Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/151e05-7942-490d-ad19-2ec8717ee30a/1/ZGFo1oUHuXd_97dgL_b8ZpFIyjU.roa
File: ZGFo1oUHuXd_97dgL_b8ZpFIyjU.roa (raw, json)
Hash identifier: CCI64HSxe5zu7T7mkgB3WGAWhMnt+D6Ova2GDfNAVqg=
Subject key identifier: 64:61:68:D6:85:07:B9:77:7F:F7:B7:60:2F:F6:FC:66:91:48:CA:35
Certificate issuer: /CN=1a5be155037eb7e65c12ac9aa2a2c325038c3a9b
Certificate serial: 0185C4CF04AC45A1464C9B1C6FDDA1CD37C3
Authority key identifier: 1A:5B:E1:55:03:7E:B7:E6:5C:12:AC:9A:A2:A2:C3:25:03:8C:3A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GlvhVQN-t-ZcEqyaoqLDJQOMOps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/151e05-7942-490d-ad19-2ec8717ee30a/1/ZGFo1oUHuXd_97dgL_b8ZpFIyjU.roa
Signing time: Wed 18 Jan 2023 12:16:19 +0000
ROA not before: Wed 18 Jan 2023 12:16:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42387
IP address blocks: 212.109.0.0/20 maxlen: 20
94.143.240.0/21 maxlen: 21
212.109.16.0/20 maxlen: 20
212.109.29.0/24 maxlen: 24
185.9.80.0/22 maxlen: 22
212.109.30.0/24 maxlen: 24
212.109.28.0/24 maxlen: 24
217.77.48.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c4:cf:04:ac:45:a1:46:4c:9b:1c:6f:dd:a1:cd:37:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5be155037eb7e65c12ac9aa2a2c325038c3a9b
Validity
Not Before: Jan 18 12:16:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=646168d68507b9777ff7b7602ff6fc669148ca35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:77:27:31:0e:13:6a:38:b5:99:7d:83:ae:50:
8d:ad:fa:40:f9:bd:b1:d2:37:33:74:17:0d:29:fa:
b3:69:d2:89:f3:f4:fb:39:73:36:52:01:7c:53:be:
35:fb:a2:f6:8b:2a:bf:f3:85:af:85:a9:10:e8:62:
d9:a8:f4:68:e7:99:11:b3:67:c7:9c:5a:8a:ea:b2:
3e:1c:f5:c6:19:8e:ed:01:b4:68:8c:7d:6f:12:9d:
f2:39:7a:df:61:fd:0b:01:47:07:07:52:ef:59:f4:
e4:6a:da:b6:3f:47:96:85:5e:5a:55:49:57:d6:4b:
1e:e6:96:50:fd:36:f6:30:f8:8b:4d:c0:67:ed:b6:
e4:5c:be:55:07:ed:96:c8:e0:fc:27:ed:3c:3c:de:
55:57:97:89:ea:17:ed:47:72:5c:95:81:38:00:35:
c1:c5:af:26:15:10:b7:77:f3:5b:4f:9c:7d:d7:be:
f3:44:96:30:28:d6:60:58:b3:a4:19:bf:90:75:06:
68:02:65:d1:a1:07:62:c0:0e:5f:de:c6:1d:07:3b:
b7:36:76:45:90:27:8c:de:3a:78:67:f4:f5:06:d7:
19:ca:4d:80:74:74:1c:9e:1c:ca:6e:a2:f0:2f:05:
ab:95:76:00:3c:d2:24:04:dc:3c:b3:00:57:e5:4b:
6b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:61:68:D6:85:07:B9:77:7F:F7:B7:60:2F:F6:FC:66:91:48:CA:35
X509v3 Authority Key Identifier:
keyid:1A:5B:E1:55:03:7E:B7:E6:5C:12:AC:9A:A2:A2:C3:25:03:8C:3A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GlvhVQN-t-ZcEqyaoqLDJQOMOps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/151e05-7942-490d-ad19-2ec8717ee30a/1/ZGFo1oUHuXd_97dgL_b8ZpFIyjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/151e05-7942-490d-ad19-2ec8717ee30a/1/GlvhVQN-t-ZcEqyaoqLDJQOMOps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.240.0/21
185.9.80.0/22
212.109.0.0/19
217.77.48.0/20
Signature Algorithm: sha256WithRSAEncryption
22:be:d2:f6:a9:21:dc:8f:5c:ce:88:63:ed:a1:59:94:93:3b:
e7:af:a8:a7:68:94:ae:22:00:99:fe:8f:87:6a:0c:6f:01:f8:
e3:39:06:97:70:97:99:08:46:c5:05:64:60:7b:7b:36:b7:93:
0c:8f:f2:2d:e1:5c:fa:3e:3e:8c:49:db:be:6f:3c:05:f4:ec:
67:e3:97:01:5f:03:f6:e3:59:f7:ee:8b:53:46:2c:fe:61:40:
d5:a9:7b:6e:12:7a:6d:81:cf:09:fd:8f:ab:d7:60:35:ce:9a:
67:b1:c7:eb:65:ca:c7:ab:34:bf:fb:66:b6:26:14:4a:8d:97:
d4:59:ee:d0:c1:42:69:48:5e:2f:9f:8d:7c:b0:b1:96:4d:e9:
08:ba:86:67:e7:9c:e9:a2:f6:35:d1:72:e9:5f:a1:17:85:e2:
7c:44:5f:ef:0f:e5:96:12:a9:2c:f4:0e:55:5a:a9:b4:4d:c6:
d0:7f:e5:c4:ea:bb:ed:fa:4b:b8:00:6e:55:fa:ca:6f:b1:cf:
b6:e5:08:91:c6:1f:a6:88:d2:ec:47:f4:67:27:65:d8:c5:e1:
bc:85:22:bf:31:80:a5:be:ee:e0:c9:2f:21:02:5a:92:9d:01:
17:db:61:d9:f3:e9:76:15:33:b8:84:56:3c:fc:b4:25:6e:50:
a0:f0:3c:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXEzwSsRaFGTJscb92hzTfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNWJlMTU1MDM3ZWI3ZTY1YzEyYWM5YWEyYTJjMzI1MDM4
YzNhOWIwHhcNMjMwMTE4MTIxNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDYxNjhkNjg1MDdiOTc3N2ZmN2I3NjAyZmY2ZmM2NjkxNDhjYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHcnMQ4Taji1mX2DrlCNrfpA+b2x
0jczdBcNKfqzadKJ8/T7OXM2UgF8U741+6L2iyq/84WvhakQ6GLZqPRo55kRs2fH
nFqK6rI+HPXGGY7tAbRojH1vEp3yOXrfYf0LAUcHB1LvWfTkatq2P0eWhV5aVUlX
1kse5pZQ/Tb2MPiLTcBn7bbkXL5VB+2WyOD8J+08PN5VV5eJ6hftR3JclYE4ADXB
xa8mFRC3d/NbT5x9177zRJYwKNZgWLOkGb+QdQZoAmXRoQdiwA5f3sYdBzu3NnZF
kCeM3jp4Z/T1BtcZyk2AdHQcnhzKbqLwLwWrlXYAPNIkBNw8swBX5UtrswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGRhaNaFB7l3f/e3YC/2/GaRSMo1MB8GA1UdIwQY
MBaAFBpb4VUDfrfmXBKsmqKiwyUDjDqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2x2aFZRTi10LVpjRXF5YW9xTERKUU9NT3BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xNTFlMDUtNzk0Mi00OTBkLWFkMTkt
MmVjODcxN2VlMzBhLzEvWkdGbzFvVUh1WGRfOTdkZ0xfYjhacEZJeWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xNTFlMDUtNzk0Mi00OTBkLWFkMTktMmVjODcxN2VlMzBh
LzEvR2x2aFZRTi10LVpjRXF5YW9xTERKUU9NT3BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDXo/wAwQC
uQlQAwQF1G0AAwQE2U0wMA0GCSqGSIb3DQEBCwUAA4IBAQAivtL2qSHcj1zOiGPt
oVmUkzvnr6inaJSuIgCZ/o+HagxvAfjjOQaXcJeZCEbFBWRge3s2t5MMj/It4Vz6
Pj6MSdu+bzwF9Oxn45cBXwP241n37otTRiz+YUDVqXtuEnptgc8J/Y+r12A1zppn
scfrZcrHqzS/+2a2JhRKjZfUWe7QwUJpSF4vn418sLGWTekIuoZn55zpovY10XLp
X6EXheJ8RF/vD+WWEqks9A5VWqm0TcbQf+XE6rvt+ku4AG5V+spvsc+25QiRxh+m
iNLsR/RnJ2XYxeG8hSK/MYClvu7gyS8hAlqSnQEX22HZ8+l2FTO4hFY8/LQlblCg
8Dwi
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:38:00 2025 by rpki-client