Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/oKPNPmtOcoBlWSpw7aK4ikXgBuk.roa
File: oKPNPmtOcoBlWSpw7aK4ikXgBuk.roa (raw, json)
Hash identifier: rAr7fcbc0XrCWc6kYxczWC85dwYJL2qXpCiD0VsUD/k=
Subject key identifier: A0:A3:CD:3E:6B:4E:72:80:65:59:2A:70:ED:A2:B8:8A:45:E0:06:E9
Certificate issuer: /CN=ee4381ce03baa625019980f378fe41bb2b6621b9
Certificate serial: 07887BBE
Authority key identifier: EE:43:81:CE:03:BA:A6:25:01:99:80:F3:78:FE:41:BB:2B:66:21:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7kOBzgO6piUBmYDzeP5BuytmIbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/oKPNPmtOcoBlWSpw7aK4ikXgBuk.roa
Signing time: Sat 01 Jan 2022 01:56:07 +0000
ROA not before: Sat 01 Jan 2022 01:56:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15924
IP address blocks: 31.177.191.0/24 maxlen: 24
149.0.76.0/24 maxlen: 24
46.221.0.0/18 maxlen: 18
46.221.4.0/24 maxlen: 24
46.221.2.0/24 maxlen: 24
46.221.7.0/24 maxlen: 24
46.221.6.0/24 maxlen: 24
46.221.16.0/24 maxlen: 24
46.221.15.0/24 maxlen: 24
46.221.24.0/24 maxlen: 24
46.221.18.0/24 maxlen: 24
46.221.28.0/24 maxlen: 24
46.221.27.0/24 maxlen: 24
46.221.31.0/24 maxlen: 24
46.221.26.0/24 maxlen: 24
46.221.30.0/24 maxlen: 24
46.221.25.0/24 maxlen: 24
46.221.29.0/24 maxlen: 24
46.221.36.0/24 maxlen: 24
46.221.32.0/24 maxlen: 24
46.221.35.0/24 maxlen: 24
46.221.34.0/24 maxlen: 24
46.221.38.0/24 maxlen: 24
46.221.37.0/24 maxlen: 24
46.221.33.0/24 maxlen: 24
46.221.40.0/24 maxlen: 24
46.221.39.0/24 maxlen: 24
46.221.51.0/24 maxlen: 24
46.221.47.0/24 maxlen: 24
46.221.49.0/24 maxlen: 24
46.221.45.0/24 maxlen: 24
46.221.56.0/24 maxlen: 24
46.221.60.0/24 maxlen: 24
46.221.59.0/24 maxlen: 24
46.221.63.0/24 maxlen: 24
46.221.62.0/24 maxlen: 24
46.221.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126385086 (0x7887bbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee4381ce03baa625019980f378fe41bb2b6621b9
Validity
Not Before: Jan 1 01:56:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0a3cd3e6b4e728065592a70eda2b88a45e006e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cf:0d:95:39:0b:98:c8:29:47:9c:59:5a:28:
da:a1:a7:f2:48:4a:63:dd:96:02:55:d9:08:41:23:
72:43:e4:5b:9e:83:2b:24:85:68:61:13:4e:b4:80:
29:cd:67:27:e1:10:41:fa:94:ea:e7:41:a5:d7:19:
eb:20:a7:c5:90:3d:98:c1:8a:bf:78:f3:b3:c3:0b:
84:f7:06:b3:34:fe:d9:9b:da:d9:1b:b8:10:89:dc:
74:74:b8:b4:9c:d4:a6:d0:9e:66:ef:b7:b2:58:3d:
74:c7:9b:cb:39:10:61:6d:7b:2a:6b:54:94:da:a9:
b6:f3:25:b5:83:28:df:01:5d:fe:79:de:e2:b1:5f:
2b:cb:b8:6d:de:b0:ed:c7:00:37:f2:1b:c8:c0:60:
38:26:2e:87:d5:20:16:06:6c:f5:45:c2:7a:14:21:
b0:05:d0:2b:af:24:46:6b:64:ba:24:67:3c:18:0a:
b8:ab:13:32:5f:e5:ae:a9:58:0a:56:b2:eb:d2:a0:
58:fd:e6:28:f2:e4:b6:a7:0d:3e:b8:a6:50:5f:be:
84:bc:11:91:c9:ee:34:a4:03:26:57:30:5c:0e:8a:
54:32:a6:4f:b5:5e:8f:f4:68:7c:3b:54:97:12:3b:
a0:54:9c:8f:9a:04:08:57:86:4e:c9:90:01:1e:57:
4b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A3:CD:3E:6B:4E:72:80:65:59:2A:70:ED:A2:B8:8A:45:E0:06:E9
X509v3 Authority Key Identifier:
keyid:EE:43:81:CE:03:BA:A6:25:01:99:80:F3:78:FE:41:BB:2B:66:21:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7kOBzgO6piUBmYDzeP5BuytmIbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/oKPNPmtOcoBlWSpw7aK4ikXgBuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/7kOBzgO6piUBmYDzeP5BuytmIbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.191.0/24
46.221.0.0/18
149.0.76.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:f1:84:43:38:ab:37:40:3c:66:72:6b:73:5c:3b:8b:06:3c:
14:44:20:1a:c2:6d:fc:b0:34:79:f9:37:bf:89:43:d6:0d:69:
50:36:15:5f:f6:a7:d0:10:44:36:37:c0:ed:bb:5a:67:4d:ae:
fd:c1:d8:79:09:24:ef:c5:ed:69:8b:0f:77:93:ec:99:14:f2:
91:cf:84:e5:2c:f3:e5:78:2f:0b:86:33:93:e7:21:d0:e4:ae:
80:cb:94:ec:5d:29:28:5b:1c:a9:4b:9e:ae:82:7e:2f:10:76:
49:9d:2e:ea:33:9f:f0:8e:d0:0b:67:cf:e0:f7:2d:b8:14:b3:
e7:da:dc:ef:a3:7b:f6:87:03:d7:58:b7:cc:65:87:c3:60:9d:
db:e3:64:36:e1:17:0b:75:11:eb:e6:10:3d:28:97:eb:f6:6c:
c5:cb:01:e5:23:e8:62:03:bb:d2:c2:71:9d:0d:32:00:62:8a:
d2:bb:86:ef:0b:a1:b8:a1:65:41:b5:de:5c:ca:36:2f:3b:b1:
3a:66:ee:09:3c:cb:30:bc:7c:6c:a4:11:5c:a1:1b:d5:e3:34:
cc:53:ec:66:be:b4:19:b1:2e:e7:c1:f6:94:6d:24:d1:b7:5b:
34:d4:71:37:e9:56:7d:15:85:a0:80:7b:07:1e:db:99:76:a0:
53:39:92:6a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEB4h7vjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZTQzODFjZTAzYmFhNjI1MDE5OTgwZjM3OGZlNDFiYjJiNjYyMWI5MB4XDTIyMDEw
MTAxNTYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBhM2NkM2U2YjRl
NzI4MDY1NTkyYTcwZWRhMmI4OGE0NWUwMDZlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnPDZU5C5jIKUecWVoo2qGn8khKY92WAlXZCEEjckPkW56D
KySFaGETTrSAKc1nJ+EQQfqU6udBpdcZ6yCnxZA9mMGKv3jzs8MLhPcGszT+2Zva
2Ru4EIncdHS4tJzUptCeZu+3slg9dMebyzkQYW17KmtUlNqptvMltYMo3wFd/nne
4rFfK8u4bd6w7ccAN/IbyMBgOCYuh9UgFgZs9UXCehQhsAXQK68kRmtkuiRnPBgK
uKsTMl/lrqlYClay69KgWP3mKPLktqcNPrimUF++hLwRkcnuNKQDJlcwXA6KVDKm
T7Vej/RofDtUlxI7oFScj5oECFeGTsmQAR5XS0sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSgo80+a05ygGVZKnDtoriKReAG6TAfBgNVHSMEGDAWgBTuQ4HOA7qmJQGZ
gPN4/kG7K2YhuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdrT0J6Z082cGlVQm1ZRHplUDVCdXl0bUliay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvNWVhMTJiLTUxYzYtNDE5NS1hZWI2LWMxYWRkZDdkZWJhYS8x
L29LUE5QbXRPY29CbFdTcHc3YUs0aWtYZ0J1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
NWVhMTJiLTUxYzYtNDE5NS1hZWI2LWMxYWRkZDdkZWJhYS8xLzdrT0J6Z082cGlV
Qm1ZRHplUDVCdXl0bUliay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAB+xvwMEBi7dAAMEAJUATDANBgkq
hkiG9w0BAQsFAAOCAQEAjPGEQzirN0A8ZnJrc1w7iwY8FEQgGsJt/LA0efk3v4lD
1g1pUDYVX/an0BBENjfA7btaZ02u/cHYeQkk78XtaYsPd5PsmRTykc+E5Szz5Xgv
C4Yzk+ch0OSugMuU7F0pKFscqUueroJ+LxB2SZ0u6jOf8I7QC2fP4PctuBSz59rc
76N79ocD11i3zGWHw2Cd2+NkNuEXC3UR6+YQPSiX6/ZsxcsB5SPoYgO70sJxnQ0y
AGKK0ruG7wuhuKFlQbXeXMo2LzuxOmbuCTzLMLx8bKQRXKEb1eM0zFPsZr60GbEu
58H2lG0k0bdbNNRxN+lWfRWFoIB7Bx7bmXagUzmSag==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:25 2023 by rpki-client on console-fra.rpki-client.org