Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/zyKuFanilK_1bhh6yPaoN_PEiQw.roa
File: zyKuFanilK_1bhh6yPaoN_PEiQw.roa (raw, json)
Hash identifier: IT8ojVlZ3/HT2l17rrrqOmJeP2fyeRNVdcZdqfk6R3U=
Subject key identifier: CF:22:AE:15:A9:E2:94:AF:F5:6E:18:7A:C8:F6:A8:37:F3:C4:89:0C
Certificate issuer: /CN=574537d54f36f142231bc817038872cb607b21e7
Certificate serial: 018770589EF70C3E81C6F42DE61C760F7EF4
Authority key identifier: 57:45:37:D5:4F:36:F1:42:23:1B:C8:17:03:88:72:CB:60:7B:21:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0U31U828UIjG8gXA4hyy2B7Iec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/zyKuFanilK_1bhh6yPaoN_PEiQw.roa
Signing time: Tue 11 Apr 2023 12:44:28 +0000
ROA not before: Tue 11 Apr 2023 12:44:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 213.221.192.0/18 maxlen: 24
139.178.0.0/18 maxlen: 24
185.74.108.0/22 maxlen: 22
212.60.32.0/19 maxlen: 24
109.106.44.0/22 maxlen: 22
109.106.48.0/20 maxlen: 20
37.35.120.0/21 maxlen: 21
31.193.208.0/21 maxlen: 24
5.44.112.0/20 maxlen: 20
89.236.128.0/18 maxlen: 24
77.111.228.0/22 maxlen: 22
65.18.128.0/18 maxlen: 18
145.40.224.0/19 maxlen: 19
80.208.128.0/18 maxlen: 24
95.174.224.0/19 maxlen: 24
62.204.96.0/19 maxlen: 24
138.248.48.0/20 maxlen: 20
2001:1a88::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:70:58:9e:f7:0c:3e:81:c6:f4:2d:e6:1c:76:0f:7e:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574537d54f36f142231bc817038872cb607b21e7
Validity
Not Before: Apr 11 12:44:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf22ae15a9e294aff56e187ac8f6a837f3c4890c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2c:c2:35:85:9e:d1:0d:5e:48:bf:35:5a:76:
75:23:35:23:8f:65:95:1a:c4:58:1b:67:ec:0e:8c:
a7:be:ce:8f:52:1f:32:47:61:65:bf:02:ae:cd:a3:
d2:9b:68:57:d6:16:a3:ef:5c:d1:a7:bd:e8:5b:74:
05:19:e7:e1:16:57:d0:7c:3a:e9:74:3e:61:74:69:
b5:7e:47:8d:a8:e3:e6:25:f9:2f:5d:3b:52:72:cd:
15:6a:83:0c:16:8a:62:a8:82:e7:53:1b:b2:ea:23:
c3:df:01:e8:e9:c4:6b:ef:2d:fc:f2:b5:6b:04:e7:
af:f0:d5:8c:7c:a8:25:1c:2a:0e:ef:17:28:56:9f:
3e:ba:32:21:af:2d:ad:bf:59:ea:21:a6:b4:c6:44:
9e:4a:47:6f:27:07:50:df:74:7e:b2:92:74:d7:e3:
f0:42:5c:b8:3d:86:e7:80:2e:6a:72:c2:5f:75:cc:
2c:81:db:4f:f6:0a:1d:c2:73:b1:d0:fc:32:b6:b2:
98:2d:0a:5c:ed:58:83:4c:86:60:16:d6:22:4b:b7:
7f:9e:36:dc:50:b5:af:61:69:21:ba:f2:ad:96:01:
c5:79:57:48:83:ae:eb:98:b1:9d:31:47:fb:0b:42:
f6:ee:93:8e:86:c7:2e:2c:98:83:93:e3:be:03:4d:
e3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:22:AE:15:A9:E2:94:AF:F5:6E:18:7A:C8:F6:A8:37:F3:C4:89:0C
X509v3 Authority Key Identifier:
keyid:57:45:37:D5:4F:36:F1:42:23:1B:C8:17:03:88:72:CB:60:7B:21:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0U31U828UIjG8gXA4hyy2B7Iec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/zyKuFanilK_1bhh6yPaoN_PEiQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/V0U31U828UIjG8gXA4hyy2B7Iec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.112.0/20
31.193.208.0/21
37.35.120.0/21
62.204.96.0/19
65.18.128.0/18
77.111.228.0/22
80.208.128.0/18
89.236.128.0/18
95.174.224.0/19
109.106.44.0-109.106.63.255
138.248.48.0/20
139.178.0.0/18
145.40.224.0/19
185.74.108.0/22
212.60.32.0/19
213.221.192.0/18
IPv6:
2001:1a88::/29
Signature Algorithm: sha256WithRSAEncryption
77:fb:8a:e0:96:95:83:e9:e8:8b:00:9c:da:57:9c:39:a7:54:
11:04:59:07:a1:57:14:1e:98:54:25:23:31:13:b6:84:e4:83:
8e:df:5a:2b:d8:7e:90:cf:e2:28:83:94:c6:94:51:64:88:12:
77:3e:cf:a5:2f:81:d8:e9:cb:e2:b0:91:57:38:33:12:ee:0a:
23:bf:f0:19:6f:d8:2f:5c:fd:2e:76:02:1e:59:90:8a:f1:a3:
c5:4b:60:e1:c7:fd:a2:21:0c:f3:9e:77:07:5f:8a:f8:51:48:
87:60:af:f1:bc:09:d1:5f:00:33:e5:f8:47:38:69:f7:26:f5:
3d:78:fb:df:a1:2a:bd:fb:9c:73:27:a4:c9:61:64:9f:ec:b9:
e7:32:92:6d:15:18:87:b9:32:9c:c4:9b:20:e5:d5:69:56:af:
81:90:8d:1c:21:21:83:d1:87:37:08:cf:0d:d4:d2:de:2a:23:
60:65:01:aa:b9:ca:4c:b3:c0:4f:98:df:e2:50:54:17:fc:ee:
5c:62:93:cc:66:28:d2:f2:f4:e4:94:88:77:e9:2d:80:fc:23:
66:c5:a2:03:40:05:cb:a9:fa:9b:75:1b:b1:a4:26:71:e4:cf:
10:11:54:4e:1c:07:8a:9b:f5:38:df:9e:4a:10:49:e5:ee:53:
bc:9e:79:12
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYdwWJ73DD6BxvQt5hx2D370MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NDUzN2Q1NGYzNmYxNDIyMzFiYzgxNzAzODg3MmNiNjA3
YjIxZTcwHhcNMjMwNDExMTI0NDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjIyYWUxNWE5ZTI5NGFmZjU2ZTE4N2FjOGY2YTgzN2YzYzQ4OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoizCNYWe0Q1eSL81WnZ1IzUjj2WV
GsRYG2fsDoynvs6PUh8yR2FlvwKuzaPSm2hX1haj71zRp73oW3QFGefhFlfQfDrp
dD5hdGm1fkeNqOPmJfkvXTtScs0VaoMMFopiqILnUxuy6iPD3wHo6cRr7y388rVr
BOev8NWMfKglHCoO7xcoVp8+ujIhry2tv1nqIaa0xkSeSkdvJwdQ33R+spJ01+Pw
Qly4PYbngC5qcsJfdcwsgdtP9godwnOx0PwytrKYLQpc7ViDTIZgFtYiS7d/njbc
ULWvYWkhuvKtlgHFeVdIg67rmLGdMUf7C0L27pOOhscuLJiDk+O+A03jHwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFM8irhWp4pSv9W4Yesj2qDfzxIkMMB8GA1UdIwQY
MBaAFFdFN9VPNvFCIxvIFwOIcstgeyHnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjBVMzFVODI4VUlqRzhnWEE0aHl5MkI3SWVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mZGQyNWQtYzAzNC00OWYzLTg5MGQt
NGI4OWQzNzc4MDhlLzEvenlLdUZhbmlsS18xYmhoNnlQYW9OX1BFaVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mZGQyNWQtYzAzNC00OWYzLTg5MGQtNGI4OWQzNzc4MDhl
LzEvVjBVMzFVODI4VUlqRzhnWEE0aHl5MkI3SWVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAQFLHAD
BAMfwdADBAMlI3gDBAU+zGADBAZBEoADBAJNb+QDBAZQ0IADBAZZ7IADBAVfruAw
DAMEAm1qLAMEBm1qAAMEBIr4MAMEBouyAAMEBZEo4AMEArlKbAMEBdQ8IAMEBtXd
wDANBAIAAjAHAwUDIAEaiDANBgkqhkiG9w0BAQsFAAOCAQEAd/uK4JaVg+noiwCc
2lecOadUEQRZB6FXFB6YVCUjMRO2hOSDjt9aK9h+kM/iKIOUxpRRZIgSdz7PpS+B
2OnL4rCRVzgzEu4KI7/wGW/YL1z9LnYCHlmQivGjxUtg4cf9oiEM8553B1+K+FFI
h2Cv8bwJ0V8AM+X4Rzhp9yb1PXj736EqvfuccyekyWFkn+y55zKSbRUYh7kynMSb
IOXVaVavgZCNHCEhg9GHNwjPDdTS3iojYGUBqrnKTLPAT5jf4lBUF/zuXGKTzGYo
0vL05JSId+ktgPwjZsWiA0AFy6n6m3UbsaQmceTPEBFUThwHipv1ON+eShBJ5e5T
vJ55Eg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:11:04 2025 by rpki-client