Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/Zl7nWGWd3AwksoZMPI4DP-M4ySI.roa
File: Zl7nWGWd3AwksoZMPI4DP-M4ySI.roa (raw, json)
Hash identifier: Bud2ov7Sbu9bUSIpF69WIaBLC492lLJjPIKaVI89qMY=
Subject key identifier: 66:5E:E7:58:65:9D:DC:0C:24:B2:86:4C:3C:8E:03:3F:E3:38:C9:22
Certificate issuer: /CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3
Certificate serial: 06D8F5FA
Authority key identifier: 64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/Zl7nWGWd3AwksoZMPI4DP-M4ySI.roa
Signing time: Sat 01 Jan 2022 07:58:18 +0000
ROA not before: Sat 01 Jan 2022 07:58:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205806
IP address blocks: 185.206.44.0/22 maxlen: 22
185.178.24.0/22 maxlen: 22
213.208.40.0/22 maxlen: 22
213.208.44.0/22 maxlen: 22
149.249.224.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114882042 (0x6d8f5fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3
Validity
Not Before: Jan 1 07:58:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=665ee758659ddc0c24b2864c3c8e033fe338c922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a1:1c:ab:83:a1:6d:f5:e0:3d:80:5b:4c:09:
1c:27:11:dd:06:1e:56:6e:91:aa:30:c2:8b:ce:ce:
99:45:ce:b2:74:f0:bc:d5:75:7e:f3:59:f8:3b:cf:
db:67:2c:a4:ca:cc:12:2a:d8:68:4a:ae:09:f0:7d:
bb:d3:97:f6:09:80:2d:10:35:3a:6f:97:7f:5a:79:
97:1e:cd:32:0a:4d:73:c8:f1:a5:05:f4:ba:cb:cd:
bf:e2:ef:eb:57:1b:c8:a3:ff:4d:de:33:7e:80:12:
49:58:84:95:1a:f7:59:ca:b6:26:71:fb:80:49:58:
5c:ab:87:46:94:89:3a:a4:67:5f:20:fe:a8:00:0f:
d2:ec:0c:c6:5d:1e:ec:f5:b7:6a:07:22:0d:1d:e2:
d9:0c:3b:06:6c:6d:ee:50:45:9f:6a:7b:2b:7f:ad:
04:28:3a:ca:fa:ba:e1:6f:60:95:8e:3d:83:38:af:
72:e5:bc:2e:3e:25:41:be:0f:40:d6:7e:63:9a:76:
4e:b0:dd:13:cf:f7:b5:2c:d2:42:9e:f9:16:f9:1b:
24:ad:ed:4e:29:5e:8a:48:8b:59:8c:4e:4a:0c:bf:
56:f0:51:09:e5:ac:34:4a:2b:5e:cc:95:76:a3:46:
ae:45:ba:93:82:9d:71:95:d8:28:62:69:6a:99:2e:
1d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:5E:E7:58:65:9D:DC:0C:24:B2:86:4C:3C:8E:03:3F:E3:38:C9:22
X509v3 Authority Key Identifier:
keyid:64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/Zl7nWGWd3AwksoZMPI4DP-M4ySI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.249.224.0/20
185.178.24.0/22
185.206.44.0/22
213.208.40.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:e5:47:c7:49:b9:0e:ef:4b:05:92:63:39:61:cb:4f:20:1e:
5b:69:41:e7:18:fb:15:9a:42:1f:db:fb:9b:3c:b5:98:6b:f7:
c3:ab:f0:1b:63:cb:63:15:17:eb:69:aa:13:75:bf:02:bc:43:
6c:d7:7b:df:7c:63:b3:d0:f1:33:fe:f5:ad:d6:bc:6a:03:4c:
51:e3:fb:df:f2:8d:5c:f8:65:41:fd:b7:e0:95:42:6e:02:aa:
13:61:16:73:7c:67:10:cd:cd:ce:70:f3:34:c3:91:0c:ca:ec:
32:57:4f:4d:60:bb:33:6c:a7:f1:70:74:50:c7:32:84:69:47:
ed:41:4d:71:0c:e5:16:cd:0a:d8:0d:1d:01:5f:a6:c3:4e:f9:
b7:29:62:be:35:01:b7:40:40:d7:68:67:81:77:14:3c:ee:5d:
4a:e8:be:23:93:74:02:b1:28:77:25:31:d1:7f:65:7d:a5:a5:
04:19:96:ef:a8:43:76:a7:a2:40:8b:95:a7:10:9b:94:5a:d1:
1a:03:38:9b:43:84:e2:ae:60:dc:4f:91:d4:16:32:06:02:2a:
f5:f1:ec:d0:15:22:b0:ab:79:00:75:51:a0:f6:92:15:25:eb:
d6:a4:49:36:56:1f:a3:d4:e8:80:ff:22:e2:47:d3:d0:07:89:
ea:13:8d:08
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBtj1+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGVmOThhZGJmNDJkNWJhY2QyNGNhZGIwYWRmMDkyYzQ1NzZkYWYzMB4XDTIyMDEw
MTA3NTgxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY1ZWU3NTg2NTlk
ZGMwYzI0YjI4NjRjM2M4ZTAzM2ZlMzM4YzkyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqhHKuDoW314D2AW0wJHCcR3QYeVm6RqjDCi87OmUXOsnTw
vNV1fvNZ+DvP22cspMrMEirYaEquCfB9u9OX9gmALRA1Om+Xf1p5lx7NMgpNc8jx
pQX0usvNv+Lv61cbyKP/Td4zfoASSViElRr3Wcq2JnH7gElYXKuHRpSJOqRnXyD+
qAAP0uwMxl0e7PW3agciDR3i2Qw7Bmxt7lBFn2p7K3+tBCg6yvq64W9glY49gziv
cuW8Lj4lQb4PQNZ+Y5p2TrDdE8/3tSzSQp75FvkbJK3tTileikiLWYxOSgy/VvBR
CeWsNEorXsyVdqNGrkW6k4KdcZXYKGJpapkuHd8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRmXudYZZ3cDCSyhkw8jgM/4zjJIjAfBgNVHSMEGDAWgBRk75itv0LVus0k
ytsK3wksRXba8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pPLVlyYjlDMWJyTkpNcmJDdDhKTEVWMjJ2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvZTQ5YmM1LTY4YzUtNGNlMi1hOWI5LTAzYzZmZWFmMWQ5Zi8x
L1psN25XR1dkM0F3a3NvWk1QSTREUC1NNHlTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
ZTQ5YmM1LTY4YzUtNGNlMi1hOWI5LTAzYzZmZWFmMWQ5Zi8xL1pPLVlyYjlDMWJy
TkpNcmJDdDhKTEVWMjJ2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBJX54AMEArmyGAMEArnOLAMEA9XQ
KDANBgkqhkiG9w0BAQsFAAOCAQEAb+VHx0m5Du9LBZJjOWHLTyAeW2lB5xj7FZpC
H9v7mzy1mGv3w6vwG2PLYxUX62mqE3W/ArxDbNd733xjs9DxM/71rda8agNMUeP7
3/KNXPhlQf234JVCbgKqE2EWc3xnEM3NznDzNMORDMrsMldPTWC7M2yn8XB0UMcy
hGlH7UFNcQzlFs0K2A0dAV+mw075tylivjUBt0BA12hngXcUPO5dSui+I5N0ArEo
dyUx0X9lfaWlBBmW76hDdqeiQIuVpxCblFrRGgM4m0OE4q5g3E+R1BYyBgIq9fHs
0BUisKt5AHVRoPaSFSXr1qRJNlYfo9TogP8i4kfT0AeJ6hONCA==
-----END CERTIFICATE-----
Generated at Sun May 11 05:13:33 2025 by rpki-client