Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/oPHdEX56rGfgy2xVyEGp5h6gljM.roa
File: oPHdEX56rGfgy2xVyEGp5h6gljM.roa (raw, json)
Hash identifier: dA7F+ePA6y9/OBL5MYogvG/hA1EBcxgIc67xuvnnpbY=
Subject key identifier: A0:F1:DD:11:7E:7A:AC:67:E0:CB:6C:55:C8:41:A9:E6:1E:A0:96:33
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 2EE68A4A
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/oPHdEX56rGfgy2xVyEGp5h6gljM.roa
Signing time: Tue 12 Apr 2022 14:53:42 +0000
ROA not before: Tue 12 Apr 2022 14:53:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5607
IP address blocks: 188.220.0.0/14 maxlen: 14
51.146.0.0/16 maxlen: 16
90.192.0.0/11 maxlen: 11
93.96.224.0/19 maxlen: 19
87.80.0.0/15 maxlen: 15
51.198.0.0/15 maxlen: 15
176.255.240.0/24 maxlen: 24
176.255.242.0/24 maxlen: 24
176.255.241.0/24 maxlen: 24
51.190.0.0/15 maxlen: 15
5.64.0.0/13 maxlen: 13
151.224.0.0/13 maxlen: 13
51.194.0.0/16 maxlen: 16
93.96.0.0/17 maxlen: 17
46.64.0.0/15 maxlen: 15
94.192.0.0/14 maxlen: 14
78.86.0.0/16 maxlen: 16
51.182.0.0/15 maxlen: 15
149.241.0.0/16 maxlen: 16
51.241.0.0/16 maxlen: 16
176.248.0.0/13 maxlen: 13
2.216.0.0/13 maxlen: 13
2.120.0.0/13 maxlen: 13
51.186.0.0/15 maxlen: 15
94.0.0.0/12 maxlen: 12
93.96.128.0/18 maxlen: 18
51.19.0.0/16 maxlen: 16
176.24.0.0/14 maxlen: 14
78.105.0.0/16 maxlen: 16
2a02:c78::/29 maxlen: 29
2a02:c7d::/33 maxlen: 33
2a02:c7d:8000::/33 maxlen: 33
2a02:c7f::/33 maxlen: 33
2a02:c7f:8000::/33 maxlen: 33
2a02:c7e::/33 maxlen: 33
2a02:c7e:8000::/33 maxlen: 33
2a02:c7c::/33 maxlen: 33
2a02:c7c:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 786860618 (0x2ee68a4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Apr 12 14:53:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0f1dd117e7aac67e0cb6c55c841a9e61ea09633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:81:6e:c7:13:7d:1a:48:68:0e:49:55:f0:93:
2d:ba:e8:62:ee:62:52:ed:4b:95:65:23:41:d0:6d:
3b:2d:75:57:bc:bf:48:f0:25:b2:83:5a:08:15:52:
17:95:d0:60:7b:54:79:71:28:9e:24:e1:fa:b0:c3:
3d:07:cb:6f:82:c5:36:8c:04:20:c4:d9:cb:0b:6b:
47:56:51:69:22:c6:b2:ec:fa:e0:11:89:4a:d9:6f:
55:67:be:30:e6:59:ab:01:0a:9d:84:09:b4:a9:65:
fe:52:9b:84:84:c7:b8:c7:5b:ef:dc:b4:62:6c:3c:
b6:63:26:f5:07:b5:32:d7:1e:eb:d5:dd:68:12:2b:
be:63:a0:fc:2b:8d:aa:ab:25:e3:33:96:ab:d6:70:
ae:9e:a3:0e:31:ed:ee:be:78:f8:af:c9:71:c1:44:
a7:a7:fa:bf:6d:67:13:57:7d:e9:ca:cf:a3:a8:be:
97:2f:dd:da:b8:a1:e1:7d:e3:4a:2d:21:53:26:1d:
10:d9:30:d7:08:92:92:32:e5:7c:d6:39:54:f6:98:
21:ec:6d:8f:d2:03:0c:74:83:48:b9:6a:80:c2:5d:
f5:4a:89:2e:ae:66:e9:20:10:6c:d7:84:74:16:5f:
96:a3:ff:40:b1:04:df:66:89:0e:43:20:0d:30:19:
fa:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F1:DD:11:7E:7A:AC:67:E0:CB:6C:55:C8:41:A9:E6:1E:A0:96:33
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/oPHdEX56rGfgy2xVyEGp5h6gljM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.120.0.0/13
2.216.0.0/13
5.64.0.0/13
46.64.0.0/15
51.19.0.0/16
51.146.0.0/16
51.182.0.0/15
51.186.0.0/15
51.190.0.0/15
51.194.0.0/16
51.198.0.0/15
51.241.0.0/16
78.86.0.0/16
78.105.0.0/16
87.80.0.0/15
90.192.0.0/11
93.96.0.0-93.96.191.255
93.96.224.0/19
94.0.0.0/12
94.192.0.0/14
149.241.0.0/16
151.224.0.0/13
176.24.0.0/14
176.248.0.0/13
188.220.0.0/14
IPv6:
2a02:c78::/29
Signature Algorithm: sha256WithRSAEncryption
a7:a3:74:a2:38:86:80:e0:9f:36:c6:73:fc:13:d4:58:b6:76:
ae:ea:13:ab:ff:75:9e:c6:68:f9:c5:37:47:c2:7c:46:bb:ae:
b6:13:bb:a1:ce:d6:74:98:67:2d:9f:bd:cc:b1:ad:20:a5:91:
22:51:ea:88:a8:e9:78:71:7a:80:ba:5a:cc:92:d6:6f:7b:ed:
9c:4f:37:1a:25:46:9a:e7:82:b7:a1:59:98:ae:a6:99:7e:0f:
1f:41:97:4f:17:41:06:bb:7f:7c:3e:9b:7e:47:85:fb:e1:18:
a0:27:52:b1:a4:9d:8c:bb:78:bf:30:34:fb:5f:39:1b:fd:73:
d6:1e:d5:90:44:0a:3f:9d:8f:08:14:76:4d:7f:cc:c1:7a:9e:
c6:5d:12:23:a2:30:50:b4:19:58:1f:0c:92:cd:c0:69:bf:75:
8f:9e:ba:ba:6b:b0:d0:ac:fe:4a:e8:9f:a0:64:d7:65:b7:6d:
54:95:19:6c:cc:98:f8:d7:80:eb:a7:e3:3f:6e:99:bf:e8:ce:
36:fb:b6:0d:e8:b3:36:9a:ff:60:d5:57:71:ff:f1:c0:1b:5d:
a0:4e:29:8c:a2:6c:36:4d:ef:37:30:5a:11:53:41:5c:48:33:
72:d1:ea:50:f2:36:9e:df:8f:88:a4:12:f5:0d:ae:1f:5c:7d:
c4:34:22:67
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIELuaKSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzFkNGE0Mzc0ZGYyMjJhYzMyMzViOTYwMjIwNmQ5NmJmMWRhYzgyMB4XDTIyMDQx
MjE0NTM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBmMWRkMTE3ZTdh
YWM2N2UwY2I2YzU1Yzg0MWE5ZTYxZWEwOTYzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOeBbscTfRpIaA5JVfCTLbroYu5iUu1LlWUjQdBtOy11V7y/
SPAlsoNaCBVSF5XQYHtUeXEoniTh+rDDPQfLb4LFNowEIMTZywtrR1ZRaSLGsuz6
4BGJStlvVWe+MOZZqwEKnYQJtKll/lKbhITHuMdb79y0Ymw8tmMm9Qe1Mtce69Xd
aBIrvmOg/CuNqqsl4zOWq9Zwrp6jDjHt7r54+K/JccFEp6f6v21nE1d96crPo6i+
ly/d2rih4X3jSi0hUyYdENkw1wiSkjLlfNY5VPaYIextj9IDDHSDSLlqgMJd9UqJ
Lq5m6SAQbNeEdBZflqP/QLEE32aJDkMgDTAZ+n0CAwEAAaOCAp0wggKZMB0GA1Ud
DgQWBBSg8d0RfnqsZ+DLbFXIQanmHqCWMzAfBgNVHSMEGDAWgBT3HUpDdN8iKsMj
W5YCIG2Wvx2sgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzl4MUtRM1RmSWlyREkxdVdBaUJ0bHI4ZHJJSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzczOWRjLTExMzItNDgzNy05Yjg1LWU5YWMyYjAwMzE2YS8x
L29QSGRFWDU2ckdmZ3kyeFZ5RUdwNWg2Z2xqTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzczOWRjLTExMzItNDgzNy05Yjg1LWU5YWMyYjAwMzE2YS8xLzl4MUtRM1RmSWly
REkxdVdBaUJ0bHI4ZHJJSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sgYIKwYBBQUHAQcBAf8EgaIwgZ8wgY0EAgABMIGGAwMDAngDAwMC2AMDAwVAAwMB
LkADAwAzEwMDADOSAwMBM7YDAwEzugMDATO+AwMAM8IDAwEzxgMDADPxAwMATlYD
AwBOaQMDAVdQAwMFWsAwCwMDBV1gAwQGXWCAAwQFXWDgAwMEXgADAwJewAMDAJXx
AwMDl+ADAwKwGAMDA7D4AwMCvNwwDQQCAAIwBwMFAyoCDHgwDQYJKoZIhvcNAQEL
BQADggEBAKejdKI4hoDgnzbGc/wT1Fi2dq7qE6v/dZ7GaPnFN0fCfEa7rrYTu6HO
1nSYZy2fvcyxrSClkSJR6oio6XhxeoC6WsyS1m977ZxPNxolRprngrehWZiuppl+
Dx9Bl08XQQa7f3w+m35HhfvhGKAnUrGknYy7eL8wNPtfORv9c9Ye1ZBECj+djwgU
dk1/zMF6nsZdEiOiMFC0GVgfDJLNwGm/dY+eurprsNCs/kron6Bk12W3bVSVGWzM
mPjXgOun4z9umb/ozjb7tg3oszaa/2DVV3H/8cAbXaBOKYyibDZN7zcwWhFTQVxI
M3LR6lDyNp7fj4ikEvUNrh9cfcQ0Imc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:23 2024 by rpki-client on console-fra.rpki-client.org