Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZpYDJZkeguqtwJEe2D7tNRT78hQ.roa
File: ZpYDJZkeguqtwJEe2D7tNRT78hQ.roa (raw, json)
Hash identifier: o9JA9xknLWj1XRJsl7hre8873guPVyoMeBD0GIwgXcM=
Subject key identifier: 66:96:03:25:99:1E:82:EA:AD:C0:91:1E:D8:3E:ED:35:14:FB:F2:14
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 06CE0D35
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZpYDJZkeguqtwJEe2D7tNRT78hQ.roa
Signing time: Thu 10 Feb 2022 12:40:25 +0000
ROA not before: Thu 10 Feb 2022 12:40:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.223.76.0/22 maxlen: 24
185.225.0.0/22 maxlen: 22
185.121.12.0/22 maxlen: 24
185.206.248.0/22 maxlen: 24
185.226.104.0/22 maxlen: 24
185.234.20.0/22 maxlen: 24
185.194.28.0/22 maxlen: 22
185.223.152.0/22 maxlen: 22
185.223.153.0/24 maxlen: 24
185.240.120.0/22 maxlen: 24
45.8.20.0/22 maxlen: 24
185.246.112.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114167093 (0x6ce0d35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 10 12:40:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66960325991e82eaadc0911ed83eed3514fbf214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5c:6a:c1:24:ac:1d:2e:2b:42:da:fb:de:8e:
5d:63:69:a1:20:60:45:cb:32:19:e2:d7:8a:87:74:
a8:91:aa:0e:9c:54:ea:bb:ca:75:bd:e2:9e:55:98:
f1:bc:8e:94:30:4e:76:c7:e0:6f:2c:f9:e2:58:02:
b2:8c:fa:52:d9:c1:c6:18:74:27:da:34:d7:3b:d5:
73:25:80:db:c4:93:c7:dd:d3:d7:55:b1:5e:70:09:
8b:8e:75:34:0c:42:6a:74:66:94:60:bc:3b:53:0f:
cf:40:46:19:9d:60:4d:aa:77:ae:43:2e:74:d7:b5:
43:02:a8:0f:14:70:c5:e1:9a:21:9b:e5:f4:44:e1:
db:8b:eb:92:ca:96:1b:97:4c:02:6f:61:e8:ac:f8:
61:df:ef:99:67:92:7d:46:f2:89:e3:51:3d:6d:27:
b9:7d:09:eb:ff:06:45:00:49:34:a2:9e:1e:29:e3:
47:44:cb:40:21:30:0a:53:d9:23:33:44:3e:d5:e6:
67:36:90:a7:61:98:5f:31:4d:83:38:41:5b:41:09:
a2:fd:a8:71:3f:48:12:6a:49:d9:ec:36:c4:0f:15:
1b:1b:ef:4b:19:4e:6a:6c:5e:7a:66:18:8b:a7:57:
e8:fa:cc:67:55:85:00:31:51:24:ef:76:a1:96:bb:
64:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:96:03:25:99:1E:82:EA:AD:C0:91:1E:D8:3E:ED:35:14:FB:F2:14
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZpYDJZkeguqtwJEe2D7tNRT78hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.194.28.0/22
185.206.248.0/22
185.223.76.0/22
185.223.152.0/22
185.225.0.0/22
185.226.104.0/22
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/22
185.246.112.0/22
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
57:d0:b7:ad:4f:11:e6:b3:c8:ec:ea:b6:74:3a:ac:58:3d:62:
8b:af:07:d8:eb:7e:4c:a9:34:e5:6f:87:b9:75:27:dd:48:27:
50:cd:a0:a2:27:9d:30:f9:73:8c:a6:d7:d7:a7:a6:d8:c2:0c:
86:15:91:a8:d9:3a:c1:7a:df:18:d6:ec:0b:30:40:f4:4c:12:
14:c1:91:9b:63:b1:a3:38:13:4d:b4:9f:5c:d3:3f:84:ce:7f:
b4:89:ab:50:aa:d3:ec:ff:77:34:ed:42:d4:bd:e2:12:61:db:
52:8b:41:e5:7d:b8:a7:3c:b6:36:c2:a1:a0:09:32:b8:b7:e6:
08:ed:72:18:04:17:ea:1b:49:08:d0:34:4d:96:c7:ff:67:54:
4f:b2:cf:a5:c2:ba:f8:ec:9e:43:83:81:bc:ec:af:82:fd:b4:
1f:f8:95:be:51:e0:7d:a5:d8:c6:7f:bc:da:b7:e2:1e:bb:ec:
98:15:5e:4a:81:76:ce:04:01:ef:09:a7:b0:ea:61:c3:e2:7a:
6e:1b:0a:ed:db:57:e0:87:76:1d:07:6a:d1:be:14:64:ff:e7:
90:07:bf:13:3f:fb:06:31:55:bf:e8:f2:86:da:84:5f:36:04:
ca:5f:46:bd:af:b1:8f:8a:3a:03:01:c6:ac:e5:a8:db:01:32:
d9:04:64:b0
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIEBs4NNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDIx
MDEyNDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY5NjAzMjU5OTFl
ODJlYWFkYzA5MTFlZDgzZWVkMzUxNGZiZjIxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpcasEkrB0uK0La+96OXWNpoSBgRcsyGeLXiod0qJGqDpxU
6rvKdb3inlWY8byOlDBOdsfgbyz54lgCsoz6UtnBxhh0J9o01zvVcyWA28STx93T
11WxXnAJi451NAxCanRmlGC8O1MPz0BGGZ1gTap3rkMudNe1QwKoDxRwxeGaIZvl
9ETh24vrksqWG5dMAm9h6Kz4Yd/vmWeSfUbyieNRPW0nuX0J6/8GRQBJNKKeHinj
R0TLQCEwClPZIzNEPtXmZzaQp2GYXzFNgzhBW0EJov2ocT9IEmpJ2ew2xA8VGxvv
SxlOamxeemYYi6dX6PrMZ1WFADFRJO92oZa7ZKcCAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBRmlgMlmR6C6q3AkR7YPu01FPvyFDAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
L1pwWURKWmtlZ3VxdHdKRWUyRDd0TlJUNzhoUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVAMEAi0IFAMEArl5DAMEArnCHAMEArnO
+AMEArnfTAMEArnfmAMEArnhAAMEArniaAMEAbnmNAMEArnqFAMEArnu5AMEArnw
eAMEArn2cAMEALn/fDANBgkqhkiG9w0BAQsFAAOCAQEAV9C3rU8R5rPI7Oq2dDqs
WD1ii68H2Ot+TKk05W+HuXUn3UgnUM2goiedMPlzjKbX16em2MIMhhWRqNk6wXrf
GNbsCzBA9EwSFMGRm2OxozgTTbSfXNM/hM5/tImrUKrT7P93NO1C1L3iEmHbUotB
5X24pzy2NsKhoAkyuLfmCO1yGAQX6htJCNA0TZbH/2dUT7LPpcK6+OyeQ4OBvOyv
gv20H/iVvlHgfaXYxn+82rfiHrvsmBVeSoF2zgQB7wmnsOphw+J6bhsK7dtX4Id2
HQdq0b4UZP/nkAe/Ez/7BjFVv+jyhtqEXzYEyl9Gva+xj4o6AwHGrOWo2wEy2QRk
sA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org