Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/ou1FOPFQnm443Ef5dSUE0Qvdul8.roa
File: ou1FOPFQnm443Ef5dSUE0Qvdul8.roa (raw, json)
Hash identifier: nF633sdhTOa4YS6zGG/Om3NB5SzQbLbNG61Iv+awm+E=
Subject key identifier: A2:ED:45:38:F1:50:9E:6E:38:DC:47:F9:75:25:04:D1:0B:DD:BA:5F
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 0184C230104E774E171D00A1307E4C31BDBA
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/ou1FOPFQnm443Ef5dSUE0Qvdul8.roa
Signing time: Tue 29 Nov 2022 07:00:40 +0000
ROA not before: Tue 29 Nov 2022 07:00:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39251
IP address blocks: 193.37.238.0/24 maxlen: 24
185.229.252.0/22 maxlen: 24
91.223.66.0/24 maxlen: 24
185.163.140.0/22 maxlen: 24
194.169.230.0/24 maxlen: 24
194.169.237.0/24 maxlen: 24
91.245.192.0/24 maxlen: 24
194.169.242.0/24 maxlen: 24
85.217.250.0/24 maxlen: 24
85.217.251.0/24 maxlen: 24
85.217.252.0/22 maxlen: 24
213.232.88.0/22 maxlen: 24
185.225.84.0/22 maxlen: 24
91.92.72.0/21 maxlen: 24
91.92.80.0/20 maxlen: 24
91.92.96.0/21 maxlen: 24
194.169.223.0/24 maxlen: 24
2a0b:f800::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:30:10:4e:77:4e:17:1d:00:a1:30:7e:4c:31:bd:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Nov 29 07:00:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2ed4538f1509e6e38dc47f9752504d10bddba5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:51:ec:53:6f:48:b5:bc:3e:63:94:e1:54:87:
d6:56:99:d9:60:50:86:ff:37:5f:67:03:11:a0:23:
ac:59:6e:76:54:d8:76:8b:f2:74:c0:3b:bc:73:ac:
7d:3a:91:c1:dd:e3:81:66:d4:73:a5:df:1a:68:84:
c9:e9:c0:26:a8:b5:3d:b2:d5:ff:df:fc:49:f8:5d:
76:6f:33:d8:93:9e:22:82:9c:6a:6b:82:21:b9:81:
f2:4e:5f:7f:e4:9d:45:f8:c8:4e:95:5c:1f:24:b9:
18:08:66:e7:9f:b5:b9:ad:d0:1c:fb:ea:2f:2e:96:
b4:ae:49:73:52:af:39:85:5d:1a:b2:03:46:96:2d:
88:a9:b6:ba:3c:49:15:5c:b7:34:13:2d:df:fd:8c:
42:9d:24:1b:4d:5e:7c:9a:44:eb:f3:41:cc:e0:89:
83:40:57:e6:24:1f:a9:09:b3:30:5b:23:c8:a9:68:
9b:1e:1f:e4:f2:d1:4d:6c:e4:17:48:8d:01:e7:f6:
35:91:8e:b9:57:a7:3b:63:d6:d7:7f:ab:11:f5:6d:
5c:37:b4:d4:44:f6:f0:27:79:9d:4c:7b:40:be:e5:
2c:87:97:a1:bf:46:cd:c7:17:b8:fd:26:1a:26:57:
7e:e5:f1:67:67:dc:96:e1:c2:c5:81:c4:a4:33:22:
de:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:ED:45:38:F1:50:9E:6E:38:DC:47:F9:75:25:04:D1:0B:DD:BA:5F
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/ou1FOPFQnm443Ef5dSUE0Qvdul8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.250.0-85.217.255.255
91.92.72.0-91.92.103.255
91.223.66.0/24
91.245.192.0/24
185.163.140.0/22
185.225.84.0/22
185.229.252.0/22
193.37.238.0/24
194.169.223.0/24
194.169.230.0/24
194.169.237.0/24
194.169.242.0/24
213.232.88.0/22
IPv6:
2a0b:f800::/32
Signature Algorithm: sha256WithRSAEncryption
5c:e0:28:88:54:f6:e4:ce:a9:e5:d1:94:89:0b:79:ef:96:13:
81:93:57:31:60:cb:8e:ba:fe:43:9d:bc:a6:cd:88:46:83:ef:
d8:73:38:3d:a9:f6:f1:69:d7:d4:20:84:14:e1:04:71:70:12:
48:69:58:54:24:0b:55:46:b5:e1:eb:02:7e:04:2e:0f:09:7d:
93:79:d4:e4:5d:c0:20:d1:96:5f:1c:16:63:0c:6d:0a:9e:b7:
bb:2b:b6:46:e4:37:c8:e0:97:93:09:33:02:99:e5:7b:73:ad:
cd:b5:e8:7e:62:fd:4a:29:cd:c4:78:b7:88:55:46:9d:43:be:
2d:3d:4c:9d:33:4b:1d:85:01:67:97:ec:36:d3:07:d9:40:b5:
b8:39:83:9d:d9:12:75:79:83:9b:41:ca:69:d9:a3:02:fe:b3:
79:90:f6:bb:9c:fc:26:fa:9c:83:f8:2e:30:e2:fc:74:e0:3b:
2b:e6:5f:2c:55:96:1d:01:e2:59:91:b7:93:8d:f7:e6:68:c9:
0a:ab:bb:dc:bf:ac:73:e0:1c:2e:92:c2:9d:4b:bf:fb:9d:ae:
2b:52:bd:73:81:d0:52:8f:de:23:7d:e0:7d:5b:7e:65:1a:b8:
65:c6:68:96:de:d5:92:58:15:97:b2:8d:27:74:ea:82:83:a9:
2d:05:8c:d0
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYTCMBBOd04XHQChMH5MMb26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjIxMTI5MDcwMDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmVkNDUzOGYxNTA5ZTZlMzhkYzQ3Zjk3NTI1MDRkMTBiZGRiYTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVHsU29Itbw+Y5ThVIfWVpnZYFCG
/zdfZwMRoCOsWW52VNh2i/J0wDu8c6x9OpHB3eOBZtRzpd8aaITJ6cAmqLU9stX/
3/xJ+F12bzPYk54igpxqa4IhuYHyTl9/5J1F+MhOlVwfJLkYCGbnn7W5rdAc++ov
Lpa0rklzUq85hV0asgNGli2Iqba6PEkVXLc0Ey3f/YxCnSQbTV58mkTr80HM4ImD
QFfmJB+pCbMwWyPIqWibHh/k8tFNbOQXSI0B5/Y1kY65V6c7Y9bXf6sR9W1cN7TU
RPbwJ3mdTHtAvuUsh5ehv0bNxxe4/SYaJld+5fFnZ9yW4cLFgcSkMyLeOQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFKLtRTjxUJ5uONxH+XUlBNEL3bpfMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvb3UxRk9QRlFubTQ0M0VmNWRTVUUwUXZkdWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwYwQCAAEwXTALAwQBVdn6
AwMBVdgwDAMEA1tcSAMEA1tcYAMEAFvfQgMEAFv1wAMEArmjjAMEArnhVAMEArnl
/AMEAMEl7gMEAMKp3wMEAMKp5gMEAMKp7QMEAMKp8gMEAtXoWDANBAIAAjAHAwUA
Kgv4ADANBgkqhkiG9w0BAQsFAAOCAQEAXOAoiFT25M6p5dGUiQt575YTgZNXMWDL
jrr+Q528ps2IRoPv2HM4Pan28WnX1CCEFOEEcXASSGlYVCQLVUa14esCfgQuDwl9
k3nU5F3AINGWXxwWYwxtCp63uyu2RuQ3yOCXkwkzApnle3OtzbXofmL9SinNxHi3
iFVGnUO+LT1MnTNLHYUBZ5fsNtMH2UC1uDmDndkSdXmDm0HKadmjAv6zeZD2u5z8
Jvqcg/guMOL8dOA7K+ZfLFWWHQHiWZG3k4335mjJCqu73L+sc+AcLpLCnUu/+52u
K1K9c4HQUo/eI33gfVt+ZRq4ZcZolt7VklgVl7KNJ3TqgoOpLQWM0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:06 2024 by rpki-client on console-fra.rpki-client.org