Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZtkDqPzqfZpB-ewYDoDOqyzwIa0.roa
File: ZtkDqPzqfZpB-ewYDoDOqyzwIa0.roa (raw, json)
Hash identifier: K9xpnaKmNC3ybSkdX2E9aGuJJlrUutaCrUhqKaToHcI=
Subject key identifier: 66:D9:03:A8:FC:EA:7D:9A:41:F9:EC:18:0E:80:CE:AB:2C:F0:21:AD
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0183080B5169A44D187B668D96D59F91A5D5
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZtkDqPzqfZpB-ewYDoDOqyzwIa0.roa
Signing time: Sun 04 Sep 2022 10:28:22 +0000
ROA not before: Sun 04 Sep 2022 10:28:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51765
IP address blocks: 185.204.1.0/24 maxlen: 24
185.232.168.0/24 maxlen: 24
185.103.110.0/24 maxlen: 24
185.112.82.0/24 maxlen: 24
185.212.149.0/24 maxlen: 24
91.103.253.0/24 maxlen: 24
185.117.118.0/24 maxlen: 24
185.217.196.0/23 maxlen: 23
82.115.220.0/24 maxlen: 24
185.125.51.0/24 maxlen: 24
185.221.163.0/24 maxlen: 24
194.53.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:08:0b:51:69:a4:4d:18:7b:66:8d:96:d5:9f:91:a5:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 4 10:28:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66d903a8fcea7d9a41f9ec180e80ceab2cf021ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1c:e5:5c:0c:b0:5e:ae:4b:55:d0:98:69:f2:
32:13:0d:2d:1d:9f:0f:fd:d7:f5:c4:3e:0a:f4:62:
94:56:09:6f:6c:39:c3:1d:dd:7c:5b:eb:7f:32:88:
cd:1f:0f:46:33:0a:cf:a1:da:c1:13:1d:48:88:12:
68:d1:e9:b8:4a:96:a1:e3:82:9f:1e:2b:bf:27:2e:
76:15:b5:0b:1a:60:64:40:6f:eb:5d:21:74:a4:dd:
c2:92:5c:d0:05:f1:8a:57:c7:d3:64:5e:fe:89:20:
63:1e:a0:32:55:6b:04:16:aa:d1:09:3b:05:89:5e:
51:2b:7d:2c:87:43:c0:83:ea:3b:ad:b7:a5:49:e2:
dc:4c:cf:56:80:9a:f8:2a:f9:96:d0:2a:7b:7a:fb:
47:99:0b:f4:7d:b5:0d:b2:7e:ac:5d:1d:89:c5:14:
9f:a7:8f:00:97:38:0e:64:05:75:61:62:10:27:70:
d6:e2:3f:85:de:88:68:c0:eb:3d:86:ff:be:e9:d3:
b8:65:35:d6:11:15:17:7a:cc:f7:4d:6c:71:29:8c:
db:57:62:f1:43:f6:76:b7:e5:cb:3c:e8:52:3a:0c:
6d:17:d7:94:a4:91:95:eb:fa:3b:42:6e:3d:3b:19:
a4:3d:a6:e2:61:1c:e8:fa:83:82:b0:87:07:4a:b5:
9c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D9:03:A8:FC:EA:7D:9A:41:F9:EC:18:0E:80:CE:AB:2C:F0:21:AD
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZtkDqPzqfZpB-ewYDoDOqyzwIa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.220.0/24
91.103.253.0/24
185.103.110.0/24
185.112.82.0/24
185.117.118.0/24
185.125.51.0/24
185.204.1.0/24
185.212.149.0/24
185.217.196.0/23
185.221.163.0/24
185.232.168.0/24
194.53.52.0/24
Signature Algorithm: sha256WithRSAEncryption
12:78:df:7e:ac:b1:6b:48:76:aa:8d:e5:44:ea:f2:68:2f:46:
82:7b:df:ef:95:8c:c9:41:41:8a:81:df:5f:b2:cd:92:e8:92:
16:bc:82:62:8e:7e:97:1c:8e:98:f2:98:23:27:56:ac:5f:bf:
89:12:e7:fe:6f:c1:26:ac:38:2f:96:5e:48:6e:1a:e5:fa:29:
fd:ae:5b:a1:16:8b:0b:08:98:13:ff:6c:36:9a:d4:d3:d5:70:
de:6a:32:23:2a:07:bd:34:4f:58:4a:62:eb:b7:de:d2:35:bc:
25:2b:33:63:62:ce:67:61:75:30:38:f3:46:50:0e:34:70:c9:
36:6d:7b:f0:fe:b0:0b:78:ea:c1:f8:04:10:f3:be:1f:aa:8a:
2c:b2:ca:05:72:97:4b:91:40:09:16:24:e3:43:8d:33:e7:b3:
43:c8:b1:9a:bf:b8:30:11:b1:80:8e:ec:ce:6f:e6:e3:ef:37:
c6:6e:a2:e2:45:09:ff:7f:95:30:00:5c:68:e9:4d:31:ce:3f:
74:7f:13:a2:2b:7e:fc:5a:d2:df:fd:65:63:19:5e:2e:28:7e:
be:51:2e:4f:ce:02:15:ba:fa:fd:82:7e:29:19:0d:73:21:89:
9b:0f:d8:72:ae:fc:4a:3f:9d:1e:0b:d7:10:87:40:c1:fb:9f:
9f:45:48:9a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYMIC1FppE0Ye2aNltWfkaXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTA0MTAyODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmQ5MDNhOGZjZWE3ZDlhNDFmOWVjMTgwZTgwY2VhYjJjZjAyMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRzlXAywXq5LVdCYafIyEw0tHZ8P
/df1xD4K9GKUVglvbDnDHd18W+t/MojNHw9GMwrPodrBEx1IiBJo0em4Spah44Kf
Hiu/Jy52FbULGmBkQG/rXSF0pN3CklzQBfGKV8fTZF7+iSBjHqAyVWsEFqrRCTsF
iV5RK30sh0PAg+o7rbelSeLcTM9WgJr4KvmW0Cp7evtHmQv0fbUNsn6sXR2JxRSf
p48AlzgOZAV1YWIQJ3DW4j+F3ohowOs9hv++6dO4ZTXWERUXesz3TWxxKYzbV2Lx
Q/Z2t+XLPOhSOgxtF9eUpJGV6/o7Qm49OxmkPabiYRzo+oOCsIcHSrWc6wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGbZA6j86n2aQfnsGA6Azqss8CGtMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWnRrRHFQenFmWnBCLWV3WURvRE9xeXp3SWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAUnPcAwQA
W2f9AwQAuWduAwQAuXBSAwQAuXV2AwQAuX0zAwQAucwBAwQAudSVAwQBudnEAwQA
ud2jAwQAueioAwQAwjU0MA0GCSqGSIb3DQEBCwUAA4IBAQASeN9+rLFrSHaqjeVE
6vJoL0aCe9/vlYzJQUGKgd9fss2S6JIWvIJijn6XHI6Y8pgjJ1asX7+JEuf+b8Em
rDgvll5Ibhrl+in9rluhFosLCJgT/2w2mtTT1XDeajIjKge9NE9YSmLrt97SNbwl
KzNjYs5nYXUwOPNGUA40cMk2bXvw/rALeOrB+AQQ874fqoosssoFcpdLkUAJFiTj
Q40z57NDyLGav7gwEbGAjuzOb+bj7zfGbqLiRQn/f5UwAFxo6U0xzj90fxOiK378
WtLf/WVjGV4uKH6+US5PzgIVuvr9gn4pGQ1zIYmbD9hyrvxKP50eC9cQh0DB+5+f
RUia
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org