Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/D97KOcIhQjJFLATeZbxsTUczVrU.roa
File: D97KOcIhQjJFLATeZbxsTUczVrU.roa (raw, json)
Hash identifier: Xj8hA46KGCVk0CECqYjB5VZh6Rgseox2gIcnuaU0F4E=
Subject key identifier: 0F:DE:CA:39:C2:21:42:32:45:2C:04:DE:65:BC:6C:4D:47:33:56:B5
Certificate issuer: /CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Certificate serial: 01856F2FED93DA74A1D06DEC04B057CE1C2A
Authority key identifier: 0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/D97KOcIhQjJFLATeZbxsTUczVrU.roa
Signing time: Sun 01 Jan 2023 21:14:50 +0000
ROA not before: Sun 01 Jan 2023 21:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5606
IP address blocks: 128.140.224.0/21 maxlen: 24
176.223.110.0/24 maxlen: 24
89.38.59.0/24 maxlen: 24
84.247.28.0/24 maxlen: 24
91.194.235.0/24 maxlen: 24
188.213.33.0/24 maxlen: 24
89.44.200.0/24 maxlen: 24
188.241.222.0/24 maxlen: 24
109.205.91.0/24 maxlen: 24
109.205.88.0/24 maxlen: 24
109.205.90.0/24 maxlen: 24
109.205.89.0/24 maxlen: 24
193.41.251.0/24 maxlen: 24
109.205.95.0/24 maxlen: 24
94.176.190.0/24 maxlen: 24
87.237.104.0/22 maxlen: 24
188.212.37.0/24 maxlen: 24
87.237.110.0/23 maxlen: 24
86.104.3.0/24 maxlen: 24
188.213.132.0/23 maxlen: 24
86.104.17.0/24 maxlen: 24
188.211.236.0/24 maxlen: 24
212.146.64.0/18 maxlen: 24
89.38.241.0/24 maxlen: 24
93.113.30.0/24 maxlen: 24
93.113.58.0/23 maxlen: 24
188.212.152.0/24 maxlen: 24
37.156.182.0/23 maxlen: 24
89.40.132.0/24 maxlen: 24
89.38.231.0/24 maxlen: 24
185.8.152.0/22 maxlen: 24
77.81.2.0/24 maxlen: 24
85.204.108.0/24 maxlen: 24
89.41.31.0/24 maxlen: 24
89.44.121.0/24 maxlen: 24
193.226.128.0/18 maxlen: 24
5.35.208.0/21 maxlen: 24
85.204.75.0/24 maxlen: 24
89.37.143.0/24 maxlen: 24
89.39.68.0/24 maxlen: 24
85.9.0.0/18 maxlen: 24
194.105.1.0/24 maxlen: 24
2001:4d80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:ed:93:da:74:a1:d0:6d:ec:04:b0:57:ce:1c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Validity
Not Before: Jan 1 21:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fdeca39c2214232452c04de65bc6c4d473356b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d7:65:31:19:49:9f:fb:17:aa:5d:a3:22:03:
e1:ec:c4:6a:72:2e:59:2f:21:c6:62:b1:37:13:61:
ac:45:68:48:5e:78:52:7f:4b:b5:2c:e9:03:0b:cc:
b7:90:43:9a:08:fa:34:9c:34:a6:f6:81:7f:44:94:
ad:b1:2c:a2:b4:a2:50:59:bb:58:2c:21:09:89:84:
96:54:a8:b1:98:14:e0:aa:9e:b8:65:c6:31:01:7a:
87:3d:9e:fd:23:b5:6e:95:87:5d:db:05:c2:da:a8:
4a:52:e3:66:b3:5f:60:07:6f:75:e1:cc:95:c3:8a:
b6:9a:ca:77:09:41:c3:ff:08:00:38:2e:a3:cc:f2:
c6:68:38:8c:22:77:78:5d:9a:c0:5a:8d:42:fc:9b:
f5:5b:d3:49:e0:ac:b1:53:b0:1e:1f:4c:bd:86:b0:
e4:aa:52:33:c3:ec:1b:a8:b0:cd:11:04:c4:10:dd:
95:22:5b:7a:ae:6f:6a:d6:1b:2e:ec:6a:6b:3e:de:
2a:3a:44:22:77:12:84:a0:29:75:ac:0e:20:06:d7:
59:69:ee:f5:48:39:eb:92:36:c9:d7:c9:cb:9c:a6:
ea:d7:a7:51:42:64:e2:61:71:12:2e:44:fb:8c:cc:
9e:e5:7a:40:89:86:35:e5:20:23:67:1e:31:44:1d:
d0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:DE:CA:39:C2:21:42:32:45:2C:04:DE:65:BC:6C:4D:47:33:56:B5
X509v3 Authority Key Identifier:
keyid:0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/D97KOcIhQjJFLATeZbxsTUczVrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.208.0/21
37.156.182.0/23
77.81.2.0/24
84.247.28.0/24
85.9.0.0/18
85.204.75.0/24
85.204.108.0/24
86.104.3.0/24
86.104.17.0/24
87.237.104.0/22
87.237.110.0/23
89.37.143.0/24
89.38.59.0/24
89.38.231.0/24
89.38.241.0/24
89.39.68.0/24
89.40.132.0/24
89.41.31.0/24
89.44.121.0/24
89.44.200.0/24
91.194.235.0/24
93.113.30.0/24
93.113.58.0/23
94.176.190.0/24
109.205.88.0/22
109.205.95.0/24
128.140.224.0/21
176.223.110.0/24
185.8.152.0/22
188.211.236.0/24
188.212.37.0/24
188.212.152.0/24
188.213.33.0/24
188.213.132.0/23
188.241.222.0/24
193.41.251.0/24
193.226.128.0/18
194.105.1.0/24
212.146.64.0/18
IPv6:
2001:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
3d:7a:99:a8:b9:fe:f1:29:3a:27:c0:21:6e:6e:6b:f8:0f:32:
aa:c2:f4:7d:60:02:a1:95:40:1c:ee:50:a7:e4:64:be:16:9c:
1f:6d:5e:2f:d3:4c:9a:7a:a8:b2:3a:55:79:cf:71:99:47:5c:
95:79:72:8f:27:89:da:3f:a4:49:49:0e:53:f2:76:ef:10:78:
7a:5d:f0:df:e9:75:a0:a7:4a:b6:50:a9:7c:db:a6:92:98:79:
de:28:8b:33:44:9a:d5:45:81:3e:8b:ad:dc:8d:ce:3b:a6:33:
5d:fc:b4:c7:e3:81:ff:4b:a7:37:7e:8b:c8:c8:b8:fb:99:ca:
d0:26:50:30:3b:fb:ff:ad:ac:81:f5:f9:2b:f4:ad:dd:39:ad:
95:76:fa:7a:29:c9:09:c5:28:7d:a7:aa:f4:3e:c4:d8:2f:f7:
37:f6:f0:1a:06:51:66:28:94:7e:53:0a:7c:f1:c4:4a:41:18:
ff:f3:63:23:de:29:9e:39:3d:7b:52:04:97:10:84:d4:f9:8d:
0b:55:f5:33:c5:3a:f2:3e:8d:75:83:13:c6:b2:47:bb:c6:f9:
21:7f:ed:93:f6:03:25:74:bc:96:65:f9:be:44:4f:cd:e5:dd:
c2:85:66:e8:99:e9:34:1a:1a:ff:8a:db:6f:16:a6:fe:14:e1:
3e:70:99:69
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAYVvL+2T2nSh0G3sBLBXzhwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZjYxNzk4ZGQxODk2NWMwMjdhZmE3ZjkzYWUwMzBmZjVl
MWQ3NmUwHhcNMjMwMTAxMjExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmRlY2EzOWMyMjE0MjMyNDUyYzA0ZGU2NWJjNmM0ZDQ3MzM1NmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutdlMRlJn/sXql2jIgPh7MRqci5Z
LyHGYrE3E2GsRWhIXnhSf0u1LOkDC8y3kEOaCPo0nDSm9oF/RJStsSyitKJQWbtY
LCEJiYSWVKixmBTgqp64ZcYxAXqHPZ79I7VulYdd2wXC2qhKUuNms19gB2914cyV
w4q2msp3CUHD/wgAOC6jzPLGaDiMInd4XZrAWo1C/Jv1W9NJ4KyxU7AeH0y9hrDk
qlIzw+wbqLDNEQTEEN2VIlt6rm9q1hsu7GprPt4qOkQidxKEoCl1rA4gBtdZae71
SDnrkjbJ18nLnKbq16dRQmTiYXESLkT7jMye5XpAiYY15SAjZx4xRB3QCwIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFA/eyjnCIUIyRSwE3mW8bE1HM1a1MB8GA1UdIwQY
MBaAFAr2F5jdGJZcAnr6f5OuAw/14dduMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ZZWG1OMFlsbHdDZXZwX2s2NEREX1hoMTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82MTUxNjQtNmQ5Ni00ODhhLTk2YmEt
ZDZlMWUzNDdmOWM3LzEvRDk3S09jSWhRakpGTEFUZVpieHNUVWN6VnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82MTUxNjQtNmQ5Ni00ODhhLTk2YmEtZDZlMWUzNDdmOWM3
LzEvQ3ZZWG1OMFlsbHdDZXZwX2s2NEREX1hoMTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB8QQCAAEwgeoD
BAMFI9ADBAElnLYDBABNUQIDBABU9xwDBAZVCQADBABVzEsDBABVzGwDBABWaAMD
BABWaBEDBAJX7WgDBAFX7W4DBABZJY8DBABZJjsDBABZJucDBABZJvEDBABZJ0QD
BABZKIQDBABZKR8DBABZLHkDBABZLMgDBABbwusDBABdcR4DBAFdcToDBABesL4D
BAJtzVgDBABtzV8DBAOAjOADBACw324DBAK5CJgDBAC80+wDBAC81CUDBAC81JgD
BAC81SEDBAG81YQDBAC88d4DBADBKfsDBAbB4oADBADCaQEDBAbUkkAwDQQCAAIw
BwMFACABTYAwDQYJKoZIhvcNAQELBQADggEBAD16mai5/vEpOifAIW5ua/gPMqrC
9H1gAqGVQBzuUKfkZL4WnB9tXi/TTJp6qLI6VXnPcZlHXJV5co8nido/pElJDlPy
du8QeHpd8N/pdaCnSrZQqXzbppKYed4oizNEmtVFgT6LrdyNzjumM138tMfjgf9L
pzd+i8jIuPuZytAmUDA7+/+trIH1+Sv0rd05rZV2+nopyQnFKH2nqvQ+xNgv9zf2
8BoGUWYolH5TCnzxxEpBGP/zYyPeKZ45PXtSBJcQhNT5jQtV9TPFOvI+jXWDE8ay
R7vG+SF/7ZP2AyV0vJZl+b5ET83l3cKFZuiZ6TQaGv+K228Wpv4U4T5wmWk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:03 2025 by rpki-client