Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/OgB0x2Xwrin9ESAtlzdMfG_u5Y0.roa
File: OgB0x2Xwrin9ESAtlzdMfG_u5Y0.roa (raw, json)
Hash identifier: Eu5VRAx4N7SYZlmMNulP26gHFdC3PV9ock0nMRPvroA=
Subject key identifier: 3A:00:74:C7:65:F0:AE:29:FD:11:20:2D:97:37:4C:7C:6F:EE:E5:8D
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0188D1E632F0B29B00AB4EAB90B1AC6268B0
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/OgB0x2Xwrin9ESAtlzdMfG_u5Y0.roa
Signing time: Mon 19 Jun 2023 04:25:04 +0000
ROA not before: Mon 19 Jun 2023 04:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31363
IP address blocks: 86.62.84.0/24 maxlen: 24
86.62.96.0/24 maxlen: 24
86.62.92.0/24 maxlen: 24
86.62.102.0/24 maxlen: 24
86.62.125.0/24 maxlen: 24
195.91.254.0/24 maxlen: 24
195.91.255.0/24 maxlen: 24
195.91.208.0/24 maxlen: 24
195.91.209.0/24 maxlen: 24
195.91.210.0/24 maxlen: 24
195.91.211.0/24 maxlen: 24
195.91.213.0/24 maxlen: 24
195.91.215.0/24 maxlen: 24
195.91.217.0/24 maxlen: 24
195.91.218.0/24 maxlen: 24
195.91.219.0/24 maxlen: 24
195.91.222.0/24 maxlen: 24
195.91.223.0/24 maxlen: 24
195.91.224.0/24 maxlen: 24
195.91.220.0/24 maxlen: 24
195.91.221.0/24 maxlen: 24
195.91.225.0/24 maxlen: 24
195.91.226.0/24 maxlen: 24
195.91.232.0/24 maxlen: 24
195.91.233.0/24 maxlen: 24
195.91.229.0/24 maxlen: 24
195.91.230.0/24 maxlen: 24
195.91.231.0/24 maxlen: 24
195.91.228.0/24 maxlen: 24
195.91.236.0/24 maxlen: 24
195.91.237.0/24 maxlen: 24
195.91.238.0/24 maxlen: 24
195.91.234.0/24 maxlen: 24
195.91.235.0/24 maxlen: 24
195.91.239.0/24 maxlen: 24
195.91.240.0/24 maxlen: 24
195.91.246.0/24 maxlen: 24
195.91.243.0/24 maxlen: 24
195.91.244.0/24 maxlen: 24
195.91.245.0/24 maxlen: 24
195.91.241.0/24 maxlen: 24
195.91.242.0/24 maxlen: 24
195.91.247.0/24 maxlen: 24
86.62.75.0/24 maxlen: 24
195.91.149.0/24 maxlen: 24
195.91.148.0/24 maxlen: 24
195.91.156.0/24 maxlen: 24
195.91.160.0/24 maxlen: 24
195.91.168.0/24 maxlen: 24
195.91.169.0/24 maxlen: 24
195.91.170.0/24 maxlen: 24
195.91.171.0/24 maxlen: 24
195.91.172.0/24 maxlen: 24
195.91.173.0/24 maxlen: 24
195.91.174.0/24 maxlen: 24
195.91.175.0/24 maxlen: 24
195.91.181.0/24 maxlen: 24
195.91.184.0/24 maxlen: 24
195.91.191.0/24 maxlen: 24
195.91.187.0/24 maxlen: 24
195.91.138.0/24 maxlen: 24
195.91.133.0/24 maxlen: 24
195.91.144.0/24 maxlen: 24
2a02:2698:9800::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d1:e6:32:f0:b2:9b:00:ab:4e:ab:90:b1:ac:62:68:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jun 19 04:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a0074c765f0ae29fd11202d97374c7c6feee58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a5:87:3b:5e:7f:65:1d:2a:88:12:43:38:09:
90:19:a8:62:91:f0:fe:42:ea:20:cd:30:7a:30:c4:
b2:3a:48:bc:53:7f:cc:6f:3b:88:88:28:36:b1:88:
96:49:a7:b3:08:c9:e9:e4:f8:46:1c:74:84:c5:18:
00:e4:2e:95:7c:fd:91:97:8c:4f:51:d6:28:e1:3d:
8b:ec:eb:03:db:89:b4:78:1b:1e:35:5e:f6:42:04:
9d:2a:24:e1:d6:2a:d9:af:f5:e1:7a:b3:0b:55:dd:
9d:fb:5f:86:ba:8b:e0:42:c2:e9:65:8f:eb:2b:27:
70:0c:ea:02:41:41:6f:b7:fc:e3:dc:b3:b5:11:02:
97:4b:cf:a3:13:31:54:28:9f:27:46:33:d0:13:0f:
50:ee:ee:05:31:ac:5e:e4:9a:ac:36:7b:b2:62:30:
f4:51:6c:59:ee:31:8a:1d:bd:fb:79:9d:56:5e:c7:
7d:32:b1:2a:bb:37:aa:87:e7:0b:f7:5d:43:cf:4d:
69:d8:02:36:12:3a:9b:aa:5a:e0:e2:4d:46:76:2d:
c6:5b:b6:dd:43:32:77:12:2e:93:5f:2e:a7:50:eb:
f7:c6:3c:a4:39:77:a6:79:65:c5:7e:1e:9a:f2:51:
3a:2c:fe:24:29:78:44:5c:f6:bc:d3:2a:48:b1:97:
f6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:00:74:C7:65:F0:AE:29:FD:11:20:2D:97:37:4C:7C:6F:EE:E5:8D
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/OgB0x2Xwrin9ESAtlzdMfG_u5Y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.75.0/24
86.62.84.0/24
86.62.92.0/24
86.62.96.0/24
86.62.102.0/24
86.62.125.0/24
195.91.133.0/24
195.91.138.0/24
195.91.144.0/24
195.91.148.0/23
195.91.156.0/24
195.91.160.0/24
195.91.168.0/21
195.91.181.0/24
195.91.184.0/24
195.91.187.0/24
195.91.191.0/24
195.91.208.0/22
195.91.213.0/24
195.91.215.0/24
195.91.217.0-195.91.226.255
195.91.228.0-195.91.247.255
195.91.254.0/23
IPv6:
2a02:2698:9800::/38
Signature Algorithm: sha256WithRSAEncryption
55:6d:f4:a3:dd:0f:55:8b:7a:09:6c:0e:ad:f9:8f:39:8d:ac:
dd:eb:96:c7:f6:84:1c:e3:5b:14:d7:ec:f9:a5:0a:ae:4b:38:
6c:43:55:1e:47:67:f4:33:3b:fb:1c:0e:a5:39:07:7c:c6:cf:
b5:6c:ba:c6:99:6f:98:af:6b:b9:00:67:b8:57:64:fb:1c:5b:
44:fc:96:8d:b4:45:b7:24:af:d5:0f:ad:0e:a3:de:ec:2c:fe:
5f:bc:fc:6c:49:63:c6:30:d4:3d:d3:c9:cf:26:0f:a4:f2:9f:
6f:bc:b3:8f:3c:d0:47:09:c4:e0:89:f4:df:61:a2:6b:92:d5:
6b:df:bf:b6:a2:57:e3:57:f0:10:ea:42:4d:bb:a0:29:d9:23:
e8:67:dc:c3:82:d6:d4:7f:48:10:40:1e:ab:2b:ba:f1:f3:e5:
d1:34:08:01:c0:52:82:84:6e:36:c5:fd:78:5f:da:7e:13:95:
80:58:a2:a5:53:0a:32:c6:fc:e4:c7:f7:9f:af:4d:54:97:e1:
27:e4:e3:61:1d:1a:ff:c0:56:90:82:79:5a:60:38:b5:52:17:
e8:a0:0f:1e:df:bb:32:a8:e0:6c:4b:b5:38:c2:c9:fd:d2:65:
1f:4e:1c:20:0a:4a:80:36:06:0e:c4:a1:75:37:15:68:b8:fc:
7b:45:b0:7e
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYjR5jLwspsAq06rkLGsYmiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwNjE5MDQyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTAwNzRjNzY1ZjBhZTI5ZmQxMTIwMmQ5NzM3NGM3YzZmZWVlNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6WHO15/ZR0qiBJDOAmQGahikfD+
QuogzTB6MMSyOki8U3/MbzuIiCg2sYiWSaezCMnp5PhGHHSExRgA5C6VfP2Rl4xP
UdYo4T2L7OsD24m0eBseNV72QgSdKiTh1irZr/XherMLVd2d+1+GuovgQsLpZY/r
KydwDOoCQUFvt/zj3LO1EQKXS8+jEzFUKJ8nRjPQEw9Q7u4FMaxe5JqsNnuyYjD0
UWxZ7jGKHb37eZ1WXsd9MrEquzeqh+cL911Dz01p2AI2Ejqbqlrg4k1Gdi3GW7bd
QzJ3Ei6TXy6nUOv3xjykOXemeWXFfh6a8lE6LP4kKXhEXPa80ypIsZf2rwIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFDoAdMdl8K4p/REgLZc3THxv7uWNMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvT2dCMHgyWHdyaW45RVNBdGx6ZE1mR191NVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBoQQCAAEwgZoDBABW
PksDBABWPlQDBABWPlwDBABWPmADBABWPmYDBABWPn0DBADDW4UDBADDW4oDBADD
W5ADBAHDW5QDBADDW5wDBADDW6ADBAPDW6gDBADDW7UDBADDW7gDBADDW7sDBADD
W78DBALDW9ADBADDW9UDBADDW9cwDAMEAMNb2QMEAMNb4jAMAwQCw1vkAwQDw1vw
AwQBw1v+MA4EAgACMAgDBgIqAiaYmDANBgkqhkiG9w0BAQsFAAOCAQEAVW30o90P
VYt6CWwOrfmPOY2s3euWx/aEHONbFNfs+aUKrks4bENVHkdn9DM7+xwOpTkHfMbP
tWy6xplvmK9ruQBnuFdk+xxbRPyWjbRFtySv1Q+tDqPe7Cz+X7z8bEljxjDUPdPJ
zyYPpPKfb7yzjzzQRwnE4In032Gia5LVa9+/tqJX41fwEOpCTbugKdkj6Gfcw4LW
1H9IEEAeqyu68fPl0TQIAcBSgoRuNsX9eF/afhOVgFiipVMKMsb85Mf3n69NVJfh
J+TjYR0a/8BWkIJ5WmA4tVIX6KAPHt+7MqjgbEu1OMLJ/dJlH04cIApKgDYGDsSh
dTcVaLj8e0Wwfg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:18 2025 by rpki-client