Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/RZJWAkuBUjcPtfef94Kts5n0QSw.roa
File: RZJWAkuBUjcPtfef94Kts5n0QSw.roa (raw, json)
Hash identifier: BHwsr4Maq4YkfXmGlN08sPPJ0yTthZOVZmqkuUnUbQU=
Subject key identifier: 45:92:56:02:4B:81:52:37:0F:B5:F7:9F:F7:82:AD:B3:99:F4:41:2C
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 01857082BE938AD0B81015B32F94AC18FBAC
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/RZJWAkuBUjcPtfef94Kts5n0QSw.roa
Signing time: Mon 02 Jan 2023 03:24:54 +0000
ROA not before: Mon 02 Jan 2023 03:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2200
IP address blocks: 195.220.0.0/16 maxlen: 16
195.83.163.0/24 maxlen: 24
195.83.164.0/24 maxlen: 24
195.83.165.0/24 maxlen: 24
193.48.80.0/24 maxlen: 24
193.48.81.0/24 maxlen: 24
195.98.224.0/19 maxlen: 19
193.48.91.0/24 maxlen: 24
193.48.104.0/24 maxlen: 24
193.48.101.0/24 maxlen: 24
193.48.0.0/14 maxlen: 14
194.167.190.0/24 maxlen: 24
193.52.0.0/24 maxlen: 24
193.52.1.0/24 maxlen: 24
193.52.0.0/16 maxlen: 16
193.48.179.0/24 maxlen: 24
193.48.106.0/24 maxlen: 24
195.221.235.0/24 maxlen: 24
195.221.234.0/24 maxlen: 24
195.83.225.0/24 maxlen: 24
195.83.226.0/24 maxlen: 24
194.254.0.0/16 maxlen: 16
194.57.0.0/16 maxlen: 16
194.254.139.0/24 maxlen: 24
194.57.138.0/24 maxlen: 24
194.199.0.0/16 maxlen: 16
194.167.0.0/16 maxlen: 16
81.194.0.0/16 maxlen: 16
195.221.0.0/16 maxlen: 16
193.52.68.0/24 maxlen: 24
194.214.0.0/16 maxlen: 16
193.54.0.0/15 maxlen: 15
193.52.216.0/24 maxlen: 24
193.52.217.0/24 maxlen: 24
193.54.149.0/24 maxlen: 24
193.51.56.0/24 maxlen: 24
194.167.41.0/24 maxlen: 24
194.57.177.0/24 maxlen: 24
194.57.176.0/24 maxlen: 24
195.83.0.0/16 maxlen: 16
193.49.96.0/24 maxlen: 24
194.57.216.0/24 maxlen: 24
194.57.215.0/24 maxlen: 24
2001:660::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:be:93:8a:d0:b8:10:15:b3:2f:94:ac:18:fb:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 2 03:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=459256024b8152370fb5f79ff782adb399f4412c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:35:fa:54:11:8f:2d:d5:9f:ed:59:2b:09:32:
62:dd:b2:30:38:64:2d:f2:ca:d9:01:d5:0f:26:c7:
1d:12:3f:71:e7:2b:20:77:6e:39:56:a8:88:84:32:
4d:41:85:cc:09:89:9a:83:ce:47:2c:f3:6d:32:00:
33:c4:ee:a9:6b:f4:1c:04:39:02:42:cb:06:b8:c9:
03:3b:b4:a7:7b:70:5f:ab:38:77:1e:8f:8f:c7:5d:
10:44:42:38:c8:02:1c:ba:11:d6:ec:ef:62:85:d0:
6d:ea:5e:69:a3:0c:0a:36:72:15:0b:ce:35:42:54:
2a:f4:5a:3b:fc:6a:e2:7f:be:a3:ef:be:ca:63:d8:
4c:aa:8f:36:75:6e:33:9f:b1:48:09:05:ba:c1:93:
90:bb:3e:63:f4:30:e7:ba:b4:49:bb:43:5b:cc:af:
3c:fb:d3:5b:9f:91:58:7f:ab:0e:4a:c9:4d:58:55:
9d:bc:82:04:83:f0:90:dc:c0:aa:db:88:48:68:93:
77:3c:ee:a4:2c:4b:e4:a6:61:21:6a:92:18:be:b1:
1e:1a:ee:5c:15:de:12:b4:67:35:d0:9e:5a:c5:49:
ce:c0:7a:b9:1d:c1:7d:11:c2:a4:e6:ad:9b:4f:27:
82:c8:c5:d7:1b:8e:93:86:08:aa:7f:44:7c:62:3d:
a1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:92:56:02:4B:81:52:37:0F:B5:F7:9F:F7:82:AD:B3:99:F4:41:2C
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/RZJWAkuBUjcPtfef94Kts5n0QSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.194.0.0/16
193.48.0.0-193.52.255.255
193.54.0.0/15
194.57.0.0/16
194.167.0.0/16
194.199.0.0/16
194.214.0.0/16
194.254.0.0/16
195.83.0.0/16
195.98.224.0/19
195.220.0.0/15
IPv6:
2001:660::/32
Signature Algorithm: sha256WithRSAEncryption
3e:75:69:26:fe:1c:9a:4e:08:2f:32:54:42:d4:c3:2b:f4:16:
12:6a:ae:a3:01:3d:00:a1:0c:74:a6:44:7c:92:fb:ef:36:11:
7d:c1:4b:c0:1d:b4:47:29:80:5e:25:13:98:36:01:74:20:dc:
30:02:3f:76:a0:32:47:31:71:74:a4:6d:2d:c8:9b:47:f0:9a:
cd:0f:07:47:52:44:db:06:27:49:a5:dc:80:c5:f6:e4:cd:e9:
1e:b7:61:7b:5f:b9:21:38:a5:66:84:47:95:6d:2a:fc:66:0c:
73:80:bf:97:a9:91:24:f2:46:bc:f9:01:f1:92:ff:cd:73:ee:
be:fc:80:2a:df:e9:c5:17:49:7f:66:41:ac:06:3c:72:f6:80:
6d:c9:ef:c0:d5:7a:77:48:d8:24:3e:0f:56:36:e8:ba:bb:a4:
c9:8d:50:d6:eb:9f:b2:43:fc:20:3d:6b:af:72:7c:db:8d:00:
df:a0:e2:43:17:3b:8a:8c:49:ab:28:75:8b:84:ae:81:41:c8:
0b:23:d3:d1:a6:13:cf:3d:1a:b9:2a:d5:57:d6:58:27:b6:5e:
15:21:c4:2c:83:3d:ec:e7:df:a3:83:5b:1f:50:29:f9:41:93:
cd:d1:66:41:b8:25:db:e3:2d:ab:a4:ac:24:57:88:fd:b1:78:
a8:1f:93:a1
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYVwgr6TitC4EBWzL5SsGPusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjMwMTAyMDMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTkyNTYwMjRiODE1MjM3MGZiNWY3OWZmNzgyYWRiMzk5ZjQ0MTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTX6VBGPLdWf7VkrCTJi3bIwOGQt
8srZAdUPJscdEj9x5ysgd245VqiIhDJNQYXMCYmag85HLPNtMgAzxO6pa/QcBDkC
QssGuMkDO7Sne3Bfqzh3Ho+Px10QREI4yAIcuhHW7O9ihdBt6l5powwKNnIVC841
QlQq9Fo7/Grif76j777KY9hMqo82dW4zn7FICQW6wZOQuz5j9DDnurRJu0NbzK88
+9Nbn5FYf6sOSslNWFWdvIIEg/CQ3MCq24hIaJN3PO6kLEvkpmEhapIYvrEeGu5c
Fd4StGc10J5axUnOwHq5HcF9EcKk5q2bTyeCyMXXG46Thgiqf0R8Yj2hJQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFEWSVgJLgVI3D7X3n/eCrbOZ9EEsMB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvUlpKV0FrdUJVamNQdGZlZjk0S3RzNW4wUVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwMAUcIwCgMD
BMEwAwMAwTQDAwHBNgMDAMI5AwMAwqcDAwDCxwMDAMLWAwMAwv4DAwDDUwMEBcNi
4AMDAcPcMA0EAgACMAcDBQAgAQZgMA0GCSqGSIb3DQEBCwUAA4IBAQA+dWkm/hya
TggvMlRC1MMr9BYSaq6jAT0AoQx0pkR8kvvvNhF9wUvAHbRHKYBeJROYNgF0INww
Aj92oDJHMXF0pG0tyJtH8JrNDwdHUkTbBidJpdyAxfbkzeket2F7X7khOKVmhEeV
bSr8ZgxzgL+XqZEk8ka8+QHxkv/Nc+6+/IAq3+nFF0l/ZkGsBjxy9oBtye/A1Xp3
SNgkPg9WNui6u6TJjVDW65+yQ/wgPWuvcnzbjQDfoOJDFzuKjEmrKHWLhK6BQcgL
I9PRphPPPRq5KtVX1lgntl4VIcQsgz3s59+jg1sfUCn5QZPN0WZBuCXb4y2rpKwk
V4j9sXioH5Oh
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:05:37 2025 by rpki-client