Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/Z1rUBmMqcmUqxAGlgI9I-5hBBwo.roa
File: Z1rUBmMqcmUqxAGlgI9I-5hBBwo.roa (raw, json)
Hash identifier: NcK8Tb39HFDQ5vArLZ/mCoeYtbf0CnUQV1LY+ZinRQs=
Subject key identifier: 67:5A:D4:06:63:2A:72:65:2A:C4:01:A5:80:8F:48:FB:98:41:07:0A
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 0185729EE1BBA11003EDF5E38D796072E295
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/Z1rUBmMqcmUqxAGlgI9I-5hBBwo.roa
Signing time: Mon 02 Jan 2023 13:14:53 +0000
ROA not before: Mon 02 Jan 2023 13:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15975
IP address blocks: 217.66.224.0/21 maxlen: 21
217.66.224.0/23 maxlen: 23
217.66.226.0/24 maxlen: 24
82.205.0.0/17 maxlen: 17
217.66.227.0/24 maxlen: 24
217.66.232.0/24 maxlen: 24
217.66.228.0/22 maxlen: 22
217.66.238.0/23 maxlen: 23
217.66.236.0/24 maxlen: 24
217.66.236.0/22 maxlen: 22
86.107.16.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
82.205.80.0/20 maxlen: 20
82.205.96.0/20 maxlen: 20
82.205.112.0/21 maxlen: 21
217.66.240.0/20 maxlen: 20
82.205.32.0/20 maxlen: 20
212.33.96.0/20 maxlen: 20
212.33.96.0/19 maxlen: 19
185.171.132.0/22 maxlen: 22
82.205.48.0/20 maxlen: 20
82.205.64.0/20 maxlen: 20
212.33.112.0/20 maxlen: 20
212.106.80.0/20 maxlen: 20
82.102.240.0/20 maxlen: 20
82.102.192.0/20 maxlen: 20
37.8.112.0/20 maxlen: 20
82.102.208.0/20 maxlen: 20
82.102.216.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.224.0/21 maxlen: 21
212.106.64.0/20 maxlen: 20
212.106.64.0/19 maxlen: 19
82.102.232.0/24 maxlen: 24
82.102.233.0/24 maxlen: 24
212.106.73.0/24 maxlen: 24
82.102.236.0/22 maxlen: 22
82.102.234.0/23 maxlen: 23
85.113.96.0/20 maxlen: 20
85.113.96.0/19 maxlen: 19
85.113.112.0/20 maxlen: 20
176.65.12.0/22 maxlen: 22
147.189.176.0/20 maxlen: 20
194.169.123.0/24 maxlen: 24
194.169.122.0/24 maxlen: 24
194.169.121.0/24 maxlen: 24
199.250.128.0/21 maxlen: 21
199.250.128.0/19 maxlen: 19
217.21.14.0/23 maxlen: 23
217.21.12.0/23 maxlen: 23
188.209.208.0/22 maxlen: 22
37.8.64.0/20 maxlen: 20
37.8.80.0/20 maxlen: 20
37.8.96.0/20 maxlen: 20
37.8.0.0/17 maxlen: 17
199.250.136.0/21 maxlen: 21
199.250.144.0/21 maxlen: 21
199.250.152.0/21 maxlen: 21
37.8.32.0/20 maxlen: 20
37.8.48.0/20 maxlen: 20
109.232.163.0/24 maxlen: 24
109.232.162.0/24 maxlen: 24
185.90.242.0/24 maxlen: 24
217.78.48.0/21 maxlen: 21
217.78.56.0/24 maxlen: 24
217.78.56.0/22 maxlen: 22
217.21.3.0/24 maxlen: 24
217.21.2.0/24 maxlen: 24
217.21.4.0/24 maxlen: 24
217.21.0.0/23 maxlen: 23
217.21.6.0/23 maxlen: 23
217.21.8.0/23 maxlen: 23
217.21.5.0/24 maxlen: 24
217.21.10.0/23 maxlen: 23
2a01:7f80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:e1:bb:a1:10:03:ed:f5:e3:8d:79:60:72:e2:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Jan 2 13:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=675ad406632a72652ac401a5808f48fb9841070a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:92:02:12:fb:1d:0b:15:cf:b5:2b:99:13:99:
58:a2:be:f3:71:d9:98:17:39:32:82:39:cc:49:5c:
2f:57:db:60:51:e3:97:a0:35:02:3f:04:35:38:0e:
f7:b0:d4:11:ac:62:bf:5b:29:17:18:31:a9:43:8b:
25:80:f7:46:a7:07:32:30:e9:fe:23:73:90:2c:d1:
9c:3b:53:5d:4d:2a:3e:a4:64:42:f7:9d:21:e3:59:
6d:61:d9:7a:68:bb:ec:0d:62:34:6f:75:62:1a:25:
b1:9c:1b:60:ee:6b:01:6f:5a:1a:7f:da:30:86:c1:
c8:ce:b2:65:10:1f:c1:76:06:03:ca:0e:ef:c1:ea:
8f:51:f0:f2:6c:59:77:1b:26:36:cb:93:90:72:96:
fa:f2:06:78:5a:f0:ff:80:c7:2a:60:a5:06:13:83:
bc:e0:f2:f1:5c:f5:d6:fe:b5:38:cd:df:de:a1:b7:
d4:13:87:8c:03:fa:c3:5e:ce:11:b1:70:b0:52:91:
7d:b3:33:b4:4c:03:18:64:0d:45:97:2d:f6:99:ca:
8b:c3:46:15:a0:9a:e1:4f:80:34:c4:4b:d4:13:3b:
c5:eb:1c:2c:7e:78:b9:95:03:ba:a9:65:89:61:08:
51:25:c3:cc:a1:43:0f:2e:b1:8d:f5:be:e9:93:23:
7b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5A:D4:06:63:2A:72:65:2A:C4:01:A5:80:8F:48:FB:98:41:07:0A
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/Z1rUBmMqcmUqxAGlgI9I-5hBBwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
86.107.16.0/22
87.252.108.0/22
109.232.162.0/23
147.189.176.0/20
176.65.12.0/22
185.90.242.0/24
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.121.0-194.169.123.255
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0-217.66.232.255
217.66.236.0-217.66.255.255
217.78.48.0-217.78.59.255
IPv6:
2a01:7f80::/32
Signature Algorithm: sha256WithRSAEncryption
7b:47:ba:75:af:31:81:83:be:a2:37:99:57:1f:75:b9:e4:45:
dd:5d:5d:b6:a2:54:a3:cb:15:ac:48:59:90:68:66:76:60:fc:
48:05:ac:ab:7f:c1:f9:fe:94:9f:9a:53:56:8f:2a:d9:c6:94:
3f:aa:ba:b8:32:70:99:07:e2:d4:ec:3e:65:b9:04:d6:78:34:
6e:e1:a0:54:45:13:32:64:a6:86:de:87:2e:5f:4b:ee:4e:ca:
91:ae:2e:56:13:61:66:d1:b0:0c:af:3c:80:32:d1:4a:19:cb:
71:16:b7:8d:56:f2:03:95:9a:8d:b6:93:a2:df:1b:08:6a:34:
9d:18:6d:e9:bd:6a:64:1e:65:85:77:20:ba:6d:f6:ea:bd:32:
7d:f9:8d:af:1f:98:4d:db:5e:81:6d:7f:58:06:98:13:27:68:
a0:a0:43:51:12:6e:8d:fc:aa:b4:00:ee:f8:35:6f:fb:84:62:
f5:dd:a2:5d:2b:87:59:10:d7:32:a6:cb:dc:bb:e8:a4:e8:82:
86:21:58:4c:04:85:a3:67:b8:0c:1b:90:01:2f:22:0d:ae:b5:
d6:8f:b2:0c:91:a6:b8:8b:90:88:9d:fe:4d:91:b0:e7:73:60:
00:df:60:cd:b9:dc:c8:a8:8f:98:2e:fd:c0:af:7f:bc:ec:59:
52:5e:09:23
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYVynuG7oRAD7fXjjXlgcuKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjM2E2MzNlZjJjMDgyNTFhNTg2MDM1NjJlNTZhYTZlZmE5
M2VjMjUwHhcNMjMwMTAyMTMxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzVhZDQwNjYzMmE3MjY1MmFjNDAxYTU4MDhmNDhmYjk4NDEwNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJICEvsdCxXPtSuZE5lYor7zcdmY
FzkygjnMSVwvV9tgUeOXoDUCPwQ1OA73sNQRrGK/WykXGDGpQ4slgPdGpwcyMOn+
I3OQLNGcO1NdTSo+pGRC950h41ltYdl6aLvsDWI0b3ViGiWxnBtg7msBb1oaf9ow
hsHIzrJlEB/BdgYDyg7vweqPUfDybFl3GyY2y5OQcpb68gZ4WvD/gMcqYKUGE4O8
4PLxXPXW/rU4zd/eobfUE4eMA/rDXs4RsXCwUpF9szO0TAMYZA1Fly32mcqLw0YV
oJrhT4A0xEvUEzvF6xwsfni5lQO6qWWJYQhRJcPMoUMPLrGN9b7pkyN7oQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFGda1AZjKnJlKsQBpYCPSPuYQQcKMB8GA1UdIwQY
MBaAFOw6Yz7ywIJRpYYDVi5Wqm76k+wlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUt
ZjdjMmMyYTkxYmMyLzEvWjFyVUJtTXFjbVVxeEFHbGdJOUktNWhCQndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUtZjdjMmMyYTkxYmMy
LzEvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBpAQCAAEwgZ0DBAcl
CAADBAZSZsADBAdSzQADBAVVcWADBAJWaxADBAJX/GwDBAFt6KIDBASTvbADBAKw
QQwDBAC5WvIDBAK5q4QDBAK80dADBAK812QwDAMEAMKpeQMEAsKpeAMEBcf6gAME
BdQhYAMEBdRqQAMEBNkVADAMAwQF2ULgAwQA2ULoMAsDBALZQuwDAwDZQjAMAwQE
2U4wAwQC2U44MA0EAgACMAcDBQAqAX+AMA0GCSqGSIb3DQEBCwUAA4IBAQB7R7p1
rzGBg76iN5lXH3W55EXdXV22olSjyxWsSFmQaGZ2YPxIBayrf8H5/pSfmlNWjyrZ
xpQ/qrq4MnCZB+LU7D5luQTWeDRu4aBURRMyZKaG3ocuX0vuTsqRri5WE2Fm0bAM
rzyAMtFKGctxFreNVvIDlZqNtpOi3xsIajSdGG3pvWpkHmWFdyC6bfbqvTJ9+Y2v
H5hN216BbX9YBpgTJ2igoENREm6N/Kq0AO74NW/7hGL13aJdK4dZENcypsvcu+ik
6IKGIVhMBIWjZ7gMG5ABLyINrrXWj7IMkaa4i5CInf5NkbDnc2AA32DNudzIqI+Y
Lv3Ar3+87FlSXgkj
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:11:27 2025 by rpki-client