Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/oTeWL4oB2jpVqEhwjMP-jrNCWbQ.roa
File: oTeWL4oB2jpVqEhwjMP-jrNCWbQ.roa (raw, json)
Hash identifier: +NyNPrF/CF4g4DJFn8h/4S9uYmL5Bi74q0yryUX+6J8=
Subject key identifier: A1:37:96:2F:8A:01:DA:3A:55:A8:48:70:8C:C3:FE:8E:B3:42:59:B4
Certificate issuer: /CN=586936266e980dd203b2cbeb1c9c4570604b911b
Certificate serial: 0187083AD9C7F12A8F8B3BA181C399B1BC9D
Authority key identifier: 58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/oTeWL4oB2jpVqEhwjMP-jrNCWbQ.roa
Signing time: Wed 22 Mar 2023 07:31:27 +0000
ROA not before: Wed 22 Mar 2023 07:31:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49628
IP address blocks: 185.46.176.0/22 maxlen: 22
193.176.215.0/24 maxlen: 24
78.40.106.0/24 maxlen: 24
78.40.107.0/24 maxlen: 24
193.176.214.0/24 maxlen: 24
5.187.9.0/24 maxlen: 24
5.187.10.0/24 maxlen: 24
5.187.8.0/24 maxlen: 24
5.187.8.0/21 maxlen: 21
5.187.11.0/24 maxlen: 24
193.176.212.0/24 maxlen: 24
193.176.212.0/22 maxlen: 22
78.40.104.0/24 maxlen: 24
78.40.104.0/22 maxlen: 22
193.176.213.0/24 maxlen: 24
78.40.105.0/24 maxlen: 24
185.168.224.0/24 maxlen: 24
185.168.224.0/22 maxlen: 22
185.168.225.0/24 maxlen: 24
185.168.226.0/24 maxlen: 24
185.168.227.0/24 maxlen: 24
37.75.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:3a:d9:c7:f1:2a:8f:8b:3b:a1:81:c3:99:b1:bc:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=586936266e980dd203b2cbeb1c9c4570604b911b
Validity
Not Before: Mar 22 07:31:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a137962f8a01da3a55a848708cc3fe8eb34259b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:93:21:82:e0:1b:69:7e:8c:b0:0d:ee:ea:8a:
98:2e:51:b8:87:bf:2e:14:cc:73:2c:93:f9:bb:6c:
e1:a2:76:87:34:37:f7:44:0b:19:55:58:67:7d:83:
08:fa:70:c2:27:a9:d5:2d:04:50:20:83:0e:b0:62:
9d:0d:f3:a3:bf:a1:d1:f9:e4:39:7a:95:69:84:83:
5c:9d:7f:04:8a:71:04:07:c1:74:0d:a6:d2:e7:14:
52:d4:46:e6:33:09:2f:7e:80:32:80:6c:7b:23:e9:
99:4a:c4:98:35:44:29:0a:0e:21:6a:a2:84:08:35:
35:30:82:06:79:01:19:15:b9:33:f6:53:d2:18:f1:
66:c0:9c:de:a5:fc:98:c6:db:ff:7b:b3:b8:ed:e3:
71:79:85:cf:8f:da:8f:25:20:c9:30:31:68:24:ee:
0f:0d:ba:4f:2a:48:3e:ea:ee:e5:c4:07:9b:3f:c0:
be:e4:4b:20:79:c8:84:f2:97:7f:ee:6f:86:99:df:
78:dc:2b:2b:25:ed:83:f7:e8:33:d0:f7:4b:94:18:
96:ee:f3:b6:cb:01:9e:59:d3:0f:bd:15:d3:f6:9e:
6e:54:9f:94:7a:4c:6a:d7:3c:af:98:29:c3:20:b2:
fd:f5:63:18:14:7a:88:65:b8:2e:21:e0:8f:d4:15:
83:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:37:96:2F:8A:01:DA:3A:55:A8:48:70:8C:C3:FE:8E:B3:42:59:B4
X509v3 Authority Key Identifier:
keyid:58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/oTeWL4oB2jpVqEhwjMP-jrNCWbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/WGk2Jm6YDdIDssvrHJxFcGBLkRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.8.0/21
37.75.128.0/21
78.40.104.0/22
185.46.176.0/22
185.168.224.0/22
193.176.212.0/22
Signature Algorithm: sha256WithRSAEncryption
62:d0:d2:e6:c8:75:45:09:ec:6e:26:a2:73:ee:e8:f2:75:b7:
59:f5:2f:27:0f:5e:2c:4a:08:a7:5f:25:ae:5b:21:13:1c:10:
88:a7:b2:da:2a:2f:10:b7:78:1d:f5:ac:99:b3:1d:0a:c5:d9:
a1:0f:4b:08:96:ae:5b:0c:25:a1:83:7e:5e:33:44:9e:3e:fc:
3f:8c:47:65:8c:82:11:48:9a:eb:19:bc:02:f3:6a:b0:fc:39:
1c:36:f8:3c:8b:a8:a8:aa:58:26:cd:2c:04:3b:0a:24:95:db:
08:c9:6b:5b:81:1d:0a:93:67:06:83:bb:cf:f3:40:7a:06:79:
6b:45:3b:14:08:4d:9d:e0:a7:6c:8a:4a:28:22:96:eb:51:13:
b7:6f:de:72:74:51:50:e7:3d:5f:4b:87:8e:ab:6c:f0:3b:6b:
a3:16:9f:78:e8:e3:ee:a4:78:bd:d6:95:26:93:17:fb:7a:69:
76:71:c4:02:a0:e0:4a:18:ca:98:51:66:b2:e2:b3:33:3f:85:
45:dc:4c:03:36:ac:03:66:64:52:44:8a:49:0b:a0:36:e3:39:
4e:64:4b:85:26:cf:04:85:9c:ec:0d:e6:61:c7:c5:a2:74:e3:
f9:7f:b7:35:6a:5a:0c:92:5d:6d:e3:7e:e1:7f:cd:ab:37:ba:
0d:68:e2:8a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYcIOtnH8SqPizuhgcOZsbydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjkzNjI2NmU5ODBkZDIwM2IyY2JlYjFjOWM0NTcwNjA0
YjkxMWIwHhcNMjMwMzIyMDczMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM3OTYyZjhhMDFkYTNhNTVhODQ4NzA4Y2MzZmU4ZWIzNDI1OWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpMhguAbaX6MsA3u6oqYLlG4h78u
FMxzLJP5u2zhonaHNDf3RAsZVVhnfYMI+nDCJ6nVLQRQIIMOsGKdDfOjv6HR+eQ5
epVphINcnX8EinEEB8F0DabS5xRS1EbmMwkvfoAygGx7I+mZSsSYNUQpCg4haqKE
CDU1MIIGeQEZFbkz9lPSGPFmwJzepfyYxtv/e7O47eNxeYXPj9qPJSDJMDFoJO4P
DbpPKkg+6u7lxAebP8C+5EsgeciE8pd/7m+Gmd943CsrJe2D9+gz0PdLlBiW7vO2
ywGeWdMPvRXT9p5uVJ+Uekxq1zyvmCnDILL99WMYFHqIZbguIeCP1BWD6QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKE3li+KAdo6VahIcIzD/o6zQlm0MB8GA1UdIwQY
MBaAFFhpNiZumA3SA7LL6xycRXBgS5EbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0drMkptNllEZElEc3N2ckhKeEZjR0JMa1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YzY2Y2MtZmE5YS00ZjU4LWFkMjEt
N2RhMTgzZWZmMTE1LzEvb1RlV0w0b0IyanBWcUVod2pNUC1qck5DV2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YzY2Y2MtZmE5YS00ZjU4LWFkMjEtN2RhMTgzZWZmMTE1
LzEvV0drMkptNllEZElEc3N2ckhKeEZjR0JMa1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDBbsIAwQD
JUuAAwQCTihoAwQCuS6wAwQCuajgAwQCwbDUMA0GCSqGSIb3DQEBCwUAA4IBAQBi
0NLmyHVFCexuJqJz7ujydbdZ9S8nD14sSginXyWuWyETHBCIp7LaKi8Qt3gd9ayZ
sx0KxdmhD0sIlq5bDCWhg35eM0SePvw/jEdljIIRSJrrGbwC82qw/DkcNvg8i6io
qlgmzSwEOwokldsIyWtbgR0Kk2cGg7vP80B6BnlrRTsUCE2d4KdsikooIpbrURO3
b95ydFFQ5z1fS4eOq2zwO2ujFp946OPupHi91pUmkxf7eml2ccQCoOBKGMqYUWay
4rMzP4VF3EwDNqwDZmRSRIpJC6A24zlOZEuFJs8EhZzsDeZhx8WidOP5f7c1aloM
kl1t437hf82rN7oNaOKK
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:19:16 2025 by rpki-client