Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/okeVZppNI4NDT8VhrMi3iS4WNrk.roa
File: okeVZppNI4NDT8VhrMi3iS4WNrk.roa (raw, json)
Hash identifier: OTcX3nCtJsphPQlqy2MF036x42CDK1f0CGwPQtyZFx8=
Subject key identifier: A2:47:95:66:9A:4D:23:83:43:4F:C5:61:AC:C8:B7:89:2E:16:36:B9
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 01856DE646D1042035A09F22B3D789358A1C
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/okeVZppNI4NDT8VhrMi3iS4WNrk.roa
Signing time: Sun 01 Jan 2023 15:14:46 +0000
ROA not before: Sun 01 Jan 2023 15:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49964
IP address blocks: 109.69.217.16/28 maxlen: 28
62.112.31.0/24 maxlen: 24
62.112.29.0/24 maxlen: 24
46.18.38.0/24 maxlen: 24
46.18.36.0/22 maxlen: 24
46.18.36.0/24 maxlen: 24
46.18.37.0/24 maxlen: 24
46.18.34.0/24 maxlen: 24
46.18.34.0/23 maxlen: 24
46.18.35.0/24 maxlen: 24
46.18.33.0/24 maxlen: 24
46.18.39.0/24 maxlen: 24
185.64.64.0/22 maxlen: 24
85.119.216.0/21 maxlen: 24
109.69.221.192/28 maxlen: 28
185.185.231.0/24 maxlen: 24
185.185.228.0/24 maxlen: 24
185.185.229.0/24 maxlen: 24
109.69.219.0/24 maxlen: 24
109.69.216.0/23 maxlen: 24
109.69.221.0/24 maxlen: 24
109.69.222.0/24 maxlen: 24
109.69.220.0/24 maxlen: 24
37.19.8.0/21 maxlen: 24
2a00:1528::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:46:d1:04:20:35:a0:9f:22:b3:d7:89:35:8a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 1 15:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a24795669a4d2383434fc561acc8b7892e1636b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:55:6c:55:b4:ac:4f:02:43:b4:70:43:1b:e4:
dd:a3:3e:71:a8:f9:61:f8:96:12:17:fc:75:b5:df:
7b:45:1f:39:45:db:16:1c:2d:3e:a2:ed:45:e7:af:
e5:32:47:89:03:88:ea:a1:e4:4a:ab:cc:92:d7:dc:
8c:bb:e7:69:a1:6a:81:85:6f:91:54:3e:d2:aa:58:
c2:a5:86:54:20:6a:c4:e9:3d:89:00:dc:a5:da:e1:
df:87:94:d5:dc:28:39:18:d9:41:56:7f:bc:90:0b:
16:ac:7a:f9:e4:26:cc:5b:9e:4f:bc:6b:b6:83:2e:
4c:0c:16:46:b8:c8:b4:5e:ad:4a:b0:1a:b0:02:f0:
11:83:85:fc:40:27:21:c7:ff:5a:ea:16:91:00:c8:
ad:bf:86:db:67:1c:43:0d:0f:b3:e8:ba:65:13:a6:
6f:ed:07:84:06:a9:08:7c:9f:74:2c:89:1c:60:67:
98:bf:d8:c6:48:d4:ce:f1:c1:be:57:cc:9a:a2:95:
90:a5:90:63:b8:c7:a5:ec:09:1b:08:46:ec:6b:fe:
1c:38:a4:20:45:da:86:19:52:27:93:5c:c1:16:a9:
0e:4e:8a:99:db:9b:b7:d7:a5:00:2b:6e:6a:66:02:
81:cc:b4:66:8d:2c:f4:fd:52:6b:8d:08:67:64:94:
82:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:47:95:66:9A:4D:23:83:43:4F:C5:61:AC:C8:B7:89:2E:16:36:B9
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/okeVZppNI4NDT8VhrMi3iS4WNrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.8.0/21
46.18.33.0-46.18.39.255
62.112.29.0/24
62.112.31.0/24
85.119.216.0/21
109.69.216.0/23
109.69.219.0-109.69.222.255
185.64.64.0/22
185.185.228.0/23
185.185.231.0/24
IPv6:
2a00:1528::/32
Signature Algorithm: sha256WithRSAEncryption
5d:78:94:84:ce:cd:8e:59:f1:5a:2f:46:a7:82:60:78:de:86:
2f:1b:62:8d:df:c3:71:66:5b:71:0e:7c:c4:16:b4:53:c8:e6:
09:91:ae:29:fc:09:16:2a:ef:bc:f5:30:88:37:47:eb:bc:a7:
eb:98:f8:df:ce:71:4b:57:00:f4:0c:75:6a:02:26:7f:8b:9d:
1f:a7:31:7c:24:18:d4:a8:89:9d:8e:a6:61:33:08:85:f9:c2:
08:a2:9b:47:98:f0:a8:ca:cb:ad:f1:5d:b2:08:0b:4d:31:69:
2f:62:e1:bc:ab:c3:ec:94:6d:3a:dd:90:70:87:a8:5c:3a:66:
e6:57:03:d5:41:d0:00:a7:3d:a4:62:66:0d:5c:db:54:24:b9:
be:9a:d8:f4:c7:4a:1b:1f:7b:a1:11:b9:74:61:5b:b4:2f:aa:
31:d0:b0:ad:ee:d9:87:d2:4a:d5:25:eb:db:88:57:84:e0:16:
a5:0c:d5:98:f2:73:5e:6f:15:ca:d9:8d:f1:46:90:21:e8:09:
b4:30:df:86:c8:31:b1:01:ad:2b:d0:7b:53:a3:31:93:a3:82:
09:d9:a7:08:b9:10:ab:7d:8d:a3:43:20:93:67:5e:b3:ab:de:
5c:9f:10:d1:7e:ba:f3:e6:4a:bb:0f:80:42:d0:4c:93:fb:7a:
b9:f8:88:db
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYVt5kbRBCA1oJ8is9eJNYocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjMwMTAxMTUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQ3OTU2NjlhNGQyMzgzNDM0ZmM1NjFhY2M4Yjc4OTJlMTYzNmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlVsVbSsTwJDtHBDG+Tdoz5xqPlh
+JYSF/x1td97RR85RdsWHC0+ou1F56/lMkeJA4jqoeRKq8yS19yMu+dpoWqBhW+R
VD7SqljCpYZUIGrE6T2JANyl2uHfh5TV3Cg5GNlBVn+8kAsWrHr55CbMW55PvGu2
gy5MDBZGuMi0Xq1KsBqwAvARg4X8QCchx/9a6haRAMitv4bbZxxDDQ+z6LplE6Zv
7QeEBqkIfJ90LIkcYGeYv9jGSNTO8cG+V8yaopWQpZBjuMel7AkbCEbsa/4cOKQg
RdqGGVInk1zBFqkOToqZ25u316UAK25qZgKBzLRmjSz0/VJrjQhnZJSCPQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFKJHlWaaTSODQ0/FYazIt4kuFja5MB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvb2tlVlpwcE5JNE5EVDhWaHJNaTNpUzRXTnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQDJRMIMAwD
BAAuEiEDBAMuEiADBAA+cB0DBAA+cB8DBANVd9gDBAFtRdgwDAMEAG1F2wMEAG1F
3gMEArlAQAMEAbm55AMEALm55zANBAIAAjAHAwUAKgAVKDANBgkqhkiG9w0BAQsF
AAOCAQEAXXiUhM7NjlnxWi9Gp4JgeN6GLxtijd/DcWZbcQ58xBa0U8jmCZGuKfwJ
FirvvPUwiDdH67yn65j4385xS1cA9Ax1agImf4udH6cxfCQY1KiJnY6mYTMIhfnC
CKKbR5jwqMrLrfFdsggLTTFpL2LhvKvD7JRtOt2QcIeoXDpm5lcD1UHQAKc9pGJm
DVzbVCS5vprY9MdKGx97oRG5dGFbtC+qMdCwre7Zh9JK1SXr24hXhOAWpQzVmPJz
Xm8VytmN8UaQIegJtDDfhsgxsQGtK9B7U6Mxk6OCCdmnCLkQq32No0Mgk2des6ve
XJ8Q0X668+ZKuw+AQtBMk/t6ufiI2w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:21 2025 by rpki-client