Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DCv8l07VZ5l56Ock_HAl2pfqYb4.roa
File: DCv8l07VZ5l56Ock_HAl2pfqYb4.roa (raw, json)
Hash identifier: YgmupfhNWaEQ73IqWwMm69IskiydMl3VT7kqLtgp/LE=
Subject key identifier: 0C:2B:FC:97:4E:D5:67:99:79:E8:E7:24:FC:70:25:DA:97:EA:61:BE
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018BC39824CC7699B3E3C9066E636EAE234F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DCv8l07VZ5l56Ock_HAl2pfqYb4.roa
Signing time: Sun 12 Nov 2023 12:53:29 +0000
ROA not before: Sun 12 Nov 2023 12:53:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c3:98:24:cc:76:99:b3:e3:c9:06:6e:63:6e:ae:23:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 12 12:53:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c2bfc974ed5679979e8e724fc7025da97ea61be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f4:47:d4:c4:f3:78:eb:ac:8b:62:23:2a:13:
dd:45:ef:69:36:a1:72:6f:86:b6:d3:b2:8f:3c:ed:
41:04:e7:cb:52:7f:7e:0c:8a:7e:5c:8a:b7:22:75:
9d:8d:ae:84:09:6b:06:34:18:a1:18:c9:63:d0:3a:
cc:c2:70:46:48:72:d6:8d:3e:38:39:4a:90:02:6b:
0f:c6:3c:e7:d3:0d:c0:33:0c:45:23:0a:03:11:29:
46:02:3a:90:11:8e:31:9b:da:b9:55:f7:0f:82:d7:
cd:59:54:35:bf:60:3f:c6:3c:f1:8a:d6:b6:23:f8:
71:40:40:60:99:b7:8d:ad:86:a0:ab:a2:33:3c:34:
73:56:e8:69:51:a8:57:69:b4:67:aa:c6:93:f5:c4:
18:45:3f:8f:d1:bf:a7:6f:38:d2:86:27:de:1f:db:
a1:73:4f:fe:04:86:bb:23:b9:a6:a4:e6:47:54:93:
88:e9:8b:be:c5:85:aa:12:19:65:31:08:45:56:b4:
54:e9:8a:8c:f7:0c:9d:84:1f:d5:34:36:12:e6:64:
13:8f:6c:19:66:02:91:e4:7a:69:00:27:55:7d:f1:
a3:55:7c:4d:a3:d9:af:af:88:dd:01:3b:b1:cd:8c:
d0:9a:71:2f:55:e4:c5:7a:0c:5a:42:26:80:1d:13:
76:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2B:FC:97:4E:D5:67:99:79:E8:E7:24:FC:70:25:DA:97:EA:61:BE
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DCv8l07VZ5l56Ock_HAl2pfqYb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/24
5.181.87.0/24
45.9.29.0/24
45.81.114.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.180.0/22
45.138.180.0/24
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
65:5f:e9:41:66:9f:51:a4:11:2d:3d:23:8b:52:0e:2b:f9:86:
46:1d:05:ad:01:22:b6:b1:7a:1a:4c:a1:0b:50:c4:43:d0:1e:
e6:b7:6a:05:1f:24:4e:b6:64:c2:50:0f:55:a7:a3:d8:ce:87:
ef:1b:95:a2:a2:88:4b:08:66:66:5b:90:ee:e2:08:c5:af:e0:
e8:78:8d:c9:36:1b:15:fa:d9:c9:71:1e:95:84:e5:52:7f:ed:
a1:09:2d:fe:fc:5a:25:60:34:a0:6c:ba:0c:22:bf:a6:65:34:
d9:e2:49:ae:1d:b2:15:28:ee:4f:4a:c5:06:e2:c9:7b:74:7d:
fe:4d:90:52:0d:0c:b6:d7:3f:86:04:96:87:7c:2b:64:56:95:
ae:ab:1c:41:65:94:c4:d7:d4:89:2d:cd:5d:fd:52:9d:c5:75:
62:cf:ce:16:6c:43:e6:18:75:3c:9a:39:d0:a0:6e:76:31:82:
3e:2b:82:03:34:e2:4d:c5:be:c6:e6:9a:36:a8:ab:be:3a:0f:
60:04:c7:19:1c:5b:7d:a2:06:af:95:e4:29:67:f0:fb:24:61:
72:88:7a:b4:c8:e1:2b:49:87:bf:a0:06:c1:10:89:6f:eb:8a:
98:b1:ac:66:1e:d8:24:24:d4:5f:7f:25:b0:d4:1d:ec:95:b3:
e1:3e:f4:92
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYvDmCTMdpmz48kGbmNuriNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTEyMTI1MzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJiZmM5NzRlZDU2Nzk5NzllOGU3MjRmYzcwMjVkYTk3ZWE2MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvRH1MTzeOusi2IjKhPdRe9pNqFy
b4a207KPPO1BBOfLUn9+DIp+XIq3InWdja6ECWsGNBihGMlj0DrMwnBGSHLWjT44
OUqQAmsPxjzn0w3AMwxFIwoDESlGAjqQEY4xm9q5VfcPgtfNWVQ1v2A/xjzxita2
I/hxQEBgmbeNrYagq6IzPDRzVuhpUahXabRnqsaT9cQYRT+P0b+nbzjShifeH9uh
c0/+BIa7I7mmpOZHVJOI6Yu+xYWqEhllMQhFVrRU6YqM9wydhB/VNDYS5mQTj2wZ
ZgKR5HppACdVffGjVXxNo9mvr4jdATuxzYzQmnEvVeTFegxaQiaAHRN2cQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFAwr/JdO1WeZeejnJPxwJdqX6mG+MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvREN2OGwwN1ZaNWw1Nk9ja19IQWwycGZxWWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAAC
OGwDBAAFtVcDBAAtCR0DBAAtUXIDBAAtWIgDBAAtWIoDBAItXqgDBAIthLQDBAAt
irQDBAAtkNQDBABNUyUDBABNUycDBAJV0XgDBAG5K/gDBAC5K/sDBAG5yD4DBADB
HvADBAHBHvIDBADBOSsDBALC8mAwDAMEAsOxXAMEAMOxXgMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAGVf6UFmn1GkES09I4tSDiv5hkYdBa0BIraxehpMoQtQxEPQHua3agUf
JE62ZMJQD1Wno9jOh+8blaKiiEsIZmZbkO7iCMWv4Oh4jck2GxX62clxHpWE5VJ/
7aEJLf78WiVgNKBsugwiv6ZlNNniSa4dshUo7k9KxQbiyXt0ff5NkFINDLbXP4YE
lod8K2RWla6rHEFllMTX1IktzV39Up3FdWLPzhZsQ+YYdTyaOdCgbnYxgj4rggM0
4k3Fvsbmmjaoq746D2AExxkcW32iBq+V5Cln8PskYXKIerTI4StJh7+gBsEQiW/r
ipixrGYe2CQk1F9/JbDUHeyVs+E+9JI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:32:43 2025 by rpki-client