Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/0ZWYvdaG5-bbJg3TTjGqHRaCbd8.roa
File: 0ZWYvdaG5-bbJg3TTjGqHRaCbd8.roa (raw, json)
Hash identifier: Qgw3tmvVW4jyGOLcZsGo7OuKBDL1biDggUnuVN6OrVc=
Subject key identifier: D1:95:98:BD:D6:86:E7:E6:DB:26:0D:D3:4E:31:AA:1D:16:82:6D:DF
Certificate issuer: /CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Certificate serial: 01826244F7606B6A49E47E5D75744FFCEDAE
Authority key identifier: 20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/0ZWYvdaG5-bbJg3TTjGqHRaCbd8.roa
Signing time: Wed 03 Aug 2022 05:54:23 +0000
ROA not before: Wed 03 Aug 2022 05:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41998
IP address blocks: 62.152.160.0/19 maxlen: 19
185.108.230.0/23 maxlen: 23
185.36.120.0/22 maxlen: 22
217.78.160.0/20 maxlen: 20
188.93.216.0/21 maxlen: 21
217.66.136.0/21 maxlen: 21
31.25.40.0/21 maxlen: 21
37.25.48.0/21 maxlen: 21
185.3.80.0/22 maxlen: 22
145.14.192.0/20 maxlen: 20
83.242.36.0/22 maxlen: 22
83.242.40.0/21 maxlen: 21
83.242.48.0/20 maxlen: 20
153.92.80.0/20 maxlen: 20
171.33.176.0/22 maxlen: 22
213.153.68.0/22 maxlen: 22
213.153.76.0/22 maxlen: 22
171.33.180.0/22 maxlen: 22
213.153.84.0/22 maxlen: 22
213.153.80.0/22 maxlen: 22
213.153.88.0/22 maxlen: 22
93.118.0.0/21 maxlen: 21
94.176.240.0/20 maxlen: 20
213.153.92.0/22 maxlen: 22
93.118.8.0/21 maxlen: 21
93.118.16.0/21 maxlen: 21
93.118.24.0/21 maxlen: 21
94.124.208.0/21 maxlen: 21
188.244.100.0/22 maxlen: 22
46.182.136.0/21 maxlen: 21
194.140.112.0/20 maxlen: 20
91.103.112.0/21 maxlen: 21
212.86.176.0/22 maxlen: 22
212.86.184.0/22 maxlen: 22
5.42.136.0/22 maxlen: 22
5.42.140.0/22 maxlen: 22
185.61.28.0/22 maxlen: 22
2a02:17b0::/32 maxlen: 32
2a00:79c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:44:f7:60:6b:6a:49:e4:7e:5d:75:74:4f:fc:ed:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Validity
Not Before: Aug 3 05:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d19598bdd686e7e6db260dd34e31aa1d16826ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:05:5d:d0:8c:5c:7f:dc:d0:d9:76:4e:57:a3:
4d:cb:8c:63:fb:6f:db:99:b9:d6:c7:a5:a3:7b:5e:
dc:11:16:0a:72:3a:b4:d2:46:b3:76:00:dc:b6:43:
1e:2e:74:6d:71:2b:7b:f3:d0:a7:27:8b:57:59:1c:
cc:e7:23:7f:d5:75:cb:9c:c9:74:3f:00:38:f2:a1:
7c:32:53:a9:0c:ce:1f:c8:57:05:5a:f4:92:b7:9d:
13:58:4e:0c:e2:c7:44:f8:0d:0f:68:30:a6:d4:0d:
a6:26:d7:fa:04:e1:6b:61:b7:64:ec:6c:17:4e:da:
b1:e3:2b:64:69:0a:ab:49:66:34:c7:be:ed:61:9b:
da:11:3a:8d:ce:37:e0:e0:59:23:1b:ec:b3:e3:c4:
fc:7a:c8:a6:2e:13:c1:1b:72:4b:40:c6:a4:87:f4:
45:5b:af:7d:69:e2:b7:00:13:0d:df:04:9a:79:9a:
93:1b:53:a3:8f:a3:03:1d:c8:31:64:25:0e:00:56:
10:e1:75:f3:5e:3e:19:b7:70:c4:a4:f0:cb:3c:77:
8c:79:19:d7:8a:51:71:94:08:99:1d:be:2b:83:41:
f8:81:9d:aa:e8:dc:a7:5b:02:dc:68:70:15:c2:30:
06:44:e5:fe:24:4b:9d:34:d4:34:22:ad:e4:ed:c7:
f5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:95:98:BD:D6:86:E7:E6:DB:26:0D:D3:4E:31:AA:1D:16:82:6D:DF
X509v3 Authority Key Identifier:
keyid:20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/0ZWYvdaG5-bbJg3TTjGqHRaCbd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.136.0/21
31.25.40.0/21
37.25.48.0/21
46.182.136.0/21
62.152.160.0/19
83.242.36.0-83.242.63.255
91.103.112.0/21
93.118.0.0/19
94.124.208.0/21
94.176.240.0/20
145.14.192.0/20
153.92.80.0/20
171.33.176.0/21
185.3.80.0/22
185.36.120.0/22
185.61.28.0/22
185.108.230.0/23
188.93.216.0/21
188.244.100.0/22
194.140.112.0/20
212.86.176.0/22
212.86.184.0/22
213.153.68.0/22
213.153.76.0-213.153.95.255
217.66.136.0/21
217.78.160.0/20
IPv6:
2a00:79c0::/32
2a02:17b0::/32
Signature Algorithm: sha256WithRSAEncryption
19:cf:4c:d7:75:81:39:d9:53:f9:d3:a3:aa:9d:f5:42:91:14:
e6:c8:11:68:9c:3e:45:87:d8:23:75:4e:27:5b:ea:9b:91:c6:
86:72:85:f4:19:ba:0d:c9:7c:99:a4:69:81:90:f8:f8:c2:b6:
4d:8d:f6:0a:f9:10:bf:f8:63:aa:5e:3b:7f:ee:83:42:b0:ec:
23:5b:7b:56:50:c8:ac:8d:21:fa:1e:36:54:c3:ea:45:46:04:
3d:67:c5:c6:7f:ea:cb:6b:19:64:81:1b:45:20:e9:a0:35:62:
8c:6c:76:10:98:15:d2:57:15:3f:9d:66:b0:cc:99:24:e2:c4:
55:b3:59:30:30:e2:d0:58:17:fd:93:71:6d:b9:74:87:a8:eb:
54:3b:47:dd:01:51:e4:3a:4d:94:a2:a0:74:95:8f:a8:14:d6:
82:95:a5:db:cc:1c:0c:92:63:bd:98:7b:18:f4:95:af:fa:49:
03:23:d5:f7:0d:40:fc:95:a0:d5:18:44:ca:b9:ab:d5:91:dc:
eb:d0:a4:7e:3a:39:8d:3f:f6:74:25:3c:31:85:03:46:f9:ed:
20:d0:fa:e3:ef:04:f4:be:20:b5:14:1b:0e:b5:e8:3c:37:1d:
01:d8:8f:fc:99:2d:5d:d4:64:d1:42:f8:cb:c8:2d:10:52:c2:
31:7b:b8:68
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYJiRPdga2pJ5H5ddXRP/O2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGEwOTY1MDRjZGJiOWYyZmI3ZmQwZTY2NDA2ZDUyNmZl
MTBiNWEwHhcNMjIwODAzMDU1NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTk1OThiZGQ2ODZlN2U2ZGIyNjBkZDM0ZTMxYWExZDE2ODI2ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQVd0Ixcf9zQ2XZOV6NNy4xj+2/b
mbnWx6Wje17cERYKcjq00kazdgDctkMeLnRtcSt789CnJ4tXWRzM5yN/1XXLnMl0
PwA48qF8MlOpDM4fyFcFWvSSt50TWE4M4sdE+A0PaDCm1A2mJtf6BOFrYbdk7GwX
Ttqx4ytkaQqrSWY0x77tYZvaETqNzjfg4FkjG+yz48T8esimLhPBG3JLQMakh/RF
W699aeK3ABMN3wSaeZqTG1Ojj6MDHcgxZCUOAFYQ4XXzXj4Zt3DEpPDLPHeMeRnX
ilFxlAiZHb4rg0H4gZ2q6NynWwLcaHAVwjAGROX+JEudNNQ0Iq3k7cf1NQIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFNGVmL3Whufm2yYN004xqh0Wgm3fMB8GA1UdIwQY
MBaAFCBKCWUEzbufL7f9DmZAbVJv4QtaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYt
MTU0MjI0Nzg4MDBiLzEvMFpXWXZkYUc1LWJiSmczVFRqR3FIUmFDYmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYtMTU0MjI0Nzg4MDBi
LzEvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBswQCAAEwgawDBAMF
KogDBAMfGSgDBAMlGTADBAMutogDBAU+mKAwDAMEAlPyJAMEBlPyAAMEA1tncAME
BV12AAMEA1580AMEBF6w8AMEBJEOwAMEBJlcUAMEA6shsAMEArkDUAMEArkkeAME
Ark9HAMEAbls5gMEA7xd2AMEArz0ZAMEBMKMcAMEAtRWsAMEAtRWuAMEAtWZRDAM
AwQC1ZlMAwQF1ZlAAwQD2UKIAwQE2U6gMBQEAgACMA4DBQAqAHnAAwUAKgIXsDAN
BgkqhkiG9w0BAQsFAAOCAQEAGc9M13WBOdlT+dOjqp31QpEU5sgRaJw+RYfYI3VO
J1vqm5HGhnKF9Bm6Dcl8maRpgZD4+MK2TY32CvkQv/hjql47f+6DQrDsI1t7VlDI
rI0h+h42VMPqRUYEPWfFxn/qy2sZZIEbRSDpoDVijGx2EJgV0lcVP51msMyZJOLE
VbNZMDDi0FgX/ZNxbbl0h6jrVDtH3QFR5DpNlKKgdJWPqBTWgpWl28wcDJJjvZh7
GPSVr/pJAyPV9w1A/JWg1RhEyrmr1ZHc69Ckfjo5jT/2dCU8MYUDRvntIND64+8E
9L4gtRQbDrXoPDcdAdiP/JktXdRk0UL4y8gtEFLCMXu4aA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:14 2024 by rpki-client on console-ams.rpki-client.org