Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/oOrxeZaz6KySWe3CQchmzlD0vUc.roa
File: oOrxeZaz6KySWe3CQchmzlD0vUc.roa (raw, json)
Hash identifier: EEL4Pcco2To6DNHOw61esvadCgl/N11CL32KY22sULM=
Subject key identifier: A0:EA:F1:79:96:B3:E8:AC:92:59:ED:C2:41:C8:66:CE:50:F4:BD:47
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 018CA271D5F92088B04BAFB3DD40D90E122B
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/oOrxeZaz6KySWe3CQchmzlD0vUc.roa
Signing time: Mon 25 Dec 2023 19:26:58 +0000
ROA not before: Mon 25 Dec 2023 19:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 103.246.248.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
46.229.243.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
2a12:3200:3000::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a2:71:d5:f9:20:88:b0:4b:af:b3:dd:40:d9:0e:12:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Dec 25 19:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0eaf17996b3e8ac9259edc241c866ce50f4bd47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ad:74:b7:d6:f7:81:4c:87:66:88:cb:07:68:
ec:e1:c6:f0:96:93:80:74:8c:19:64:03:78:83:28:
23:e5:e0:13:e1:88:75:c1:b5:3f:97:80:fa:a2:13:
c2:e8:bd:cd:de:9c:c8:80:63:f6:0a:a0:71:a7:8b:
92:f6:11:f6:15:71:1f:c9:08:0f:4e:1a:b3:4d:45:
a3:aa:04:75:57:15:f1:79:ca:34:bc:54:4d:b5:d1:
18:ec:e2:54:a3:cc:81:80:23:8a:96:8e:ab:c3:14:
38:be:58:5f:68:bb:04:b6:a9:98:61:32:d0:fb:55:
69:61:f6:20:b5:42:20:b2:9f:8d:ad:5b:ff:7c:1a:
3c:20:02:70:b1:45:4e:78:62:d4:e9:40:7b:91:0e:
8a:45:27:bf:a0:87:78:1f:4d:2e:20:53:f4:73:3c:
73:98:cf:2d:89:31:fa:7b:22:c4:7b:94:23:2b:5b:
d9:a0:2f:27:6d:b3:fe:7c:38:b9:18:63:b2:47:1c:
ce:49:34:e9:8a:6a:31:87:00:39:e5:10:c2:96:91:
2e:9e:6a:86:a6:52:bd:f3:e7:d6:d1:0a:b2:89:8c:
9c:da:ed:cc:fc:0f:fd:fb:eb:65:28:d4:28:13:3c:
82:11:a9:da:ed:ca:89:4f:7c:88:d7:ad:c9:b8:d3:
6c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:EA:F1:79:96:B3:E8:AC:92:59:ED:C2:41:C8:66:CE:50:F4:BD:47
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/oOrxeZaz6KySWe3CQchmzlD0vUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
103.112.171.0/24
103.246.248.0/24
185.104.63.0/24
195.74.93.0/24
IPv6:
2a12:3200::-2a12:3200:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
e5:79:88:50:64:c5:5f:61:91:27:8b:a9:3d:d2:05:69:42:c0:
fd:1e:6c:22:d5:00:e9:98:05:2e:39:06:ac:df:b8:1f:fd:49:
a5:52:2c:4f:d5:c8:c5:4d:79:56:37:8c:51:70:72:d8:c2:9d:
9e:4e:2e:61:9a:d2:7d:4e:62:a9:99:38:21:31:e1:08:91:0e:
b5:9c:6f:ba:9c:16:6c:5c:1d:64:f7:83:ae:bb:96:e9:24:0f:
19:a2:15:1d:30:83:b7:74:05:73:7d:c9:36:96:b1:26:a9:a8:
ca:e7:9c:b0:10:c4:59:f0:3b:0d:f6:90:de:a2:e9:3c:96:8e:
78:cb:57:26:74:9a:61:55:67:35:51:1f:7b:48:5d:8e:9d:bb:
41:74:7a:03:3b:84:b8:2b:12:06:9d:3b:3c:92:2f:4c:4a:4d:
f5:60:cd:6b:00:05:e3:f4:2a:15:e8:6c:13:e8:43:77:97:7d:
50:df:0c:02:23:92:a5:06:ca:d2:9d:b9:44:82:9a:20:89:f9:
f9:4e:0a:d7:31:7d:ae:64:5c:f0:09:9c:f2:b5:8e:4f:af:40:
75:11:76:ac:d2:39:04:57:13:27:19:14:da:c1:35:82:63:ed:
3c:d1:22:2e:c7:7c:88:39:09:f2:75:4b:c9:30:57:c0:84:36:
73:8c:38:a2
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYyicdX5IIiwS6+z3UDZDhIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjMxMjI1MTkyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGVhZjE3OTk2YjNlOGFjOTI1OWVkYzI0MWM4NjZjZTUwZjRiZDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK10t9b3gUyHZojLB2js4cbwlpOA
dIwZZAN4gygj5eAT4Yh1wbU/l4D6ohPC6L3N3pzIgGP2CqBxp4uS9hH2FXEfyQgP
ThqzTUWjqgR1VxXxeco0vFRNtdEY7OJUo8yBgCOKlo6rwxQ4vlhfaLsEtqmYYTLQ
+1VpYfYgtUIgsp+NrVv/fBo8IAJwsUVOeGLU6UB7kQ6KRSe/oId4H00uIFP0czxz
mM8tiTH6eyLEe5QjK1vZoC8nbbP+fDi5GGOyRxzOSTTpimoxhwA55RDClpEunmqG
plK98+fW0QqyiYyc2u3M/A/9++tlKNQoEzyCEana7cqJT3yI163JuNNs+wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKDq8XmWs+isklntwkHIZs5Q9L1HMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvb09yeGVaYXo2S3lTV2UzQ1FjaG16bEQwdlVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBCBAIAATA8AwQALuXzAwQA
LuX7AwQALuX9AwQATUp7AwQAU+U9AwQAVcxrAwQAZ3CrAwQAZ/b4AwQAuWg/AwQA
w0pdMBYEAgACMBAwDgMEASoSMgMGBCoSMgBAMA0GCSqGSIb3DQEBCwUAA4IBAQDl
eYhQZMVfYZEni6k90gVpQsD9Hmwi1QDpmAUuOQas37gf/UmlUixP1cjFTXlWN4xR
cHLYwp2eTi5hmtJ9TmKpmTghMeEIkQ61nG+6nBZsXB1k94Ouu5bpJA8ZohUdMIO3
dAVzfck2lrEmqajK55ywEMRZ8DsN9pDeouk8lo54y1cmdJphVWc1UR97SF2OnbtB
dHoDO4S4KxIGnTs8ki9MSk31YM1rAAXj9CoV6GwT6EN3l31Q3wwCI5KlBsrSnblE
gpogifn5TgrXMX2uZFzwCZzytY5Pr0B1EXas0jkEVxMnGRTawTWCY+080SIux3yI
OQnydUvJMFfAhDZzjDii
-----END CERTIFICATE-----
Generated at Thu Apr 10 20:18:34 2025 by rpki-client