Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/0WM6OcI7gmfX3CKi-2GW1YCAyfg.roa
File: 0WM6OcI7gmfX3CKi-2GW1YCAyfg.roa (raw, json)
Hash identifier: v/U0wnsYYbPSBDn2uSkgrNytK816zv+tta0//pPuA1Q=
Subject key identifier: D1:63:3A:39:C2:3B:82:67:D7:DC:22:A2:FB:61:96:D5:80:80:C9:F8
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 01856CC1783B448395CD7766B79039023298
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/0WM6OcI7gmfX3CKi-2GW1YCAyfg.roa
Signing time: Sun 01 Jan 2023 09:54:56 +0000
ROA not before: Sun 01 Jan 2023 09:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42908
IP address blocks: 80.78.136.0/22 maxlen: 22
188.119.96.0/22 maxlen: 22
80.79.0.0/22 maxlen: 22
94.241.64.0/18 maxlen: 18
78.136.128.0/18 maxlen: 18
2a07:cc80::/29 maxlen: 29
2a0c:8b40::/29 maxlen: 29
2a03:7a00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:78:3b:44:83:95:cd:77:66:b7:90:39:02:32:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Jan 1 09:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1633a39c23b8267d7dc22a2fb6196d58080c9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:13:dd:ae:bc:78:0c:65:14:05:08:48:ae:c5:
1e:f2:c7:53:e8:63:67:c5:e2:00:18:e7:65:fd:84:
9a:51:5f:33:66:10:52:77:bd:cb:14:55:d0:94:da:
59:56:e3:14:96:05:9f:1c:fe:62:64:bd:c9:0b:b2:
04:82:92:3e:db:e3:e8:57:4a:c6:d6:31:16:17:05:
bc:38:61:c8:98:39:28:77:6e:6e:94:62:39:ed:3f:
ed:70:4e:ff:05:0f:c1:93:b2:47:1d:10:dd:6f:b6:
a2:23:ba:a5:23:c1:fd:92:74:a4:95:54:9f:8d:d4:
43:8c:54:d6:9f:de:5f:db:66:f7:8c:58:a3:90:75:
70:ac:4d:ee:2e:6b:3f:4d:67:29:a9:40:13:b5:04:
47:cc:59:b6:b4:85:2b:cf:3a:4e:c9:d0:b8:27:75:
55:ab:00:96:e8:25:8a:ba:25:b8:f5:26:e2:df:1b:
1d:2d:26:eb:52:86:88:cd:d6:c2:52:24:21:65:9a:
ac:05:d1:46:65:55:a1:18:ee:d3:03:0d:ce:fe:46:
a1:24:85:5b:2f:a1:f1:c4:0e:7b:f0:6d:44:7f:2d:
c4:00:5b:7d:81:a2:1f:78:df:b2:2b:1e:38:45:b5:
03:08:bc:03:a5:69:42:8b:4e:4e:1c:7b:72:b8:c7:
ce:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:63:3A:39:C2:3B:82:67:D7:DC:22:A2:FB:61:96:D5:80:80:C9:F8
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/0WM6OcI7gmfX3CKi-2GW1YCAyfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.128.0/18
80.78.136.0/22
80.79.0.0/22
94.241.64.0/18
188.119.96.0/22
IPv6:
2a03:7a00::/32
2a07:cc80::/29
2a0c:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
a5:17:5b:88:c1:5d:17:ba:a6:36:b6:b2:e4:13:c8:22:6a:bd:
25:ec:7a:4f:2a:dc:3c:b1:8b:2f:78:bb:6b:56:f3:90:1b:d2:
8f:11:1a:13:1b:9f:2a:a0:d1:9a:78:a0:6d:d3:a0:7b:d4:ef:
94:8f:11:24:fb:45:f5:07:2b:42:d9:a5:c6:5c:31:55:0e:34:
8c:13:9d:ea:66:1b:86:ba:9f:2d:fa:03:bc:1b:44:80:6e:af:
27:1c:6c:20:11:96:9f:97:76:26:3d:16:df:ad:98:1b:ef:7c:
b2:00:f4:f0:7e:4f:1d:0a:02:6e:05:84:aa:8a:d2:bc:bb:06:
b9:3d:1e:43:2e:ec:27:42:64:fd:fa:5d:77:b3:d1:3c:80:1d:
1d:79:d7:1f:f6:d9:a4:ba:e6:64:13:54:8d:ba:4a:37:74:3b:
a1:1e:4e:06:09:0b:ad:a8:49:2c:d0:1b:20:cb:2e:7e:e3:e1:
98:9b:69:0f:ae:27:95:03:1d:71:62:5b:86:fd:96:63:10:1c:
33:9e:4b:48:06:66:9d:c2:6c:9e:27:35:3a:5e:6e:a8:ac:ac:
06:b2:f1:6f:08:46:75:2b:6e:74:64:7a:12:34:2b:23:36:7d:
33:24:5f:22:a3:47:88:7f:23:e6:c9:c4:65:a5:8e:67:31:e7:
33:b8:c4:8b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVswXg7RIOVzXdmt5A5AjKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjMwMTAxMDk1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTYzM2EzOWMyM2I4MjY3ZDdkYzIyYTJmYjYxOTZkNTgwODBjOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhPdrrx4DGUUBQhIrsUe8sdT6GNn
xeIAGOdl/YSaUV8zZhBSd73LFFXQlNpZVuMUlgWfHP5iZL3JC7IEgpI+2+PoV0rG
1jEWFwW8OGHImDkod25ulGI57T/tcE7/BQ/Bk7JHHRDdb7aiI7qlI8H9knSklVSf
jdRDjFTWn95f22b3jFijkHVwrE3uLms/TWcpqUATtQRHzFm2tIUrzzpOydC4J3VV
qwCW6CWKuiW49Sbi3xsdLSbrUoaIzdbCUiQhZZqsBdFGZVWhGO7TAw3O/kahJIVb
L6HxxA578G1Efy3EAFt9gaIfeN+yKx44RbUDCLwDpWlCi05OHHtyuMfOmQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFNFjOjnCO4Jn19wiovthltWAgMn4MB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvMFdNNk9jSTdnbWZYM0NLaS0yR1cxWUNBeWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQGToiAAwQC
UE6IAwQCUE8AAwQGXvFAAwQCvHdgMBsEAgACMBUDBQAqA3oAAwUDKgfMgAMFAyoM
i0AwDQYJKoZIhvcNAQELBQADggEBAKUXW4jBXRe6pja2suQTyCJqvSXsek8q3Dyx
iy94u2tW85Ab0o8RGhMbnyqg0Zp4oG3ToHvU75SPEST7RfUHK0LZpcZcMVUONIwT
nepmG4a6ny36A7wbRIBuryccbCARlp+XdiY9Ft+tmBvvfLIA9PB+Tx0KAm4FhKqK
0ry7Brk9HkMu7CdCZP36XXez0TyAHR151x/22aS65mQTVI26Sjd0O6EeTgYJC62o
SSzQGyDLLn7j4ZibaQ+uJ5UDHXFiW4b9lmMQHDOeS0gGZp3CbJ4nNTpebqisrAay
8W8IRnUrbnRkehI0KyM2fTMkXyKjR4h/I+bJxGWljmcx5zO4xIs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:57 2025 by rpki-client