Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/DMgO8ucdgmI8DYF6oZWPr2KeZLo.roa
File: DMgO8ucdgmI8DYF6oZWPr2KeZLo.roa (raw, json)
Hash identifier: fYIKqHVtUbjkbxH+a+oBj5wwNaSM0cfvxvHzWCY023c=
Subject key identifier: 0C:C8:0E:F2:E7:1D:82:62:3C:0D:81:7A:A1:95:8F:AF:62:9E:64:BA
Certificate issuer: /CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Certificate serial: 01884DE83959B6932260882BB433E77CFDA0
Authority key identifier: A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/DMgO8ucdgmI8DYF6oZWPr2KeZLo.roa
Signing time: Wed 24 May 2023 13:17:24 +0000
ROA not before: Wed 24 May 2023 13:17:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56595
IP address blocks: 188.241.20.0/22 maxlen: 24
95.215.9.0/24 maxlen: 24
185.7.230.0/23 maxlen: 23
46.226.0.0/21 maxlen: 21
185.73.152.0/22 maxlen: 22
185.7.228.0/22 maxlen: 22
185.7.228.0/23 maxlen: 23
89.32.88.0/21 maxlen: 21
185.34.8.0/22 maxlen: 22
185.100.68.0/22 maxlen: 22
192.124.197.0/24 maxlen: 24
192.124.198.0/24 maxlen: 24
185.122.64.0/22 maxlen: 22
192.124.193.0/24 maxlen: 24
192.124.194.0/23 maxlen: 23
192.124.203.0/24 maxlen: 24
192.124.206.0/23 maxlen: 23
192.124.200.0/24 maxlen: 24
193.33.125.0/24 maxlen: 24
91.240.174.0/24 maxlen: 24
185.240.200.0/22 maxlen: 22
195.230.123.0/24 maxlen: 24
2a00:a600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:e8:39:59:b6:93:22:60:88:2b:b4:33:e7:7c:fd:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Validity
Not Before: May 24 13:17:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cc80ef2e71d82623c0d817aa1958faf629e64ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bf:55:29:f6:ef:c7:50:46:47:bc:dd:29:8b:
d9:74:21:71:e2:a3:d4:27:e8:62:b1:c5:53:ab:94:
02:e1:0e:a3:4a:c3:20:ab:bb:e4:e7:9b:8d:dd:85:
48:6f:dc:9f:f1:04:85:71:ed:ad:33:85:b8:15:1a:
e7:03:9e:2f:bf:4c:e4:f4:0e:c7:9f:95:22:25:b5:
e7:35:ed:c5:50:33:a1:cb:90:7d:09:15:48:8e:17:
55:bf:70:d0:bb:ae:45:bd:13:7e:b2:76:f3:bd:1c:
ff:14:2e:4e:59:56:73:5d:8f:e3:1b:9c:05:db:a2:
3e:c8:2c:cf:3a:63:70:fb:73:51:11:49:21:35:55:
8e:5b:a3:8f:f6:08:89:8b:a4:08:d0:e7:4e:1d:c1:
b7:01:1e:56:18:f8:ca:35:11:34:9b:a9:1f:3c:a8:
e4:47:8e:89:7d:98:1f:75:dd:64:dc:fe:af:f7:fb:
bc:a2:29:49:fa:a2:9a:42:1b:02:33:af:90:76:cd:
90:3f:55:39:64:2e:00:48:b2:34:34:44:fc:1c:27:
3e:23:42:ca:d6:2f:fa:ed:63:dd:ff:87:5f:68:22:
2c:cd:33:b1:bf:0f:17:bd:4c:a7:05:9f:6d:90:19:
23:ed:6c:d3:d8:e5:7e:93:2f:25:26:2f:65:f5:03:
69:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C8:0E:F2:E7:1D:82:62:3C:0D:81:7A:A1:95:8F:AF:62:9E:64:BA
X509v3 Authority Key Identifier:
keyid:A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/DMgO8ucdgmI8DYF6oZWPr2KeZLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.0.0/21
89.32.88.0/21
91.240.174.0/24
95.215.9.0/24
185.7.228.0/22
185.34.8.0/22
185.73.152.0/22
185.100.68.0/22
185.122.64.0/22
185.240.200.0/22
188.241.20.0/22
192.124.193.0-192.124.195.255
192.124.197.0-192.124.198.255
192.124.200.0/24
192.124.203.0/24
192.124.206.0/23
193.33.125.0/24
195.230.123.0/24
IPv6:
2a00:a600::/32
Signature Algorithm: sha256WithRSAEncryption
2a:d6:84:88:91:ff:30:1c:96:b8:23:28:16:c1:43:59:b0:2e:
ae:ea:4c:f3:10:e2:bd:18:52:fa:fb:79:a8:8f:0e:41:01:e1:
c3:0d:87:bb:d8:70:29:c8:b0:e3:21:c9:50:ef:89:19:ea:7b:
2b:b0:a3:ef:1b:54:05:8d:be:ec:f9:0a:4b:32:ef:c5:b8:b6:
da:12:52:e1:e5:7b:b0:7f:58:9c:13:0e:00:5c:b7:73:a8:b4:
ae:4b:cb:e6:6c:4d:6f:43:e9:a9:e3:40:c9:2e:72:a2:8d:33:
fb:00:a7:4c:9e:74:e2:75:e8:16:cb:e3:fc:8b:5f:f0:fc:75:
0c:cf:d6:5b:66:da:55:10:4c:57:5a:0a:41:58:29:43:53:53:
43:66:96:5a:65:68:7f:f4:5d:9c:d5:17:5e:ed:61:6d:46:45:
43:2e:1f:3c:6f:1c:b5:91:50:52:aa:b6:26:07:fa:8d:59:48:
22:1b:c6:c3:a4:b7:fe:01:85:48:23:69:e9:79:1a:8a:76:0c:
91:73:c9:c3:b6:04:5b:73:3c:0d:eb:3c:ba:2f:92:63:18:48:
98:47:7e:df:aa:c1:2e:02:c9:69:8a:01:30:c0:28:51:cf:b9:
d5:e8:72:51:b0:61:ba:b4:b1:3e:e4:e6:e9:40:d0:bf:ba:7d:
39:ff:52:6e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYhN6DlZtpMiYIgrtDPnfP2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjVmZTY3YzIwNzk3ZDM5NDE1NTU1NTRmOGM5ODhjYTJm
N2MxN2IwHhcNMjMwNTI0MTMxNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2M4MGVmMmU3MWQ4MjYyM2MwZDgxN2FhMTk1OGZhZjYyOWU2NGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwb9VKfbvx1BGR7zdKYvZdCFx4qPU
J+hiscVTq5QC4Q6jSsMgq7vk55uN3YVIb9yf8QSFce2tM4W4FRrnA54vv0zk9A7H
n5UiJbXnNe3FUDOhy5B9CRVIjhdVv3DQu65FvRN+snbzvRz/FC5OWVZzXY/jG5wF
26I+yCzPOmNw+3NREUkhNVWOW6OP9giJi6QI0OdOHcG3AR5WGPjKNRE0m6kfPKjk
R46JfZgfdd1k3P6v9/u8oilJ+qKaQhsCM6+Qds2QP1U5ZC4ASLI0NET8HCc+I0LK
1i/67WPd/4dfaCIszTOxvw8XvUynBZ9tkBkj7WzT2OV+ky8lJi9l9QNphQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFAzIDvLnHYJiPA2BeqGVj69inmS6MB8GA1UdIwQY
MBaAFKi1/mfCB5fTlBVVVU+MmIyi98F7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQt
MWNjNjE5MTk3NTUxLzEvRE1nTzh1Y2RnbUk4RFlGNm9aV1ByMktlWkxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQtMWNjNjE5MTk3NTUx
LzEvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfAMEAy7i
AAMEA1kgWAMEAFvwrgMEAF/XCQMEArkH5AMEArkiCAMEArlJmAMEArlkRAMEArl6
QAMEArnwyAMEArzxFDAMAwQAwHzBAwQCwHzAMAwDBADAfMUDBADAfMYDBADAfMgD
BADAfMsDBAHAfM4DBADBIX0DBADD5nswDQQCAAIwBwMFACoApgAwDQYJKoZIhvcN
AQELBQADggEBACrWhIiR/zAclrgjKBbBQ1mwLq7qTPMQ4r0YUvr7eaiPDkEB4cMN
h7vYcCnIsOMhyVDviRnqeyuwo+8bVAWNvuz5Cksy78W4ttoSUuHle7B/WJwTDgBc
t3OotK5Ly+ZsTW9D6anjQMkucqKNM/sAp0yedOJ16BbL4/yLX/D8dQzP1ltm2lUQ
TFdaCkFYKUNTU0NmllplaH/0XZzVF17tYW1GRUMuHzxvHLWRUFKqtiYH+o1ZSCIb
xsOkt/4BhUgjael5Gop2DJFzycO2BFtzPA3rPLovkmMYSJhHft+qwS4CyWmKATDA
KFHPudXoclGwYbq0sT7k5ulA0L+6fTn/Um4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:24 2025 by rpki-client