Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/ZDKYtcE5L8UCruTYJOwb8wa2nM0.roa
File: ZDKYtcE5L8UCruTYJOwb8wa2nM0.roa (raw, json)
Hash identifier: lWUhKiQgrNTAEDsTjnjqjiiZt74/BiPVSLU4fHpFc9Q=
Subject key identifier: 64:32:98:B5:C1:39:2F:C5:02:AE:E4:D8:24:EC:1B:F3:06:B6:9C:CD
Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Certificate serial: 0186BC618E0BA152802C0DC84CD7CB566A25
Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/ZDKYtcE5L8UCruTYJOwb8wa2nM0.roa
Signing time: Tue 07 Mar 2023 14:02:35 +0000
ROA not before: Tue 07 Mar 2023 14:02:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2116
IP address blocks: 85.252.0.0/16 maxlen: 16
194.29.200.0/22 maxlen: 22
37.191.128.0/17 maxlen: 17
213.160.224.0/20 maxlen: 20
213.160.240.0/21 maxlen: 21
31.185.24.0/21 maxlen: 21
81.175.0.0/20 maxlen: 20
178.74.0.0/18 maxlen: 18
81.175.24.0/21 maxlen: 22
81.175.20.0/22 maxlen: 22
213.151.128.0/19 maxlen: 19
81.175.32.0/19 maxlen: 19
217.77.32.0/20 maxlen: 20
195.204.0.0/16 maxlen: 16
85.221.0.0/17 maxlen: 17
217.8.128.0/19 maxlen: 19
77.234.48.0/21 maxlen: 21
86.62.128.0/18 maxlen: 18
62.63.0.0/18 maxlen: 18
89.191.0.0/19 maxlen: 19
81.191.0.0/16 maxlen: 16
193.90.0.0/16 maxlen: 16
80.241.80.0/20 maxlen: 20
194.19.0.0/17 maxlen: 17
212.62.224.0/19 maxlen: 19
64.28.0.0/19 maxlen: 19
85.196.64.0/18 maxlen: 18
193.75.0.0/17 maxlen: 17
195.139.0.0/16 maxlen: 16
213.172.192.0/19 maxlen: 19
78.24.144.0/21 maxlen: 21
109.199.192.0/19 maxlen: 19
195.1.0.0/16 maxlen: 16
213.52.0.0/17 maxlen: 17
185.129.156.0/22 maxlen: 22
185.35.80.0/22 maxlen: 22
193.69.0.0/16 maxlen: 16
195.18.128.0/17 maxlen: 17
185.8.16.0/22 maxlen: 22
85.112.128.0/19 maxlen: 19
82.196.192.0/19 maxlen: 19
217.118.32.0/19 maxlen: 19
79.135.0.0/19 maxlen: 19
91.135.32.0/20 maxlen: 20
217.144.224.0/19 maxlen: 19
77.40.128.0/17 maxlen: 17
185.67.116.0/22 maxlen: 24
213.239.64.0/18 maxlen: 18
87.118.0.0/18 maxlen: 18
84.20.96.0/19 maxlen: 19
77.88.64.0/18 maxlen: 18
195.159.0.0/16 maxlen: 16
62.101.192.0/18 maxlen: 18
80.64.192.0/20 maxlen: 20
88.84.160.0/19 maxlen: 19
194.54.96.0/19 maxlen: 19
81.0.128.0/18 maxlen: 18
212.71.64.0/19 maxlen: 19
195.0.128.0/17 maxlen: 17
217.14.0.0/20 maxlen: 20
193.91.128.0/17 maxlen: 17
213.158.224.0/19 maxlen: 19
2a00:c440::/29 maxlen: 29
2001:840::/29 maxlen: 29
2a03:c000::/29 maxlen: 29
2a01:520::/29 maxlen: 29
2a02:270::/29 maxlen: 29
2001:4dd8::/29 maxlen: 29
2001:8c0::/29 maxlen: 29
2a04:6340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:61:8e:0b:a1:52:80:2c:0d:c8:4c:d7:cb:56:6a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Validity
Not Before: Mar 7 14:02:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643298b5c1392fc502aee4d824ec1bf306b69ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:15:9e:ee:56:be:19:98:5d:4a:9f:69:6b:f8:
51:5e:47:36:13:af:02:98:c0:c2:f5:c9:68:f7:13:
8e:38:82:a0:e8:17:74:43:84:2c:a3:05:7a:17:f3:
dd:29:6b:45:04:e3:64:ea:bc:ee:15:c5:20:b3:e4:
87:b4:9d:3c:b9:6c:48:d0:36:cd:9d:14:c4:8b:c0:
9b:ad:35:69:af:08:6e:4f:b0:91:f2:19:b4:51:d9:
08:69:02:c2:95:e7:f2:e0:23:82:bd:b5:66:86:6c:
f8:49:0d:a4:75:84:9f:07:8f:9b:60:67:f8:90:30:
f4:9d:b7:51:47:cb:06:b5:2e:4e:07:97:f4:ef:00:
96:01:76:81:c9:62:fb:c6:16:3f:ea:25:4d:55:78:
d0:3c:b7:1c:aa:97:ad:01:77:b2:16:68:3a:11:dd:
23:4c:7e:d7:80:5d:29:30:10:9e:8e:84:d4:83:e6:
3c:ae:2d:72:a8:b7:f2:55:ef:e8:62:3d:a3:8d:49:
e0:d4:05:8a:26:ee:1b:0c:9d:40:3f:73:28:a5:d6:
bc:a1:0b:a8:65:e7:8b:e0:74:d8:c4:11:22:52:e8:
86:99:3e:fb:9e:af:da:f9:8e:a0:a3:ed:5d:27:15:
6b:c7:6e:6f:f6:11:b9:28:db:51:c4:19:bc:76:ac:
3d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:32:98:B5:C1:39:2F:C5:02:AE:E4:D8:24:EC:1B:F3:06:B6:9C:CD
X509v3 Authority Key Identifier:
keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/ZDKYtcE5L8UCruTYJOwb8wa2nM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.24.0/21
37.191.128.0/17
62.63.0.0/18
62.101.192.0/18
64.28.0.0/19
77.40.128.0/17
77.88.64.0/18
77.234.48.0/21
78.24.144.0/21
79.135.0.0/19
80.64.192.0/20
80.241.80.0/20
81.0.128.0/18
81.175.0.0/20
81.175.20.0-81.175.63.255
81.191.0.0/16
82.196.192.0/19
84.20.96.0/19
85.112.128.0/19
85.196.64.0/18
85.221.0.0/17
85.252.0.0/16
86.62.128.0/18
87.118.0.0/18
88.84.160.0/19
89.191.0.0/19
91.135.32.0/20
109.199.192.0/19
178.74.0.0/18
185.8.16.0/22
185.35.80.0/22
185.67.116.0/22
185.129.156.0/22
193.69.0.0/16
193.75.0.0/17
193.90.0.0/16
193.91.128.0/17
194.19.0.0/17
194.29.200.0/22
194.54.96.0/19
195.0.128.0-195.1.255.255
195.18.128.0/17
195.139.0.0/16
195.159.0.0/16
195.204.0.0/16
212.62.224.0/19
212.71.64.0/19
213.52.0.0/17
213.151.128.0/19
213.158.224.0/19
213.160.224.0-213.160.247.255
213.172.192.0/19
213.239.64.0/18
217.8.128.0/19
217.14.0.0/20
217.77.32.0/20
217.118.32.0/19
217.144.224.0/19
IPv6:
2001:840::/29
2001:8c0::/29
2001:4dd8::/29
2a00:c440::/29
2a01:520::/29
2a02:270::/29
2a03:c000::/29
2a04:6340::/29
Signature Algorithm: sha256WithRSAEncryption
4f:7e:b1:46:b8:c4:c0:94:38:d5:2e:53:94:4a:3d:24:d9:dd:
a8:5e:6f:94:ca:e5:29:76:9a:a5:25:f3:9d:d0:e1:d0:11:76:
9f:c5:57:11:37:6d:fd:aa:33:fe:a6:28:2b:05:96:0d:92:c1:
3b:d4:55:64:de:9f:8e:d6:ff:a7:15:ae:a6:95:fb:1e:4f:3e:
7c:d1:67:5d:99:1b:77:d2:4f:df:95:a1:94:f6:7c:20:fb:bd:
87:27:74:81:44:ab:bb:a8:76:ee:cf:9d:95:e3:13:c7:ef:27:
64:85:4c:b7:4e:90:1f:51:b1:86:ed:0e:4a:e8:8a:44:a3:45:
cb:c5:31:91:ba:63:5f:cd:ae:f2:8f:bf:b0:4f:0e:7b:22:98:
c4:f6:b7:1f:b7:17:5b:df:e3:a7:3b:82:7b:e2:c7:d6:03:f2:
c4:98:00:04:6c:69:5e:2a:c0:e1:00:6e:62:8c:57:a3:8b:94:
fb:7f:c7:97:9e:9e:82:1e:57:a1:7b:1e:4a:e9:e3:4e:dc:ab:
05:b2:69:05:b0:fb:50:88:10:18:fa:2a:5f:63:14:f9:51:f7:
0f:d8:01:01:44:12:34:70:a9:8c:b1:1c:90:ec:53:4a:57:0c:
96:b3:b0:51:33:52:31:8d:7f:b0:e9:a8:bb:9c:dd:2b:9f:2a:
7b:09:1b:f4
-----BEGIN CERTIFICATE-----
MIIGrTCCBZWgAwIBAgISAYa8YY4LoVKALA3ITNfLVmolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5
YmJjOGUwHhcNMjMwMzA3MTQwMjM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDMyOThiNWMxMzkyZmM1MDJhZWU0ZDgyNGVjMWJmMzA2YjY5Y2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhWe7la+GZhdSp9pa/hRXkc2E68C
mMDC9clo9xOOOIKg6Bd0Q4QsowV6F/PdKWtFBONk6rzuFcUgs+SHtJ08uWxI0DbN
nRTEi8CbrTVprwhuT7CR8hm0UdkIaQLClefy4COCvbVmhmz4SQ2kdYSfB4+bYGf4
kDD0nbdRR8sGtS5OB5f07wCWAXaByWL7xhY/6iVNVXjQPLccqpetAXeyFmg6Ed0j
TH7XgF0pMBCejoTUg+Y8ri1yqLfyVe/oYj2jjUng1AWKJu4bDJ1AP3Mopda8oQuo
ZeeL4HTYxBEiUuiGmT77nq/a+Y6go+1dJxVrx25v9hG5KNtRxBm8dqw9EwIDAQAB
o4IDuTCCA7UwHQYDVR0OBBYEFGQymLXBOS/FAq7k2CTsG/MGtpzNMB8GA1UdIwQY
MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt
Mzk0ODAyODVhOTQ4LzEvWkRLWXRjRTVMOFVDcnVUWUpPd2I4d2Eybk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4
LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBzQYIKwYBBQUHAQcBAf8EggG8MIIBuDCCAXQEAgABMIIB
bAMEAx+5GAMEByW/gAMEBj4/AAMEBj5lwAMEBUAcAAMEB00ogAMEBk1YQAMEA03q
MAMEA04YkAMEBU+HAAMEBFBAwAMEBFDxUAMEBlEAgAMEBFGvADAMAwQCUa8UAwQG
Ua8AAwMAUb8DBAVSxMADBAVUFGADBAVVcIADBAZVxEADBAdV3QADAwBV/AMEBlY+
gAMEBld2AAMEBVhUoAMEBVm/AAMEBFuHIAMEBW3HwAMEBrJKAAMEArkIEAMEArkj
UAMEArlDdAMEArmBnAMDAMFFAwQHwUsAAwMAwVoDBAfBW4ADBAfCEwADBALCHcgD
BAXCNmAwCwMEB8MAgAMDAcMAAwQHwxKAAwMAw4sDAwDDnwMDAMPMAwQF1D7gAwQF
1EdAAwQH1TQAAwQF1ZeAAwQF1Z7gMAwDBAXVoOADBAPVoPADBAXVrMADBAbV70AD
BAXZCIADBATZDgADBATZTSADBAXZdiADBAXZkOAwPgQCAAIwOAMFAyABCEADBQMg
AQjAAwUDIAFN2AMFAyoAxEADBQMqAQUgAwUDKgICcAMFAyoDwAADBQMqBGNAMA0G
CSqGSIb3DQEBCwUAA4IBAQBPfrFGuMTAlDjVLlOUSj0k2d2oXm+UyuUpdpqlJfOd
0OHQEXafxVcRN239qjP+pigrBZYNksE71FVk3p+O1v+nFa6mlfseTz580WddmRt3
0k/flaGU9nwg+72HJ3SBRKu7qHbuz52V4xPH7ydkhUy3TpAfUbGG7Q5K6IpEo0XL
xTGRumNfza7yj7+wTw57IpjE9rcftxdb3+OnO4J74sfWA/LEmAAEbGleKsDhAG5i
jFeji5T7f8eXnp6CHlehex5K6eNO3KsFsmkFsPtQiBAY+ipfYxT5UfcP2AEBRBI0
cKmMsRyQ7FNKVwyWs7BRM1IxjX+w6ai7nN0rnyp7CRv0
-----END CERTIFICATE-----
Generated at Sat May 3 14:10:59 2025 by rpki-client