Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ZzumqGzF6GFltYNcGTrxOn-OqKA.roa
File: ZzumqGzF6GFltYNcGTrxOn-OqKA.roa (raw, json)
Hash identifier: mEeizhwoazWWrjvZzTR1tRKXSRKlh+l1Lzh9NoFM9LI=
Subject key identifier: 67:3B:A6:A8:6C:C5:E8:61:65:B5:83:5C:19:3A:F1:3A:7F:8E:A8:A0
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 02D72162
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ZzumqGzF6GFltYNcGTrxOn-OqKA.roa
Signing time: Wed 09 Feb 2022 15:49:56 +0000
ROA not before: Wed 09 Feb 2022 15:49:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.134.40.0/22 maxlen: 24
212.63.118.0/24 maxlen: 24
212.63.117.0/24 maxlen: 24
212.63.116.0/24 maxlen: 24
212.63.121.0/24 maxlen: 24
212.63.123.0/24 maxlen: 24
212.63.122.0/24 maxlen: 24
185.94.48.0/22 maxlen: 24
85.217.132.0/24 maxlen: 24
85.217.129.0/24 maxlen: 24
85.217.139.0/24 maxlen: 24
85.217.138.0/24 maxlen: 24
85.217.137.0/24 maxlen: 24
85.217.136.0/24 maxlen: 24
85.217.135.0/24 maxlen: 24
85.217.134.0/24 maxlen: 24
85.217.133.0/24 maxlen: 24
85.217.141.0/24 maxlen: 24
85.217.143.0/24 maxlen: 24
85.217.152.0/24 maxlen: 24
85.217.151.0/24 maxlen: 24
85.217.150.0/24 maxlen: 24
85.217.147.0/24 maxlen: 24
85.217.146.0/24 maxlen: 24
85.217.155.0/24 maxlen: 24
85.217.154.0/24 maxlen: 24
85.217.153.0/24 maxlen: 24
85.217.159.0/24 maxlen: 24
85.217.158.0/24 maxlen: 24
85.217.157.0/24 maxlen: 24
85.217.156.0/24 maxlen: 24
185.130.24.0/23 maxlen: 24
185.130.26.0/23 maxlen: 24
185.44.233.0/24 maxlen: 24
185.44.234.0/23 maxlen: 24
185.162.172.0/23 maxlen: 24
185.162.175.0/24 maxlen: 24
185.162.174.0/24 maxlen: 24
195.82.105.0/24 maxlen: 24
195.82.104.0/24 maxlen: 24
195.82.106.0/24 maxlen: 24
195.82.124.0/24 maxlen: 24
185.196.203.0/24 maxlen: 24
185.196.202.0/24 maxlen: 24
185.196.200.0/23 maxlen: 24
88.98.98.0/24 maxlen: 24
88.98.96.0/20 maxlen: 24
88.98.96.0/23 maxlen: 23
88.98.104.0/23 maxlen: 24
88.98.100.0/22 maxlen: 24
88.98.99.0/24 maxlen: 24
88.98.110.0/24 maxlen: 24
88.98.108.0/22 maxlen: 24
88.98.106.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47653218 (0x2d72162)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Feb 9 15:49:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=673ba6a86cc5e86165b5835c193af13a7f8ea8a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:13:c7:72:24:62:8e:f7:eb:b1:03:9e:9d:f4:
25:f4:5e:b3:32:f2:f3:e8:0a:de:78:df:f0:8a:72:
31:78:fa:4c:cd:33:fb:75:5e:1c:eb:e0:fe:41:fc:
b1:22:40:ae:77:13:c8:04:8e:79:31:68:4c:95:db:
68:c6:26:0f:18:27:45:b0:6b:61:89:22:49:84:90:
1e:46:d1:e0:4c:4a:24:83:e8:18:b3:93:be:23:e1:
67:06:39:9c:48:48:c4:ea:a3:c3:bd:a6:ed:db:4a:
28:9a:60:bb:fe:f1:c1:11:c1:61:65:eb:33:d8:ea:
fc:f9:0a:6f:27:04:5e:37:5a:ed:e0:0c:90:55:c3:
8d:03:d8:10:a6:16:c7:7e:4d:2b:a9:59:9c:90:09:
47:3d:f8:5d:74:44:1d:f3:f3:27:c1:f9:0e:46:be:
85:59:d4:f0:2c:d2:18:9e:30:07:3a:3b:19:41:b8:
b2:9d:54:de:51:25:d5:13:fb:aa:4d:73:38:a1:15:
63:63:3a:d3:31:80:3b:f2:1a:19:11:3f:08:f3:57:
55:6c:f2:89:c1:7a:e9:1a:3a:c0:01:eb:f9:44:e8:
0a:87:13:ba:e4:9f:30:6d:58:eb:a2:fa:56:da:a6:
61:4b:3f:79:f7:50:ae:ca:01:b5:d8:46:46:40:62:
eb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:3B:A6:A8:6C:C5:E8:61:65:B5:83:5C:19:3A:F1:3A:7F:8E:A8:A0
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ZzumqGzF6GFltYNcGTrxOn-OqKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.129.0/24
85.217.132.0-85.217.139.255
85.217.141.0/24
85.217.143.0/24
85.217.146.0/23
85.217.150.0-85.217.159.255
88.98.96.0/20
185.44.233.0-185.44.235.255
185.94.48.0/22
185.130.24.0/22
185.134.40.0/22
185.162.172.0/22
185.196.200.0/22
195.82.104.0-195.82.106.255
195.82.124.0/24
212.63.116.0-212.63.118.255
212.63.121.0-212.63.123.255
Signature Algorithm: sha256WithRSAEncryption
44:c8:f6:03:92:83:eb:26:61:6a:e2:c4:32:72:d1:6a:81:ca:
9c:6f:c1:89:3e:bb:9b:34:6d:79:f4:3f:00:d5:1b:05:b2:8e:
45:f8:25:d1:70:cd:a6:93:a3:d4:41:42:ba:f6:d0:69:8e:d2:
6a:5f:7c:44:c8:3e:ad:13:64:60:5c:6c:b0:3c:a9:9a:d0:e2:
89:4c:ba:b3:02:57:a1:1a:23:d3:44:b7:a7:b6:21:4a:0c:07:
9e:24:79:21:79:ac:7e:bd:cb:08:c3:2b:44:43:6b:ff:c6:33:
3a:a6:ea:fd:e4:1b:4f:68:c4:c5:27:d5:95:04:85:30:6d:55:
36:e9:3e:72:8d:ba:6e:d4:08:05:5c:ab:21:40:8a:b2:3e:17:
0a:fd:88:ca:31:93:ec:17:4b:13:11:e3:b9:ef:c8:ab:e1:15:
90:ca:64:bf:65:0f:77:ff:04:c0:2d:9f:f7:7d:56:cf:6e:8e:
62:07:ff:34:7f:6d:f7:35:32:18:35:cc:50:d0:0c:a1:b9:48:
a0:9a:51:6a:bb:cf:d8:5e:64:75:4b:4b:34:c0:e5:04:f8:62:
22:b2:73:cf:cd:3b:9a:66:df:8c:4e:be:ef:05:e7:1b:03:73:
3b:a7:0c:7d:10:c5:cd:72:a5:57:32:8a:b0:60:92:70:68:d7:
05:1e:bf:a6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIEAtchYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDc1ZmIwOTM0Y2Y2YTU4ZGNjZWYxMTA4NzVkYmU1ZTNlOGI2Yjc1MB4XDTIyMDIw
OTE1NDk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjczYmE2YTg2Y2M1
ZTg2MTY1YjU4MzVjMTkzYWYxM2E3ZjhlYThhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPsTx3IkYo7367EDnp30JfReszLy8+gK3njf8IpyMXj6TM0z
+3VeHOvg/kH8sSJArncTyASOeTFoTJXbaMYmDxgnRbBrYYkiSYSQHkbR4ExKJIPo
GLOTviPhZwY5nEhIxOqjw72m7dtKKJpgu/7xwRHBYWXrM9jq/PkKbycEXjda7eAM
kFXDjQPYEKYWx35NK6lZnJAJRz34XXREHfPzJ8H5Dka+hVnU8CzSGJ4wBzo7GUG4
sp1U3lEl1RP7qk1zOKEVY2M60zGAO/IaGRE/CPNXVWzyicF66Ro6wAHr+UToCocT
uuSfMG1Y66L6VtqmYUs/efdQrsoBtdhGRkBi6yUCAwEAAaOCAp4wggKaMB0GA1Ud
DgQWBBRnO6aobMXoYWW1g1wZOvE6f46ooDAfBgNVHSMEGDAWgBTUdfsJNM9qWNzO
8RCHXb5ePotrdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFIWDdDVFRQYWxqY3p2RVFoMTItWGo2TGEzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYmZmNGFhLTRmMDctNDEyOS04YWQ2LWM3OTE0YWI2NDI3My8x
L1p6dW1xR3pGNkdGbHRZTmNHVHJ4T24tT3FLQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YmZmNGFhLTRmMDctNDEyOS04YWQ2LWM3OTE0YWI2NDI3My8xLzFIWDdDVFRQYWxq
Y3p2RVFoMTItWGo2TGEzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
swYIKwYBBQUHAQcBAf8EgaMwgaAwgZ0EAgABMIGWAwQAVdmBMAwDBAJV2YQDBAJV
2YgDBABV2Y0DBABV2Y8DBAFV2ZIwDAMEAVXZlgMEBVXZgAMEBFhiYDAMAwQAuSzp
AwQCuSzoAwQCuV4wAwQCuYIYAwQCuYYoAwQCuaKsAwQCucTIMAwDBAPDUmgDBADD
UmoDBADDUnwwDAMEAtQ/dAMEANQ/djAMAwQA1D95AwQC1D94MA0GCSqGSIb3DQEB
CwUAA4IBAQBEyPYDkoPrJmFq4sQyctFqgcqcb8GJPrubNG159D8A1RsFso5F+CXR
cM2mk6PUQUK69tBpjtJqX3xEyD6tE2RgXGywPKma0OKJTLqzAlehGiPTRLentiFK
DAeeJHkheax+vcsIwytEQ2v/xjM6pur95BtPaMTFJ9WVBIUwbVU26T5yjbpu1AgF
XKshQIqyPhcK/YjKMZPsF0sTEeO578ir4RWQymS/ZQ93/wTALZ/3fVbPbo5iB/80
f233NTIYNcxQ0AyhuUigmlFqu8/YXmR1S0s0wOUE+GIisnPPzTuaZt+MTr7vBecb
A3M7pwx9EMXNcqVXMoqwYJJwaNcFHr+m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org