Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/1-OQBkzckXS6vTxIp6z0kFDJ-qEg.roa
File: 1-OQBkzckXS6vTxIp6z0kFDJ-qEg.roa (raw, json)
Hash identifier: a/1bCjdJ+sgh0MqahShZQqp6e9aCv3m6ZbxZX2yT7Lw=
Subject key identifier: F8:E4:01:93:37:24:5D:2E:AF:4F:12:29:EB:3D:24:14:32:7E:A8:48
Certificate issuer: /CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Certificate serial: 018B61321D76F864D44C389EC61E4D96C0C4
Authority key identifier: CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/1-OQBkzckXS6vTxIp6z0kFDJ-qEg.roa
Signing time: Tue 24 Oct 2023 10:19:16 +0000
ROA not before: Tue 24 Oct 2023 10:19:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48500
IP address blocks: 134.90.224.0/20 maxlen: 20
94.230.64.0/21 maxlen: 21
217.196.140.0/23 maxlen: 23
109.104.224.0/21 maxlen: 21
37.99.224.0/20 maxlen: 20
185.46.100.0/22 maxlen: 22
37.99.240.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:32:1d:76:f8:64:d4:4c:38:9e:c6:1e:4d:96:c0:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Validity
Not Before: Oct 24 10:19:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8e4019337245d2eaf4f1229eb3d2414327ea848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:66:e3:d5:4c:15:01:68:1b:9e:e4:39:09:83:
fb:6f:7a:35:24:c8:11:86:37:63:e7:db:a0:41:16:
27:f9:97:cf:61:82:75:29:b1:fd:c0:d5:cf:55:af:
a1:d2:e0:4c:3b:63:e9:73:e8:3f:57:ea:03:6e:21:
73:1a:10:8b:8a:3c:57:a1:9a:53:9a:aa:63:fd:58:
89:73:a3:a7:31:c1:72:d1:1d:93:93:84:6c:cc:83:
a9:4a:30:69:bd:cb:4b:f7:67:29:8f:9b:80:8d:d4:
6f:e9:c4:16:75:1c:d3:32:0f:6b:aa:84:37:0d:53:
d5:1e:89:25:ee:63:75:c3:50:dc:0b:71:f9:6b:a9:
3e:62:49:af:53:da:42:24:2a:9c:dc:e9:a7:10:fc:
7c:8b:52:fe:68:bb:c9:4c:a4:b4:e1:31:fb:32:b1:
d2:e5:2a:b5:ef:2f:42:e6:3a:80:59:9d:f3:13:85:
49:fc:b5:e7:d9:21:aa:1e:66:3c:8d:c5:15:68:21:
cd:b4:91:08:69:dc:0b:f8:00:58:44:49:cd:0a:a0:
a7:7e:33:d7:e5:2a:ca:bd:73:4d:6b:1f:64:12:11:
e3:fd:c8:54:df:84:74:7a:6c:80:d8:98:86:ab:31:
7d:9b:29:ca:c8:42:a2:78:b5:29:f2:34:32:0b:a7:
f1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E4:01:93:37:24:5D:2E:AF:4F:12:29:EB:3D:24:14:32:7E:A8:48
X509v3 Authority Key Identifier:
keyid:CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/1-OQBkzckXS6vTxIp6z0kFDJ-qEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/zWJru3tp7sn2eQsDcFVFuJL6Loo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.224.0-37.99.247.255
94.230.64.0/21
109.104.224.0/21
134.90.224.0/20
185.46.100.0/22
217.196.140.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:af:43:1b:81:a3:5f:f8:a1:d8:26:eb:c6:56:8e:4e:89:1a:
ce:72:e9:84:e9:8f:d8:b8:b3:b8:ee:7d:e7:65:ab:6c:44:e5:
ba:da:af:f2:65:12:85:03:16:f0:dc:52:61:56:af:cc:4a:72:
83:ba:a7:53:4a:05:64:aa:4c:3e:85:be:48:14:3a:88:14:30:
4a:7f:9b:ee:45:7b:c6:c0:b8:62:65:4d:e5:72:90:2f:1c:91:
36:97:e4:14:5b:90:bd:8b:f2:2a:45:b5:91:09:55:65:74:89:
33:b5:59:d3:f5:4c:99:89:3a:3f:c0:bd:31:66:c9:50:37:6e:
97:e6:6d:48:be:41:74:8f:ef:85:48:44:fe:33:a6:a0:10:fb:
de:74:ba:d9:e8:3e:f8:86:15:44:c2:08:42:86:05:a1:14:bc:
40:49:df:6e:8e:59:46:4f:14:73:3f:89:47:11:73:72:d5:14:
35:0e:a8:ed:3f:16:b0:c8:45:db:a8:da:da:76:f4:74:1b:2d:
23:c0:6f:e5:0d:49:9f:d3:a1:c8:18:63:fa:f1:c2:26:c4:5a:
bd:9a:c2:64:49:3a:81:fd:de:77:f5:6c:a6:bb:f1:ef:7c:ea:
38:db:45:56:ac:e0:d1:1f:3e:e8:b7:39:0c:0a:4c:ba:83:de:
a4:9a:d5:71
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYthMh12+GTUTDiexh5NlsDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjI2YmJiN2I2OWVlYzlmNjc5MGIwMzcwNTU0NWI4OTJm
YTJlOGEwHhcNMjMxMDI0MTAxOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGU0MDE5MzM3MjQ1ZDJlYWY0ZjEyMjllYjNkMjQxNDMyN2VhODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmbj1UwVAWgbnuQ5CYP7b3o1JMgR
hjdj59ugQRYn+ZfPYYJ1KbH9wNXPVa+h0uBMO2Ppc+g/V+oDbiFzGhCLijxXoZpT
mqpj/ViJc6OnMcFy0R2Tk4RszIOpSjBpvctL92cpj5uAjdRv6cQWdRzTMg9rqoQ3
DVPVHokl7mN1w1DcC3H5a6k+YkmvU9pCJCqc3OmnEPx8i1L+aLvJTKS04TH7MrHS
5Sq17y9C5jqAWZ3zE4VJ/LXn2SGqHmY8jcUVaCHNtJEIadwL+ABYREnNCqCnfjPX
5SrKvXNNax9kEhHj/chU34R0emyA2JiGqzF9mynKyEKieLUp8jQyC6fx9wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPjkAZM3JF0ur08SKes9JBQyfqhIMB8GA1UdIwQY
MBaAFM1ia7t7ae7J9nkLA3BVRbiS+i6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDct
YzBmODlhZDM2YmNhLzEvMS1PUUJremNrWFM2dlR4SXA2ejBrRkRKLXFFZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTkvMmIzN2RmLThmZmUtNDFlNS1hYzA3LWMwZjg5YWQzNmJj
YS8xL3pXSnJ1M3RwN3NuMmVRc0RjRlZGdUpMNkxvby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLDAMAwQFJWPg
AwQDJWPwAwQDXuZAAwQDbWjgAwQEhlrgAwQCuS5kAwQB2cSMMA0GCSqGSIb3DQEB
CwUAA4IBAQDGr0MbgaNf+KHYJuvGVo5OiRrOcumE6Y/YuLO47n3nZatsROW62q/y
ZRKFAxbw3FJhVq/MSnKDuqdTSgVkqkw+hb5IFDqIFDBKf5vuRXvGwLhiZU3lcpAv
HJE2l+QUW5C9i/IqRbWRCVVldIkztVnT9UyZiTo/wL0xZslQN26X5m1IvkF0j++F
SET+M6agEPvedLrZ6D74hhVEwghChgWhFLxASd9ujllGTxRzP4lHEXNy1RQ1Dqjt
PxawyEXbqNradvR0Gy0jwG/lDUmf06HIGGP68cImxFq9msJkSTqB/d539Wymu/Hv
fOo420VWrODRHz7otzkMCky6g96kmtVx
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:14:50 2025 by rpki-client