Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/OBv74zXXCG0lVkxxyweeK3KvPc0.roa
File: OBv74zXXCG0lVkxxyweeK3KvPc0.roa (raw, json)
Hash identifier: t+L9r+J2S4BpMTrKjb1gzLoWYrkqgeMONhK9rBP4S6k=
Subject key identifier: 38:1B:FB:E3:35:D7:08:6D:25:56:4C:71:CB:07:9E:2B:72:AF:3D:CD
Certificate issuer: /CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Certificate serial: 01EF980F
Authority key identifier: AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/OBv74zXXCG0lVkxxyweeK3KvPc0.roa
Signing time: Sat 01 Jan 2022 03:53:12 +0000
ROA not before: Sat 01 Jan 2022 03:53:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34960
IP address blocks: 194.126.145.0/24 maxlen: 24
194.126.144.0/23 maxlen: 23
194.126.144.0/24 maxlen: 24
185.122.48.0/22 maxlen: 22
185.122.48.0/24 maxlen: 24
5.149.3.0/24 maxlen: 24
5.149.2.0/24 maxlen: 24
5.149.1.0/24 maxlen: 24
5.149.0.0/24 maxlen: 24
5.149.0.0/21 maxlen: 21
5.149.4.0/24 maxlen: 24
5.149.7.0/24 maxlen: 24
5.149.6.0/24 maxlen: 24
5.149.5.0/24 maxlen: 24
2a01:48c0::/32 maxlen: 32
2a01:48c0:200::/40 maxlen: 40
2a01:48c0:100::/40 maxlen: 40
2a01:48c0::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32479247 (0x1ef980f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Validity
Not Before: Jan 1 03:53:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=381bfbe335d7086d25564c71cb079e2b72af3dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e6:ab:05:ab:4c:4d:0e:2e:53:9d:d5:55:08:
9c:28:ad:c4:15:23:19:54:35:cd:bf:95:7a:e0:48:
a6:76:0e:92:74:66:08:1e:4f:77:7b:ae:e7:e8:8b:
46:20:5d:9c:d5:ac:8c:a3:09:37:2f:5b:f4:48:18:
43:2f:e8:57:00:6c:6c:58:b8:aa:f9:e9:02:f1:54:
cf:0b:30:58:38:7e:e6:1b:99:74:72:71:2a:35:84:
3d:49:b9:9c:37:eb:44:8b:74:56:e0:c6:0f:94:47:
36:c8:b5:c9:9c:46:21:f5:2a:e8:40:94:52:fd:ca:
c1:d4:f3:51:e1:7b:77:39:55:9b:c0:d4:30:93:a6:
b2:97:79:46:8d:49:03:0f:d2:a4:c8:d3:0d:3c:f4:
0f:74:72:c5:f1:c5:c3:48:1b:30:db:43:80:23:b6:
e2:f8:5c:da:7c:0a:45:06:00:7f:75:2d:2a:bd:39:
a0:49:6e:1a:95:31:31:88:f1:37:81:75:76:81:c1:
4d:ce:d6:2e:51:15:44:fb:95:2e:df:32:1a:ef:35:
96:e8:28:03:38:76:f7:60:1f:5c:99:6a:af:50:c0:
71:1c:ea:92:c0:07:6b:2c:c0:ef:df:84:79:a4:fb:
9f:c7:c2:70:02:50:5e:12:97:0b:3b:a7:d5:f7:79:
bd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1B:FB:E3:35:D7:08:6D:25:56:4C:71:CB:07:9E:2B:72:AF:3D:CD
X509v3 Authority Key Identifier:
keyid:AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/OBv74zXXCG0lVkxxyweeK3KvPc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.0.0/21
185.122.48.0/22
194.126.144.0/23
IPv6:
2a01:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
78:1e:e7:b9:4f:49:b9:ef:25:bf:ab:5b:b0:ae:04:bc:16:1f:
7e:cd:2f:92:2a:03:28:73:60:ac:bc:32:28:af:45:55:c8:6d:
d6:9c:10:a1:28:bd:00:9e:91:a5:c6:46:5e:57:32:82:74:10:
1b:42:6c:aa:fa:bd:0f:b8:fb:5a:95:c4:38:43:34:32:48:8f:
8b:95:e0:f5:7b:2f:d4:b7:1c:f7:dd:1c:9a:18:a6:cb:ce:ff:
a3:a8:48:49:7f:69:a6:43:94:f0:60:24:31:30:42:cd:ce:fd:
c0:3f:da:80:3e:9c:0c:f1:4a:21:8f:ca:68:51:07:14:58:ec:
a0:fa:d1:98:da:8b:6b:af:ff:30:8e:9a:39:c4:e6:51:5e:05:
31:ef:21:a5:6b:a0:78:1a:d7:1e:bf:29:98:b3:42:4b:59:9b:
14:89:a0:64:90:6f:35:90:ad:20:6e:45:d5:ad:f7:47:81:97:
e0:7b:0b:28:24:b8:5e:00:49:d0:6b:11:1b:be:2e:98:a3:bb:
42:94:c9:ba:1e:52:bd:df:08:4a:22:86:f3:b0:da:fd:38:31:
84:ce:71:57:ff:a3:52:3e:f4:32:8e:34:87:9e:7a:6b:e7:be:
38:72:92:8c:3c:ed:ca:63:37:5c:6e:9c:ef:bb:b3:84:07:47:
f5:66:76:35
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEAe+YDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjMwOTIxZDI4Yzc4ZWRlODE4NDJmNzEyZTZjZjcyYmRlNWE2MDgwMB4XDTIyMDEw
MTAzNTMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzgxYmZiZTMzNWQ3
MDg2ZDI1NTY0YzcxY2IwNzllMmI3MmFmM2RjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLmqwWrTE0OLlOd1VUInCitxBUjGVQ1zb+VeuBIpnYOknRm
CB5Pd3uu5+iLRiBdnNWsjKMJNy9b9EgYQy/oVwBsbFi4qvnpAvFUzwswWDh+5huZ
dHJxKjWEPUm5nDfrRIt0VuDGD5RHNsi1yZxGIfUq6ECUUv3KwdTzUeF7dzlVm8DU
MJOmspd5Ro1JAw/SpMjTDTz0D3RyxfHFw0gbMNtDgCO24vhc2nwKRQYAf3UtKr05
oEluGpUxMYjxN4F1doHBTc7WLlEVRPuVLt8yGu81lugoAzh292AfXJlqr1DAcRzq
ksAHayzA79+EeaT7n8fCcAJQXhKXCzun1fd5vZUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQ4G/vjNdcIbSVWTHHLB54rcq89zTAfBgNVHSMEGDAWgBSrMJIdKMeO3oGE
L3EubPcr3lpggDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F6Q1NIU2pIanQ2QmhDOXhMbXozSzk1YVlJQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvM2NkN2ZmLTIwZDItNGNlYy1hZWNhLTM1NDM5OTcyNGIxZS8x
L09Cdjc0elhYQ0cwbFZreHh5d2VlSzNLdlBjMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
M2NkN2ZmLTIwZDItNGNlYy1hZWNhLTM1NDM5OTcyNGIxZS8xL3F6Q1NIU2pIanQ2
QmhDOXhMbXozSzk1YVlJQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAwWVAAMEArl6MAMEAcJ+kDANBAIA
AjAHAwUAKgFIwDANBgkqhkiG9w0BAQsFAAOCAQEAeB7nuU9Jue8lv6tbsK4EvBYf
fs0vkioDKHNgrLwyKK9FVcht1pwQoSi9AJ6RpcZGXlcygnQQG0Jsqvq9D7j7WpXE
OEM0MkiPi5Xg9Xsv1Lcc990cmhimy87/o6hISX9ppkOU8GAkMTBCzc79wD/agD6c
DPFKIY/KaFEHFFjsoPrRmNqLa6//MI6aOcTmUV4FMe8hpWugeBrXHr8pmLNCS1mb
FImgZJBvNZCtIG5F1a33R4GX4HsLKCS4XgBJ0GsRG74umKO7QpTJuh5Svd8ISiKG
87Da/TgxhM5xV/+jUj70Mo40h556a+e+OHKSjDztymM3XG6c77uzhAdH9WZ2NQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:30 2024 by rpki-client on console-ams.rpki-client.org