Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/Ifd8DeenNc9y173szC4g5YUJB8U.roa
File: Ifd8DeenNc9y173szC4g5YUJB8U.roa (raw, json)
Hash identifier: MJsbMqU6+4M3zulsDnujdhvuteM2ywrMd73lPgJKH1Y=
Subject key identifier: 21:F7:7C:0D:E7:A7:35:CF:72:D7:BD:EC:CC:2E:20:E5:85:09:07:C5
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 0185724C902196AA338F0AA677C566AFBDA0
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/Ifd8DeenNc9y173szC4g5YUJB8U.roa
Signing time: Mon 02 Jan 2023 11:44:58 +0000
ROA not before: Mon 02 Jan 2023 11:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60268
IP address blocks: 193.19.97.0/24 maxlen: 24
193.19.96.0/24 maxlen: 24
193.19.96.0/23 maxlen: 23
185.97.132.0/22 maxlen: 24
185.97.132.0/23 maxlen: 24
185.97.132.0/24 maxlen: 24
185.97.133.0/24 maxlen: 24
185.97.134.0/23 maxlen: 24
185.97.134.0/24 maxlen: 24
185.97.135.0/24 maxlen: 24
185.33.171.0/24 maxlen: 24
185.33.169.0/24 maxlen: 24
185.33.170.0/23 maxlen: 24
185.33.170.0/24 maxlen: 24
185.33.168.0/23 maxlen: 24
185.33.168.0/24 maxlen: 24
185.33.168.0/22 maxlen: 22
193.19.72.0/24 maxlen: 24
193.19.73.0/24 maxlen: 24
2a00:cee0:dcc::/48 maxlen: 48
2a00:cee6:cafe::/48 maxlen: 48
2a00:cee6::/32 maxlen: 48
2a00:cee0::/32 maxlen: 48
2a00:cee2:dcc::/48 maxlen: 48
2a00:cee6:dcc::/48 maxlen: 48
2a00:cee2::/32 maxlen: 48
2a00:cee3:dcc::/48 maxlen: 48
2a00:cee5::/32 maxlen: 48
2a00:cee5:cafe::/48 maxlen: 48
2a00:cee2:cafe::/48 maxlen: 48
2a00:cee4:dcc::/48 maxlen: 48
2a00:cee0::/29 maxlen: 29
2a00:cee3::/32 maxlen: 48
2a00:cee1:cafe::/48 maxlen: 48
2a00:cee5:dcc::/48 maxlen: 48
2a00:cee4:cafe::/48 maxlen: 48
2a00:cee0:cafe::/48 maxlen: 48
2a00:cee1::/32 maxlen: 48
2a00:cee3:cafe::/48 maxlen: 48
2a00:cee4::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:90:21:96:aa:33:8f:0a:a6:77:c5:66:af:bd:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 2 11:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21f77c0de7a735cf72d7bdeccc2e20e5850907c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:03:f6:1e:5a:85:99:f0:95:81:83:a1:b8:cc:
74:01:e2:86:14:2c:54:03:48:0e:94:b8:bd:64:6d:
c8:27:d2:24:6c:87:c9:d9:87:9a:e9:31:7c:e7:2f:
7d:ba:90:6b:0a:65:03:d3:69:30:3a:92:16:75:d5:
ed:79:17:d3:aa:14:d2:ac:a6:95:c8:98:a7:bd:ae:
95:d9:e7:23:a7:c2:34:bc:c0:53:35:bd:58:e5:c6:
7d:b2:6c:09:20:de:89:00:79:65:0c:ce:8e:13:83:
11:96:1c:d3:77:b9:46:a4:c0:40:e6:28:86:9e:ec:
33:38:52:44:15:91:f3:03:09:50:f4:66:0b:47:90:
97:59:63:b0:ec:85:3c:35:f4:8a:27:c0:a7:02:ad:
c0:6a:c7:d5:1c:9a:95:9c:68:9b:c1:8e:71:75:b6:
4f:85:5e:ee:a7:72:ef:4e:ab:43:42:4f:89:59:0e:
92:c7:30:c8:0d:f8:da:3d:f7:52:8c:3a:9c:ae:9d:
f4:ee:1c:a2:a8:fd:d3:2a:ce:5a:f3:c2:e2:06:3b:
a9:48:fb:b7:89:53:30:2b:3f:99:4b:21:c9:4d:f0:
e9:c9:24:44:d0:bb:6d:cc:15:61:6c:9b:b4:2c:49:
af:c2:66:8c:80:e0:c0:e5:0f:cd:df:ac:ef:ef:a6:
98:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F7:7C:0D:E7:A7:35:CF:72:D7:BD:EC:CC:2E:20:E5:85:09:07:C5
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/Ifd8DeenNc9y173szC4g5YUJB8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.168.0/22
185.97.132.0/22
193.19.72.0/23
193.19.96.0/23
IPv6:
2a00:cee0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:5e:72:81:19:cf:4a:99:00:4d:a4:3f:bd:cb:85:45:27:88:
d9:21:d5:d5:19:a9:ea:9c:1f:69:36:da:31:07:79:5b:0a:7c:
fd:3e:5a:96:8e:e5:6b:88:78:96:aa:ad:f1:c0:74:55:3d:af:
f7:61:af:2f:92:1e:3b:2a:0e:9b:f7:11:24:b6:28:68:f5:67:
07:4b:ca:7a:34:3e:8e:9e:a4:e6:8a:f4:48:6b:f7:7b:6c:01:
7f:7d:b8:81:fb:aa:4b:58:0c:d8:f2:b7:f3:8a:6f:8f:83:c7:
2f:64:e9:d2:d8:cf:fd:f5:4f:11:e0:97:01:a1:e8:fe:97:7e:
6b:01:dd:15:34:e8:b6:b0:8f:8f:2b:4d:08:d1:23:93:69:c0:
5f:5c:3f:2e:db:35:8c:49:12:72:36:6c:b5:29:3d:50:28:02:
42:5a:4a:ed:fc:09:39:34:41:78:5c:53:96:6b:58:0b:07:76:
d2:48:65:f0:6e:92:d2:b9:83:97:58:1a:f4:c8:6b:10:ce:99:
72:e2:72:36:e2:d3:01:92:eb:8f:37:44:73:dd:f6:7a:68:fd:
21:30:9d:15:b3:b3:43:5b:40:de:39:4c:dd:d4:b6:16:f3:04:
b9:14:e4:06:57:4f:76:70:85:c3:20:02:97:14:cb:57:69:04:
ca:b9:6d:66
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyTJAhlqozjwqmd8Vmr72gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjMwMTAyMTE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWY3N2MwZGU3YTczNWNmNzJkN2JkZWNjYzJlMjBlNTg1MDkwN2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwP2HlqFmfCVgYOhuMx0AeKGFCxU
A0gOlLi9ZG3IJ9IkbIfJ2Yea6TF85y99upBrCmUD02kwOpIWddXteRfTqhTSrKaV
yJinva6V2ecjp8I0vMBTNb1Y5cZ9smwJIN6JAHllDM6OE4MRlhzTd7lGpMBA5iiG
nuwzOFJEFZHzAwlQ9GYLR5CXWWOw7IU8NfSKJ8CnAq3AasfVHJqVnGibwY5xdbZP
hV7up3LvTqtDQk+JWQ6SxzDIDfjaPfdSjDqcrp307hyiqP3TKs5a88LiBjupSPu3
iVMwKz+ZSyHJTfDpySRE0LttzBVhbJu0LEmvwmaMgODA5Q/N36zv76aYowIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCH3fA3npzXPcte97MwuIOWFCQfFMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvSWZkOERlZW5OYzl5MTczc3pDNGc1WVVKQjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSGoAwQC
uWGEAwQBwRNIAwQBwRNgMA0EAgACMAcDBQMqAM7gMA0GCSqGSIb3DQEBCwUAA4IB
AQBvXnKBGc9KmQBNpD+9y4VFJ4jZIdXVGanqnB9pNtoxB3lbCnz9PlqWjuVriHiW
qq3xwHRVPa/3Ya8vkh47Kg6b9xEktiho9WcHS8p6ND6OnqTmivRIa/d7bAF/fbiB
+6pLWAzY8rfzim+Pg8cvZOnS2M/99U8R4JcBoej+l35rAd0VNOi2sI+PK00I0SOT
acBfXD8u2zWMSRJyNmy1KT1QKAJCWkrt/Ak5NEF4XFOWa1gLB3bSSGXwbpLSuYOX
WBr0yGsQzply4nI24tMBkuuPN0Rz3fZ6aP0hMJ0Vs7NDW0DeOUzd1LYW8wS5FOQG
V092cIXDIAKXFMtXaQTKuW1m
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:12 2025 by rpki-client