Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ZJqOWLvNJQx3OkDRR1Zbr5qSLqM.roa
File: ZJqOWLvNJQx3OkDRR1Zbr5qSLqM.roa (raw, json)
Hash identifier: DYcP+XtnzgCeaog1uRzLZkN/EspoHa8LyrbR2hOp8o8=
Subject key identifier: 64:9A:8E:58:BB:CD:25:0C:77:3A:40:D1:47:56:5B:AF:9A:92:2E:A3
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01841E2F0EF628F3AE7E4369C5720ED610D4
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ZJqOWLvNJQx3OkDRR1Zbr5qSLqM.roa
Signing time: Fri 28 Oct 2022 10:41:51 +0000
ROA not before: Fri 28 Oct 2022 10:41:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 85.158.150.0/24 maxlen: 24
85.158.151.0/24 maxlen: 24
85.158.149.0/24 maxlen: 24
85.158.148.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
5.178.1.0/24 maxlen: 24
5.178.2.0/24 maxlen: 24
5.178.0.0/24 maxlen: 24
5.10.240.0/20 maxlen: 20
185.81.217.0/24 maxlen: 24
185.81.216.0/24 maxlen: 24
164.215.98.0/24 maxlen: 24
164.215.96.0/24 maxlen: 24
164.215.97.0/24 maxlen: 24
46.23.103.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.100.0/24 maxlen: 24
164.215.99.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:2f:0e:f6:28:f3:ae:7e:43:69:c5:72:0e:d6:10:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Oct 28 10:41:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=649a8e58bbcd250c773a40d147565baf9a922ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:b6:a2:bd:07:58:16:d6:ad:e9:f1:e3:11:22:
45:97:c8:70:90:1c:cb:81:9e:b7:dc:f7:2d:cc:97:
ce:db:19:e9:aa:a1:4d:09:01:ab:35:96:36:90:e6:
a4:d7:3e:a0:af:b4:38:30:68:9d:a0:81:22:57:4e:
51:7e:ce:0b:9a:bf:86:a4:02:5c:e7:ea:cb:fc:32:
4c:be:f8:e5:62:1c:a5:c4:b1:39:a6:90:d0:21:6a:
a1:57:86:92:3d:8c:14:5e:d9:59:96:fe:85:cc:13:
85:be:24:43:bf:0c:2b:b9:02:be:51:92:bb:1f:83:
9b:8a:42:47:df:c3:ab:72:d0:d3:3e:46:06:37:23:
c8:6c:04:43:4c:46:91:b3:87:f8:17:d8:c1:f5:ed:
47:43:b4:40:19:88:17:a0:50:0f:2e:bd:45:9c:05:
ad:a7:b4:15:3a:50:8a:33:d9:93:6e:cb:de:64:ae:
00:f7:ca:93:8e:a4:37:b0:e0:c7:0b:56:69:e8:2f:
3a:1c:8a:ba:46:32:0b:1a:eb:63:e5:78:d3:82:23:
83:33:74:88:54:d1:62:a9:3a:2d:98:01:18:73:70:
6b:6c:76:61:5e:f9:aa:dc:85:24:e4:9d:03:0f:d1:
7e:81:e8:a5:fd:6e:be:1e:87:59:27:2a:a7:de:54:
2f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9A:8E:58:BB:CD:25:0C:77:3A:40:D1:47:56:5B:AF:9A:92:2E:A3
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ZJqOWLvNJQx3OkDRR1Zbr5qSLqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/20
5.178.0.0/22
37.128.200.0/22
46.23.100.0/22
85.158.148.0/22
164.215.96.0/22
185.81.216.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:e6:fa:ad:a8:5a:fc:a5:35:4f:ce:d3:5f:8b:ba:8f:39:f7:
62:16:16:28:e8:38:d2:0a:46:67:b5:a0:38:27:de:8e:09:4c:
3d:41:81:fa:15:f2:82:70:84:3e:90:b9:bf:fc:57:bf:16:15:
a5:73:38:49:99:ee:3f:7a:76:d0:83:22:72:4a:77:2c:5b:03:
cc:a7:fe:0b:7d:31:51:35:bd:23:90:fc:d0:a7:7c:69:1c:9c:
bd:7a:a7:41:e9:39:ad:de:b0:dd:99:39:56:3a:e2:d1:d6:0f:
b0:39:b0:09:61:59:c9:70:d9:d6:33:ea:20:8a:2b:bf:e5:8f:
28:ab:2a:38:a2:31:16:96:ff:9e:59:df:6b:c4:c4:c9:7c:38:
32:df:4d:69:ae:45:08:73:c1:53:af:15:60:46:d1:dc:3d:6f:
01:df:a6:ed:03:be:72:f3:b2:f5:c2:34:6e:d4:56:f7:f8:bc:
10:c9:44:4c:b5:49:52:20:16:dc:a3:fb:7b:04:50:11:10:cf:
48:8a:d0:5a:74:47:11:44:e6:09:37:08:e9:08:f2:eb:68:8b:
82:fe:6c:18:44:45:27:a5:0f:1a:b2:7a:35:24:20:8f:75:45:
5e:69:cf:01:86:46:ed:73:ed:e9:91:09:75:b0:cb:b2:ba:47:
3b:9d:b4:cd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYQeLw72KPOufkNpxXIO1hDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMDI4MTA0MTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDlhOGU1OGJiY2QyNTBjNzczYTQwZDE0NzU2NWJhZjlhOTIyZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+baivQdYFtat6fHjESJFl8hwkBzL
gZ633PctzJfO2xnpqqFNCQGrNZY2kOak1z6gr7Q4MGidoIEiV05Rfs4Lmr+GpAJc
5+rL/DJMvvjlYhylxLE5ppDQIWqhV4aSPYwUXtlZlv6FzBOFviRDvwwruQK+UZK7
H4ObikJH38OrctDTPkYGNyPIbARDTEaRs4f4F9jB9e1HQ7RAGYgXoFAPLr1FnAWt
p7QVOlCKM9mTbsveZK4A98qTjqQ3sODHC1Zp6C86HIq6RjILGutj5XjTgiODM3SI
VNFiqTotmAEYc3BrbHZhXvmq3IUk5J0DD9F+geil/W6+HodZJyqn3lQvMwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGSajli7zSUMdzpA0UdWW6+aki6jMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvWkpxT1dMdk5KUXgzT2tEUlIxWmJyNXFTTHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQEBQrwAwQC
BbIAAwQCJYDIAwQCLhdkAwQCVZ6UAwQCpNdgAwQBuVHYMA0GCSqGSIb3DQEBCwUA
A4IBAQA95vqtqFr8pTVPztNfi7qPOfdiFhYo6DjSCkZntaA4J96OCUw9QYH6FfKC
cIQ+kLm//Fe/FhWlczhJme4/enbQgyJySncsWwPMp/4LfTFRNb0jkPzQp3xpHJy9
eqdB6Tmt3rDdmTlWOuLR1g+wObAJYVnJcNnWM+ogiiu/5Y8oqyo4ojEWlv+eWd9r
xMTJfDgy301prkUIc8FTrxVgRtHcPW8B36btA75y87L1wjRu1Fb3+LwQyURMtUlS
IBbco/t7BFAREM9IitBadEcRROYJNwjpCPLraIuC/mwYREUnpQ8asno1JCCPdUVe
ac8Bhkbtc+3pkQl1sMuyukc7nbTN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org