Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/530625-4e46-4563-ae2c-cd49264eaf0b/1/0Y3O7CuEgB1HRsP5VXh34gTHDng.roa
File: 0Y3O7CuEgB1HRsP5VXh34gTHDng.roa (raw, json)
Hash identifier: zzni4BKgWoCVA43NiPa7gZx3rM1ppsa1556MM9doI1M=
Subject key identifier: D1:8D:CE:EC:2B:84:80:1D:47:46:C3:F9:55:78:77:E2:04:C7:0E:78
Certificate issuer: /CN=a333114cbfc6bf668371c5687ee98a442fd8ea36
Certificate serial: 01821BD0CB6F10A9392A4C190AD7640C380E
Authority key identifier: A3:33:11:4C:BF:C6:BF:66:83:71:C5:68:7E:E9:8A:44:2F:D8:EA:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ozMRTL_Gv2aDccVofumKRC_Y6jY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/530625-4e46-4563-ae2c-cd49264eaf0b/1/0Y3O7CuEgB1HRsP5VXh34gTHDng.roa
Signing time: Wed 20 Jul 2022 13:34:04 +0000
ROA not before: Wed 20 Jul 2022 13:34:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35228
IP address blocks: 93.97.12.0/22 maxlen: 24
87.194.202.0/24 maxlen: 24
87.194.216.0/23 maxlen: 24
93.97.44.0/22 maxlen: 24
87.194.0.0/16 maxlen: 24
93.97.48.0/22 maxlen: 24
93.97.60.0/22 maxlen: 24
93.97.176.0/22 maxlen: 24
93.97.180.0/22 maxlen: 24
93.97.212.0/22 maxlen: 24
93.97.0.0/22 maxlen: 24
93.97.216.0/22 maxlen: 24
93.97.8.0/22 maxlen: 24
87.194.102.0/23 maxlen: 24
87.194.100.0/23 maxlen: 24
87.194.118.0/24 maxlen: 24
87.194.116.0/24 maxlen: 24
87.194.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1b:d0:cb:6f:10:a9:39:2a:4c:19:0a:d7:64:0c:38:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a333114cbfc6bf668371c5687ee98a442fd8ea36
Validity
Not Before: Jul 20 13:34:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d18dceec2b84801d4746c3f9557877e204c70e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bf:9f:3a:4b:45:aa:9d:3d:ac:ea:da:b8:a4:
8b:16:22:62:a7:ba:50:b4:28:c8:82:4b:58:e1:53:
1a:72:64:4e:5b:fc:4c:17:74:21:38:6a:dd:08:55:
02:37:47:36:7c:68:22:67:ee:82:4c:05:a0:17:36:
17:21:17:9a:b0:61:aa:28:ed:61:81:e2:71:99:5f:
be:2e:96:6c:3c:51:d4:74:86:bb:a2:08:db:86:46:
5a:c8:41:23:27:e2:3b:26:15:7a:e4:d9:63:65:73:
b3:55:a7:f4:fa:d6:fc:3e:e2:b1:c8:dc:db:ae:ce:
e1:a4:59:5e:d1:72:ba:6e:7d:f3:cb:60:7f:9a:b2:
ea:84:68:33:d9:16:50:d5:38:bd:d4:f0:ed:90:1c:
13:3a:86:c6:85:02:53:11:d8:62:19:f7:2c:1e:d9:
b5:60:ef:be:14:49:72:50:01:76:ea:12:b7:16:4d:
08:c7:06:9f:a0:6c:48:d3:88:17:e9:45:69:4c:78:
e6:a0:0f:24:cd:55:95:46:46:3b:03:84:65:08:c5:
3b:21:d4:e4:cd:85:c0:77:5f:71:cd:0f:23:cd:0f:
3a:81:19:8b:07:95:f9:58:31:79:30:bc:44:a5:ab:
e3:ef:eb:0b:56:d1:02:80:d4:2d:46:e3:a9:52:ad:
e8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8D:CE:EC:2B:84:80:1D:47:46:C3:F9:55:78:77:E2:04:C7:0E:78
X509v3 Authority Key Identifier:
keyid:A3:33:11:4C:BF:C6:BF:66:83:71:C5:68:7E:E9:8A:44:2F:D8:EA:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ozMRTL_Gv2aDccVofumKRC_Y6jY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/530625-4e46-4563-ae2c-cd49264eaf0b/1/0Y3O7CuEgB1HRsP5VXh34gTHDng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/530625-4e46-4563-ae2c-cd49264eaf0b/1/ozMRTL_Gv2aDccVofumKRC_Y6jY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.194.0.0/16
93.97.0.0/22
93.97.8.0/21
93.97.44.0-93.97.51.255
93.97.60.0/22
93.97.176.0/21
93.97.212.0-93.97.219.255
Signature Algorithm: sha256WithRSAEncryption
71:cd:ae:1a:19:16:c8:6b:1e:05:4f:32:96:0f:01:47:2f:dd:
f6:91:ff:5d:e8:4f:fe:33:f1:c7:c4:25:21:38:e4:e1:a6:91:
7d:a5:41:52:23:b0:b4:37:e2:fc:14:42:97:0a:df:df:31:02:
08:05:d5:d4:a2:6e:7e:b0:ed:4e:ad:2d:cd:79:4f:3f:20:ca:
b3:12:66:a9:dc:92:04:6e:46:3d:a8:60:f6:03:eb:b6:aa:58:
fa:fb:75:1f:3f:60:37:96:bb:a3:e5:83:85:50:76:ac:d9:70:
f7:43:a4:d6:45:46:67:75:39:4b:55:20:7a:53:49:29:18:c5:
9c:8d:a1:21:8a:8b:78:57:7b:cc:ef:37:82:a7:66:e8:9e:02:
c5:01:ad:28:08:c3:d6:6d:b5:08:87:f5:57:d2:9e:3c:f9:bd:
21:f9:79:4c:cb:87:ba:47:d2:80:94:34:53:90:f8:95:21:34:
bb:fc:7b:a2:6f:53:47:4b:4a:a5:75:55:6d:b3:33:63:b5:77:
a6:3f:77:4c:fe:b5:ed:eb:9d:37:60:85:86:63:25:15:13:26:
bf:8a:1d:9a:0a:a0:eb:52:19:60:90:e0:56:a6:72:a4:e2:29:
e8:e4:d7:62:56:27:53:43:a1:c5:60:80:7d:5a:43:62:0a:d8:
45:94:f9:d1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYIb0MtvEKk5KkwZCtdkDDgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMzMxMTRjYmZjNmJmNjY4MzcxYzU2ODdlZTk4YTQ0MmZk
OGVhMzYwHhcNMjIwNzIwMTMzNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMThkY2VlYzJiODQ4MDFkNDc0NmMzZjk1NTc4NzdlMjA0YzcwZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlr+fOktFqp09rOrauKSLFiJip7pQ
tCjIgktY4VMacmROW/xMF3QhOGrdCFUCN0c2fGgiZ+6CTAWgFzYXIReasGGqKO1h
geJxmV++LpZsPFHUdIa7ogjbhkZayEEjJ+I7JhV65NljZXOzVaf0+tb8PuKxyNzb
rs7hpFle0XK6bn3zy2B/mrLqhGgz2RZQ1Ti91PDtkBwTOobGhQJTEdhiGfcsHtm1
YO++FElyUAF26hK3Fk0IxwafoGxI04gX6UVpTHjmoA8kzVWVRkY7A4RlCMU7IdTk
zYXAd19xzQ8jzQ86gRmLB5X5WDF5MLxEpavj7+sLVtECgNQtRuOpUq3ojQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNGNzuwrhIAdR0bD+VV4d+IExw54MB8GA1UdIwQY
MBaAFKMzEUy/xr9mg3HFaH7pikQv2Oo2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3pNUlRMX0d2MmFEY2NWb2Z1bUtSQ19ZNmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81MzA2MjUtNGU0Ni00NTYzLWFlMmMt
Y2Q0OTI2NGVhZjBiLzEvMFkzTzdDdUVnQjFIUnNQNVZYaDM0Z1RIRG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81MzA2MjUtNGU0Ni00NTYzLWFlMmMtY2Q0OTI2NGVhZjBi
LzEvb3pNUlRMX0d2MmFEY2NWb2Z1bUtSQ19ZNmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAATA5AwMAV8IDBAJd
YQADBANdYQgwDAMEAl1hLAMEAl1hMAMEAl1hPAMEA11hsDAMAwQCXWHUAwQCXWHY
MA0GCSqGSIb3DQEBCwUAA4IBAQBxza4aGRbIax4FTzKWDwFHL932kf9d6E/+M/HH
xCUhOOThppF9pUFSI7C0N+L8FEKXCt/fMQIIBdXUom5+sO1OrS3NeU8/IMqzEmap
3JIEbkY9qGD2A+u2qlj6+3UfP2A3lruj5YOFUHas2XD3Q6TWRUZndTlLVSB6U0kp
GMWcjaEhiot4V3vM7zeCp2bongLFAa0oCMPWbbUIh/VX0p48+b0h+XlMy4e6R9KA
lDRTkPiVITS7/Huib1NHS0qldVVtszNjtXemP3dM/rXt6503YIWGYyUVEya/ih2a
CqDrUhlgkOBWpnKk4ino5NdiVidTQ6HFYIB9WkNiCthFlPnR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:04 2025 by rpki-client