Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/30a309-b18e-4f27-8e7e-e7b372e4c7c5/1/OcJvIFwZ22jy7qTcmat5xBf3mio.roa
File: OcJvIFwZ22jy7qTcmat5xBf3mio.roa (raw, json)
Hash identifier: 4lVeJZ8FjdtLLDYeiR9sADj2FUe5jdUPyO7SXplqvrQ=
Subject key identifier: 39:C2:6F:20:5C:19:DB:68:F2:EE:A4:DC:99:AB:79:C4:17:F7:9A:2A
Certificate issuer: /CN=5bc1503610bf82d8687b7aefb879a6578704f32a
Certificate serial: 01CC80
Authority key identifier: 5B:C1:50:36:10:BF:82:D8:68:7B:7A:EF:B8:79:A6:57:87:04:F3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W8FQNhC_gthoe3rvuHmmV4cE8yo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/30a309-b18e-4f27-8e7e-e7b372e4c7c5/1/OcJvIFwZ22jy7qTcmat5xBf3mio.roa
Signing time: Fri 20 May 2022 13:32:29 +0000
ROA not before: Fri 20 May 2022 13:32:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199496
IP address blocks: 185.132.140.0/22 maxlen: 24
2a06:e240::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117888 (0x1cc80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bc1503610bf82d8687b7aefb879a6578704f32a
Validity
Not Before: May 20 13:32:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39c26f205c19db68f2eea4dc99ab79c417f79a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d4:e5:31:25:e4:9b:b3:0d:a3:c5:ca:68:5e:
5d:7c:c6:8d:7d:69:c5:3c:9e:fe:2b:d4:2f:59:65:
e2:ec:0a:62:c0:0e:49:b4:12:3e:18:b6:cb:63:27:
83:7f:4f:46:2e:a9:a1:a2:e4:ea:4f:eb:c2:22:51:
fa:26:47:ba:a2:f4:63:a1:70:0a:e9:07:70:65:b2:
40:26:c2:9a:99:15:01:55:37:09:06:12:10:8f:3e:
d3:36:39:33:64:74:7e:bd:55:68:77:66:82:7f:94:
6a:cd:92:3d:7c:46:9e:d4:1a:07:03:c5:29:eb:ab:
c5:fe:ba:ba:b4:1a:9b:4f:95:00:e6:1f:21:d5:29:
60:58:2e:67:2e:70:e6:67:10:49:22:d2:82:e4:79:
b8:bc:62:f9:3d:85:51:fe:7e:d2:2e:d2:00:fc:99:
1b:fc:70:8f:cc:3c:97:4e:db:28:de:e0:01:63:e2:
0c:48:44:7d:6e:b1:38:86:c0:7a:38:ba:04:4a:ce:
93:fe:e6:ac:66:c0:1f:18:c4:d6:ae:35:9e:0e:6b:
5a:12:9d:df:18:a4:fe:37:40:1b:e6:02:01:c6:10:
1f:40:9b:fb:7e:b1:a9:ab:a2:30:29:7a:cf:a2:78:
a6:f4:c3:15:22:3d:51:d2:40:e7:0e:95:7b:41:0a:
e4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C2:6F:20:5C:19:DB:68:F2:EE:A4:DC:99:AB:79:C4:17:F7:9A:2A
X509v3 Authority Key Identifier:
keyid:5B:C1:50:36:10:BF:82:D8:68:7B:7A:EF:B8:79:A6:57:87:04:F3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W8FQNhC_gthoe3rvuHmmV4cE8yo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/30a309-b18e-4f27-8e7e-e7b372e4c7c5/1/OcJvIFwZ22jy7qTcmat5xBf3mio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/30a309-b18e-4f27-8e7e-e7b372e4c7c5/1/W8FQNhC_gthoe3rvuHmmV4cE8yo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.140.0/22
IPv6:
2a06:e240::/29
Signature Algorithm: sha256WithRSAEncryption
65:fd:c9:7c:0d:ae:56:81:03:18:e1:77:b0:28:41:91:78:a4:
04:e1:19:1b:5f:59:d4:fa:06:e9:30:b9:25:b8:49:33:b6:1b:
1c:60:ec:f7:ac:96:e4:1b:bd:35:9a:10:be:12:5f:5c:a7:f8:
1e:64:64:ea:47:da:82:f0:f5:28:4c:bd:b2:1b:d7:c3:a0:0f:
87:f9:9d:8d:8a:99:d2:75:55:5e:7d:95:0f:81:4f:76:2b:d1:
41:08:a9:5a:85:67:bc:c6:49:81:50:fc:ec:af:cb:94:3d:d1:
c2:11:d2:79:6c:82:2d:f1:70:ec:6a:5c:a6:dc:34:36:6b:78:
1f:31:8b:18:20:fc:0d:24:01:e0:28:19:9f:e6:24:e4:06:4b:
e6:a9:b8:02:04:fd:cf:38:88:ed:ed:32:29:f9:c2:67:cb:ef:
8e:5e:02:58:a0:1b:2b:9a:8f:c6:1d:87:04:6a:bc:32:41:29:
b4:d2:db:3f:8e:bb:b3:96:d0:84:39:f6:85:bd:81:13:27:cf:
76:97:50:b3:25:d5:4b:d5:c5:72:6c:09:9b:5b:49:dc:c1:21:
3b:1d:c3:ca:73:3e:75:84:90:07:33:1f:eb:56:fc:d2:f7:4b:
b8:91:e1:93:74:5a:8a:f4:35:bd:74:0f:49:9f:53:12:29:6f:
96:1f:b2:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAcyAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVi
YzE1MDM2MTBiZjgyZDg2ODdiN2FlZmI4NzlhNjU3ODcwNGYzMmEwHhcNMjIwNTIw
MTMzMjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzOWMyNmYyMDVjMTlk
YjY4ZjJlZWE0ZGM5OWFiNzljNDE3Zjc5YTJhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmNTlMSXkm7MNo8XKaF5dfMaNfWnFPJ7+K9QvWWXi7ApiwA5J
tBI+GLbLYyeDf09GLqmhouTqT+vCIlH6Jke6ovRjoXAK6QdwZbJAJsKamRUBVTcJ
BhIQjz7TNjkzZHR+vVVod2aCf5RqzZI9fEae1BoHA8Up66vF/rq6tBqbT5UA5h8h
1SlgWC5nLnDmZxBJItKC5Hm4vGL5PYVR/n7SLtIA/Jkb/HCPzDyXTtso3uABY+IM
SER9brE4hsB6OLoESs6T/uasZsAfGMTWrjWeDmtaEp3fGKT+N0Ab5gIBxhAfQJv7
frGpq6IwKXrPonim9MMVIj1R0kDnDpV7QQrkiQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFDnCbyBcGdto8u6k3JmrecQX95oqMB8GA1UdIwQYMBaAFFvBUDYQv4LYaHt6
77h5pleHBPMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VzhGUU5oQ19ndGhvZTNydnVIbW1WNGNFOHlvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Ny8zMGEzMDktYjE4ZS00ZjI3LThlN2UtZTdiMzcyZTRjN2M1LzEv
T2NKdklGd1oyMmp5N3FUY21hdDV4QmYzbWlvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8z
MGEzMDktYjE4ZS00ZjI3LThlN2UtZTdiMzcyZTRjN2M1LzEvVzhGUU5oQ19ndGhv
ZTNydnVIbW1WNGNFOHlvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYSMMA0EAgACMAcDBQMqBuJAMA0G
CSqGSIb3DQEBCwUAA4IBAQBl/cl8Da5WgQMY4XewKEGReKQE4RkbX1nU+gbpMLkl
uEkzthscYOz3rJbkG701mhC+El9cp/geZGTqR9qC8PUoTL2yG9fDoA+H+Z2NipnS
dVVefZUPgU92K9FBCKlahWe8xkmBUPzsr8uUPdHCEdJ5bIIt8XDsalym3DQ2a3gf
MYsYIPwNJAHgKBmf5iTkBkvmqbgCBP3POIjt7TIp+cJny++OXgJYoBsrmo/GHYcE
arwyQSm00ts/jruzltCEOfaFvYETJ892l1CzJdVL1cVybAmbW0ncwSE7HcPKcz51
hJAHMx/rVvzS90u4keGTdFqK9DW9dA9Jn1MSKW+WH7Kn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:43 2025 by rpki-client