Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/o-wNF3jr8J_1fyLDyjMQrLHgZOQ.roa
File: o-wNF3jr8J_1fyLDyjMQrLHgZOQ.roa (raw, json)
Hash identifier: Hfc5H1j5+diejVKaJSSUNplZqJUhEWXSHQRkRfBe5J0=
Subject key identifier: A3:EC:0D:17:78:EB:F0:9F:F5:7F:22:C3:CA:33:10:AC:B1:E0:64:E4
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01892984BA7E1765015E98664E36B1820B68
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/o-wNF3jr8J_1fyLDyjMQrLHgZOQ.roa
Signing time: Thu 06 Jul 2023 04:45:11 +0000
ROA not before: Thu 06 Jul 2023 04:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31363
IP address blocks: 86.62.84.0/24 maxlen: 24
86.62.94.0/24 maxlen: 24
86.62.96.0/24 maxlen: 24
86.62.92.0/24 maxlen: 24
86.62.102.0/24 maxlen: 24
86.62.110.0/24 maxlen: 24
86.62.112.0/24 maxlen: 24
86.62.118.0/24 maxlen: 24
86.62.114.0/24 maxlen: 24
86.62.115.0/24 maxlen: 24
86.62.116.0/24 maxlen: 24
86.62.117.0/24 maxlen: 24
86.62.113.0/24 maxlen: 24
86.62.119.0/24 maxlen: 24
86.62.125.0/24 maxlen: 24
195.91.254.0/24 maxlen: 24
195.91.255.0/24 maxlen: 24
195.91.204.0/24 maxlen: 24
195.91.208.0/24 maxlen: 24
195.91.209.0/24 maxlen: 24
195.91.210.0/24 maxlen: 24
195.91.211.0/24 maxlen: 24
195.91.213.0/24 maxlen: 24
195.91.215.0/24 maxlen: 24
195.91.217.0/24 maxlen: 24
195.91.218.0/24 maxlen: 24
195.91.219.0/24 maxlen: 24
195.54.210.0/24 maxlen: 24
195.91.222.0/24 maxlen: 24
195.91.223.0/24 maxlen: 24
195.91.224.0/24 maxlen: 24
195.91.220.0/24 maxlen: 24
195.91.221.0/24 maxlen: 24
195.91.225.0/24 maxlen: 24
195.91.226.0/24 maxlen: 24
195.91.232.0/24 maxlen: 24
195.91.233.0/24 maxlen: 24
195.91.229.0/24 maxlen: 24
195.91.230.0/24 maxlen: 24
195.91.231.0/24 maxlen: 24
195.91.227.0/24 maxlen: 24
195.91.228.0/24 maxlen: 24
195.91.236.0/24 maxlen: 24
195.91.237.0/24 maxlen: 24
195.91.238.0/24 maxlen: 24
195.91.234.0/24 maxlen: 24
195.91.235.0/24 maxlen: 24
195.91.239.0/24 maxlen: 24
195.91.240.0/24 maxlen: 24
195.91.246.0/24 maxlen: 24
195.91.243.0/24 maxlen: 24
195.91.244.0/24 maxlen: 24
195.91.245.0/24 maxlen: 24
195.91.241.0/24 maxlen: 24
195.91.242.0/24 maxlen: 24
195.91.252.0/24 maxlen: 24
195.91.247.0/24 maxlen: 24
86.62.75.0/24 maxlen: 24
195.91.149.0/24 maxlen: 24
195.91.148.0/24 maxlen: 24
195.91.156.0/24 maxlen: 24
195.91.160.0/24 maxlen: 24
195.91.166.0/24 maxlen: 24
195.91.168.0/24 maxlen: 24
195.91.169.0/24 maxlen: 24
195.91.170.0/24 maxlen: 24
195.91.171.0/24 maxlen: 24
195.91.172.0/24 maxlen: 24
195.91.178.0/24 maxlen: 24
195.91.179.0/24 maxlen: 24
195.91.173.0/24 maxlen: 24
195.91.174.0/24 maxlen: 24
195.91.175.0/24 maxlen: 24
195.91.181.0/24 maxlen: 24
195.91.184.0/24 maxlen: 24
195.91.191.0/24 maxlen: 24
195.91.187.0/24 maxlen: 24
195.91.197.0/24 maxlen: 24
195.91.138.0/24 maxlen: 24
195.91.133.0/24 maxlen: 24
195.91.144.0/24 maxlen: 24
2a02:2698:9800::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:29:84:ba:7e:17:65:01:5e:98:66:4e:36:b1:82:0b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jul 6 04:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3ec0d1778ebf09ff57f22c3ca3310acb1e064e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0d:d8:42:a1:8f:df:2e:d9:cc:a4:cd:98:e2:
32:7c:33:52:4d:87:10:d8:2a:b2:c6:61:32:f4:45:
0e:39:f1:c4:d6:da:1d:30:c9:d1:62:12:e3:7d:c4:
6b:57:57:3b:9e:d3:74:a8:f3:f8:97:80:25:90:0e:
32:11:66:ab:5b:b0:79:fc:a6:10:1f:df:28:18:95:
b8:94:e2:29:b6:fb:32:97:2b:92:24:98:bf:c5:1f:
15:8c:91:55:a7:99:a4:d0:f9:7b:fb:48:8a:ee:7f:
d9:c4:e7:03:1d:8c:6d:fe:dc:8a:0f:76:f9:10:ce:
2a:1f:4a:18:03:98:84:1e:17:b2:a7:aa:30:d8:ae:
0e:5f:97:44:43:2d:ca:95:d5:b0:0e:94:71:8d:e5:
3d:27:d1:b3:4b:81:4f:c6:42:e9:50:4f:59:97:16:
81:06:f0:80:8c:55:b4:c0:38:dc:15:7e:b9:26:e9:
63:70:44:44:f8:a3:68:dd:47:d9:be:57:b6:e8:8a:
08:36:ed:11:44:14:9f:c8:cb:d5:31:96:e1:07:4b:
c6:93:79:41:b0:b1:d2:d6:ed:a3:94:55:33:6a:58:
50:79:28:93:ff:56:78:65:17:94:8a:6a:47:e6:2b:
d5:ff:e1:38:4e:dc:dd:60:25:10:d0:9e:2b:d6:ef:
82:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EC:0D:17:78:EB:F0:9F:F5:7F:22:C3:CA:33:10:AC:B1:E0:64:E4
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/o-wNF3jr8J_1fyLDyjMQrLHgZOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.75.0/24
86.62.84.0/24
86.62.92.0/24
86.62.94.0/24
86.62.96.0/24
86.62.102.0/24
86.62.110.0/24
86.62.112.0/21
86.62.125.0/24
195.54.210.0/24
195.91.133.0/24
195.91.138.0/24
195.91.144.0/24
195.91.148.0/23
195.91.156.0/24
195.91.160.0/24
195.91.166.0/24
195.91.168.0/21
195.91.178.0/23
195.91.181.0/24
195.91.184.0/24
195.91.187.0/24
195.91.191.0/24
195.91.197.0/24
195.91.204.0/24
195.91.208.0/22
195.91.213.0/24
195.91.215.0/24
195.91.217.0-195.91.247.255
195.91.252.0/24
195.91.254.0/23
IPv6:
2a02:2698:9800::/38
Signature Algorithm: sha256WithRSAEncryption
01:49:07:a2:10:b8:77:b1:13:53:52:44:0f:40:56:66:fe:2a:
a9:ae:fa:85:15:06:94:52:39:9b:35:3e:ea:44:4e:5a:7f:a1:
fa:c9:06:9f:c7:31:11:c2:cf:ac:ad:95:30:21:6a:8d:a4:ef:
35:d7:1e:55:07:ab:dc:50:f7:b7:16:3d:08:c5:bc:77:44:49:
0b:ee:9c:44:6b:06:75:d1:f0:b6:91:68:83:53:25:17:88:bc:
d8:a7:42:cd:0a:e5:ae:f4:db:19:50:15:98:b6:af:aa:65:c3:
69:74:0c:e7:07:4b:e0:4b:7c:36:ff:05:bf:a4:58:c3:7c:d8:
c6:d4:e6:72:25:b0:72:01:48:03:52:f6:4a:4c:14:b6:fe:ae:
3f:32:8f:93:79:e6:a5:4d:ee:41:50:d9:e2:fb:ba:cb:4f:e8:
af:07:0e:f4:8a:a0:f2:92:14:14:3f:70:4b:10:48:40:e7:97:
7f:4a:ed:01:2b:4b:7f:fa:26:5d:2f:f9:ee:62:d5:1e:7b:fb:
6b:9e:59:08:59:40:39:23:7d:3f:27:ab:9c:c0:05:b2:1c:fa:
34:ad:b9:b1:1d:36:d9:e2:e5:28:36:a4:d0:a2:1e:9f:10:31:
4f:43:a0:04:ca:ac:27:e0:08:8f:93:4e:17:cd:49:36:d7:48:
67:51:ef:fd
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYkphLp+F2UBXphmTjaxggtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwNzA2MDQ0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2VjMGQxNzc4ZWJmMDlmZjU3ZjIyYzNjYTMzMTBhY2IxZTA2NGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw3YQqGP3y7ZzKTNmOIyfDNSTYcQ
2CqyxmEy9EUOOfHE1todMMnRYhLjfcRrV1c7ntN0qPP4l4AlkA4yEWarW7B5/KYQ
H98oGJW4lOIptvsylyuSJJi/xR8VjJFVp5mk0Pl7+0iK7n/ZxOcDHYxt/tyKD3b5
EM4qH0oYA5iEHheyp6ow2K4OX5dEQy3KldWwDpRxjeU9J9GzS4FPxkLpUE9ZlxaB
BvCAjFW0wDjcFX65JuljcERE+KNo3UfZvle26IoINu0RRBSfyMvVMZbhB0vGk3lB
sLHS1u2jlFUzalhQeSiT/1Z4ZReUimpH5ivV/+E4TtzdYCUQ0J4r1u+CeQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFKPsDRd46/Cf9X8iw8ozEKyx4GTkMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvby13TkYzanI4Sl8xZnlMRHlqTVFyTEhnWk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCByQQCAAEwgcIDBABW
PksDBABWPlQDBABWPlwDBABWPl4DBABWPmADBABWPmYDBABWPm4DBANWPnADBABW
Pn0DBADDNtIDBADDW4UDBADDW4oDBADDW5ADBAHDW5QDBADDW5wDBADDW6ADBADD
W6YDBAPDW6gDBAHDW7IDBADDW7UDBADDW7gDBADDW7sDBADDW78DBADDW8UDBADD
W8wDBALDW9ADBADDW9UDBADDW9cwDAMEAMNb2QMEA8Nb8AMEAMNb/AMEAcNb/jAO
BAIAAjAIAwYCKgImmJgwDQYJKoZIhvcNAQELBQADggEBAAFJB6IQuHexE1NSRA9A
Vmb+Kqmu+oUVBpRSOZs1PupETlp/ofrJBp/HMRHCz6ytlTAhao2k7zXXHlUHq9xQ
97cWPQjFvHdESQvunERrBnXR8LaRaINTJReIvNinQs0K5a702xlQFZi2r6plw2l0
DOcHS+BLfDb/Bb+kWMN82MbU5nIlsHIBSANS9kpMFLb+rj8yj5N55qVN7kFQ2eL7
ustP6K8HDvSKoPKSFBQ/cEsQSEDnl39K7QErS3/6Jl0v+e5i1R57+2ueWQhZQDkj
fT8nq5zABbIc+jStubEdNtni5Sg2pNCiHp8QMU9DoATKrCfgCI+TThfNSTbXSGdR
7/0=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:07 2025 by rpki-client