Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/ZRa5GBEkA3_khWQjESVnkRlGtjw.roa
File: ZRa5GBEkA3_khWQjESVnkRlGtjw.roa (raw, json)
Hash identifier: Z9nsPDDGo8J+C5GvzZW4Og7dkw4HKEosRc2dVyC2amE=
Subject key identifier: 65:16:B9:18:11:24:03:7F:E4:85:64:23:11:25:67:91:19:46:B6:3C
Certificate issuer: /CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Certificate serial: 02F7E394
Authority key identifier: 54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/ZRa5GBEkA3_khWQjESVnkRlGtjw.roa
Signing time: Sat 01 Jan 2022 04:52:36 +0000
ROA not before: Sat 01 Jan 2022 04:52:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35394
IP address blocks: 185.143.96.0/22 maxlen: 22
80.67.44.0/22 maxlen: 22
185.186.28.0/22 maxlen: 22
185.172.168.0/22 maxlen: 22
185.236.168.0/22 maxlen: 22
130.185.88.0/21 maxlen: 21
185.93.44.0/22 maxlen: 22
185.217.204.0/22 maxlen: 22
185.93.152.0/22 maxlen: 22
185.72.44.0/22 maxlen: 22
2a03:3d60::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49800084 (0x2f7e394)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Validity
Not Before: Jan 1 04:52:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6516b9181124037fe4856423112567911946b63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:66:45:50:69:f8:60:61:51:d3:08:ee:eb:fe:
c2:b7:18:4a:4c:9f:70:d8:49:bf:6b:f9:a9:07:de:
d8:32:f1:3b:69:4f:48:27:21:83:d1:70:c0:59:8f:
31:7a:63:39:14:f9:49:f9:e8:3d:59:a1:2f:10:31:
85:3e:f6:02:71:29:69:e5:d7:be:a6:b9:1a:42:aa:
1a:67:c8:42:8b:63:63:c7:4a:34:57:81:ba:8e:09:
c2:77:ca:cf:94:b7:92:43:00:dd:f9:69:03:40:c9:
76:92:d3:ea:01:a6:77:6c:10:ca:31:d3:47:fd:99:
6c:fb:1a:fa:2d:eb:74:6e:97:d7:48:28:46:fd:a0:
d7:e5:90:a5:29:46:e7:11:bc:d0:55:b2:96:5e:01:
6e:c6:4b:8e:c2:f0:14:8b:19:1c:81:d3:45:0b:02:
3b:d9:a2:32:3e:f3:f0:4a:9b:d4:b5:d1:97:90:a8:
ed:ae:c2:fe:29:31:c5:b7:e0:bc:70:05:fd:89:10:
3a:53:58:33:5c:0e:6c:80:b5:ac:e9:43:9c:2d:0f:
ce:44:e7:0b:3a:a2:dc:58:35:9b:93:3f:e0:65:cb:
f2:ba:a9:e7:2d:ad:1e:1c:20:d1:66:de:3e:ab:b2:
86:75:dc:47:a9:e2:3b:a8:66:31:ed:b3:5a:c7:cc:
85:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:16:B9:18:11:24:03:7F:E4:85:64:23:11:25:67:91:19:46:B6:3C
X509v3 Authority Key Identifier:
keyid:54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/ZRa5GBEkA3_khWQjESVnkRlGtjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/VNb_E0vWVvDOFNQQsCvsVR62miw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.44.0/22
130.185.88.0/21
185.72.44.0/22
185.93.44.0/22
185.93.152.0/22
185.143.96.0/22
185.172.168.0/22
185.186.28.0/22
185.217.204.0/22
185.236.168.0/22
IPv6:
2a03:3d60::/29
Signature Algorithm: sha256WithRSAEncryption
43:e6:3b:63:a1:49:46:2c:d6:ed:32:a7:11:8b:77:cf:eb:df:
a0:ad:3a:33:b0:0a:a4:8d:f6:d4:7a:ac:8c:74:a3:e6:68:83:
b2:2b:d7:78:8b:19:a6:73:68:f5:56:d5:22:9b:5b:b2:b2:73:
7d:d3:70:9d:9d:9d:f6:26:aa:39:15:49:7f:4d:bb:ec:99:78:
b2:1d:76:88:ec:49:8b:0f:56:25:c4:c5:f3:ce:5c:ec:a6:98:
e8:1d:0c:86:0b:27:02:33:c2:01:3a:10:41:66:29:3d:b4:c6:
b8:51:63:61:fa:7a:7f:d4:2e:7c:d2:93:35:77:03:1f:1b:52:
3f:58:ba:eb:24:a4:e7:a2:87:c7:25:21:ec:93:62:cb:59:43:
e7:44:08:a5:33:ff:c8:91:fd:a5:0d:34:19:c7:e5:1d:e0:4f:
b9:4d:a3:c1:64:72:6b:fa:be:bb:1f:8b:39:c8:19:f1:e0:16:
f5:02:d4:b6:73:2e:cf:80:cd:f8:89:ab:10:68:a3:10:43:96:
ac:87:cb:c1:4f:be:64:84:93:3a:22:80:46:21:8d:0a:96:df:
86:b7:24:08:8b:32:4c:a9:aa:1d:36:d9:62:1f:71:dd:7a:85:
15:37:96:7c:1a:62:e6:25:8d:f7:be:5d:51:ce:7a:ca:b6:7b:
f4:9d:c1:24
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEAvfjlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGQ2ZmYxMzRiZDY1NmYwY2UxNGQ0MTBiMDJiZWM1NTFlYjY5YTJjMB4XDTIyMDEw
MTA0NTIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjUxNmI5MTgxMTI0
MDM3ZmU0ODU2NDIzMTEyNTY3OTExOTQ2YjYzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtmRVBp+GBhUdMI7uv+wrcYSkyfcNhJv2v5qQfe2DLxO2lP
SCchg9FwwFmPMXpjORT5SfnoPVmhLxAxhT72AnEpaeXXvqa5GkKqGmfIQotjY8dK
NFeBuo4JwnfKz5S3kkMA3flpA0DJdpLT6gGmd2wQyjHTR/2ZbPsa+i3rdG6X10go
Rv2g1+WQpSlG5xG80FWyll4BbsZLjsLwFIsZHIHTRQsCO9miMj7z8Eqb1LXRl5Co
7a7C/ikxxbfgvHAF/YkQOlNYM1wObIC1rOlDnC0PzkTnCzqi3Fg1m5M/4GXL8rqp
5y2tHhwg0WbePquyhnXcR6niO6hmMe2zWsfMhT8CAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBRlFrkYESQDf+SFZCMRJWeRGUa2PDAfBgNVHSMEGDAWgBRU1v8TS9ZW8M4U
1BCwK+xVHraaLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZOYl9FMHZXVnZET0ZOUVFzQ3ZzVlI2Mm1pdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvZjIxZWU3LTQ5MjUtNGRkNi1iMjAyLTY0Mjc4YzBkOGViZi8x
L1pSYTVHQkVrQTNfa2hXUWpFU1Zua1JsR3Rqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
ZjIxZWU3LTQ5MjUtNGRkNi1iMjAyLTY0Mjc4YzBkOGViZi8xL1ZOYl9FMHZXVnZE
T0ZOUVFzQ3ZzVlI2Mm1pdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAlBDLAMEA4K5WAMEArlILAMEArld
LAMEArldmAMEArmPYAMEArmsqAMEArm6HAMEArnZzAMEArnsqDANBAIAAjAHAwUD
KgM9YDANBgkqhkiG9w0BAQsFAAOCAQEAQ+Y7Y6FJRizW7TKnEYt3z+vfoK06M7AK
pI321HqsjHSj5miDsivXeIsZpnNo9VbVIptbsrJzfdNwnZ2d9iaqORVJf0277Jl4
sh12iOxJiw9WJcTF885c7KaY6B0MhgsnAjPCAToQQWYpPbTGuFFjYfp6f9QufNKT
NXcDHxtSP1i66ySk56KHxyUh7JNiy1lD50QIpTP/yJH9pQ00GcflHeBPuU2jwWRy
a/q+ux+LOcgZ8eAW9QLUtnMuz4DN+ImrEGijEEOWrIfLwU++ZISTOiKARiGNCpbf
hrckCIsyTKmqHTbZYh9x3XqFFTeWfBpi5iWN975dUc56yrZ79J3BJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:32 2024 by rpki-client on console-ams.rpki-client.org