Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/zOWENn_mhRnSwQ4GosUDGMgw71o.roa
File: zOWENn_mhRnSwQ4GosUDGMgw71o.roa (raw, json)
Hash identifier: nszMw/YjztWDH58VL/8EpP4FbaYtXiY47M2iGCtzoHE=
Subject key identifier: CC:E5:84:36:7F:E6:85:19:D2:C1:0E:06:A2:C5:03:18:C8:30:EF:5A
Certificate issuer: /CN=0d69e3ee55dd862674d458661ba34908b0617fa1
Certificate serial: 018C00823237791D64A088B047CE69335A5B
Authority key identifier: 0D:69:E3:EE:55:DD:86:26:74:D4:58:66:1B:A3:49:08:B0:61:7F:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/zOWENn_mhRnSwQ4GosUDGMgw71o.roa
Signing time: Fri 24 Nov 2023 08:46:21 +0000
ROA not before: Fri 24 Nov 2023 08:46:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60294
IP address blocks: 94.31.96.0/20 maxlen: 20
185.22.44.0/24 maxlen: 24
185.22.44.0/22 maxlen: 22
185.22.45.0/24 maxlen: 24
94.31.64.0/18 maxlen: 18
94.31.80.0/20 maxlen: 20
185.7.196.0/22 maxlen: 22
185.113.120.0/22 maxlen: 22
185.22.140.0/22 maxlen: 22
185.158.40.0/22 maxlen: 22
185.158.41.0/24 maxlen: 24
46.245.216.0/21 maxlen: 21
2a00:61e0::/32 maxlen: 32
2a03:fc0::/32 maxlen: 32
2a00:6020::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:00:82:32:37:79:1d:64:a0:88:b0:47:ce:69:33:5a:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d69e3ee55dd862674d458661ba34908b0617fa1
Validity
Not Before: Nov 24 08:46:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cce584367fe68519d2c10e06a2c50318c830ef5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6e:1f:dc:5f:2c:c5:9f:33:b1:5d:ff:19:7b:
db:c8:4a:6b:a0:f4:a4:09:1b:c2:cd:33:d4:59:4a:
68:71:37:26:b4:f5:8d:cb:12:b0:cb:16:0b:3f:f0:
11:cf:b4:a0:c5:56:86:ca:8c:4f:48:6f:61:78:9c:
3b:d2:b5:6e:17:7b:27:cb:13:08:d9:2a:1a:4a:27:
13:4b:9f:af:1b:ad:dd:df:40:bb:8a:dd:50:bd:10:
ba:01:78:6c:ba:ae:de:91:cc:cb:ad:72:0a:c2:9e:
eb:3b:7d:2c:8f:48:02:15:70:03:f1:fd:39:59:97:
3c:2d:08:47:2a:24:76:9c:51:0a:05:cb:4f:50:f6:
25:23:e4:fa:75:ec:32:e9:df:1a:2b:30:a9:0e:9f:
c5:fc:d7:02:1c:70:04:78:ee:b9:c2:61:6a:53:ee:
2b:89:84:02:7c:3d:c1:b2:fa:a5:9b:ce:fc:24:b4:
4b:f6:bc:c7:0b:fc:fd:1d:98:1d:3c:6e:2c:d6:cf:
4c:6c:4f:c7:0a:69:77:7b:fc:23:e2:2f:03:ea:cb:
8a:49:75:e5:7c:fc:9d:a5:75:ca:05:85:58:58:7b:
14:46:3a:50:36:0b:2a:c9:17:2c:cb:55:ed:51:51:
e6:ce:91:22:84:7b:1f:dd:b8:2e:aa:12:66:d0:33:
c4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E5:84:36:7F:E6:85:19:D2:C1:0E:06:A2:C5:03:18:C8:30:EF:5A
X509v3 Authority Key Identifier:
keyid:0D:69:E3:EE:55:DD:86:26:74:D4:58:66:1B:A3:49:08:B0:61:7F:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/zOWENn_mhRnSwQ4GosUDGMgw71o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.216.0/21
94.31.64.0/18
185.7.196.0/22
185.22.44.0/22
185.22.140.0/22
185.113.120.0/22
185.158.40.0/22
IPv6:
2a00:6020::/32
2a00:61e0::/32
2a03:fc0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:a0:29:e7:b7:68:a0:d2:2c:69:2c:43:c3:02:c8:9e:0d:85:
70:72:41:58:52:94:1d:31:44:12:6b:da:2d:49:55:38:78:f6:
8b:48:73:ac:c6:fb:38:0a:e0:e9:11:c9:e7:af:7d:29:fb:d7:
d7:2c:fd:a5:07:e5:5c:07:a8:63:62:42:d5:55:f5:4e:63:00:
9c:ac:91:ce:f1:05:3a:8f:22:1d:db:ee:4f:9c:47:d7:83:cb:
89:73:b9:71:90:4f:77:fe:b4:71:38:c8:92:d9:59:a8:15:1a:
d8:a7:f6:ef:76:03:0e:8f:20:10:76:f7:f2:d4:54:a4:9a:12:
6c:cc:cc:17:c4:8b:3a:13:47:15:c2:b2:74:c1:40:ff:83:ac:
f8:33:15:6d:03:fe:7b:85:22:9d:f0:49:f0:2a:b6:ef:65:c3:
77:3c:86:e4:91:a3:b6:0c:77:e8:38:11:95:6d:bd:38:8e:86:
5b:97:fb:71:ed:65:31:44:29:11:df:c2:5d:8b:b9:18:24:45:
c9:44:ff:49:01:00:23:a4:94:33:de:c2:72:4d:7b:97:24:f3:
78:ca:4a:e0:b4:bf:50:67:0b:b3:3d:fc:ea:4d:e5:10:6c:f0:
fb:76:b5:d0:00:56:fa:3d:d5:c7:07:d3:f0:be:86:ec:67:ed:
fb:87:7a:27
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYwAgjI3eR1koIiwR85pM1pbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNjllM2VlNTVkZDg2MjY3NGQ0NTg2NjFiYTM0OTA4YjA2
MTdmYTEwHhcNMjMxMTI0MDg0NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2U1ODQzNjdmZTY4NTE5ZDJjMTBlMDZhMmM1MDMxOGM4MzBlZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkW4f3F8sxZ8zsV3/GXvbyEproPSk
CRvCzTPUWUpocTcmtPWNyxKwyxYLP/ARz7SgxVaGyoxPSG9heJw70rVuF3snyxMI
2SoaSicTS5+vG63d30C7it1QvRC6AXhsuq7ekczLrXIKwp7rO30sj0gCFXAD8f05
WZc8LQhHKiR2nFEKBctPUPYlI+T6dewy6d8aKzCpDp/F/NcCHHAEeO65wmFqU+4r
iYQCfD3Bsvqlm878JLRL9rzHC/z9HZgdPG4s1s9MbE/HCml3e/wj4i8D6suKSXXl
fPydpXXKBYVYWHsURjpQNgsqyRcsy1XtUVHmzpEihHsf3bguqhJm0DPEOwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMzlhDZ/5oUZ0sEOBqLFAxjIMO9aMB8GA1UdIwQY
MBaAFA1p4+5V3YYmdNRYZhujSQiwYX+hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFduajdsWGRoaVowMUZobUc2TkpDTEJoZjZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xZDJlZjgtYTg2ZS00NDZmLThjMzUt
YjgzM2JkOWUwYjNhLzEvek9XRU5uX21oUm5Td1E0R29zVURHTWd3NzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xZDJlZjgtYTg2ZS00NDZmLThjMzUtYjgzM2JkOWUwYjNh
LzEvRFduajdsWGRoaVowMUZobUc2TkpDTEJoZjZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQDLvXYAwQG
Xh9AAwQCuQfEAwQCuRYsAwQCuRaMAwQCuXF4AwQCuZ4oMBsEAgACMBUDBQAqAGAg
AwUAKgBh4AMFACoDD8AwDQYJKoZIhvcNAQELBQADggEBAGugKee3aKDSLGksQ8MC
yJ4NhXByQVhSlB0xRBJr2i1JVTh49otIc6zG+zgK4OkRyeevfSn719cs/aUH5VwH
qGNiQtVV9U5jAJyskc7xBTqPIh3b7k+cR9eDy4lzuXGQT3f+tHE4yJLZWagVGtin
9u92Aw6PIBB29/LUVKSaEmzMzBfEizoTRxXCsnTBQP+DrPgzFW0D/nuFIp3wSfAq
tu9lw3c8huSRo7YMd+g4EZVtvTiOhluX+3HtZTFEKRHfwl2LuRgkRclE/0kBACOk
lDPewnJNe5ck83jKSuC0v1BnC7M9/OpN5RBs8Pt2tdAAVvo91ccH0/C+huxn7fuH
eic=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:55 2025 by rpki-client