAzvbHU3qJucoOqXDEbekHD4E.roa
Signing time: Wed 17 Aug 2022 13:03:39 +0000
ROA not before: Wed 17 Aug 2022 13:03:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45012
IP address blocks: 193.22.255.0/24 maxlen: 24
185.80.92.0/24 maxlen: 24
185.80.93.0/24 maxlen: 24
185.80.94.0/23 maxlen: 23
91.220.49.0/24 maxlen: 24
185.137.168.0/22 maxlen: 24
128.127.65.0/24 maxlen: 24
128.127.66.0/24 maxlen: 24
194.145.226.0/24 maxlen: 24
91.203.108.0/22 maxlen: 24
178.250.170.0/24 maxlen: 24
93.90.178.0/24 maxlen: 24
178.250.174.0/24 maxlen: 24
37.218.252.0/24 maxlen: 24
37.218.248.0/22 maxlen: 22
37.218.254.0/24 maxlen: 24
178.20.96.0/21 maxlen: 24
5.44.108.0/22 maxlen: 24
192.162.87.0/24 maxlen: 24
185.207.230.0/24 maxlen: 24
185.207.228.0/22 maxlen: 24
185.207.228.0/24 maxlen: 24
31.47.240.0/20 maxlen: 24
81.88.16.0/24 maxlen: 24
89.22.100.0/22 maxlen: 24
89.22.108.0/24 maxlen: 24
89.22.110.0/23 maxlen: 24
89.22.112.0/22 maxlen: 24
89.22.116.0/22 maxlen: 24
89.22.122.0/23 maxlen: 24
89.22.124.0/22 maxlen: 24
5.44.100.0/23 maxlen: 24
5.44.104.0/22 maxlen: 24
2a00:fa40:3000::/36 maxlen: 36
2a00:fa40:4000::/36 maxlen: 36
2a01:64c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ab:e7:00:f2:aa:25:ca:20:41:5e:5c:3c:16:4d:5d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Aug 17 13:03:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=668040cef6c7537a89b9ca0ea970c46de9070f81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b2:74:fd:9b:4a:76:e1:39:e3:5c:79:8e:d1:
38:36:65:07:34:3b:be:68:b8:c5:53:3d:ce:f6:25:
15:f2:d1:e3:c9:42:2b:be:ea:7e:8b:c8:4f:f1:79:
93:ea:6e:e0:a4:6e:85:43:84:fc:58:e0:fa:b0:55:
e0:22:d2:fd:5e:f6:fa:4d:ce:0c:02:c5:82:49:7f:
32:0f:46:7a:2b:f5:dd:b6:40:1b:81:1d:90:67:e7:
78:55:0a:22:2c:4f:44:1f:62:a9:b1:e2:58:3b:5e:
e1:7d:75:a4:49:f2:70:1b:c6:aa:c0:82:90:c6:e1:
25:83:63:b8:bb:66:85:79:20:d4:db:a4:81:72:45:
ae:8b:09:a5:b1:34:b9:66:ce:ca:61:88:35:27:7f:
b6:73:cd:f7:1b:d7:ce:ff:a4:75:34:76:2d:ab:3c:
02:a1:57:37:e4:a2:b5:26:a1:ba:db:37:3c:39:18:
db:9c:9c:34:db:13:44:07:08:3c:ca:5a:90:a3:fa:
d9:8b:14:d2:38:99:be:87:2f:ae:5a:54:30:cd:70:
85:96:53:bf:d2:7e:df:06:c0:9b:e2:a1:54:84:21:
f4:0a:0f:01:ea:07:38:61:eb:9a:0b:7d:01:c8:71:
df:4a:45:8e:a6:bf:62:5f:31:96:7c:eb:25:55:cb:
c5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:80:40:CE:F6:C7:53:7A:89:B9:CA:0E:A9:70:C4:6D:E9:07:0F:81
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/ZoBAzvbHU3qJucoOqXDEbekHD4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.100.0/23
5.44.104.0/21
31.47.240.0/20
37.218.248.0-37.218.252.255
37.218.254.0/24
81.88.16.0/24
89.22.100.0/22
89.22.108.0/24
89.22.110.0-89.22.119.255
89.22.122.0-89.22.127.255
91.203.108.0/22
91.220.49.0/24
93.90.178.0/24
128.127.65.0-128.127.66.255
178.20.96.0/21
178.250.170.0/24
178.250.174.0/24
185.80.92.0/22
185.137.168.0/22
185.207.228.0/22
192.162.87.0/24
193.22.255.0/24
194.145.226.0/24
IPv6:
2a00:fa40:3000::-2a00:fa40:4fff:ffff:ffff:ffff:ffff:ffff
2a01:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:dd:63:75:6f:72:f2:8d:ef:30:17:c3:94:c4:63:44:5d:5e:
5e:92:9b:a1:af:43:47:aa:57:08:65:c5:71:ec:f6:09:80:3a:
0f:e3:f7:9d:f8:9c:17:ba:5a:5f:02:c7:41:24:74:6d:b8:97:
21:4d:61:ed:9f:7a:8b:db:d0:ba:30:8c:fd:60:21:45:b4:05:
64:aa:b0:b6:68:2c:a9:cc:b0:0a:1b:88:e1:68:24:70:21:a1:
db:28:25:fe:6a:3d:15:19:18:b2:59:5a:8f:05:5a:5e:02:e8:
7c:4d:87:31:93:98:9f:17:6c:e2:96:2c:3f:82:5c:88:12:33:
ae:02:4f:87:f6:fc:80:7f:21:97:32:1b:f0:80:c4:48:d1:b4:
81:2e:32:7c:b8:94:b7:f2:92:2a:60:61:98:ec:ae:7e:e3:53:
da:83:2b:ac:ba:70:eb:21:aa:42:c4:5f:2f:78:df:da:8b:99:
1c:ac:e4:0e:9f:89:87:d5:f7:dd:02:3f:9e:b9:d2:30:1c:1f:
f6:a3:10:87:a9:9c:15:38:41:03:79:83:ad:6a:78:03:2f:9f:
0f:92:38:49:02:27:37:b7:e9:99:62:da:d3:a3:2d:d2:b8:ae:
85:15:18:fd:b5:4c:d8:db:d1:ef:5f:91:06:bc:56:1b:6c:8f:
30:86:8a:b4
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYKr5wDyqiXKIEFeXDwWTV1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjIwODE3MTMwMzM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjgwNDBjZWY2Yzc1MzdhODliOWNhMGVhOTcwYzQ2ZGU5MDcwZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbJ0/ZtKduE541x5jtE4NmUHNDu+
aLjFUz3O9iUV8tHjyUIrvup+i8hP8XmT6m7gpG6FQ4T8WOD6sFXgItL9Xvb6Tc4M
AsWCSX8yD0Z6K/XdtkAbgR2QZ+d4VQoiLE9EH2KpseJYO17hfXWkSfJwG8aqwIKQ
xuElg2O4u2aFeSDU26SBckWuiwmlsTS5Zs7KYYg1J3+2c833G9fO/6R1NHYtqzwC
oVc35KK1JqG62zc8ORjbnJw02xNEBwg8ylqQo/rZixTSOJm+hy+uWlQwzXCFllO/
0n7fBsCb4qFUhCH0Cg8B6gc4YeuaC30ByHHfSkWOpr9iXzGWfOslVcvFkwIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFGaAQM72x1N6ibnKDqlwxG3pBw+BMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvWm9CQXp2YkhVM3FKdWNvT3FYREViZWtIRDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBsQQCAAEwgaoDBAEF
LGQDBAMFLGgDBAQfL/AwDAMEAyXa+AMEACXa/AMEACXa/gMEAFFYEAMEAlkWZAME
AFkWbDAMAwQBWRZuAwQDWRZwMAwDBAFZFnoDBAdZFgADBAJby2wDBABb3DEDBABd
WrIwDAMEAIB/QQMEAIB/QgMEA7IUYAMEALL6qgMEALL6rgMEArlQXAMEArmJqAME
ArnP5AMEAMCiVwMEAMEW/wMEAMKR4jAfBAIAAjAZMBADBgQqAPpAMAMGBCoA+kBA
AwUAKgFkwDANBgkqhkiG9w0BAQsFAAOCAQEAa91jdW9y8o3vMBfDlMRjRF1eXpKb
oa9DR6pXCGXFcez2CYA6D+P3nficF7paXwLHQSR0bbiXIU1h7Z96i9vQujCM/WAh
RbQFZKqwtmgsqcywChuI4WgkcCGh2ygl/mo9FRkYsllajwVaXgLofE2HMZOYnxds
4pYsP4JciBIzrgJPh/b8gH8hlzIb8IDESNG0gS4yfLiUt/KSKmBhmOyufuNT2oMr
rLpw6yGqQsRfL3jf2ouZHKzkDp+Jh9X33QI/nrnSMBwf9qMQh6mcFThBA3mDrWp4
Ay+fD5I4SQInN7fpmWLa06Mt0riuhRUY/bVM2NvR71+RBrxWG2yPMIaKtA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org