Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/0CE_HwZxHWzn5AlTW0v2Tykrrmg.roa
File: 0CE_HwZxHWzn5AlTW0v2Tykrrmg.roa (raw, json)
Hash identifier: 2g/pIMHhGe2zm8CVrH2PHoKAm4qvltohZ6xg35wZZrw=
Subject key identifier: D0:21:3F:1F:06:71:1D:6C:E7:E4:09:53:5B:4B:F6:4F:29:2B:AE:68
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 09B43322
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/0CE_HwZxHWzn5AlTW0v2Tykrrmg.roa
Signing time: Sat 01 Jan 2022 13:55:42 +0000
ROA not before: Sat 01 Jan 2022 13:55:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39537
IP address blocks: 185.49.236.0/22 maxlen: 24
109.69.80.0/21 maxlen: 24
185.71.24.0/22 maxlen: 24
185.33.184.0/22 maxlen: 24
94.199.184.0/21 maxlen: 24
195.94.112.0/20 maxlen: 24
185.11.240.0/22 maxlen: 24
151.236.208.0/21 maxlen: 24
94.190.240.0/21 maxlen: 24
185.68.0.0/22 maxlen: 24
93.95.8.0/21 maxlen: 24
185.122.216.0/22 maxlen: 24
31.210.128.0/21 maxlen: 24
37.35.88.0/21 maxlen: 24
185.31.252.0/22 maxlen: 24
87.237.64.0/21 maxlen: 24
2a04:5ac0::/29 maxlen: 36
2a03:25e0::/32 maxlen: 36
2a00:e620::/32 maxlen: 36
2a0a:fd80::/29 maxlen: 36
2a01:500::/29 maxlen: 32
2a01:b280::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162804514 (0x9b43322)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 13:55:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0213f1f06711d6ce7e409535b4bf64f292bae68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:10:65:94:1a:7a:67:ec:15:54:32:e4:b1:2d:
08:02:51:32:cd:f9:be:12:9c:a5:aa:23:97:54:6f:
06:22:5f:c4:87:be:a5:b8:a8:59:70:2b:2f:44:ee:
b8:13:7c:7e:7d:35:f9:65:ae:08:ed:28:95:cb:34:
c3:a7:27:16:7d:5a:32:e2:67:5e:e6:22:ff:5c:68:
4f:e9:67:63:00:19:78:8e:94:fa:a8:40:05:f9:89:
24:e0:46:8d:49:93:3a:7e:5d:aa:9d:20:6a:4c:33:
ad:0a:52:a0:1c:5a:ba:d4:69:c5:61:72:4c:3e:ed:
75:79:64:5b:be:f6:2f:fe:1b:6b:e0:ca:b1:00:fa:
b9:de:f0:c9:36:b1:20:dd:0b:2e:bb:bc:b4:fa:a5:
cc:b3:c8:dd:89:e0:47:b5:f0:a9:20:d2:2d:1a:a7:
25:6a:b8:8e:65:17:6a:b5:21:3b:56:9c:e1:ce:34:
8f:03:a2:06:dd:9b:26:ae:9d:ee:bc:11:1b:65:dd:
21:9e:9a:47:cb:33:91:4e:bd:b8:4a:a1:92:3e:f9:
1a:41:c7:df:a4:55:62:69:66:cf:0a:b2:1d:c2:28:
75:b0:29:60:b7:6a:b7:ec:36:6d:8d:cc:c1:60:69:
8d:4d:4a:80:13:4a:9b:25:77:f0:05:ba:54:7c:0c:
39:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:21:3F:1F:06:71:1D:6C:E7:E4:09:53:5B:4B:F6:4F:29:2B:AE:68
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/0CE_HwZxHWzn5AlTW0v2Tykrrmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.128.0/21
37.35.88.0/21
87.237.64.0/21
93.95.8.0/21
94.190.240.0/21
94.199.184.0/21
109.69.80.0/21
151.236.208.0/21
185.11.240.0/22
185.31.252.0/22
185.33.184.0/22
185.49.236.0/22
185.68.0.0/22
185.71.24.0/22
185.122.216.0/22
195.94.112.0/20
IPv6:
2a00:e620::/32
2a01:500::/29
2a01:b280::/29
2a03:25e0::/32
2a04:5ac0::/29
2a0a:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
09:06:10:0b:ae:9f:e6:6f:40:74:1b:4c:f0:3b:c1:1c:e2:2c:
82:25:c2:cc:32:f0:0c:2e:b6:e0:4c:f7:9b:16:3c:94:a1:db:
c4:04:fb:74:a1:3c:7e:2e:d6:da:6b:69:f7:6b:f6:53:fc:d2:
60:03:e1:29:ce:fb:f9:c1:b3:4c:e6:4e:14:81:7c:53:14:ab:
18:52:1f:8f:f4:2b:65:98:bc:78:57:48:b0:79:cb:73:10:35:
13:0f:04:00:c5:a6:9f:aa:5a:de:1e:02:48:73:ef:67:7c:57:
83:23:b5:17:f2:35:c6:2b:b2:5b:2f:09:8a:0a:27:3e:83:31:
ff:e6:67:45:f2:17:67:b8:d4:df:48:8a:17:80:ab:2b:d4:d7:
44:c3:6c:93:74:62:c8:2f:92:d9:37:87:4d:95:12:65:33:75:
51:e7:af:ea:ab:a2:c7:8d:86:3a:ac:61:3b:10:23:78:38:51:
94:ec:72:a9:72:8c:74:74:da:2f:e8:1c:86:8d:4b:3d:ff:8c:
cc:ef:c5:01:ab:7d:e8:4f:c5:7e:d5:62:4e:dd:03:88:ae:e3:
e0:93:50:4a:96:92:4f:4c:8d:ca:bb:b0:7e:be:09:dd:64:e2:
02:40:63:e7:75:42:d4:63:f0:57:f6:46:6c:eb:66:ec:e9:36:
5e:81:de:b0
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIECbQzIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ODRkNjFjZDE3ZWQ5MmU1NGJiMzM5N2YxZTVhNmIzOTA0YWM2ZjA1MB4XDTIyMDEw
MTEzNTU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDAyMTNmMWYwNjcx
MWQ2Y2U3ZTQwOTUzNWI0YmY2NGYyOTJiYWU2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUQZZQaemfsFVQy5LEtCAJRMs35vhKcpaojl1RvBiJfxIe+
pbioWXArL0TuuBN8fn01+WWuCO0olcs0w6cnFn1aMuJnXuYi/1xoT+lnYwAZeI6U
+qhABfmJJOBGjUmTOn5dqp0gakwzrQpSoBxautRpxWFyTD7tdXlkW772L/4ba+DK
sQD6ud7wyTaxIN0LLru8tPqlzLPI3YngR7XwqSDSLRqnJWq4jmUXarUhO1ac4c40
jwOiBt2bJq6d7rwRG2XdIZ6aR8szkU69uEqhkj75GkHH36RVYmlmzwqyHcIodbAp
YLdqt+w2bY3MwWBpjU1KgBNKmyV38AW6VHwMOZ8CAwEAAaOCApgwggKUMB0GA1Ud
DgQWBBTQIT8fBnEdbOfkCVNbS/ZPKSuuaDAfBgNVHSMEGDAWgBTITWHNF+2S5Uuz
OX8eWms5BKxvBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lFMWh6UmZ0a3VWTHN6bF9IbHByT1FTc2J3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRjNC8x
LzBDRV9Id1p4SFd6bjVBbFRXMHYyVHlrcnJtZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
ODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRjNC8xL3lFMWh6UmZ0a3VW
THN6bF9IbHByT1FTc2J3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rQYIKwYBBQUHAQcBAf8EgZ0wgZowZgQCAAEwYAMEAx/SgAMEAyUjWAMEA1ftQAME
A11fCAMEA16+8AMEA17HuAMEA21FUAMEA5fs0AMEArkL8AMEArkf/AMEArkhuAME
Arkx7AMEArlEAAMEArlHGAMEArl62AMEBMNecDAwBAIAAjAqAwUAKgDmIAMFAyoB
BQADBQMqAbKAAwUAKgMl4AMFAyoEWsADBQMqCv2AMA0GCSqGSIb3DQEBCwUAA4IB
AQAJBhALrp/mb0B0G0zwO8Ec4iyCJcLMMvAMLrbgTPebFjyUodvEBPt0oTx+Ltba
a2n3a/ZT/NJgA+Epzvv5wbNM5k4UgXxTFKsYUh+P9CtlmLx4V0iwectzEDUTDwQA
xaafqlreHgJIc+9nfFeDI7UX8jXGK7JbLwmKCic+gzH/5mdF8hdnuNTfSIoXgKsr
1NdEw2yTdGLIL5LZN4dNlRJlM3VR56/qq6LHjYY6rGE7ECN4OFGU7HKpcox0dNov
6ByGjUs9/4zM78UBq33oT8V+1WJO3QOIruPgk1BKlpJPTI3Ku7B+vgndZOICQGPn
dULUY/BX9kZs62bs6TZegd6w
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:38 2024 by rpki-client on console-ams.rpki-client.org