Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/o7z4P-NDIvNGZDQCIdZrkZF-AEk.roa
File: o7z4P-NDIvNGZDQCIdZrkZF-AEk.roa (raw, json)
Hash identifier: 1GsKAWYfXWlZt++vzjusVpgYkWAZaQXTHAlRqhKDC9E=
Subject key identifier: A3:BC:F8:3F:E3:43:22:F3:46:64:34:02:21:D6:6B:91:91:7E:00:49
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0184137A9E520CBA68DA051C9D1C76108872
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/o7z4P-NDIvNGZDQCIdZrkZF-AEk.roa
Signing time: Wed 26 Oct 2022 08:48:33 +0000
ROA not before: Wed 26 Oct 2022 08:48:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35277
IP address blocks: 5.189.219.0/24 maxlen: 24
5.189.218.0/24 maxlen: 24
5.189.217.0/24 maxlen: 24
5.189.216.0/24 maxlen: 24
5.188.50.0/24 maxlen: 24
5.101.44.0/24 maxlen: 24
5.101.47.0/24 maxlen: 24
5.101.46.0/24 maxlen: 24
5.101.45.0/24 maxlen: 24
5.188.203.0/24 maxlen: 24
5.188.202.0/24 maxlen: 24
5.188.201.0/24 maxlen: 24
5.188.200.0/24 maxlen: 24
91.243.41.0/24 maxlen: 24
91.243.40.0/24 maxlen: 24
91.243.43.0/24 maxlen: 24
5.189.253.0/24 maxlen: 24
5.189.252.0/24 maxlen: 24
5.189.255.0/24 maxlen: 24
5.8.44.0/24 maxlen: 24
5.8.47.0/24 maxlen: 24
5.8.46.0/24 maxlen: 24
5.8.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:7a:9e:52:0c:ba:68:da:05:1c:9d:1c:76:10:88:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Oct 26 08:48:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3bcf83fe34322f34664340221d66b91917e0049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d3:ba:88:c7:ca:31:61:9e:ec:78:91:6b:4c:
9f:5c:81:1e:be:e0:91:ec:25:ec:e6:4c:7f:7f:d1:
4a:a2:72:f1:cf:bc:21:e8:6c:39:83:e4:bc:9a:6f:
52:00:b9:11:8f:67:0d:c0:74:e6:b5:e6:ff:87:b4:
a9:4f:86:21:4c:5d:99:da:e5:c9:6e:60:3f:e6:b8:
6c:ad:41:94:3c:3c:92:e4:79:25:3a:9a:10:3e:10:
2c:b6:98:14:f3:e3:f7:9f:0c:60:db:f1:7e:08:2a:
e2:f4:9f:f2:b6:0a:d4:68:b8:85:36:b8:a3:41:ca:
32:17:70:7b:d7:ed:34:c1:f1:65:80:4a:63:77:43:
d4:6b:40:a7:ea:f5:5e:2a:d3:c3:bb:ff:91:ad:1c:
55:ef:f0:e8:83:b1:34:7c:b5:95:89:43:f4:8a:6c:
a7:fb:a0:33:45:d1:07:9a:23:0e:2e:48:1f:7d:f0:
b3:44:02:25:22:71:72:c5:c7:fb:70:ee:60:34:ea:
ac:1b:32:6d:b8:0a:3b:38:4d:50:83:61:c5:a2:45:
cd:a2:e4:90:81:d9:09:64:c7:94:39:0a:ff:14:c7:
14:b6:19:10:61:27:2f:1a:52:6b:7a:18:4a:fa:6e:
94:61:27:2e:b3:2b:88:84:40:b1:77:2b:06:fe:4d:
c6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:BC:F8:3F:E3:43:22:F3:46:64:34:02:21:D6:6B:91:91:7E:00:49
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/o7z4P-NDIvNGZDQCIdZrkZF-AEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.44.0/22
5.101.44.0/22
5.188.50.0/24
5.188.200.0/22
5.189.216.0/22
5.189.252.0/23
5.189.255.0/24
91.243.40.0/23
91.243.43.0/24
Signature Algorithm: sha256WithRSAEncryption
84:58:43:da:c4:47:f1:df:cd:94:49:7e:8b:d3:21:5f:23:fa:
ae:69:6d:49:fc:b3:cc:6e:85:31:cb:0c:ec:6a:7c:50:29:0a:
56:04:bc:ac:75:d8:d4:fb:00:85:21:d0:81:e1:de:56:5c:b1:
ab:10:4e:55:1b:19:d7:c1:11:ec:94:0e:7d:c6:47:86:ee:7d:
82:76:1b:87:27:65:04:26:d5:c7:56:c0:e7:4b:00:2a:9c:f4:
ca:d3:c7:7c:86:ba:55:a0:63:3f:09:a4:13:fc:35:30:7d:ea:
c6:ac:ef:d7:3a:38:59:c2:1c:2e:a5:64:62:fc:94:96:98:84:
c3:47:76:e4:56:b8:c2:18:8a:15:06:16:3a:1b:bc:a6:50:2e:
36:13:75:b2:98:62:13:80:25:0b:9e:b0:b9:e0:7f:c7:86:0c:
13:58:d4:6f:0c:11:bc:2a:3e:ae:59:e1:cf:4f:39:de:95:ad:
c8:ab:34:c4:f1:37:cd:e7:2a:de:a7:64:64:b6:1b:96:48:4e:
ed:69:1b:ae:b0:62:82:30:f7:f8:af:5d:2a:ac:29:2b:4c:b8:
d1:f0:e7:f7:1e:dc:83:71:1b:1e:fd:ee:89:23:1e:5f:fc:74:
da:94:fa:a5:43:5c:db:df:bb:7e:26:f6:83:cd:f6:ac:10:03:
5f:9a:61:60
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYQTep5SDLpo2gUcnRx2EIhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIxMDI2MDg0ODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2JjZjgzZmUzNDMyMmYzNDY2NDM0MDIyMWQ2NmI5MTkxN2UwMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtO6iMfKMWGe7HiRa0yfXIEevuCR
7CXs5kx/f9FKonLxz7wh6Gw5g+S8mm9SALkRj2cNwHTmteb/h7SpT4YhTF2Z2uXJ
bmA/5rhsrUGUPDyS5HklOpoQPhAstpgU8+P3nwxg2/F+CCri9J/ytgrUaLiFNrij
QcoyF3B71+00wfFlgEpjd0PUa0Cn6vVeKtPDu/+RrRxV7/Dog7E0fLWViUP0imyn
+6AzRdEHmiMOLkgfffCzRAIlInFyxcf7cO5gNOqsGzJtuAo7OE1Qg2HFokXNouSQ
gdkJZMeUOQr/FMcUthkQYScvGlJrehhK+m6UYScusyuIhECxdysG/k3GDwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKO8+D/jQyLzRmQ0AiHWa5GRfgBJMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvbzd6NFAtTkRJdk5HWkRRQ0lkWnJrWkYtQUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCBQgsAwQC
BWUsAwQABbwyAwQCBbzIAwQCBb3YAwQBBb38AwQABb3/AwQBW/MoAwQAW/MrMA0G
CSqGSIb3DQEBCwUAA4IBAQCEWEPaxEfx382USX6L0yFfI/quaW1J/LPMboUxywzs
anxQKQpWBLysddjU+wCFIdCB4d5WXLGrEE5VGxnXwRHslA59xkeG7n2CdhuHJ2UE
JtXHVsDnSwAqnPTK08d8hrpVoGM/CaQT/DUwferGrO/XOjhZwhwupWRi/JSWmITD
R3bkVrjCGIoVBhY6G7ymUC42E3WymGITgCULnrC54H/HhgwTWNRvDBG8Kj6uWeHP
Tznela3IqzTE8TfN5yrep2RkthuWSE7taRuusGKCMPf4r10qrCkrTLjR8Of3HtyD
cRse/e6JIx5f/HTalPqlQ1zb37t+JvaDzfasEANfmmFg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:44 2023 by rpki-client on console-ams.rpki-client.org