Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/ZykjxlpuuxQpWlNYvFtBfCgQCts.roa
File: ZykjxlpuuxQpWlNYvFtBfCgQCts.roa (raw, json)
Hash identifier: tLKlpMJ4/tTTwMy0aQ7aacLREaEVZFrwSJ2C4qwu61M=
Subject key identifier: 67:29:23:C6:5A:6E:BB:14:29:5A:53:58:BC:5B:41:7C:28:10:0A:DB
Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Certificate serial: 01856FF05F10CDA2C056F371061335BC9BA7
Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/ZykjxlpuuxQpWlNYvFtBfCgQCts.roa
Signing time: Mon 02 Jan 2023 00:45:01 +0000
ROA not before: Mon 02 Jan 2023 00:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2116
IP address blocks: 85.252.0.0/16 maxlen: 16
194.29.200.0/22 maxlen: 22
37.191.128.0/17 maxlen: 17
213.160.224.0/20 maxlen: 20
213.160.240.0/21 maxlen: 21
31.185.24.0/21 maxlen: 21
81.175.0.0/20 maxlen: 20
178.74.0.0/18 maxlen: 18
81.175.24.0/21 maxlen: 22
81.175.20.0/22 maxlen: 22
213.151.128.0/19 maxlen: 19
81.175.32.0/19 maxlen: 19
217.77.32.0/20 maxlen: 20
195.204.0.0/16 maxlen: 16
85.221.0.0/17 maxlen: 17
217.8.128.0/19 maxlen: 19
77.234.48.0/21 maxlen: 21
86.62.128.0/18 maxlen: 18
62.63.0.0/18 maxlen: 18
89.191.0.0/19 maxlen: 19
81.191.0.0/16 maxlen: 16
193.90.0.0/16 maxlen: 16
80.241.80.0/20 maxlen: 20
194.19.0.0/17 maxlen: 17
212.62.224.0/19 maxlen: 19
85.196.64.0/18 maxlen: 18
193.75.0.0/17 maxlen: 17
195.139.0.0/16 maxlen: 16
213.172.192.0/19 maxlen: 19
78.24.144.0/21 maxlen: 21
109.199.192.0/19 maxlen: 19
195.1.0.0/16 maxlen: 16
213.52.0.0/17 maxlen: 17
185.129.156.0/22 maxlen: 22
185.35.80.0/22 maxlen: 22
193.69.0.0/16 maxlen: 16
195.18.128.0/17 maxlen: 17
185.8.16.0/22 maxlen: 22
85.112.128.0/19 maxlen: 19
82.196.192.0/19 maxlen: 19
217.118.32.0/19 maxlen: 19
79.135.0.0/19 maxlen: 19
91.135.32.0/20 maxlen: 20
217.144.224.0/19 maxlen: 19
77.40.128.0/17 maxlen: 17
185.67.116.0/22 maxlen: 24
213.239.64.0/18 maxlen: 18
87.118.0.0/18 maxlen: 18
84.20.96.0/19 maxlen: 19
77.88.64.0/18 maxlen: 18
195.159.0.0/16 maxlen: 16
62.101.192.0/18 maxlen: 18
80.64.192.0/20 maxlen: 20
88.84.160.0/19 maxlen: 19
194.54.96.0/19 maxlen: 19
81.0.128.0/18 maxlen: 18
212.71.64.0/19 maxlen: 19
195.0.128.0/17 maxlen: 17
217.14.0.0/20 maxlen: 20
193.91.128.0/17 maxlen: 17
213.158.224.0/19 maxlen: 19
2a00:c440::/29 maxlen: 29
2001:840::/29 maxlen: 29
2a03:c000::/29 maxlen: 29
2a01:520::/29 maxlen: 29
2a02:270::/29 maxlen: 29
2001:4dd8::/29 maxlen: 29
2001:8c0::/29 maxlen: 29
2a04:6340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:5f:10:cd:a2:c0:56:f3:71:06:13:35:bc:9b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Validity
Not Before: Jan 2 00:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=672923c65a6ebb14295a5358bc5b417c28100adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:83:4e:fd:76:27:1b:8d:e5:f4:97:23:56:5c:
60:de:1b:77:5b:77:de:c9:a5:30:d5:94:16:c2:e7:
19:88:8d:88:57:cc:2c:a7:e6:19:4b:9d:60:e1:f0:
13:9c:8a:a2:98:1c:9d:28:22:16:12:c8:ac:77:5c:
5d:65:fc:50:42:a9:35:43:8a:a8:bc:ec:34:5b:7a:
5c:09:2e:0e:da:9b:05:1b:cd:b3:10:d5:c2:60:bc:
82:e3:69:7c:fd:dd:29:b5:d9:ca:b0:58:94:ad:cc:
a2:c2:cd:bb:58:27:b8:d0:0b:50:c9:c4:78:4d:dd:
8a:4f:00:08:0a:29:b8:a3:bb:f1:09:3f:57:16:ff:
28:ec:39:1a:4b:e2:87:b6:2a:df:96:a2:42:5f:6c:
49:40:e5:1f:68:06:5a:4d:f5:df:11:40:ba:3e:67:
b2:4e:bf:08:0f:82:f8:2e:58:49:76:44:34:61:1d:
18:72:56:8b:6b:fa:6a:e0:ab:db:aa:c9:6a:cb:54:
07:14:01:b0:89:a9:68:a8:d3:18:62:e5:2c:10:3b:
8b:7c:b1:76:ee:de:93:c2:0f:36:cf:04:11:88:dd:
90:c8:e1:07:18:cf:91:e6:ca:42:99:d8:9d:ed:66:
d6:40:4f:e2:fc:67:11:6c:74:67:a4:9d:c7:b3:1d:
fd:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:29:23:C6:5A:6E:BB:14:29:5A:53:58:BC:5B:41:7C:28:10:0A:DB
X509v3 Authority Key Identifier:
keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/ZykjxlpuuxQpWlNYvFtBfCgQCts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.24.0/21
37.191.128.0/17
62.63.0.0/18
62.101.192.0/18
77.40.128.0/17
77.88.64.0/18
77.234.48.0/21
78.24.144.0/21
79.135.0.0/19
80.64.192.0/20
80.241.80.0/20
81.0.128.0/18
81.175.0.0/20
81.175.20.0-81.175.63.255
81.191.0.0/16
82.196.192.0/19
84.20.96.0/19
85.112.128.0/19
85.196.64.0/18
85.221.0.0/17
85.252.0.0/16
86.62.128.0/18
87.118.0.0/18
88.84.160.0/19
89.191.0.0/19
91.135.32.0/20
109.199.192.0/19
178.74.0.0/18
185.8.16.0/22
185.35.80.0/22
185.67.116.0/22
185.129.156.0/22
193.69.0.0/16
193.75.0.0/17
193.90.0.0/16
193.91.128.0/17
194.19.0.0/17
194.29.200.0/22
194.54.96.0/19
195.0.128.0-195.1.255.255
195.18.128.0/17
195.139.0.0/16
195.159.0.0/16
195.204.0.0/16
212.62.224.0/19
212.71.64.0/19
213.52.0.0/17
213.151.128.0/19
213.158.224.0/19
213.160.224.0-213.160.247.255
213.172.192.0/19
213.239.64.0/18
217.8.128.0/19
217.14.0.0/20
217.77.32.0/20
217.118.32.0/19
217.144.224.0/19
IPv6:
2001:840::/29
2001:8c0::/29
2001:4dd8::/29
2a00:c440::/29
2a01:520::/29
2a02:270::/29
2a03:c000::/29
2a04:6340::/29
Signature Algorithm: sha256WithRSAEncryption
76:63:ef:b5:57:16:d7:cf:e7:b3:4c:78:47:98:bf:de:ea:18:
06:9c:bd:4c:61:7f:32:e2:29:21:33:e8:61:38:1f:25:ed:45:
ff:f2:e9:f5:86:58:05:40:e4:1a:21:bb:8a:93:9b:8b:ea:f0:
69:34:8d:7b:53:d9:3c:5e:49:5d:27:d2:3b:9f:40:97:d9:d1:
65:4d:ae:14:10:81:4d:2f:fd:25:58:70:91:46:a1:72:b6:35:
d6:b2:c4:cf:ae:fc:56:9b:ed:09:6f:8f:e2:4a:34:76:e3:bb:
6d:f8:e3:0c:87:92:d5:82:c4:41:da:2b:56:e1:c8:d4:45:73:
4c:50:54:bc:e5:ee:f8:9d:7e:ac:bf:dd:ac:02:c2:4c:e5:03:
d7:3d:2a:c7:45:8f:44:11:1c:3d:cb:d3:8f:4c:cb:a0:7d:d5:
e3:77:8a:7d:4e:32:c9:e8:1e:31:28:3d:37:c3:8f:e4:6e:1d:
7f:f8:ee:c1:31:6f:a2:d8:c1:a1:86:a9:de:13:9a:e8:3c:cb:
67:44:45:df:f8:58:d8:35:4c:b1:25:07:a8:e6:91:ea:fd:4b:
0d:40:e5:82:88:0a:22:55:48:b5:c1:88:90:39:69:11:0e:18:
2d:23:c2:ec:8f:31:a9:9e:4e:62:e8:1b:aa:3a:84:99:f1:4a:
f9:22:cf:c9
-----BEGIN CERTIFICATE-----
MIIGpzCCBY+gAwIBAgISAYVv8F8QzaLAVvNxBhM1vJunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5
YmJjOGUwHhcNMjMwMTAyMDA0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzI5MjNjNjVhNmViYjE0Mjk1YTUzNThiYzViNDE3YzI4MTAwYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYNO/XYnG43l9JcjVlxg3ht3W3fe
yaUw1ZQWwucZiI2IV8wsp+YZS51g4fATnIqimBydKCIWEsisd1xdZfxQQqk1Q4qo
vOw0W3pcCS4O2psFG82zENXCYLyC42l8/d0ptdnKsFiUrcyiws27WCe40AtQycR4
Td2KTwAICim4o7vxCT9XFv8o7DkaS+KHtirflqJCX2xJQOUfaAZaTfXfEUC6Pmey
Tr8ID4L4LlhJdkQ0YR0YclaLa/pq4Kvbqslqy1QHFAGwialoqNMYYuUsEDuLfLF2
7t6Twg82zwQRiN2QyOEHGM+R5spCmdid7WbWQE/i/GcRbHRnpJ3Hsx39/QIDAQAB
o4IDszCCA68wHQYDVR0OBBYEFGcpI8ZabrsUKVpTWLxbQXwoEArbMB8GA1UdIwQY
MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt
Mzk0ODAyODVhOTQ4LzEvWnlranhscHV1eFFwV2xOWXZGdEJmQ2dRQ3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4
LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBxwYIKwYBBQUHAQcBAf8EggG2MIIBsjCCAW4EAgABMIIB
ZgMEAx+5GAMEByW/gAMEBj4/AAMEBj5lwAMEB00ogAMEBk1YQAMEA03qMAMEA04Y
kAMEBU+HAAMEBFBAwAMEBFDxUAMEBlEAgAMEBFGvADAMAwQCUa8UAwQGUa8AAwMA
Ub8DBAVSxMADBAVUFGADBAVVcIADBAZVxEADBAdV3QADAwBV/AMEBlY+gAMEBld2
AAMEBVhUoAMEBVm/AAMEBFuHIAMEBW3HwAMEBrJKAAMEArkIEAMEArkjUAMEArlD
dAMEArmBnAMDAMFFAwQHwUsAAwMAwVoDBAfBW4ADBAfCEwADBALCHcgDBAXCNmAw
CwMEB8MAgAMDAcMAAwQHwxKAAwMAw4sDAwDDnwMDAMPMAwQF1D7gAwQF1EdAAwQH
1TQAAwQF1ZeAAwQF1Z7gMAwDBAXVoOADBAPVoPADBAXVrMADBAbV70ADBAXZCIAD
BATZDgADBATZTSADBAXZdiADBAXZkOAwPgQCAAIwOAMFAyABCEADBQMgAQjAAwUD
IAFN2AMFAyoAxEADBQMqAQUgAwUDKgICcAMFAyoDwAADBQMqBGNAMA0GCSqGSIb3
DQEBCwUAA4IBAQB2Y++1VxbXz+ezTHhHmL/e6hgGnL1MYX8y4ikhM+hhOB8l7UX/
8un1hlgFQOQaIbuKk5uL6vBpNI17U9k8XkldJ9I7n0CX2dFlTa4UEIFNL/0lWHCR
RqFytjXWssTPrvxWm+0Jb4/iSjR247tt+OMMh5LVgsRB2itW4cjURXNMUFS85e74
nX6sv92sAsJM5QPXPSrHRY9EERw9y9OPTMugfdXjd4p9TjLJ6B4xKD03w4/kbh1/
+O7BMW+i2MGhhqneE5roPMtnREXf+FjYNUyxJQeo5pHq/UsNQOWCiAoiVUi1wYiQ
OWkRDhgtI8LsjzGpnk5i6BuqOoSZ8Ur5Is/J
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:49 2025 by rpki-client