Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/zDBR06sdXhIQvU-z1e0xOhQIHZo.roa
File: zDBR06sdXhIQvU-z1e0xOhQIHZo.roa (raw, json)
Hash identifier: D0Wo3PwyxxyiOUzWRRz8rJci/tLfbpuMStJgkKdpF0s=
Subject key identifier: CC:30:51:D3:AB:1D:5E:12:10:BD:4F:B3:D5:ED:31:3A:14:08:1D:9A
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 34B242C1
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/zDBR06sdXhIQvU-z1e0xOhQIHZo.roa
Signing time: Sat 01 Jan 2022 14:57:41 +0000
ROA not before: Sat 01 Jan 2022 14:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3301
IP address blocks: 192.157.11.0/24 maxlen: 24
192.157.9.0/24 maxlen: 24
192.157.8.0/24 maxlen: 24
192.157.10.0/24 maxlen: 24
153.112.240.0/24 maxlen: 24
153.112.241.0/24 maxlen: 24
153.112.160.0/24 maxlen: 24
153.112.166.0/24 maxlen: 24
153.112.165.0/24 maxlen: 24
153.112.162.0/24 maxlen: 24
153.112.161.0/24 maxlen: 24
153.112.164.0/24 maxlen: 24
153.112.163.0/24 maxlen: 24
153.112.167.0/24 maxlen: 24
153.112.173.0/24 maxlen: 24
153.112.179.0/24 maxlen: 24
153.112.176.0/24 maxlen: 24
153.112.178.0/24 maxlen: 24
153.112.177.0/24 maxlen: 24
153.112.186.0/24 maxlen: 24
153.112.183.0/24 maxlen: 24
153.112.182.0/24 maxlen: 24
153.112.185.0/24 maxlen: 24
153.112.184.0/24 maxlen: 24
153.112.181.0/24 maxlen: 24
153.112.180.0/24 maxlen: 24
153.112.190.0/24 maxlen: 24
153.112.189.0/24 maxlen: 24
153.112.191.0/24 maxlen: 24
153.112.188.0/24 maxlen: 24
153.112.187.0/24 maxlen: 24
79.170.17.0/24 maxlen: 24
79.170.16.0/24 maxlen: 24
153.112.209.0/24 maxlen: 24
153.112.208.0/24 maxlen: 24
79.170.22.0/24 maxlen: 24
79.170.21.0/24 maxlen: 24
79.170.23.0/24 maxlen: 24
79.170.19.0/24 maxlen: 24
79.170.18.0/24 maxlen: 24
79.170.20.0/24 maxlen: 24
153.112.132.0/24 maxlen: 24
153.112.139.0/24 maxlen: 24
153.112.134.0/24 maxlen: 24
153.112.135.0/24 maxlen: 24
153.112.133.0/24 maxlen: 24
153.112.151.0/24 maxlen: 24
153.112.150.0/24 maxlen: 24
153.112.149.0/24 maxlen: 24
192.138.109.0/24 maxlen: 24
192.138.111.0/24 maxlen: 24
192.138.110.0/24 maxlen: 24
192.138.116.0/24 maxlen: 24
192.138.117.0/24 maxlen: 24
2a02:f784:20::/48 maxlen: 48
2a02:f784:30::/48 maxlen: 48
2a02:f784:8001::/48 maxlen: 48
2a02:f784:8000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 884097729 (0x34b242c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 14:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc3051d3ab1d5e1210bd4fb3d5ed313a14081d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6c:25:4d:9c:72:9f:7b:22:b6:df:82:9f:36:
bc:20:d5:0b:fd:45:1c:51:4f:4d:7c:17:b3:8a:0a:
d2:0d:6a:ae:e0:55:46:5e:c3:99:66:14:7f:ca:80:
1e:3f:04:f5:fd:7b:aa:b2:79:bd:91:70:49:ba:e1:
0a:31:e8:c5:cc:35:cf:af:37:3e:99:fa:bc:9a:91:
dc:55:e4:84:4b:3b:1e:74:41:fe:a2:0e:70:0f:0e:
b7:c5:08:84:cb:cf:83:5c:1a:6b:0b:4c:db:67:a2:
13:b8:b2:95:96:35:54:5e:40:14:24:5e:75:10:dc:
40:d8:7c:4e:39:0a:48:17:0f:bc:99:9d:db:22:80:
1a:f2:96:f1:18:3c:d4:15:8d:5d:3c:12:0f:93:81:
71:c9:29:0a:2b:55:4f:9d:ee:91:c2:1b:5d:4d:6a:
34:0c:ed:e0:30:90:37:78:fd:a7:c9:28:f8:d9:0d:
9d:c7:9a:dc:d5:35:b4:e7:09:9e:22:99:7b:33:8b:
5f:2f:f3:0c:b7:ab:e7:fa:bb:a2:75:af:d2:14:ff:
cc:57:24:39:0c:9c:76:be:76:3b:95:ee:0b:dd:ea:
10:48:fb:1e:c8:18:1e:eb:11:fb:36:31:bd:d3:2d:
15:4c:d5:63:eb:9a:c3:ad:7e:30:e8:3d:12:ca:c1:
37:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:30:51:D3:AB:1D:5E:12:10:BD:4F:B3:D5:ED:31:3A:14:08:1D:9A
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/zDBR06sdXhIQvU-z1e0xOhQIHZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.16.0/21
153.112.132.0/22
153.112.139.0/24
153.112.149.0-153.112.151.255
153.112.160.0/21
153.112.173.0/24
153.112.176.0/20
153.112.208.0/23
153.112.240.0/23
192.138.109.0-192.138.111.255
192.138.116.0/23
192.157.8.0/22
IPv6:
2a02:f784:20::/48
2a02:f784:30::/48
2a02:f784:8000::/47
Signature Algorithm: sha256WithRSAEncryption
90:52:f6:b5:ea:bd:e6:c0:ba:84:06:f1:35:1a:96:65:34:9a:
7e:93:93:e1:09:87:54:dd:1f:b1:85:aa:35:73:b6:36:cf:39:
1d:60:78:80:d1:cd:16:4f:22:fa:67:11:2c:9f:1b:8c:37:c2:
08:5e:78:0f:70:7e:2d:70:ff:73:01:39:53:c1:cd:7a:a6:64:
70:e1:c7:f7:0d:9d:67:2b:58:26:ec:c5:59:58:9e:fd:3e:fe:
09:80:f5:46:ad:19:36:b1:16:08:83:53:f1:67:51:c2:33:fa:
f7:e3:19:6e:d9:10:1d:28:3b:63:6d:32:95:24:53:a7:b1:b0:
1e:c1:29:4e:2f:87:9d:e0:1c:35:ce:2d:11:10:b5:14:cb:b2:
e2:f5:84:47:2a:7e:c9:0d:0e:a0:3a:f9:26:32:74:24:a5:ba:
df:d2:9c:cc:c2:82:f7:8b:f0:1f:37:20:13:2c:b8:2e:ce:57:
25:0f:2e:1b:5b:59:a9:4c:19:18:04:c8:fd:4d:a8:54:42:73:
86:c9:62:2b:be:29:6c:43:f0:84:60:37:77:6e:f6:00:5b:c4:
dc:8e:ea:df:05:07:d3:4c:ac:af:2a:69:6e:04:06:03:85:74:
0b:28:6f:0e:0f:43:63:c6:e1:e5:3f:51:d8:c8:3b:92:ae:94:
f2:d5:f5:2d
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIENLJCwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDg1MmZmYmE3ZDU3YzVhOGFmYmI2ZWE1YmVhZjdkZmVjMGMxNDVhMB4XDTIyMDEw
MTE0NTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2MzMDUxZDNhYjFk
NWUxMjEwYmQ0ZmIzZDVlZDMxM2ExNDA4MWQ5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdsJU2ccp97Irbfgp82vCDVC/1FHFFPTXwXs4oK0g1qruBV
Rl7DmWYUf8qAHj8E9f17qrJ5vZFwSbrhCjHoxcw1z683Ppn6vJqR3FXkhEs7HnRB
/qIOcA8Ot8UIhMvPg1waawtM22eiE7iylZY1VF5AFCRedRDcQNh8TjkKSBcPvJmd
2yKAGvKW8Rg81BWNXTwSD5OBcckpCitVT53ukcIbXU1qNAzt4DCQN3j9p8ko+NkN
ncea3NU1tOcJniKZezOLXy/zDLer5/q7onWv0hT/zFckOQycdr52O5XuC93qEEj7
HsgYHusR+zYxvdMtFUzVY+uaw61+MOg9EsrBN30CAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBTMMFHTqx1eEhC9T7PV7TE6FAgdmjAfBgNVHSMEGDAWgBS0hS/7p9V8Wor7
tupb6vff7AwUWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RJVXYtNmZWZkZxSy03YnFXLXIzMy13TUZGby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvZTQ1ZTMwLWU3ZDgtNGZiOC05MGFkLWY3MTAzOGU5NjdhNC8x
L3pEQlIwNnNkWGhJUXZVLXoxZTB4T2hRSUhaby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
ZTQ1ZTMwLWU3ZDgtNGZiOC05MGFkLWY3MTAzOGU5NjdhNC8xL3RJVXYtNmZWZkZx
Sy03YnFXLXIzMy13TUZGby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwXgQCAAEwWAMEA0+qEAMEAplwhAMEAJlwizAM
AwQAmXCVAwQDmXCQAwQDmXCgAwQAmXCtAwQEmXCwAwQBmXDQAwQBmXDwMAwDBADA
im0DBATAimADBAHAinQDBALAnQgwIQQCAAIwGwMHACoC94QAIAMHACoC94QAMAMH
ASoC94SAADANBgkqhkiG9w0BAQsFAAOCAQEAkFL2teq95sC6hAbxNRqWZTSafpOT
4QmHVN0fsYWqNXO2Ns85HWB4gNHNFk8i+mcRLJ8bjDfCCF54D3B+LXD/cwE5U8HN
eqZkcOHH9w2dZytYJuzFWVie/T7+CYD1Rq0ZNrEWCINT8WdRwjP69+MZbtkQHSg7
Y20ylSRTp7GwHsEpTi+HneAcNc4tERC1FMuy4vWERyp+yQ0OoDr5JjJ0JKW639Kc
zMKC94vwHzcgEyy4Ls5XJQ8uG1tZqUwZGATI/U2oVEJzhsliK74pbEPwhGA3d272
AFvE3I7q3wUH00ysryppbgQGA4V0CyhvDg9DY8bh5T9R2Mg7kq6U8tX1LQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org