Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/ZKyZPzmTWgpoWqJFwxPWFRYGDf4.roa
File: ZKyZPzmTWgpoWqJFwxPWFRYGDf4.roa (raw, json)
Hash identifier: 9XN0Xy+7Sf6vaOhohCjWVdVSOvsRDEVi2lf7tzrTiB4=
Subject key identifier: 64:AC:99:3F:39:93:5A:0A:68:5A:A2:45:C3:13:D6:15:16:06:0D:FE
Certificate issuer: /CN=728c2bfd6bb503a01d018602bda152d734ed56f0
Certificate serial: 01856F4B62EB1CAB0AE9E0C536C6009CDE30
Authority key identifier: 72:8C:2B:FD:6B:B5:03:A0:1D:01:86:02:BD:A1:52:D7:34:ED:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/ZKyZPzmTWgpoWqJFwxPWFRYGDf4.roa
Signing time: Sun 01 Jan 2023 21:44:49 +0000
ROA not before: Sun 01 Jan 2023 21:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206521
IP address blocks: 185.183.200.0/24 maxlen: 24
185.183.203.0/24 maxlen: 24
185.183.201.0/24 maxlen: 24
185.183.202.0/24 maxlen: 24
2a0b:1b87::/32 maxlen: 32
2a0b:1b82::/32 maxlen: 32
2a0b:1b81::/32 maxlen: 32
2a0b:1b85::/32 maxlen: 32
2a0b:1b86::/32 maxlen: 32
2a0b:1b84::/32 maxlen: 32
2a0b:1b80::/32 maxlen: 32
2a0b:1b83::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:62:eb:1c:ab:0a:e9:e0:c5:36:c6:00:9c:de:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=728c2bfd6bb503a01d018602bda152d734ed56f0
Validity
Not Before: Jan 1 21:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64ac993f39935a0a685aa245c313d61516060dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:fc:69:90:41:73:17:9a:2b:bf:2a:1f:d1:fd:
e9:0d:04:ab:8d:da:7d:31:95:e4:a9:44:c7:1a:20:
4b:34:85:f2:a3:94:86:8c:3f:0f:df:b3:0c:54:06:
fc:37:10:fd:31:1d:d7:db:99:07:8c:32:60:69:99:
3e:81:4e:06:25:2a:15:fb:ab:25:8e:95:7d:f7:f2:
a9:53:76:d0:2a:04:9a:df:64:94:da:4c:a9:e7:55:
2f:8d:cb:68:48:a7:f4:bc:41:60:0f:32:73:0a:4c:
9a:af:2c:5d:29:44:f9:28:14:b3:7c:45:f6:fb:16:
b0:a4:7a:62:43:e3:74:ce:1c:f7:ea:27:c6:4a:40:
05:23:6a:a4:51:5b:c9:de:bb:94:7a:dd:3d:24:f6:
15:d5:54:a8:4c:56:7c:a7:4b:21:a5:23:fd:2c:68:
3b:5c:f6:1c:05:4c:9c:7c:28:c1:e7:a8:f8:0c:24:
b6:75:13:39:6b:fb:c6:d7:52:27:0a:f0:23:02:51:
0d:05:b5:03:13:90:1b:4b:74:3f:ce:46:0c:77:81:
fd:a7:e8:8a:3d:78:5c:77:0a:a8:ff:25:16:00:75:
e2:07:75:0c:e5:85:3e:e2:e3:6c:fe:1d:08:c6:d3:
b6:14:25:5a:23:ae:47:bc:1c:bf:6a:b0:f4:73:45:
18:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AC:99:3F:39:93:5A:0A:68:5A:A2:45:C3:13:D6:15:16:06:0D:FE
X509v3 Authority Key Identifier:
keyid:72:8C:2B:FD:6B:B5:03:A0:1D:01:86:02:BD:A1:52:D7:34:ED:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/ZKyZPzmTWgpoWqJFwxPWFRYGDf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/cowr_Wu1A6AdAYYCvaFS1zTtVvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.200.0/22
IPv6:
2a0b:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
dc:44:e1:2d:e1:ce:0d:64:22:5e:b0:36:e3:b3:45:4c:b0:50:
63:47:d2:df:b8:80:91:43:b9:08:e1:14:9f:4e:84:be:99:eb:
4f:54:0b:f5:37:ab:78:8c:0d:3e:4a:d8:11:a0:0f:49:5b:ac:
67:24:e0:7c:3c:d8:48:fe:cf:ef:bc:56:ce:7c:f8:88:5e:3c:
36:f1:ce:5e:b1:0a:ff:d9:48:88:44:a0:2f:42:a1:5d:ca:20:
53:32:16:cc:d8:84:7b:ce:0b:fd:96:0f:ea:a3:95:54:9d:d4:
a0:57:98:b9:5e:5a:ea:cf:b5:b6:1f:39:de:4d:00:49:4a:f9:
f4:bc:ff:43:66:be:a8:0d:e1:34:70:6f:56:12:6c:31:2d:c0:
30:d3:25:5c:dc:84:e8:8b:50:0f:3e:a2:a3:a8:9b:6e:9b:e8:
9d:c8:4f:11:4d:9c:5e:7a:59:15:ef:52:3e:3d:02:30:31:9c:
b8:6e:86:3e:21:78:31:22:c5:c5:bb:7d:31:c1:43:94:e0:cf:
70:f5:39:50:50:1e:6d:cc:f5:bb:7e:c9:6e:6d:69:73:28:2a:
be:5d:fc:28:8b:b9:8a:de:f2:ca:59:bc:70:d9:6b:c4:fa:02:
44:ef:45:5b:f8:c0:73:42:64:10:f3:79:41:04:6e:e7:83:b8:
95:ac:02:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvS2LrHKsK6eDFNsYAnN4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOGMyYmZkNmJiNTAzYTAxZDAxODYwMmJkYTE1MmQ3MzRl
ZDU2ZjAwHhcNMjMwMTAxMjE0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGFjOTkzZjM5OTM1YTBhNjg1YWEyNDVjMzEzZDYxNTE2MDYwZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPxpkEFzF5orvyof0f3pDQSrjdp9
MZXkqUTHGiBLNIXyo5SGjD8P37MMVAb8NxD9MR3X25kHjDJgaZk+gU4GJSoV+6sl
jpV99/KpU3bQKgSa32SU2kyp51UvjctoSKf0vEFgDzJzCkyaryxdKUT5KBSzfEX2
+xawpHpiQ+N0zhz36ifGSkAFI2qkUVvJ3ruUet09JPYV1VSoTFZ8p0shpSP9LGg7
XPYcBUycfCjB56j4DCS2dRM5a/vG11InCvAjAlENBbUDE5AbS3Q/zkYMd4H9p+iK
PXhcdwqo/yUWAHXiB3UM5YU+4uNs/h0IxtO2FCVaI65HvBy/arD0c0UYGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGSsmT85k1oKaFqiRcMT1hUWBg3+MB8GA1UdIwQY
MBaAFHKMK/1rtQOgHQGGAr2hUtc07VbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY293cl9XdTFBNkFkQVlZQ3ZhRlMxelR0VnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS82N2Y0MmUtNzA2Mi00MTEyLWFkNDIt
OTM0OWYxMGEyNjQ5LzEvWkt5WlB6bVRXZ3BvV3FKRnd4UFdGUllHRGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS82N2Y0MmUtNzA2Mi00MTEyLWFkNDItOTM0OWYxMGEyNjQ5
LzEvY293cl9XdTFBNkFkQVlZQ3ZhRlMxelR0VnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubfIMA0E
AgACMAcDBQMqCxuAMA0GCSqGSIb3DQEBCwUAA4IBAQDcROEt4c4NZCJesDbjs0VM
sFBjR9LfuICRQ7kI4RSfToS+metPVAv1N6t4jA0+StgRoA9JW6xnJOB8PNhI/s/v
vFbOfPiIXjw28c5esQr/2UiIRKAvQqFdyiBTMhbM2IR7zgv9lg/qo5VUndSgV5i5
Xlrqz7W2HzneTQBJSvn0vP9DZr6oDeE0cG9WEmwxLcAw0yVc3IToi1APPqKjqJtu
m+idyE8RTZxeelkV71I+PQIwMZy4boY+IXgxIsXFu30xwUOU4M9w9TlQUB5tzPW7
fslubWlzKCq+Xfwoi7mK3vLKWbxw2WvE+gJE70Vb+MBzQmQQ83lBBG7ng7iVrAJb
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:42:16 2025 by rpki-client