Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/Domz18fc50yGPfqd0RaCF97eRjI.roa
File: Domz18fc50yGPfqd0RaCF97eRjI.roa (raw, json)
Hash identifier: 6nKmp2bmxcja7JC6KNSM+rBLH1xgqlE6tViQRGaNQh4=
Subject key identifier: 0E:89:B3:D7:C7:DC:E7:4C:86:3D:FA:9D:D1:16:82:17:DE:DE:46:32
Certificate issuer: /CN=1a6a1413cc8965ee92416b6059f90b18778c8b38
Certificate serial: 018378AC6A3529531CC4511DD5AA59CB5D9C
Authority key identifier: 1A:6A:14:13:CC:89:65:EE:92:41:6B:60:59:F9:0B:18:77:8C:8B:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GmoUE8yJZe6SQWtgWfkLGHeMizg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/Domz18fc50yGPfqd0RaCF97eRjI.roa
Signing time: Mon 26 Sep 2022 07:21:48 +0000
ROA not before: Mon 26 Sep 2022 07:21:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5385
IP address blocks: 194.208.56.0/24 maxlen: 24
194.208.52.0/24 maxlen: 24
194.208.63.0/24 maxlen: 24
194.208.61.0/24 maxlen: 24
194.208.62.0/24 maxlen: 24
194.208.60.0/24 maxlen: 24
194.208.68.0/24 maxlen: 24
194.208.76.0/24 maxlen: 24
194.208.77.0/24 maxlen: 24
194.208.74.0/24 maxlen: 24
194.208.72.0/24 maxlen: 24
194.208.78.0/24 maxlen: 24
194.208.83.0/24 maxlen: 24
194.208.82.0/24 maxlen: 24
194.208.80.0/24 maxlen: 24
194.208.81.0/24 maxlen: 24
194.208.79.0/24 maxlen: 24
194.208.89.0/24 maxlen: 24
194.208.96.0/23 maxlen: 23
194.208.94.0/24 maxlen: 24
194.208.92.0/24 maxlen: 24
194.208.93.0/24 maxlen: 24
194.208.104.0/24 maxlen: 24
194.208.105.0/24 maxlen: 24
194.208.102.0/24 maxlen: 24
194.208.1.0/24 maxlen: 24
194.208.0.0/17 maxlen: 17
194.208.7.0/24 maxlen: 24
194.208.10.0/24 maxlen: 24
194.208.11.0/24 maxlen: 24
194.208.17.0/24 maxlen: 24
194.208.15.0/24 maxlen: 24
194.208.12.0/24 maxlen: 24
194.208.13.0/24 maxlen: 24
194.208.18.0/24 maxlen: 24
194.208.23.0/24 maxlen: 24
194.208.25.0/24 maxlen: 24
194.208.43.0/24 maxlen: 24
194.208.42.0/24 maxlen: 24
194.208.40.0/24 maxlen: 24
194.208.41.0/24 maxlen: 24
194.208.49.0/24 maxlen: 24
194.208.45.0/24 maxlen: 24
194.208.46.0/24 maxlen: 24
194.208.51.0/24 maxlen: 24
194.208.160.0/20 maxlen: 20
194.208.186.0/24 maxlen: 24
194.208.184.0/21 maxlen: 21
194.208.187.0/24 maxlen: 24
194.208.192.0/18 maxlen: 18
194.208.207.0/24 maxlen: 24
194.208.108.0/24 maxlen: 24
194.208.107.0/24 maxlen: 24
194.208.116.0/24 maxlen: 24
194.208.117.0/24 maxlen: 24
194.208.120.0/24 maxlen: 24
194.208.121.0/24 maxlen: 24
194.208.127.0/24 maxlen: 24
194.183.148.0/24 maxlen: 24
194.183.146.0/24 maxlen: 24
194.183.147.0/24 maxlen: 24
194.183.152.0/24 maxlen: 24
194.183.151.0/24 maxlen: 24
194.183.153.0/24 maxlen: 24
80.75.224.0/20 maxlen: 20
194.183.128.0/19 maxlen: 19
194.183.131.0/24 maxlen: 24
194.183.132.0/24 maxlen: 24
194.183.129.0/24 maxlen: 24
194.183.130.0/24 maxlen: 24
194.183.128.0/24 maxlen: 24
194.183.138.0/24 maxlen: 24
194.183.136.0/24 maxlen: 24
194.183.137.0/24 maxlen: 24
194.183.140.0/24 maxlen: 24
194.183.143.0/24 maxlen: 24
194.208.243.0/24 maxlen: 24
194.208.245.0/24 maxlen: 24
2001:af8:6106::/48 maxlen: 48
2001:af8::/32 maxlen: 32
2001:af8:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:78:ac:6a:35:29:53:1c:c4:51:1d:d5:aa:59:cb:5d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a6a1413cc8965ee92416b6059f90b18778c8b38
Validity
Not Before: Sep 26 07:21:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e89b3d7c7dce74c863dfa9dd1168217dede4632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9f:31:ea:1c:cc:12:be:ca:f7:07:30:8c:12:
ab:38:a0:df:0c:97:81:3d:9a:5b:3f:d6:5b:68:7c:
47:f4:57:53:90:83:a1:b6:85:67:71:2d:19:dc:fa:
ad:5d:86:2a:58:0d:9d:da:47:d7:b5:d5:2c:61:80:
c1:36:d3:5a:07:b0:b3:5b:74:ad:f5:38:7f:e4:e1:
d5:a1:dc:a5:8a:65:f0:86:a0:fa:31:30:78:54:38:
a9:70:6f:e2:dc:b4:9c:8b:d2:5f:2d:1b:2d:5e:56:
22:0b:fc:a3:70:ac:9e:fa:a0:0a:88:38:f2:35:09:
94:77:14:e8:46:c9:f5:b1:19:0c:a7:8b:dd:ac:6c:
5b:8e:05:17:51:a1:3b:73:8a:dd:dd:8d:2d:83:2b:
ab:9b:09:c4:01:e3:ba:52:6f:3d:e7:ad:22:51:1d:
05:57:6b:c4:97:c3:0f:ab:47:05:d9:d9:de:14:1c:
c3:e8:00:34:9e:a8:e0:36:6d:79:f9:5c:ab:40:49:
1b:ff:76:42:2a:3f:4b:a0:65:53:d2:34:e2:0e:dc:
bd:0f:d4:29:bb:11:a4:10:22:97:55:7a:e1:94:fd:
ce:43:b3:a0:1f:53:07:8c:b5:a1:97:96:1f:76:0a:
5e:c7:a5:43:c3:5b:8f:20:61:d3:3d:ac:5a:d2:e2:
55:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:89:B3:D7:C7:DC:E7:4C:86:3D:FA:9D:D1:16:82:17:DE:DE:46:32
X509v3 Authority Key Identifier:
keyid:1A:6A:14:13:CC:89:65:EE:92:41:6B:60:59:F9:0B:18:77:8C:8B:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmoUE8yJZe6SQWtgWfkLGHeMizg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/Domz18fc50yGPfqd0RaCF97eRjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/GmoUE8yJZe6SQWtgWfkLGHeMizg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.75.224.0/20
194.183.128.0/19
194.208.0.0/17
194.208.160.0/20
194.208.184.0-194.208.255.255
IPv6:
2001:af8::/32
Signature Algorithm: sha256WithRSAEncryption
84:1f:c8:34:b5:f4:54:7a:b9:e4:a2:b9:9b:81:68:4e:95:ef:
bf:f0:8e:6f:a0:68:cb:ea:72:45:35:bc:e3:75:6b:27:f5:a7:
bf:93:97:33:9c:b4:a1:be:6b:d9:da:af:f4:a9:79:36:d2:a3:
df:c4:c5:71:70:07:7f:ce:98:3e:12:29:f0:aa:fd:66:3a:87:
90:8b:90:b3:91:60:24:1a:b3:0e:32:69:1d:e4:2e:62:62:4a:
a9:83:b3:4b:d7:38:51:30:54:68:06:8d:b8:a1:3b:a9:79:33:
fa:59:e6:c8:7f:83:c7:f3:a6:09:a4:8c:0e:eb:93:4f:86:a4:
98:b1:89:33:b8:96:10:c1:ad:de:fc:fa:c7:ec:14:9b:84:76:
12:90:70:d9:60:1d:40:48:75:22:fe:a8:a3:61:86:96:de:cb:
a4:1a:46:ff:07:5a:2e:7a:f1:49:d6:22:1e:5b:a4:32:43:f7:
1b:96:27:62:d2:60:be:79:df:ec:32:20:c6:56:80:30:11:d3:
ba:17:85:ab:e1:d3:6c:6f:68:06:34:fc:81:5f:b1:79:03:73:
d4:af:f7:a6:71:00:33:5c:cc:90:f7:67:b2:d0:11:8a:39:8c:
cc:79:08:83:84:f9:17:5d:fc:88:1c:cc:af:f0:4a:ae:7b:41:
69:8d:62:2f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYN4rGo1KVMcxFEd1apZy12cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNmExNDEzY2M4OTY1ZWU5MjQxNmI2MDU5ZjkwYjE4Nzc4
YzhiMzgwHhcNMjIwOTI2MDcyMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTg5YjNkN2M3ZGNlNzRjODYzZGZhOWRkMTE2ODIxN2RlZGU0NjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ8x6hzMEr7K9wcwjBKrOKDfDJeB
PZpbP9ZbaHxH9FdTkIOhtoVncS0Z3PqtXYYqWA2d2kfXtdUsYYDBNtNaB7CzW3St
9Th/5OHVodylimXwhqD6MTB4VDipcG/i3LSci9JfLRstXlYiC/yjcKye+qAKiDjy
NQmUdxToRsn1sRkMp4vdrGxbjgUXUaE7c4rd3Y0tgyurmwnEAeO6Um89560iUR0F
V2vEl8MPq0cF2dneFBzD6AA0nqjgNm15+VyrQEkb/3ZCKj9LoGVT0jTiDty9D9Qp
uxGkECKXVXrhlP3OQ7OgH1MHjLWhl5Yfdgpex6VDw1uPIGHTPaxa0uJV5QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFA6Js9fH3OdMhj36ndEWghfe3kYyMB8GA1UdIwQY
MBaAFBpqFBPMiWXukkFrYFn5Cxh3jIs4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21vVUU4eUpaZTZTUVd0Z1dma0xHSGVNaXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81OWE0M2YtODgxYS00OGVkLTljM2Ut
ODJjMDg1YTkyNzc3LzEvRG9tejE4ZmM1MHlHUGZxZDBSYUNGOTdlUmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81OWE0M2YtODgxYS00OGVkLTljM2UtODJjMDg1YTkyNzc3
LzEvR21vVUU4eUpaZTZTUVd0Z1dma0xHSGVNaXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQEUEvgAwQF
wreAAwQHwtAAAwQEwtCgMAsDBAPC0LgDAwDC0DANBAIAAjAHAwUAIAEK+DANBgkq
hkiG9w0BAQsFAAOCAQEAhB/INLX0VHq55KK5m4FoTpXvv/COb6Boy+pyRTW843Vr
J/Wnv5OXM5y0ob5r2dqv9Kl5NtKj38TFcXAHf86YPhIp8Kr9ZjqHkIuQs5FgJBqz
DjJpHeQuYmJKqYOzS9c4UTBUaAaNuKE7qXkz+lnmyH+Dx/OmCaSMDuuTT4akmLGJ
M7iWEMGt3vz6x+wUm4R2EpBw2WAdQEh1Iv6oo2GGlt7LpBpG/wdaLnrxSdYiHluk
MkP3G5YnYtJgvnnf7DIgxlaAMBHTuheFq+HTbG9oBjT8gV+xeQNz1K/3pnEAM1zM
kPdnstARijmMzHkIg4T5F138iBzMr/BKrntBaY1iLw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:43 2025 by rpki-client