Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Ziy-VtPDBCiOstAiTjaX_Rbz64k.roa
File: Ziy-VtPDBCiOstAiTjaX_Rbz64k.roa (raw, json)
Hash identifier: WNIu48aoSLyb09OvRTrTl8PcaUO423fD7lrpYb311Jo=
Subject key identifier: 66:2C:BE:56:D3:C3:04:28:8E:B2:D0:22:4E:36:97:FD:16:F3:EB:89
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 09F76BCD
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Ziy-VtPDBCiOstAiTjaX_Rbz64k.roa
Signing time: Sat 01 Jan 2022 07:03:32 +0000
ROA not before: Sat 01 Jan 2022 07:03:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48359
IP address blocks: 185.221.192.0/24 maxlen: 24
185.221.192.0/22 maxlen: 22
185.221.194.0/24 maxlen: 24
185.221.193.0/24 maxlen: 24
185.221.195.0/24 maxlen: 24
195.191.44.0/24 maxlen: 24
195.191.45.0/24 maxlen: 24
185.121.58.0/24 maxlen: 24
185.121.57.0/24 maxlen: 24
185.121.56.0/22 maxlen: 22
185.121.56.0/24 maxlen: 24
185.121.59.0/24 maxlen: 24
195.8.112.0/24 maxlen: 24
195.8.110.0/24 maxlen: 24
195.8.114.0/24 maxlen: 24
185.238.44.0/24 maxlen: 24
185.238.47.0/24 maxlen: 24
185.238.46.0/24 maxlen: 24
185.238.45.0/24 maxlen: 24
195.191.23.0/24 maxlen: 24
195.191.22.0/24 maxlen: 24
185.137.60.0/22 maxlen: 24
185.142.95.0/24 maxlen: 24
185.142.92.0/22 maxlen: 22
185.142.92.0/24 maxlen: 24
193.246.200.0/24 maxlen: 24
185.142.94.0/24 maxlen: 24
185.142.93.0/24 maxlen: 24
193.246.201.0/24 maxlen: 24
185.142.124.0/24 maxlen: 24
185.142.124.0/22 maxlen: 22
185.142.125.0/24 maxlen: 24
185.142.127.0/24 maxlen: 24
185.142.126.0/24 maxlen: 24
195.8.102.0/24 maxlen: 24
195.230.97.0/24 maxlen: 24
195.230.105.0/24 maxlen: 24
91.213.151.0/24 maxlen: 24
195.230.107.0/24 maxlen: 24
91.213.157.0/24 maxlen: 24
185.82.64.0/24 maxlen: 24
185.82.64.0/22 maxlen: 22
195.230.124.0/24 maxlen: 24
185.82.66.0/24 maxlen: 24
185.82.67.0/24 maxlen: 24
185.82.65.0/24 maxlen: 24
91.213.172.0/24 maxlen: 24
91.213.167.0/24 maxlen: 24
185.47.48.0/23 maxlen: 23
185.47.50.0/23 maxlen: 23
45.155.192.0/24 maxlen: 24
193.246.175.0/24 maxlen: 24
193.246.174.0/24 maxlen: 24
45.155.195.0/24 maxlen: 24
45.155.193.0/24 maxlen: 24
45.155.194.0/24 maxlen: 24
185.125.22.0/24 maxlen: 24
185.125.21.0/24 maxlen: 24
185.125.23.0/24 maxlen: 24
185.125.20.0/24 maxlen: 24
185.125.20.0/22 maxlen: 22
185.212.192.0/24 maxlen: 24
185.212.194.0/24 maxlen: 24
185.212.193.0/24 maxlen: 24
185.212.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167209933 (0x9f76bcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Jan 1 07:03:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=662cbe56d3c304288eb2d0224e3697fd16f3eb89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:25:d3:f2:0e:9c:8a:da:36:55:0b:1e:18:68:
1e:e7:b3:19:2b:42:51:36:3e:bc:bf:4a:c3:e1:e0:
b3:1c:32:8b:49:1f:23:0b:43:91:6e:ae:55:dd:8c:
00:a0:4b:01:c6:e3:9e:8a:7f:ab:f9:3e:a7:77:85:
b7:84:9d:8b:3a:ce:4e:83:c2:51:4e:e7:95:ed:3c:
8a:dd:93:a6:67:58:40:e2:47:3f:fe:e0:e1:f6:63:
d0:04:31:73:d3:ce:77:0f:e4:f8:af:58:a9:db:30:
cb:2a:20:15:2e:9c:69:b5:ae:ae:47:e0:a1:ae:fd:
25:b6:b7:65:50:9f:72:76:d4:34:e5:53:d1:64:fd:
4a:07:3f:94:f5:7e:1c:cb:9c:16:9d:75:61:e4:ae:
60:8b:11:05:4c:b8:60:71:57:e7:a4:ba:a5:ff:a5:
ba:9e:99:bf:d7:63:1c:a5:35:44:75:5b:e0:71:78:
63:25:32:e2:93:69:50:41:82:8b:52:af:40:09:85:
ad:91:a1:f7:27:d9:c5:53:27:80:ae:f3:a4:dd:00:
b9:d0:5c:31:60:f1:fc:d4:14:21:b7:fb:44:db:5b:
68:19:b6:8b:fa:be:22:bc:ca:b5:e4:fe:af:4b:a7:
af:72:70:ab:f4:f2:a1:94:3d:a1:69:6c:4d:18:e4:
84:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2C:BE:56:D3:C3:04:28:8E:B2:D0:22:4E:36:97:FD:16:F3:EB:89
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Ziy-VtPDBCiOstAiTjaX_Rbz64k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.192.0/22
91.213.151.0/24
91.213.157.0/24
91.213.167.0/24
91.213.172.0/24
185.47.48.0/22
185.82.64.0/22
185.121.56.0/22
185.125.20.0/22
185.137.60.0/22
185.142.92.0/22
185.142.124.0/22
185.212.192.0/22
185.221.192.0/22
185.238.44.0/22
193.246.174.0/23
193.246.200.0/23
195.8.102.0/24
195.8.110.0/24
195.8.112.0/24
195.8.114.0/24
195.191.22.0/23
195.191.44.0/23
195.230.97.0/24
195.230.105.0/24
195.230.107.0/24
195.230.124.0/24
Signature Algorithm: sha256WithRSAEncryption
97:0b:9c:e2:5e:52:97:3b:96:ad:57:98:49:ff:fe:7e:ad:b0:
67:1a:df:a6:09:93:60:df:01:4a:c8:8e:27:33:76:d0:b5:ed:
e3:a7:25:ff:a1:44:ec:42:1f:8d:f4:db:a5:cd:37:19:3d:5c:
4f:4d:68:7a:d5:a9:ff:90:49:0c:e7:39:de:7d:f1:2b:d1:c0:
64:b4:49:ee:7f:df:b7:fb:a1:39:2b:47:0e:99:08:77:16:4a:
95:ed:ba:d7:cc:47:c4:45:1d:ad:24:e9:d8:54:78:9f:50:d5:
e2:87:6a:06:97:9d:62:fe:7e:40:81:77:04:00:ac:ca:73:5f:
6d:48:5a:05:11:dd:56:b6:30:15:30:02:b6:6e:97:46:97:61:
87:57:af:7b:c8:39:23:e5:97:0f:07:f4:ae:7b:8a:1d:c6:e1:
8d:2d:3b:fc:21:86:95:ad:26:cb:2b:61:a7:18:18:eb:09:e9:
3b:1e:ec:14:8b:43:40:5f:61:0e:7e:51:f0:aa:96:42:7b:67:
36:e0:77:72:d6:0e:ce:10:25:a1:f9:4e:df:43:61:f2:0c:1f:
b1:f9:95:e9:8e:99:52:c6:74:1c:3e:8c:f5:a0:ae:93:53:00:
df:77:e3:b3:b3:de:e9:16:f3:31:1b:c8:ed:72:40:f1:f7:66:
9d:b5:af:2f
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIECfdrzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Mzk2NWRkMWY2ZjI0YTQ2ZDdjYzRiY2NmZWNkNDE1MWM2ZGQxYmZiMB4XDTIyMDEw
MTA3MDMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjYyY2JlNTZkM2Mz
MDQyODhlYjJkMDIyNGUzNjk3ZmQxNmYzZWI4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANcl0/IOnIraNlULHhhoHuezGStCUTY+vL9Kw+Hgsxwyi0kf
IwtDkW6uVd2MAKBLAcbjnop/q/k+p3eFt4SdizrOToPCUU7nle08it2TpmdYQOJH
P/7g4fZj0AQxc9POdw/k+K9YqdswyyogFS6cabWurkfgoa79Jba3ZVCfcnbUNOVT
0WT9Sgc/lPV+HMucFp11YeSuYIsRBUy4YHFX56S6pf+lup6Zv9djHKU1RHVb4HF4
YyUy4pNpUEGCi1KvQAmFrZGh9yfZxVMngK7zpN0AudBcMWDx/NQUIbf7RNtbaBm2
i/q+IrzKteT+r0unr3Jwq/TyoZQ9oWlsTRjkhP8CAwEAAaOCAqowggKmMB0GA1Ud
DgQWBBRmLL5W08MEKI6y0CJONpf9FvPriTAfBgNVHSMEGDAWgBRDll3R9vJKRtfM
S8z+zUFRxt0b+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E1WmQwZmJ5U2tiWHpFdk1fczFCVWNiZEdfcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvYzczMWM0LTkxODMtNGRiMy1iNzBhLTMzOTgwYzAzZjA4ZS8x
L1ppeS1WdFBEQkNpT3N0QWlUamFYX1JiejY0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
YzczMWM0LTkxODMtNGRiMy1iNzBhLTMzOTgwYzAzZjA4ZS8xL1E1WmQwZmJ5U2ti
WHpFdk1fczFCVWNiZEdfcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vwYIKwYBBQUHAQcBAf8Ega8wgawwgakEAgABMIGiAwQCLZvAAwQAW9WXAwQAW9Wd
AwQAW9WnAwQAW9WsAwQCuS8wAwQCuVJAAwQCuXk4AwQCuX0UAwQCuYk8AwQCuY5c
AwQCuY58AwQCudTAAwQCud3AAwQCue4sAwQBwfauAwQBwfbIAwQAwwhmAwQAwwhu
AwQAwwhwAwQAwwhyAwQBw78WAwQBw78sAwQAw+ZhAwQAw+ZpAwQAw+ZrAwQAw+Z8
MA0GCSqGSIb3DQEBCwUAA4IBAQCXC5ziXlKXO5atV5hJ//5+rbBnGt+mCZNg3wFK
yI4nM3bQte3jpyX/oUTsQh+N9NulzTcZPVxPTWh61an/kEkM5zneffEr0cBktEnu
f9+3+6E5K0cOmQh3FkqV7brXzEfERR2tJOnYVHifUNXih2oGl51i/n5AgXcEAKzK
c19tSFoFEd1WtjAVMAK2bpdGl2GHV697yDkj5ZcPB/Sue4odxuGNLTv8IYaVrSbL
K2GnGBjrCek7HuwUi0NAX2EOflHwqpZCe2c24Hdy1g7OECWh+U7fQ2HyDB+x+ZXp
jplSxnQcPoz1oK6TUwDfd+Ozs97pFvMxG8jtckDx92adta8v
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:33 2025 by rpki-client