Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/OvXUH9m_8aA1vSUR6pBOOH2bCwE.roa
File: OvXUH9m_8aA1vSUR6pBOOH2bCwE.roa (raw, json)
Hash identifier: 98MuhDUINM31oRxaBh/N0ErEYiwzLjMAIQSDuPf8o/o=
Subject key identifier: 3A:F5:D4:1F:D9:BF:F1:A0:35:BD:25:11:EA:90:4E:38:7D:9B:0B:01
Certificate issuer: /CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Certificate serial: 0954B2FB
Authority key identifier: B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/OvXUH9m_8aA1vSUR6pBOOH2bCwE.roa
Signing time: Fri 20 May 2022 08:53:29 +0000
ROA not before: Fri 20 May 2022 08:53:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209604
IP address blocks: 185.255.92.0/24 maxlen: 24
185.255.93.0/24 maxlen: 24
185.255.94.0/24 maxlen: 24
185.255.95.0/24 maxlen: 24
185.132.126.0/24 maxlen: 24
185.93.70.0/24 maxlen: 24
185.93.71.0/24 maxlen: 24
185.93.68.0/24 maxlen: 24
185.93.69.0/24 maxlen: 24
193.164.6.0/24 maxlen: 24
193.164.5.0/24 maxlen: 24
89.35.52.0/24 maxlen: 24
93.115.10.0/24 maxlen: 24
93.177.101.0/24 maxlen: 24
93.177.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156545787 (0x954b2fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Validity
Not Before: May 20 08:53:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3af5d41fd9bff1a035bd2511ea904e387d9b0b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d3:0a:b9:6d:7d:f8:62:1a:ec:69:87:78:72:
0e:ec:d6:bb:4b:d2:6a:0a:88:6c:46:12:09:0c:8a:
07:ba:49:d5:36:04:04:48:1c:7a:16:9e:bb:a6:e2:
04:b9:f8:0e:ee:a9:48:1d:33:08:cf:f5:2b:61:c8:
f6:d9:de:32:1d:04:ca:9d:07:fd:17:1b:3f:c1:21:
cd:13:a2:65:90:6b:e6:7f:34:46:c5:85:1c:fa:5a:
ed:99:b1:a5:35:e9:44:dd:f2:f2:16:2c:49:5e:9e:
2a:cd:29:67:5f:d9:64:12:9d:3a:b7:56:9d:96:fb:
49:00:95:36:6e:2d:a8:58:a0:ef:44:8d:1b:46:f3:
bd:0e:d8:bd:1c:e6:06:ab:90:df:b2:53:1f:52:18:
49:18:e2:68:4a:1a:64:7f:89:7c:9e:57:1d:d3:a9:
1a:8d:40:e4:6e:8b:c6:a0:55:f3:3b:8b:63:37:6f:
1b:6a:f5:4c:e8:27:eb:e7:f0:8f:34:60:87:47:89:
8e:4f:24:6a:89:1b:cc:a3:e7:bc:79:29:51:b4:39:
4d:7f:40:75:1d:25:a8:78:51:fa:5f:3d:ba:cf:fd:
70:5b:5d:a0:bd:89:2c:c5:e1:99:38:3a:30:b2:c8:
a8:2e:8b:01:52:ef:73:99:dd:73:28:fe:02:39:72:
e3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F5:D4:1F:D9:BF:F1:A0:35:BD:25:11:EA:90:4E:38:7D:9B:0B:01
X509v3 Authority Key Identifier:
keyid:B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/OvXUH9m_8aA1vSUR6pBOOH2bCwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.52.0/24
93.115.10.0/24
93.177.101.0-93.177.102.255
185.93.68.0/22
185.132.126.0/24
185.255.92.0/22
193.164.5.0-193.164.6.255
Signature Algorithm: sha256WithRSAEncryption
7f:02:b8:4e:a2:03:4a:97:0b:8d:97:5b:c6:6d:b2:96:d1:e2:
02:62:3d:1b:e1:c0:01:23:58:93:35:0b:38:98:02:b1:15:bd:
54:82:06:27:90:d4:ba:c5:9e:d0:ce:83:ab:00:43:ba:ee:dd:
28:a5:d3:85:ff:18:05:5b:23:eb:79:e8:5a:8c:ce:dd:0c:83:
7b:a0:63:a0:1d:93:66:58:4c:c7:e1:5c:69:38:61:ba:55:dd:
65:8b:2d:62:02:3f:da:ea:15:ad:75:ce:86:1d:bc:4e:e8:c1:
bc:9f:43:c6:a4:3e:ab:24:f1:99:9b:94:93:44:b5:53:a8:81:
63:25:9d:72:dc:13:b6:6f:b8:7d:7b:f5:b3:c0:9d:51:17:20:
50:fc:e8:32:96:57:22:ef:b1:cb:db:af:41:7a:36:42:6a:2b:
2f:04:2c:ae:a2:88:b5:38:0e:b7:3b:ca:96:a1:3d:b7:82:a7:
05:ec:8b:bc:9e:f2:75:89:45:e2:50:3a:61:8f:87:5e:7e:0c:
3d:fa:c0:63:4d:96:11:b7:f0:22:1b:a1:7d:9f:2b:e8:8b:97:
c8:33:e4:bf:93:bb:7d:95:1f:db:ec:ad:10:c9:e4:9d:77:1f:
ba:81:55:e6:9e:12:29:3a:42:b4:91:83:5e:b8:70:85:f3:4b:
3d:5b:da:00
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIECVSy+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MGI1YTgwYTcxMDZlMGE0Yjg1NDVjODE1MGJiNzJjNjk5ZmNjOWEwMB4XDTIyMDUy
MDA4NTMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FmNWQ0MWZkOWJm
ZjFhMDM1YmQyNTExZWE5MDRlMzg3ZDliMGIwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3TCrltffhiGuxph3hyDuzWu0vSagqIbEYSCQyKB7pJ1TYE
BEgcehaeu6biBLn4Du6pSB0zCM/1K2HI9tneMh0Eyp0H/RcbP8EhzROiZZBr5n80
RsWFHPpa7ZmxpTXpRN3y8hYsSV6eKs0pZ1/ZZBKdOrdWnZb7SQCVNm4tqFig70SN
G0bzvQ7YvRzmBquQ37JTH1IYSRjiaEoaZH+JfJ5XHdOpGo1A5G6LxqBV8zuLYzdv
G2r1TOgn6+fwjzRgh0eJjk8kaokbzKPnvHkpUbQ5TX9AdR0lqHhR+l89us/9cFtd
oL2JLMXhmTg6MLLIqC6LAVLvc5ndcyj+Ajly4zcCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBQ69dQf2b/xoDW9JRHqkE44fZsLATAfBgNVHSMEGDAWgBSwtagKcQbgpLhU
XIFQu3LGmfzJoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NMV29DbkVHNEtTNFZGeUJVTHR5eHBuOHlhQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvZjE1M2RjLWNiZmItNGE0Zi04MGQyLTc0NWUwOGZlNThjNi8x
L092WFVIOW1fOGFBMXZTVVI2cEJPT0gyYkN3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
ZjE1M2RjLWNiZmItNGE0Zi04MGQyLTc0NWUwOGZlNThjNi8xL3NMV29DbkVHNEtT
NFZGeUJVTHR5eHBuOHlhQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwQAQCAAEwOgMEAFkjNAMEAF1zCjAMAwQAXbFlAwQA
XbFmAwQCuV1EAwQAuYR+AwQCuf9cMAwDBADBpAUDBADBpAYwDQYJKoZIhvcNAQEL
BQADggEBAH8CuE6iA0qXC42XW8ZtspbR4gJiPRvhwAEjWJM1CziYArEVvVSCBieQ
1LrFntDOg6sAQ7ru3Sil04X/GAVbI+t56FqMzt0Mg3ugY6Adk2ZYTMfhXGk4YbpV
3WWLLWICP9rqFa11zoYdvE7owbyfQ8akPqsk8ZmblJNEtVOogWMlnXLcE7ZvuH17
9bPAnVEXIFD86DKWVyLvscvbr0F6NkJqKy8ELK6iiLU4Drc7ypahPbeCpwXsi7ye
8nWJReJQOmGPh15+DD36wGNNlhG38CIboX2fK+iLl8gz5L+Tu32VH9vsrRDJ5J13
H7qBVeaeEik6QrSRg164cIXzSz1b2gA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:32 2024 by rpki-client on console-fra.rpki-client.org