Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/ZQIVkEMZWCmNtiYRCn3J1A45Rtk.roa
File: ZQIVkEMZWCmNtiYRCn3J1A45Rtk.roa (raw, json)
Hash identifier: 1NKKYUR5HvzvJ/2wkPqcyaO1/CSCTqnv8riENfJLpEI=
Subject key identifier: 65:02:15:90:43:19:58:29:8D:B6:26:11:0A:7D:C9:D4:0E:39:46:D9
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 018BB30A95943149BB1C7CE7E8C9C94D57D7
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/ZQIVkEMZWCmNtiYRCn3J1A45Rtk.roa
Signing time: Thu 09 Nov 2023 07:44:57 +0000
ROA not before: Thu 09 Nov 2023 07:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25255
IP address blocks: 91.141.0.0/20 maxlen: 20
91.141.0.0/17 maxlen: 17
94.245.192.0/24 maxlen: 24
94.245.192.0/18 maxlen: 18
213.94.64.0/21 maxlen: 21
213.94.64.0/18 maxlen: 18
213.94.78.0/24 maxlen: 24
213.94.76.0/24 maxlen: 24
213.94.77.0/24 maxlen: 24
91.141.32.0/19 maxlen: 19
91.141.64.0/20 maxlen: 20
77.119.224.0/19 maxlen: 19
77.116.128.0/17 maxlen: 17
77.119.160.0/20 maxlen: 20
178.113.0.0/17 maxlen: 17
77.119.192.0/19 maxlen: 19
77.117.0.0/17 maxlen: 17
46.220.0.0/16 maxlen: 16
178.112.0.0/17 maxlen: 17
194.24.128.0/19 maxlen: 19
178.112.0.0/14 maxlen: 14
178.115.128.0/20 maxlen: 20
77.116.0.0/17 maxlen: 17
77.116.0.0/14 maxlen: 14
77.119.128.0/20 maxlen: 20
109.126.64.0/18 maxlen: 18
178.112.128.0/17 maxlen: 17
178.115.224.0/19 maxlen: 19
81.3.192.0/24 maxlen: 24
81.3.192.0/18 maxlen: 18
213.94.79.0/24 maxlen: 24
213.94.80.0/22 maxlen: 22
213.94.96.0/21 maxlen: 21
213.94.95.0/24 maxlen: 24
178.165.192.0/20 maxlen: 20
178.115.64.0/20 maxlen: 20
81.3.204.0/23 maxlen: 23
81.3.206.0/23 maxlen: 23
81.3.201.0/24 maxlen: 24
81.3.211.0/24 maxlen: 24
81.3.210.0/24 maxlen: 24
178.165.128.0/17 maxlen: 17
178.165.128.0/20 maxlen: 20
178.165.160.0/19 maxlen: 19
178.115.32.0/19 maxlen: 19
2a02:2861:d::/48 maxlen: 48
2a02:2864::/30 maxlen: 30
2a02:2861::/32 maxlen: 32
2a02:2861:e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:0a:95:94:31:49:bb:1c:7c:e7:e8:c9:c9:4d:57:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Nov 9 07:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65021590431958298db626110a7dc9d40e3946d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:58:28:35:4a:59:6e:58:3c:a5:c3:c4:3c:80:
51:e5:c4:b7:ad:15:83:b5:de:a9:bb:86:48:ff:75:
a0:8b:e0:28:e0:bb:6d:81:51:33:b7:63:3a:60:52:
3d:fb:9b:3d:16:e8:54:79:3e:90:54:09:c3:80:86:
9c:50:9c:eb:ac:18:25:66:fe:e1:fe:bd:23:0d:ba:
1a:a3:8e:69:71:09:60:5e:db:1e:58:6d:3e:cc:35:
80:de:21:6a:a2:8f:a3:0c:f3:ef:37:4b:c3:ff:6a:
9a:aa:82:b8:fe:6e:d6:a2:f5:5f:41:f4:1e:1d:c9:
1b:d6:87:29:d6:13:36:ba:49:bc:a5:2f:80:15:9a:
f1:43:ef:b8:b6:ea:44:56:85:e5:dc:da:9a:3c:02:
2c:74:45:44:77:d1:8f:6e:4a:f1:ee:b6:ca:3f:08:
92:2f:d3:d8:b4:e7:38:f8:a2:6d:32:4a:90:e8:c1:
d6:f3:b0:d4:30:25:ce:1e:b4:b9:e7:01:d9:ab:af:
5c:e4:31:1e:b8:46:2f:76:dd:9e:f8:a8:31:9a:97:
04:f3:7b:80:ad:f9:a1:9b:5b:7e:ea:ba:be:e0:a0:
18:06:60:f3:c5:e9:a6:05:cb:bb:6f:34:59:ba:2a:
20:c0:5d:08:5c:c5:32:27:e6:42:b5:cc:c3:e7:3d:
4a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:02:15:90:43:19:58:29:8D:B6:26:11:0A:7D:C9:D4:0E:39:46:D9
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/ZQIVkEMZWCmNtiYRCn3J1A45Rtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.220.0.0/16
77.116.0.0/14
81.3.192.0/18
91.141.0.0/17
94.245.192.0/18
109.126.64.0/18
178.112.0.0/14
178.165.128.0/17
194.24.128.0/19
213.94.64.0/18
IPv6:
2a02:2861::/32
2a02:2864::/30
Signature Algorithm: sha256WithRSAEncryption
3e:61:df:5c:23:95:20:f6:9a:19:32:93:73:5e:ff:89:f8:ff:
64:45:42:89:7c:1f:02:fa:dd:38:3f:7f:06:90:1b:9f:4c:ab:
57:ff:73:99:38:66:6c:2f:b2:09:aa:3d:f0:00:11:6b:a3:36:
49:6a:a5:52:0a:8d:8f:51:22:2e:a2:23:d5:05:9e:be:dd:f7:
90:61:06:6b:20:96:82:32:68:03:ac:9b:52:4e:c6:44:99:ee:
64:f5:bb:4f:a0:42:fb:ca:ad:ea:c4:5b:fd:76:10:1f:44:a2:
e9:b3:51:56:d6:c3:76:20:e5:fb:b1:ad:14:79:33:cf:fc:83:
53:b7:d9:b0:14:e5:80:5a:cb:d7:58:fd:16:05:5d:2e:db:e9:
a3:f5:dd:08:83:c7:0c:32:bd:81:cf:ab:54:45:c9:cf:65:d6:
c2:49:6b:48:96:aa:8c:89:7c:aa:1d:cf:3d:b0:55:7a:32:1b:
ee:5a:cd:22:bb:4c:e4:07:13:b8:cc:e8:29:42:56:d8:37:c2:
ac:16:23:02:a2:7f:ce:f1:c3:25:32:6f:d7:1d:01:bc:68:34:
f0:74:92:f7:14:d4:37:6e:93:ac:21:2b:a6:e7:d2:e8:63:fe:
38:69:4d:e9:4d:7d:e8:bd:2b:6a:4d:bc:01:55:1d:0a:e1:62:
7d:11:61:87
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYuzCpWUMUm7HHzn6MnJTVfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMxMTA5MDc0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTAyMTU5MDQzMTk1ODI5OGRiNjI2MTEwYTdkYzlkNDBlMzk0NmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVgoNUpZblg8pcPEPIBR5cS3rRWD
td6pu4ZI/3Wgi+Ao4LttgVEzt2M6YFI9+5s9FuhUeT6QVAnDgIacUJzrrBglZv7h
/r0jDboao45pcQlgXtseWG0+zDWA3iFqoo+jDPPvN0vD/2qaqoK4/m7WovVfQfQe
Hckb1ocp1hM2ukm8pS+AFZrxQ++4tupEVoXl3NqaPAIsdEVEd9GPbkrx7rbKPwiS
L9PYtOc4+KJtMkqQ6MHW87DUMCXOHrS55wHZq69c5DEeuEYvdt2e+KgxmpcE83uA
rfmhm1t+6rq+4KAYBmDzxemmBcu7bzRZuiogwF0IXMUyJ+ZCtczD5z1KKwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFGUCFZBDGVgpjbYmEQp9ydQOOUbZMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvWlFJVmtFTVpXQ21OdGlZUkNuM0oxQTQ1UnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzA/BAIAATA5AwMALtwDAwJN
dAMEBlEDwAMEB1uNAAMEBl71wAMEBm1+QAMDArJwAwQHsqWAAwQFwhiAAwQG1V5A
MBQEAgACMA4DBQAqAihhAwUCKgIoZDANBgkqhkiG9w0BAQsFAAOCAQEAPmHfXCOV
IPaaGTKTc17/ifj/ZEVCiXwfAvrdOD9/BpAbn0yrV/9zmThmbC+yCao98AARa6M2
SWqlUgqNj1EiLqIj1QWevt33kGEGayCWgjJoA6ybUk7GRJnuZPW7T6BC+8qt6sRb
/XYQH0Si6bNRVtbDdiDl+7GtFHkzz/yDU7fZsBTlgFrL11j9FgVdLtvpo/XdCIPH
DDK9gc+rVEXJz2XWwklrSJaqjIl8qh3PPbBVejIb7lrNIrtM5AcTuMzoKUJW2DfC
rBYjAqJ/zvHDJTJv1x0BvGg08HSS9xTUN26TrCErpufS6GP+OGlN6U196L0rak28
AVUdCuFifRFhhw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:46 2025 by rpki-client