Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/OWwYGkafvKeCws5PiyvoxIKHq3I.roa
File: OWwYGkafvKeCws5PiyvoxIKHq3I.roa (raw, json)
Hash identifier: elzHIFb7h6xUP3dB4m0inO/7m/W7oOF4nU3FJC29HLI=
Subject key identifier: 39:6C:18:1A:46:9F:BC:A7:82:C2:CE:4F:8B:2B:E8:C4:82:87:AB:72
Certificate issuer: /CN=24cacceee35ff87cd678ef6a92262cefce8492df
Certificate serial: 01842372B647D9E5CECD3AD88CB3AA4F08EC
Authority key identifier: 24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/OWwYGkafvKeCws5PiyvoxIKHq3I.roa
Signing time: Sat 29 Oct 2022 11:13:51 +0000
ROA not before: Sat 29 Oct 2022 11:13:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48944
IP address blocks: 109.72.192.0/20 maxlen: 20
109.238.176.0/20 maxlen: 20
109.238.184.0/24 maxlen: 24
185.246.4.0/22 maxlen: 22
5.23.112.0/21 maxlen: 21
176.67.64.0/20 maxlen: 20
185.11.176.0/22 maxlen: 22
95.130.58.0/24 maxlen: 24
95.130.57.0/24 maxlen: 24
95.130.56.0/24 maxlen: 24
95.130.56.0/21 maxlen: 21
95.130.59.0/24 maxlen: 24
95.130.63.0/24 maxlen: 24
95.130.62.0/24 maxlen: 24
95.130.61.0/24 maxlen: 24
95.130.60.0/24 maxlen: 24
2a02:d2c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:23:72:b6:47:d9:e5:ce:cd:3a:d8:8c:b3:aa:4f:08:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cacceee35ff87cd678ef6a92262cefce8492df
Validity
Not Before: Oct 29 11:13:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=396c181a469fbca782c2ce4f8b2be8c48287ab72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:00:c0:de:fb:8e:d5:21:1a:b6:90:42:22:9b:
ee:4e:9d:f6:3d:f4:9e:f8:3f:26:b0:49:49:9b:c7:
d5:0e:3b:22:01:8f:4d:c6:6c:e5:0d:40:6b:bc:0d:
fa:d4:38:b6:6d:be:c7:eb:36:4b:e7:38:9a:53:77:
b7:7a:91:b1:91:f5:33:a2:31:96:74:fb:64:0e:ae:
59:06:ec:38:84:3c:cb:3d:15:20:ef:8f:2e:dd:f9:
65:30:9f:9e:df:17:95:30:41:51:28:ed:21:ca:1c:
a5:35:f4:74:18:98:51:51:c9:cb:e6:31:cd:49:61:
87:69:92:ce:76:08:12:24:d7:22:c0:54:e8:29:0a:
5c:9f:e5:d1:be:6a:17:3a:a8:7c:51:a7:0c:f2:f0:
af:c3:0f:14:1e:82:bd:f7:45:26:19:7b:33:dd:f6:
85:ff:7e:bc:76:54:fc:c7:f7:c1:f8:43:88:f7:80:
62:0b:a8:65:0b:79:5c:9f:72:d3:6f:9a:e5:ea:fc:
3a:e3:7a:7a:b5:65:b6:f1:d5:61:b8:8c:85:cb:d9:
9a:70:39:ad:b3:f1:1f:00:db:2b:ec:94:dc:22:8d:
04:54:aa:e6:df:79:a3:17:45:3d:09:39:5a:cd:39:
73:27:65:11:ae:8b:50:e5:8e:17:1f:99:f3:fa:40:
6d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6C:18:1A:46:9F:BC:A7:82:C2:CE:4F:8B:2B:E8:C4:82:87:AB:72
X509v3 Authority Key Identifier:
keyid:24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/OWwYGkafvKeCws5PiyvoxIKHq3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.112.0/21
95.130.56.0/21
109.72.192.0/20
109.238.176.0/20
176.67.64.0/20
185.11.176.0/22
185.246.4.0/22
IPv6:
2a02:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
77:34:33:97:82:94:48:4a:95:0c:79:f8:bc:d5:67:95:26:11:
4d:ed:69:1b:be:19:44:cc:e7:8e:9e:ed:3c:54:95:e1:5b:b8:
ea:1d:02:4d:6b:6c:a0:0a:d5:d5:ba:78:23:c9:b7:fb:cc:85:
78:f6:e9:f9:24:09:4c:1f:f6:a9:24:3e:81:d4:4a:26:ae:6c:
d5:5c:23:77:5c:e9:82:ab:f8:ac:4e:b2:6f:d6:22:04:a9:a4:
df:a7:6e:0b:73:32:69:6b:08:52:31:c2:a5:bf:ba:df:2a:72:
b2:d8:cf:eb:10:b3:0d:f4:22:7a:35:9a:f3:29:b9:8f:4f:ec:
ca:29:54:bb:40:5d:f9:fd:4f:08:7b:90:77:ed:ad:cd:9a:e1:
ee:6c:51:d3:11:3d:e4:e4:7f:62:4a:39:48:65:31:8a:50:4a:
cf:b7:2a:73:67:16:ff:bb:72:98:30:87:5d:45:4a:80:6b:44:
de:c1:d5:c2:23:40:3e:ad:55:6d:29:d1:65:bd:22:f3:67:61:
f9:a9:e1:a9:b7:a1:60:51:bc:95:f5:80:08:c8:a1:85:c2:7a:
fb:0e:bc:d1:2f:38:44:03:7f:99:37:41:a2:c0:71:87:3d:3e:
6f:af:cf:38:a8:4c:04:d0:b7:6e:6d:fe:62:7f:fe:9b:ca:61:
de:75:d1:07
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYQjcrZH2eXOzTrYjLOqTwjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2FjY2VlZTM1ZmY4N2NkNjc4ZWY2YTkyMjYyY2VmY2U4
NDkyZGYwHhcNMjIxMDI5MTExMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTZjMTgxYTQ2OWZiY2E3ODJjMmNlNGY4YjJiZThjNDgyODdhYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgDA3vuO1SEatpBCIpvuTp32PfSe
+D8msElJm8fVDjsiAY9NxmzlDUBrvA361Di2bb7H6zZL5ziaU3e3epGxkfUzojGW
dPtkDq5ZBuw4hDzLPRUg748u3fllMJ+e3xeVMEFRKO0hyhylNfR0GJhRUcnL5jHN
SWGHaZLOdggSJNciwFToKQpcn+XRvmoXOqh8UacM8vCvww8UHoK990UmGXsz3faF
/368dlT8x/fB+EOI94BiC6hlC3lcn3LTb5rl6vw643p6tWW28dVhuIyFy9macDmt
s/EfANsr7JTcIo0EVKrm33mjF0U9CTlazTlzJ2URrotQ5Y4XH5nz+kBtQwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDlsGBpGn7yngsLOT4sr6MSCh6tyMB8GA1UdIwQY
MBaAFCTKzO7jX/h81njvapImLO/OhJLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAt
YTI5ZWIxMzllNzlkLzEvT1d3WUdrYWZ2S2VDd3M1UGl5dm94SUtIcTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAtYTI5ZWIxMzllNzlk
LzEvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBRdwAwQD
X4I4AwQEbUjAAwQEbe6wAwQEsENAAwQCuQuwAwQCufYEMA0EAgACMAcDBQMqAtLA
MA0GCSqGSIb3DQEBCwUAA4IBAQB3NDOXgpRISpUMefi81WeVJhFN7WkbvhlEzOeO
nu08VJXhW7jqHQJNa2ygCtXVungjybf7zIV49un5JAlMH/apJD6B1EomrmzVXCN3
XOmCq/isTrJv1iIEqaTfp24LczJpawhSMcKlv7rfKnKy2M/rELMN9CJ6NZrzKbmP
T+zKKVS7QF35/U8Ie5B37a3NmuHubFHTET3k5H9iSjlIZTGKUErPtypzZxb/u3KY
MIddRUqAa0TewdXCI0A+rVVtKdFlvSLzZ2H5qeGpt6FgUbyV9YAIyKGFwnr7DrzR
LzhEA3+ZN0GiwHGHPT5vr884qEwE0Ldubf5if/6bymHeddEH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:11 2025 by rpki-client