Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/ad5545-f8af-4278-90a5-a3bbc87a77cc/1/ZSwTZt-VF1EVOTj8e3nK9U9p3qk.roa
File: ZSwTZt-VF1EVOTj8e3nK9U9p3qk.roa (raw, json)
Hash identifier: 1+f3Txv1qSlDHQVutK/+KTdYWVSbaY7ft8Kx9H7knGU=
Subject key identifier: 65:2C:13:66:DF:95:17:51:15:39:38:FC:7B:79:CA:F5:4F:69:DE:A9
Certificate issuer: /CN=f5d901201ff0b1b97ef3d1a72da41e18f0145762
Certificate serial: 018997D1A67A4193E788D92558C2603B5888
Authority key identifier: F5:D9:01:20:1F:F0:B1:B9:7E:F3:D1:A7:2D:A4:1E:18:F0:14:57:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dkBIB_wsbl-89GnLaQeGPAUV2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/ad5545-f8af-4278-90a5-a3bbc87a77cc/1/ZSwTZt-VF1EVOTj8e3nK9U9p3qk.roa
Signing time: Thu 27 Jul 2023 14:47:26 +0000
ROA not before: Thu 27 Jul 2023 14:47:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43843
IP address blocks: 185.74.248.0/24 maxlen: 24
185.74.248.0/22 maxlen: 22
185.74.249.0/24 maxlen: 24
93.94.26.0/24 maxlen: 24
93.94.28.0/24 maxlen: 24
93.94.25.0/24 maxlen: 24
91.142.64.0/21 maxlen: 21
91.142.71.0/24 maxlen: 24
91.142.68.0/24 maxlen: 24
91.142.69.0/24 maxlen: 24
91.142.70.0/24 maxlen: 24
109.69.128.0/24 maxlen: 24
109.69.128.0/21 maxlen: 21
109.69.129.0/24 maxlen: 24
109.69.130.0/24 maxlen: 24
109.69.131.0/24 maxlen: 24
109.69.132.0/24 maxlen: 24
93.94.24.0/21 maxlen: 21
93.94.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:d1:a6:7a:41:93:e7:88:d9:25:58:c2:60:3b:58:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d901201ff0b1b97ef3d1a72da41e18f0145762
Validity
Not Before: Jul 27 14:47:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=652c1366df951751153938fc7b79caf54f69dea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:10:56:97:0d:fd:e4:16:92:34:05:25:08:af:
b9:c5:f8:11:ca:a0:72:00:19:3e:6c:8d:26:fa:25:
52:84:25:da:9b:6a:f7:4d:e3:15:81:ff:7f:5c:73:
65:8d:b5:8c:a7:23:b9:5c:34:c5:37:f5:7c:02:5e:
81:4e:e8:fd:d0:43:9f:37:70:1e:d1:d2:d6:d7:59:
a9:ee:55:a8:22:27:ec:d0:41:2d:fb:91:a0:c0:ce:
f2:27:b2:df:1c:80:8c:d8:d6:0b:dd:b6:ea:c6:1e:
ad:79:24:26:31:1a:c2:04:e8:61:91:3c:d7:75:2a:
a0:13:70:22:93:dc:d2:c7:fc:40:93:e6:6e:1d:79:
e7:20:f9:94:c2:46:80:a1:02:bf:37:f1:8d:e2:cb:
c1:58:6f:d6:03:27:47:a9:9c:c5:0d:11:bb:80:8c:
96:35:7f:e9:2d:5d:97:e3:13:c6:7c:cf:2d:4b:27:
96:b4:94:5d:0f:5f:55:a1:19:bc:09:a0:69:75:62:
5b:f5:85:e8:73:68:98:29:90:fe:12:35:2b:cd:63:
cd:c6:e2:c2:e8:46:c4:f3:9b:3f:8f:7d:d8:c1:58:
98:f5:e1:8f:79:7e:e3:be:05:67:74:66:ee:27:3e:
07:04:07:ba:af:17:d0:c1:d6:8d:33:c3:5d:61:33:
81:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2C:13:66:DF:95:17:51:15:39:38:FC:7B:79:CA:F5:4F:69:DE:A9
X509v3 Authority Key Identifier:
keyid:F5:D9:01:20:1F:F0:B1:B9:7E:F3:D1:A7:2D:A4:1E:18:F0:14:57:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dkBIB_wsbl-89GnLaQeGPAUV2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ad5545-f8af-4278-90a5-a3bbc87a77cc/1/ZSwTZt-VF1EVOTj8e3nK9U9p3qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ad5545-f8af-4278-90a5-a3bbc87a77cc/1/9dkBIB_wsbl-89GnLaQeGPAUV2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.64.0/21
93.94.24.0/21
109.69.128.0/21
185.74.248.0/22
Signature Algorithm: sha256WithRSAEncryption
43:00:17:18:ca:0a:f3:24:df:f0:50:dc:15:7a:1f:8c:43:d5:
f0:4d:c7:d6:64:b4:bf:81:1d:37:f5:d6:17:5f:06:5e:44:f0:
e0:e6:d2:f0:9a:e2:46:cd:2e:bb:e3:20:37:ed:70:cb:bb:fa:
a9:71:7d:7a:84:2d:23:eb:64:a5:b4:57:a9:62:c4:b0:6b:58:
0e:ad:f4:1d:1c:97:2b:52:dd:73:39:e6:12:d2:4b:0a:82:b0:
ad:91:eb:40:89:99:45:94:dc:c6:f1:f7:a7:54:cd:33:56:d6:
01:a1:4a:53:39:c9:14:a7:fa:35:1b:8e:da:8d:45:ea:69:29:
2a:95:44:ae:e7:78:b2:fd:b1:10:84:12:17:b7:1a:42:f7:7a:
7b:e2:ab:2a:cf:20:b5:48:45:6e:33:85:b0:92:e0:74:f4:f9:
1f:da:f4:f8:9a:1a:9b:6f:9d:11:0e:6f:15:f9:25:16:af:4e:
12:20:8e:80:f8:a7:4f:81:46:cb:28:ad:00:f0:00:50:75:1f:
77:4e:83:b7:bc:3f:4e:7e:eb:dd:4b:22:14:1b:82:33:9c:ca:
55:c2:45:63:de:6f:b8:50:7d:0f:81:b7:40:4b:03:bd:07:28:
02:b2:0b:ec:11:f3:83:2d:15:43:37:ed:a2:e4:5d:f9:e9:6f:
ea:c4:51:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmX0aZ6QZPniNklWMJgO1iIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDkwMTIwMWZmMGIxYjk3ZWYzZDFhNzJkYTQxZTE4ZjAx
NDU3NjIwHhcNMjMwNzI3MTQ0NzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTJjMTM2NmRmOTUxNzUxMTUzOTM4ZmM3Yjc5Y2FmNTRmNjlkZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxBWlw395BaSNAUlCK+5xfgRyqBy
ABk+bI0m+iVShCXam2r3TeMVgf9/XHNljbWMpyO5XDTFN/V8Al6BTuj90EOfN3Ae
0dLW11mp7lWoIifs0EEt+5GgwM7yJ7LfHICM2NYL3bbqxh6teSQmMRrCBOhhkTzX
dSqgE3Aik9zSx/xAk+ZuHXnnIPmUwkaAoQK/N/GN4svBWG/WAydHqZzFDRG7gIyW
NX/pLV2X4xPGfM8tSyeWtJRdD19VoRm8CaBpdWJb9YXoc2iYKZD+EjUrzWPNxuLC
6EbE85s/j33YwViY9eGPeX7jvgVndGbuJz4HBAe6rxfQwdaNM8NdYTOBgwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGUsE2bflRdRFTk4/Ht5yvVPad6pMB8GA1UdIwQY
MBaAFPXZASAf8LG5fvPRpy2kHhjwFFdiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRrQklCX3dzYmwtODlHbkxhUWVHUEFVVjJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hZDU1NDUtZjhhZi00Mjc4LTkwYTUt
YTNiYmM4N2E3N2NjLzEvWlN3VFp0LVZGMUVWT1RqOGUzbks5VTlwM3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hZDU1NDUtZjhhZi00Mjc4LTkwYTUtYTNiYmM4N2E3N2Nj
LzEvOWRrQklCX3dzYmwtODlHbkxhUWVHUEFVVjJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW45AAwQD
XV4YAwQDbUWAAwQCuUr4MA0GCSqGSIb3DQEBCwUAA4IBAQBDABcYygrzJN/wUNwV
eh+MQ9XwTcfWZLS/gR039dYXXwZeRPDg5tLwmuJGzS674yA37XDLu/qpcX16hC0j
62SltFepYsSwa1gOrfQdHJcrUt1zOeYS0ksKgrCtketAiZlFlNzG8fenVM0zVtYB
oUpTOckUp/o1G47ajUXqaSkqlUSu53iy/bEQhBIXtxpC93p74qsqzyC1SEVuM4Ww
kuB09Pkf2vT4mhqbb50RDm8V+SUWr04SII6A+KdPgUbLKK0A8ABQdR93ToO3vD9O
fuvdSyIUG4IznMpVwkVj3m+4UH0PgbdASwO9BygCsgvsEfODLRVDN+2i5F356W/q
xFHV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:23 2025 by rpki-client