Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/OO6gN8wV9yW150ZwaMwlHQoD6mE.roa
File: OO6gN8wV9yW150ZwaMwlHQoD6mE.roa (raw, json)
Hash identifier: IlC2KY47/Pzt+2GKtJUEz6iSu0IJ0KLH0IK64bUiXlk=
Subject key identifier: 38:EE:A0:37:CC:15:F7:25:B5:E7:46:70:68:CC:25:1D:0A:03:EA:61
Certificate issuer: /CN=550b7c0c8bae610f7e519c0485a4773bceb48dab
Certificate serial: 0185710C1582FD56F92F2F850AB9EE5D3455
Authority key identifier: 55:0B:7C:0C:8B:AE:61:0F:7E:51:9C:04:85:A4:77:3B:CE:B4:8D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/OO6gN8wV9yW150ZwaMwlHQoD6mE.roa
Signing time: Mon 02 Jan 2023 05:54:55 +0000
ROA not before: Mon 02 Jan 2023 05:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34619
IP address blocks: 94.73.128.0/18 maxlen: 24
185.22.186.0/24 maxlen: 24
185.22.184.0/22 maxlen: 24
185.22.184.0/24 maxlen: 24
185.22.185.0/24 maxlen: 24
80.253.240.0/22 maxlen: 24
89.19.0.0/19 maxlen: 24
85.159.64.0/21 maxlen: 24
37.148.208.0/21 maxlen: 24
2a02:2020::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:15:82:fd:56:f9:2f:2f:85:0a:b9:ee:5d:34:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=550b7c0c8bae610f7e519c0485a4773bceb48dab
Validity
Not Before: Jan 2 05:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38eea037cc15f725b5e7467068cc251d0a03ea61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c5:d8:81:50:3f:52:f1:ce:1b:54:94:e4:b4:
a8:b5:bc:b2:0a:e0:bc:71:d8:61:30:92:9f:ff:8f:
eb:0f:17:11:e3:3f:e6:b4:fe:f3:38:e8:b4:4c:c5:
e7:30:99:3a:71:bb:26:43:2b:ab:18:ef:53:93:66:
f6:62:37:c8:c7:f9:61:58:79:22:9a:aa:46:c2:0d:
63:d4:84:f9:c4:f3:69:01:16:0f:e6:b5:6a:77:76:
52:d4:9d:52:69:c6:be:fa:27:0d:a3:64:f3:93:fc:
53:42:2a:4e:99:4b:c2:45:21:a2:bb:1b:85:bb:28:
2d:71:57:ea:1e:73:c0:35:08:17:2c:28:95:b5:ef:
79:aa:4e:0f:76:9e:45:b8:f2:57:85:ad:48:4c:ee:
b8:a9:33:b7:d3:af:74:91:48:55:15:2d:ed:f7:48:
f5:05:32:81:40:ea:04:ad:6a:b7:93:9e:90:7d:d6:
13:00:bd:f7:72:ce:ae:df:f4:0e:0f:7c:cc:4e:d9:
6e:6a:37:d5:15:46:f6:4e:96:e2:87:6a:83:bb:1f:
25:0a:14:84:8f:f2:2e:24:a7:d1:45:34:61:3f:4c:
db:d3:87:d7:d2:e0:b4:74:67:fd:ed:b8:76:e5:49:
93:ae:8f:e9:bd:7a:43:fc:99:51:fb:2a:28:75:50:
a5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EE:A0:37:CC:15:F7:25:B5:E7:46:70:68:CC:25:1D:0A:03:EA:61
X509v3 Authority Key Identifier:
keyid:55:0B:7C:0C:8B:AE:61:0F:7E:51:9C:04:85:A4:77:3B:CE:B4:8D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/OO6gN8wV9yW150ZwaMwlHQoD6mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/VQt8DIuuYQ9-UZwEhaR3O860jas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.208.0/21
80.253.240.0/22
85.159.64.0/21
89.19.0.0/19
94.73.128.0/18
185.22.184.0/22
IPv6:
2a02:2020::/32
Signature Algorithm: sha256WithRSAEncryption
75:2d:d5:73:15:65:8d:97:69:6e:d1:fa:ff:52:4e:ae:dd:d0:
67:ac:a5:9d:25:e2:ec:ed:2c:25:48:88:10:b2:b3:a3:fb:83:
60:75:fa:d5:db:0f:4b:80:5f:f3:f9:09:d1:f8:5e:35:69:85:
6f:fe:dd:8a:c8:ff:7d:d2:6b:23:b2:b1:32:cf:48:bf:9f:d0:
8b:ab:46:bf:b3:15:40:d6:99:2e:2a:37:8e:e7:dd:59:39:98:
ea:cb:d9:bb:1f:76:6a:cf:47:2b:88:fb:20:db:1c:a3:34:1e:
43:51:c8:e1:89:61:9a:7d:06:d8:36:38:73:4f:4f:b5:be:57:
86:b4:81:59:b4:d6:85:09:88:f7:78:f3:87:c8:bc:01:9c:3d:
6a:34:47:22:28:70:2c:6f:cd:e7:1f:fa:5d:8f:cf:35:ba:db:
c5:c9:1a:15:b2:61:1f:47:1c:0f:03:96:63:8d:6c:21:47:f9:
8a:76:75:a2:4c:83:66:bc:7e:09:59:37:3d:94:44:f0:c0:ea:
d4:51:09:e5:e0:4b:fe:d8:2c:9f:a5:83:1f:cf:24:fc:5d:7b:
28:e5:b7:ad:45:c0:bc:5e:32:f0:32:43:61:12:53:cb:0b:91:
d2:94:1e:ef:e4:2b:d6:a4:04:e3:05:e0:c1:d5:87:49:b9:3e:
7e:8e:6c:0e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVxDBWC/Vb5Ly+FCrnuXTRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MGI3YzBjOGJhZTYxMGY3ZTUxOWMwNDg1YTQ3NzNiY2Vi
NDhkYWIwHhcNMjMwMTAyMDU1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGVlYTAzN2NjMTVmNzI1YjVlNzQ2NzA2OGNjMjUxZDBhMDNlYTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcXYgVA/UvHOG1SU5LSotbyyCuC8
cdhhMJKf/4/rDxcR4z/mtP7zOOi0TMXnMJk6cbsmQyurGO9Tk2b2YjfIx/lhWHki
mqpGwg1j1IT5xPNpARYP5rVqd3ZS1J1Saca++icNo2Tzk/xTQipOmUvCRSGiuxuF
uygtcVfqHnPANQgXLCiVte95qk4Pdp5FuPJXha1ITO64qTO30690kUhVFS3t90j1
BTKBQOoErWq3k56QfdYTAL33cs6u3/QOD3zMTtluajfVFUb2Tpbih2qDux8lChSE
j/IuJKfRRTRhP0zb04fX0uC0dGf97bh25UmTro/pvXpD/JlR+yoodVCl8QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDjuoDfMFfcltedGcGjMJR0KA+phMB8GA1UdIwQY
MBaAFFULfAyLrmEPflGcBIWkdzvOtI2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlF0OERJdXVZUTktVVp3RWhhUjNPODYwamFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hZWRiMDMtYjA0Yy00MjEyLTgxM2It
ZmYyNWJhNTk5MDMxLzEvT082Z044d1Y5eVcxNTBad2FNd2xIUW9ENm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hZWRiMDMtYjA0Yy00MjEyLTgxM2ItZmYyNWJhNTk5MDMx
LzEvVlF0OERJdXVZUTktVVp3RWhhUjNPODYwamFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJZTQAwQC
UP3wAwQDVZ9AAwQFWRMAAwQGXkmAAwQCuRa4MA0EAgACMAcDBQAqAiAgMA0GCSqG
SIb3DQEBCwUAA4IBAQB1LdVzFWWNl2lu0fr/Uk6u3dBnrKWdJeLs7SwlSIgQsrOj
+4NgdfrV2w9LgF/z+QnR+F41aYVv/t2KyP990msjsrEyz0i/n9CLq0a/sxVA1pku
KjeO591ZOZjqy9m7H3Zqz0criPsg2xyjNB5DUcjhiWGafQbYNjhzT0+1vleGtIFZ
tNaFCYj3ePOHyLwBnD1qNEciKHAsb83nH/pdj881utvFyRoVsmEfRxwPA5ZjjWwh
R/mKdnWiTINmvH4JWTc9lETwwOrUUQnl4Ev+2CyfpYMfzyT8XXso5betRcC8XjLw
MkNhElPLC5HSlB7v5CvWpATjBeDB1YdJuT5+jmwO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:53 2025 by rpki-client