Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/OZYS2KB1mZnJzb4qCkrMdss4Zoc.roa
File: OZYS2KB1mZnJzb4qCkrMdss4Zoc.roa (raw, json)
Hash identifier: A85ivPzvKSr3vW7vBG83O/6Of+4Ve+VMgMb9xpUCeyY=
Subject key identifier: 39:96:12:D8:A0:75:99:99:C9:CD:BE:2A:0A:4A:CC:76:CB:38:66:87
Certificate issuer: /CN=ba0d738dd28ff2549456ce66e744898372fc503d
Certificate serial: 0184A3C82F5E00396D1DA7B5D9E611E77D0B
Authority key identifier: BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/OZYS2KB1mZnJzb4qCkrMdss4Zoc.roa
Signing time: Wed 23 Nov 2022 09:18:36 +0000
ROA not before: Wed 23 Nov 2022 09:18:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31229
IP address blocks: 193.29.205.0/24 maxlen: 24
185.23.21.0/24 maxlen: 24
185.23.20.0/24 maxlen: 24
185.23.20.0/22 maxlen: 22
185.23.23.0/24 maxlen: 24
185.23.22.0/24 maxlen: 24
178.216.200.0/21 maxlen: 21
46.245.192.0/22 maxlen: 22
46.245.192.0/24 maxlen: 24
46.245.193.0/24 maxlen: 24
46.245.195.0/24 maxlen: 24
46.245.196.0/22 maxlen: 22
46.245.194.0/24 maxlen: 24
92.43.112.0/21 maxlen: 21
109.205.48.0/21 maxlen: 21
91.102.112.0/21 maxlen: 21
5.149.160.0/21 maxlen: 21
5.149.165.0/24 maxlen: 24
109.205.55.0/24 maxlen: 24
193.187.64.0/24 maxlen: 24
193.187.68.0/23 maxlen: 23
193.187.66.0/23 maxlen: 23
193.187.71.0/24 maxlen: 24
193.187.70.0/24 maxlen: 24
194.50.186.0/24 maxlen: 24
185.49.150.0/23 maxlen: 23
185.49.148.0/23 maxlen: 23
2a02:951::/32 maxlen: 32
2001:67c:6c8::/48 maxlen: 48
2a02:952::/32 maxlen: 32
2a02:950::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:c8:2f:5e:00:39:6d:1d:a7:b5:d9:e6:11:e7:7d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0d738dd28ff2549456ce66e744898372fc503d
Validity
Not Before: Nov 23 09:18:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=399612d8a0759999c9cdbe2a0a4acc76cb386687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:83:8e:e5:da:8b:0f:14:4a:eb:21:30:6b:9d:
ba:11:ea:fc:e1:c3:49:47:3d:4f:a8:18:55:8d:97:
37:d0:6c:b2:11:ab:16:c3:2f:00:03:f6:42:ab:3b:
7b:3e:70:06:c6:86:45:c2:81:4f:0d:b7:f5:31:13:
01:2b:c5:ab:f6:20:c0:0d:7e:b2:0f:2d:c1:6f:9d:
10:d3:1d:6e:51:a9:ee:08:df:ca:90:8e:d4:c0:e8:
19:69:8e:82:2e:db:ea:09:98:d3:0d:e9:f6:3b:d6:
7b:e3:10:94:6d:33:36:1b:6d:dc:f6:1d:be:a9:b4:
8f:65:a0:28:3d:64:99:69:36:ba:e5:16:ce:6f:bb:
51:85:79:2c:e4:ec:3d:53:b3:15:04:02:a7:de:79:
3e:45:79:0d:90:e7:be:b1:af:11:bd:f9:90:85:da:
46:ca:98:ca:4e:7e:1c:4b:cf:2a:61:77:44:b8:c8:
f1:4f:e1:df:29:a5:e6:13:1b:f4:af:ff:a7:88:3e:
e6:8d:fc:c2:b8:bd:7f:9b:52:07:e8:8a:27:31:61:
8c:ba:9d:3c:95:a0:6c:40:06:0e:2c:a2:14:2f:10:
05:d1:ec:9f:33:c3:77:ac:ff:a0:5c:81:43:03:28:
5c:2d:2b:f4:95:6d:b8:63:f9:80:94:c5:ac:6c:a9:
44:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:96:12:D8:A0:75:99:99:C9:CD:BE:2A:0A:4A:CC:76:CB:38:66:87
X509v3 Authority Key Identifier:
keyid:BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/OZYS2KB1mZnJzb4qCkrMdss4Zoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.160.0/21
46.245.192.0/21
91.102.112.0/21
92.43.112.0/21
109.205.48.0/21
178.216.200.0/21
185.23.20.0/22
185.49.148.0/22
193.29.205.0/24
193.187.64.0/24
193.187.66.0-193.187.71.255
194.50.186.0/24
IPv6:
2001:67c:6c8::/48
2a02:950::-2a02:952:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
10:5d:58:32:bf:94:6e:c7:7f:5f:60:42:93:a7:b6:64:fa:d3:
32:dc:97:e2:7d:2a:db:ad:da:0b:0e:1e:0a:44:3d:22:4b:82:
ff:d8:3b:89:6e:9a:84:3c:cd:ee:b7:93:96:da:88:51:f9:4d:
9d:ab:9b:8e:93:ae:8f:a7:81:ab:27:00:d1:b1:d2:22:c0:5a:
69:bd:6e:22:3e:9b:bd:27:f6:b1:69:3f:f0:cd:11:ae:9b:8e:
e0:48:1f:36:54:6d:ab:e6:ab:51:87:df:50:30:e8:17:76:71:
20:50:37:49:07:31:74:82:5e:15:cf:dc:6d:37:65:b5:a2:d0:
25:cf:ea:b4:c2:a7:3e:1d:c4:95:84:41:79:76:f7:29:15:8f:
0f:ac:76:06:47:ea:f1:cd:16:40:b9:0d:cb:9d:12:24:ae:4c:
58:1a:af:8e:eb:ca:1a:67:53:d9:dc:29:4d:dd:a7:0b:08:f4:
b6:eb:2f:37:be:3b:ce:86:2d:dc:6c:0a:f1:72:09:68:21:06:
9f:8d:72:fc:ef:29:df:21:52:70:32:7c:c7:b2:1d:47:a0:3c:
13:2e:cc:a3:15:60:1d:fe:75:de:d6:0a:8b:4f:c8:46:ce:a5:
01:6e:32:23:3e:98:3f:af:48:e2:13:02:fc:e2:6a:85:77:7a:
7a:f0:df:d7
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYSjyC9eADltHae12eYR530LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGQ3MzhkZDI4ZmYyNTQ5NDU2Y2U2NmU3NDQ4OTgzNzJm
YzUwM2QwHhcNMjIxMTIzMDkxODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTk2MTJkOGEwNzU5OTk5YzljZGJlMmEwYTRhY2M3NmNiMzg2Njg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYOO5dqLDxRK6yEwa526Eer84cNJ
Rz1PqBhVjZc30GyyEasWwy8AA/ZCqzt7PnAGxoZFwoFPDbf1MRMBK8Wr9iDADX6y
Dy3Bb50Q0x1uUanuCN/KkI7UwOgZaY6CLtvqCZjTDen2O9Z74xCUbTM2G23c9h2+
qbSPZaAoPWSZaTa65RbOb7tRhXks5Ow9U7MVBAKn3nk+RXkNkOe+sa8RvfmQhdpG
ypjKTn4cS88qYXdEuMjxT+HfKaXmExv0r/+niD7mjfzCuL1/m1IH6IonMWGMup08
laBsQAYOLKIULxAF0eyfM8N3rP+gXIFDAyhcLSv0lW24Y/mAlMWsbKlEuwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFDmWEtigdZmZyc2+KgpKzHbLOGaHMB8GA1UdIwQY
MBaAFLoNc43Sj/JUlFbOZudEiYNy/FA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYt
YmViNmRhMDM3NTVlLzEvT1pZUzJLQjFtWm5KemI0cUNrck1kc3M0Wm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYtYmViNmRhMDM3NTVl
LzEvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwVgQCAAEwUAMEAwWVoAME
Ay71wAMEA1tmcAMEA1wrcAMEA23NMAMEA7LYyAMEArkXFAMEArkxlAMEAMEdzQME
AMG7QDAMAwQBwbtCAwQDwbtAAwQAwjK6MB8EAgACMBkDBwAgAQZ8BsgwDgMFBCoC
CVADBQAqAglSMA0GCSqGSIb3DQEBCwUAA4IBAQAQXVgyv5Rux39fYEKTp7Zk+tMy
3JfifSrbrdoLDh4KRD0iS4L/2DuJbpqEPM3ut5OW2ohR+U2dq5uOk66Pp4GrJwDR
sdIiwFppvW4iPpu9J/axaT/wzRGum47gSB82VG2r5qtRh99QMOgXdnEgUDdJBzF0
gl4Vz9xtN2W1otAlz+q0wqc+HcSVhEF5dvcpFY8PrHYGR+rxzRZAuQ3LnRIkrkxY
Gq+O68oaZ1PZ3ClN3acLCPS26y83vjvOhi3cbArxcgloIQafjXL87ynfIVJwMnzH
sh1HoDwTLsyjFWAd/nXe1gqLT8hGzqUBbjIjPpg/r0jiEwL84mqFd3p68N/X
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:07 2023 by rpki-client on console-fra.rpki-client.org