Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/b-OJno6XYhXIivUDxboF6723fHU.roa
File: b-OJno6XYhXIivUDxboF6723fHU.roa (raw, json)
Hash identifier: gfkrF0Zg2YOchHrUZl0lP9elHbvWZ9gKo38yWdf/qp4=
Subject key identifier: 6F:E3:89:9E:8E:97:62:15:C8:8A:F5:03:C5:BA:05:EB:BD:B7:7C:75
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01865FD62DE0407A5E43C8309DF3FA4A935B
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/b-OJno6XYhXIivUDxboF6723fHU.roa
Signing time: Fri 17 Feb 2023 14:45:17 +0000
ROA not before: Fri 17 Feb 2023 14:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
109.104.140.0/22 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
2a0d:4a40::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a09:6e47::/48 maxlen: 48
2a04:27c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
2a09:6e40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:d6:2d:e0:40:7a:5e:43:c8:30:9d:f3:fa:4a:93:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Feb 17 14:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fe3899e8e976215c88af503c5ba05ebbdb77c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a1:04:10:83:08:fb:7b:7b:a4:db:b3:96:77:
38:e9:90:84:b0:57:e1:9d:70:39:36:0e:89:9c:5e:
b5:2e:0d:35:4e:7e:96:dc:59:7e:69:8d:51:1e:33:
27:52:8d:d2:77:14:e8:81:db:09:a4:ed:78:d3:e8:
ce:35:37:f6:96:b1:da:70:c9:ab:69:c0:21:ac:f4:
36:18:7d:b3:8a:c9:67:54:ad:9d:e4:4a:18:9d:76:
ae:fd:53:0f:b2:e9:07:4b:56:cb:10:0c:5f:ba:ac:
05:45:48:83:7b:2d:f1:97:f8:8d:7c:e6:ee:0c:35:
5d:29:7c:a7:15:22:b9:11:55:3e:25:e4:9c:86:dd:
3c:94:aa:08:84:05:33:e5:f2:b0:23:03:9f:4f:24:
06:e2:b8:33:8a:39:96:bb:74:1d:48:e8:22:ee:34:
52:ed:b9:67:18:23:db:33:ff:a0:47:e8:bf:74:61:
89:1f:49:13:e1:c3:2f:5d:3f:fd:23:5b:60:6f:15:
94:65:9b:c8:fe:43:30:dc:6c:e8:84:3f:66:3c:67:
63:54:33:6c:82:c9:f5:c5:dc:b1:e0:06:0e:c3:df:
da:62:0a:5f:c7:89:4a:da:ed:13:d3:33:aa:83:31:
95:ee:8b:b2:f0:60:ca:23:a0:72:08:87:51:0e:d6:
dc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E3:89:9E:8E:97:62:15:C8:8A:F5:03:C5:BA:05:EB:BD:B7:7C:75
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/b-OJno6XYhXIivUDxboF6723fHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/22
109.104.140.0/22
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:78:1e:3a:fe:43:67:4c:44:93:47:f6:02:0f:22:2e:8b:0f:
ef:e7:2a:86:ce:14:06:82:99:fe:5e:88:ab:41:0e:d0:e5:ca:
98:9e:ab:48:91:b7:03:ac:fd:49:1b:98:12:6b:c1:3d:21:16:
af:4f:43:c3:46:77:f1:51:98:f8:77:33:6d:f2:b0:1a:4f:78:
0c:60:7b:56:4a:1c:d5:34:46:9d:a2:0e:5a:02:aa:d2:a3:50:
5e:5e:9e:b5:60:b8:af:14:5c:9a:4e:67:5a:91:b1:04:7b:2e:
71:ea:c8:c6:39:69:d3:ac:3d:5f:65:7f:50:24:df:9b:51:b5:
5d:95:7e:12:5f:53:a9:63:e5:76:40:2c:0d:2f:74:31:84:da:
08:7d:70:5b:fd:90:16:62:c6:94:07:8b:ed:e4:fd:e1:b4:49:
af:01:e9:19:cf:74:4e:f2:e0:4d:a0:a6:d5:70:fd:08:1f:07:
7b:19:cb:94:51:b1:8e:94:11:d9:85:a5:64:cd:95:1b:44:a6:
6f:79:fc:d7:e3:20:48:4a:aa:88:e2:b9:93:e7:87:b3:d0:09:
69:83:8b:d4:02:4b:a4:b4:6c:05:65:e5:24:04:72:d0:6e:b4:
53:89:5b:10:07:df:46:e4:d4:59:30:17:db:e0:97:94:2c:88:
94:28:9b:66
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYZf1i3gQHpeQ8gwnfP6SpNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjMwMjE3MTQ0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmUzODk5ZThlOTc2MjE1Yzg4YWY1MDNjNWJhMDVlYmJkYjc3Yzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqEEEIMI+3t7pNuzlnc46ZCEsFfh
nXA5Ng6JnF61Lg01Tn6W3Fl+aY1RHjMnUo3SdxTogdsJpO140+jONTf2lrHacMmr
acAhrPQ2GH2zislnVK2d5EoYnXau/VMPsukHS1bLEAxfuqwFRUiDey3xl/iNfObu
DDVdKXynFSK5EVU+JeScht08lKoIhAUz5fKwIwOfTyQG4rgzijmWu3QdSOgi7jRS
7blnGCPbM/+gR+i/dGGJH0kT4cMvXT/9I1tgbxWUZZvI/kMw3GzohD9mPGdjVDNs
gsn1xdyx4AYOw9/aYgpfx4lK2u0T0zOqgzGV7ouy8GDKI6ByCIdRDtbcMwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFG/jiZ6Ol2IVyIr1A8W6Beu9t3x1MB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvYi1PSm5vNlhZaFhJaXZVRHhib0Y2NzIzZkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTA8BAIAATA2AwQDH6uYAwQC
LUL8AwQCLY4YAwQCbUocAwQCbWiMAwQCuTVkAwQCuel8AwQBwnFQAwQBwnFeMCkE
AgACMCMDBQMqBCfAAwUDKgluQAMFAyoNQsADBQMqDUpAAwUDKg7UwDANBgkqhkiG
9w0BAQsFAAOCAQEAAHgeOv5DZ0xEk0f2Ag8iLosP7+cqhs4UBoKZ/l6Iq0EO0OXK
mJ6rSJG3A6z9SRuYEmvBPSEWr09Dw0Z38VGY+HczbfKwGk94DGB7Vkoc1TRGnaIO
WgKq0qNQXl6etWC4rxRcmk5nWpGxBHsucerIxjlp06w9X2V/UCTfm1G1XZV+El9T
qWPldkAsDS90MYTaCH1wW/2QFmLGlAeL7eT94bRJrwHpGc90TvLgTaCm1XD9CB8H
exnLlFGxjpQR2YWlZM2VG0Smb3n81+MgSEqqiOK5k+eHs9AJaYOL1AJLpLRsBWXl
JARy0G60U4lbEAffRuTUWTAX2+CXlCyIlCibZg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:04 2025 by rpki-client