Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/OOf9W2jlV3SDCt6FEN2DFzTYjqQ.roa
File: OOf9W2jlV3SDCt6FEN2DFzTYjqQ.roa (raw, json)
Hash identifier: yPRehOjrM0bTRXnyHgpJZQHCbjDJGMfmc0H2hjEIPiA=
Subject key identifier: 38:E7:FD:5B:68:E5:57:74:83:0A:DE:85:10:DD:83:17:34:D8:8E:A4
Certificate issuer: /CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Certificate serial: 14B775C8
Authority key identifier: 58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/OOf9W2jlV3SDCt6FEN2DFzTYjqQ.roa
Signing time: Sat 01 Jan 2022 08:53:03 +0000
ROA not before: Sat 01 Jan 2022 08:53:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25542
IP address blocks: 185.111.120.0/22 maxlen: 24
185.111.122.0/24 maxlen: 24
185.2.24.0/22 maxlen: 24
80.247.160.0/20 maxlen: 24
193.239.88.0/22 maxlen: 24
185.139.148.0/22 maxlen: 24
85.255.208.0/20 maxlen: 24
81.26.208.0/20 maxlen: 24
81.26.208.0/24 maxlen: 24
81.26.219.0/24 maxlen: 24
87.237.96.0/23 maxlen: 24
94.126.64.0/21 maxlen: 24
87.237.100.0/23 maxlen: 24
62.148.160.0/19 maxlen: 24
62.148.160.0/24 maxlen: 24
81.93.48.0/20 maxlen: 24
2a06:5dc0::/29 maxlen: 48
2a02:728::/32 maxlen: 48
2001:16e8::/32 maxlen: 48
2a00:f80::/32 maxlen: 48
2a02:4640::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 347567560 (0x14b775c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Validity
Not Before: Jan 1 08:53:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38e7fd5b68e55774830ade8510dd831734d88ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:45:ff:98:83:70:6f:88:1b:89:b5:94:ab:f2:
9a:a4:47:3f:3c:5b:c7:c9:c8:1f:23:82:c3:f8:31:
27:10:0e:be:9b:0f:18:4f:9a:04:77:d1:c2:20:5c:
ae:7e:83:4c:6f:5a:8c:0c:24:e8:3e:ff:d5:9a:a2:
ed:5a:6e:b9:5b:3b:b7:a6:cf:eb:f0:d0:dd:9f:ce:
c9:04:a6:2c:e5:5f:c4:3d:0e:52:da:48:7a:01:55:
b4:6c:9f:87:6c:dc:95:25:aa:4f:b6:c7:d0:48:78:
41:4e:16:a7:2b:80:08:10:b8:d0:cd:72:22:c1:17:
43:2f:a3:ef:30:c1:df:2a:bf:e0:0b:a1:f6:cf:a7:
c7:2d:cd:21:5b:f2:b7:59:c7:73:04:ea:26:83:15:
fe:9c:73:60:fb:a9:67:dd:b0:fe:47:8a:e8:c5:cd:
f0:59:d7:53:7c:c7:12:6f:b3:81:6f:14:89:89:b0:
a1:11:06:44:09:02:f3:d4:69:6d:db:7e:4e:d8:ba:
25:12:04:d5:fb:0d:b8:4f:29:14:0b:8e:83:6e:7e:
03:0a:a6:29:c3:c1:3d:28:df:1c:26:61:6c:7c:cd:
2c:07:ba:17:e9:29:8c:89:12:42:64:7c:15:29:12:
ac:59:ba:95:c5:de:ed:6a:cd:0f:e5:a7:0b:2c:f4:
8c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E7:FD:5B:68:E5:57:74:83:0A:DE:85:10:DD:83:17:34:D8:8E:A4
X509v3 Authority Key Identifier:
keyid:58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/OOf9W2jlV3SDCt6FEN2DFzTYjqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.148.160.0/19
80.247.160.0/20
81.26.208.0/20
81.93.48.0/20
85.255.208.0/20
87.237.96.0/23
87.237.100.0/23
94.126.64.0/21
185.2.24.0/22
185.111.120.0/22
185.139.148.0/22
193.239.88.0/22
IPv6:
2001:16e8::/32
2a00:f80::/32
2a02:728::/32
2a02:4640::/32
2a06:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
52:36:c2:b8:a4:09:88:1c:7d:a1:f2:df:96:03:a5:17:02:b1:
a5:06:49:76:f3:c6:5d:db:bb:89:0b:83:a6:d0:0e:07:b9:31:
7f:76:c6:95:3a:4e:f8:90:59:62:a2:d0:43:54:23:a7:62:07:
ef:26:31:e0:95:ee:d1:0e:77:02:5c:3d:0b:37:75:ed:e6:8a:
35:70:57:ab:7e:b6:c1:33:7e:1a:8b:4d:09:e4:c7:21:64:63:
9b:fb:cb:b8:99:06:a1:92:fc:d0:69:0b:47:38:cf:4e:a8:28:
eb:bc:eb:6c:c2:2d:f0:92:81:1e:98:d7:2c:8c:a5:7e:14:a4:
4c:ac:03:bd:e4:ab:9b:b1:93:56:51:9d:9e:f0:e2:aa:eb:f6:
13:d2:91:f6:20:02:cd:cd:5b:5c:7a:01:e2:64:32:db:f4:90:
74:fb:5b:98:61:aa:0b:e7:6f:53:d7:21:5b:4d:54:82:3d:e3:
c8:45:c0:4d:0d:c1:76:4e:74:c7:bb:39:c0:82:89:46:8c:04:
3c:d9:42:cc:fa:f7:1a:8c:b4:2b:14:88:fe:df:18:4b:f8:f5:
72:7c:ac:c3:e1:0e:d0:20:30:32:d9:8a:f2:56:dd:93:98:37:
6c:f6:b0:1f:05:c3:ec:5f:09:ff:7d:1a:98:62:18:a5:35:66:
22:98:b3:5f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIEFLd1yDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODY2NzEzMWQ3NjBiNWRiMWRlOThlYTIwYzBmODJmYzAxYzlmMWQ5MB4XDTIyMDEw
MTA4NTMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhlN2ZkNWI2OGU1
NTc3NDgzMGFkZTg1MTBkZDgzMTczNGQ4OGVhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxF/5iDcG+IG4m1lKvymqRHPzxbx8nIHyOCw/gxJxAOvpsP
GE+aBHfRwiBcrn6DTG9ajAwk6D7/1Zqi7VpuuVs7t6bP6/DQ3Z/OyQSmLOVfxD0O
UtpIegFVtGyfh2zclSWqT7bH0Eh4QU4WpyuACBC40M1yIsEXQy+j7zDB3yq/4Auh
9s+nxy3NIVvyt1nHcwTqJoMV/pxzYPupZ92w/keK6MXN8FnXU3zHEm+zgW8UiYmw
oREGRAkC89Rpbdt+Tti6JRIE1fsNuE8pFAuOg25+AwqmKcPBPSjfHCZhbHzNLAe6
F+kpjIkSQmR8FSkSrFm6lcXe7WrND+WnCyz0jFcCAwEAAaOCAncwggJzMB0GA1Ud
DgQWBBQ45/1baOVXdIMK3oUQ3YMXNNiOpDAfBgNVHSMEGDAWgBRYZnEx12C12x3p
jqIMD4L8Acnx2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dHWnhNZGRndGRzZDZZNmlEQS1DX0FISjhkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvNGE4MGU2LTFkMDQtNDY0Ny1hOGQ0LTI0ODExMDZmOGIyNS8x
L09PZjlXMmpsVjNTREN0NkZFTjJERnpUWWpxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
NGE4MGU2LTFkMDQtNDY0Ny1hOGQ0LTI0ODExMDZmOGIyNS8xL1dHWnhNZGRndGRz
ZDZZNmlEQS1DX0FISjhkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jAYIKwYBBQUHAQcBAf8EfTB7ME4EAgABMEgDBAU+lKADBARQ96ADBARRGtADBARR
XTADBARV/9ADBAFX7WADBAFX7WQDBANefkADBAK5AhgDBAK5b3gDBAK5i5QDBALB
71gwKQQCAAIwIwMFACABFugDBQAqAA+AAwUAKgIHKAMFACoCRkADBQMqBl3AMA0G
CSqGSIb3DQEBCwUAA4IBAQBSNsK4pAmIHH2h8t+WA6UXArGlBkl288Zd27uJC4Om
0A4HuTF/dsaVOk74kFliotBDVCOnYgfvJjHgle7RDncCXD0LN3Xt5oo1cFerfrbB
M34ai00J5MchZGOb+8u4mQahkvzQaQtHOM9OqCjrvOtswi3wkoEemNcsjKV+FKRM
rAO95KubsZNWUZ2e8OKq6/YT0pH2IALNzVtcegHiZDLb9JB0+1uYYaoL529T1yFb
TVSCPePIRcBNDcF2TnTHuznAgolGjAQ82ULM+vcajLQrFIj+3xhL+PVyfKzD4Q7Q
IDAy2YryVt2TmDds9rAfBcPsXwn/fRqYYhilNWYimLNf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:36 2023 by rpki-client on console-fra.rpki-client.org