Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/O-J0ZY7pcEVaROf7RjQONFWO3Hg.roa
File: O-J0ZY7pcEVaROf7RjQONFWO3Hg.roa (raw, json)
Hash identifier: l6i/OTZZEjOLl75MuOlRV8OHOiIFIMaRaSd5ZUfMoRU=
Subject key identifier: 3B:E2:74:65:8E:E9:70:45:5A:44:E7:FB:46:34:0E:34:55:8E:DC:78
Certificate issuer: /CN=9ff3396374cbf5d767125f02dcf0f97296323092
Certificate serial: 01856EB8FC8945D752137D9B29BDDB3A1D6A
Authority key identifier: 9F:F3:39:63:74:CB:F5:D7:67:12:5F:02:DC:F0:F9:72:96:32:30:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/O-J0ZY7pcEVaROf7RjQONFWO3Hg.roa
Signing time: Sun 01 Jan 2023 19:04:55 +0000
ROA not before: Sun 01 Jan 2023 19:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59890
IP address blocks: 147.78.248.0/22 maxlen: 22
194.208.176.0/21 maxlen: 21
185.67.172.0/22 maxlen: 22
185.251.200.0/22 maxlen: 22
194.208.128.0/19 maxlen: 19
2a05:1140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:fc:89:45:d7:52:13:7d:9b:29:bd:db:3a:1d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff3396374cbf5d767125f02dcf0f97296323092
Validity
Not Before: Jan 1 19:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3be274658ee970455a44e7fb46340e34558edc78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:24:3e:c5:79:ce:53:06:64:c6:89:38:64:d5:
6c:77:45:d9:ff:e5:11:2e:53:90:84:94:4a:63:89:
60:ad:76:2e:4f:5b:e1:c7:87:31:e2:ec:a4:73:87:
30:a1:8a:05:95:80:61:05:83:dd:78:33:e8:e6:47:
f3:c5:5a:88:a4:d7:c8:94:61:4e:bb:f6:5f:63:52:
9d:e9:b2:eb:36:75:56:6e:1c:6d:e1:58:65:49:54:
fe:32:db:c6:ed:fa:5e:74:2a:9e:3d:7f:5e:19:05:
e3:c6:53:cf:02:17:1e:78:4f:5c:53:9d:0b:7c:49:
39:c9:c2:ff:80:39:91:cb:2b:5b:dc:ed:7f:03:5d:
31:a9:9b:15:70:41:cd:8e:63:46:1e:c0:b8:85:ac:
7e:55:35:dd:d7:4a:e3:ea:05:ad:be:20:f3:73:c1:
90:91:24:26:5a:f2:38:12:21:cd:ca:4c:6e:70:d5:
19:82:71:df:f6:25:3f:d2:9b:b9:a5:1d:82:31:56:
55:b9:47:b9:f3:9c:28:7b:f0:bc:16:97:8d:3f:c5:
da:49:c6:44:c5:dd:80:21:65:68:7d:b0:2a:f2:eb:
18:53:ed:b9:dc:a9:a2:d7:a2:87:4a:f7:18:ed:45:
9f:01:0e:f1:59:65:d9:b4:c4:a3:b0:03:0c:19:5f:
5a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E2:74:65:8E:E9:70:45:5A:44:E7:FB:46:34:0E:34:55:8E:DC:78
X509v3 Authority Key Identifier:
keyid:9F:F3:39:63:74:CB:F5:D7:67:12:5F:02:DC:F0:F9:72:96:32:30:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/O-J0ZY7pcEVaROf7RjQONFWO3Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.248.0/22
185.67.172.0/22
185.251.200.0/22
194.208.128.0/19
194.208.176.0/21
IPv6:
2a05:1140::/29
Signature Algorithm: sha256WithRSAEncryption
c7:02:13:bf:4d:1b:51:98:c2:41:de:36:b8:2c:33:d2:cc:03:
dc:a2:b6:51:72:80:1c:db:58:1b:7c:b6:b5:47:b0:c3:73:c2:
08:3b:d4:25:2e:71:69:f4:89:96:81:41:bd:4e:54:69:b7:11:
df:99:31:0b:47:0d:06:5f:6c:54:e5:a9:ac:a0:c2:b6:7d:d3:
d4:d7:e7:1e:27:38:f7:21:ec:ff:d1:d1:f1:34:54:a4:8c:e0:
08:24:38:8e:7a:40:e1:80:03:c4:9a:52:ec:e9:b3:81:61:0f:
e5:fe:01:35:7b:cb:12:ab:78:cc:a1:ad:91:de:d3:fa:5b:94:
6c:32:57:79:c2:e3:10:67:c2:ab:56:43:d6:3c:ad:ce:00:8d:
1a:a2:f9:c9:32:51:19:5f:c0:6b:5b:48:95:87:17:46:6a:c2:
04:7a:a7:fa:42:f1:6c:61:06:1e:6b:f9:b5:87:bb:c7:dc:2e:
02:0d:41:a3:a9:1f:1d:f1:c5:1e:9d:a6:e1:7e:ea:54:53:d1:
41:0f:b3:2e:27:84:3a:6c:27:d2:1b:f2:1b:0c:b7:3f:31:94:
3a:55:1d:5d:f6:86:ce:70:8e:0e:30:92:9f:5d:5f:49:cd:3c:
f8:6a:47:e9:94:ac:6c:c9:54:c8:a4:01:0a:1c:f0:9e:d3:21:
7a:ee:44:7c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVuuPyJRddSE32bKb3bOh1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjMzOTYzNzRjYmY1ZDc2NzEyNWYwMmRjZjBmOTcyOTYz
MjMwOTIwHhcNMjMwMTAxMTkwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmUyNzQ2NThlZTk3MDQ1NWE0NGU3ZmI0NjM0MGUzNDU1OGVkYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiQ+xXnOUwZkxok4ZNVsd0XZ/+UR
LlOQhJRKY4lgrXYuT1vhx4cx4uykc4cwoYoFlYBhBYPdeDPo5kfzxVqIpNfIlGFO
u/ZfY1Kd6bLrNnVWbhxt4VhlSVT+MtvG7fpedCqePX9eGQXjxlPPAhceeE9cU50L
fEk5ycL/gDmRyytb3O1/A10xqZsVcEHNjmNGHsC4hax+VTXd10rj6gWtviDzc8GQ
kSQmWvI4EiHNykxucNUZgnHf9iU/0pu5pR2CMVZVuUe585woe/C8FpeNP8XaScZE
xd2AIWVofbAq8usYU+253Kmi16KHSvcY7UWfAQ7xWWXZtMSjsAMMGV9aHwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDvidGWO6XBFWkTn+0Y0DjRVjtx4MB8GA1UdIwQY
MBaAFJ/zOWN0y/XXZxJfAtzw+XKWMjCSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9NNVkzVEw5ZGRuRWw4QzNQRDVjcFl5TUpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zMTYwMjAtOWZjNS00YjdjLWFlNDEt
ZTk1NTQ0ODNmZmE3LzEvTy1KMFpZN3BjRVZhUk9mN1JqUU9ORldPM0hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zMTYwMjAtOWZjNS00YjdjLWFlNDEtZTk1NTQ0ODNmZmE3
LzEvbl9NNVkzVEw5ZGRuRWw4QzNQRDVjcFl5TUpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCk074AwQC
uUOsAwQCufvIAwQFwtCAAwQDwtCwMA0EAgACMAcDBQMqBRFAMA0GCSqGSIb3DQEB
CwUAA4IBAQDHAhO/TRtRmMJB3ja4LDPSzAPcorZRcoAc21gbfLa1R7DDc8IIO9Ql
LnFp9ImWgUG9TlRptxHfmTELRw0GX2xU5amsoMK2fdPU1+ceJzj3Iez/0dHxNFSk
jOAIJDiOekDhgAPEmlLs6bOBYQ/l/gE1e8sSq3jMoa2R3tP6W5RsMld5wuMQZ8Kr
VkPWPK3OAI0aovnJMlEZX8BrW0iVhxdGasIEeqf6QvFsYQYea/m1h7vH3C4CDUGj
qR8d8cUenabhfupUU9FBD7MuJ4Q6bCfSG/IbDLc/MZQ6VR1d9obOcI4OMJKfXV9J
zTz4akfplKxsyVTIpAEKHPCe0yF67kR8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:09 2025 by rpki-client