Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b7bdf6-9df4-4d4f-8d95-bcbfb1898eba/1/oPhAeXnwDrwmV5SFz2kocvKPpto.roa
File: oPhAeXnwDrwmV5SFz2kocvKPpto.roa (raw, json)
Hash identifier: XwNOBwFm7+49vlpNj/mdEMsexXRh9sXk+OHU0EHHuFo=
Subject key identifier: A0:F8:40:79:79:F0:0E:BC:26:57:94:85:CF:69:28:72:F2:8F:A6:DA
Certificate issuer: /CN=fcf5f08031e35af9545d3ad3d138cad10396e2ca
Certificate serial: 0A72EDE7
Authority key identifier: FC:F5:F0:80:31:E3:5A:F9:54:5D:3A:D3:D1:38:CA:D1:03:96:E2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_PXwgDHjWvlUXTrT0TjK0QOW4so.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b7bdf6-9df4-4d4f-8d95-bcbfb1898eba/1/oPhAeXnwDrwmV5SFz2kocvKPpto.roa
Signing time: Sat 01 Jan 2022 14:59:22 +0000
ROA not before: Sat 01 Jan 2022 14:59:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205157
IP address blocks: 185.70.162.0/24 maxlen: 24
185.228.171.0/24 maxlen: 24
185.228.170.0/24 maxlen: 24
185.228.169.0/24 maxlen: 24
185.228.168.0/24 maxlen: 24
2a0d:2a00:1::/48 maxlen: 48
2a0d:2a00:ab1::/48 maxlen: 48
2a0d:2a00:2::/48 maxlen: 48
2a0d:2a00:ab2::/48 maxlen: 48
2a0d:2a00:c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175304167 (0xa72ede7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcf5f08031e35af9545d3ad3d138cad10396e2ca
Validity
Not Before: Jan 1 14:59:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0f8407979f00ebc26579485cf692872f28fa6da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:15:db:81:53:b6:d7:6c:0c:1e:40:f9:78:c7:
6a:44:5a:b2:f5:aa:ea:53:69:a6:0f:a3:43:ee:ab:
62:a5:50:d1:a1:66:59:c7:ef:f3:c3:56:40:e2:83:
a1:f2:68:e2:8c:d7:fc:a2:f1:ad:bc:1f:6e:4d:2e:
ff:a5:08:7b:08:61:8c:5e:f2:f9:27:8e:fb:d1:e8:
01:84:5f:72:9f:39:b8:5a:53:26:2f:32:27:07:8d:
0e:9e:7a:b7:c9:1e:9d:01:be:6f:dc:61:00:fb:0c:
21:ce:fd:90:78:36:30:4e:ba:6e:85:1d:29:42:ef:
80:23:5b:d6:c9:19:f3:c8:e6:14:99:0b:8d:47:2a:
26:5b:12:b8:b7:af:3b:33:b8:f4:ad:d2:af:9d:ca:
7e:c4:cd:a5:1a:e1:d7:e4:ac:a5:dd:35:eb:bb:05:
8d:16:93:b3:b2:f5:ad:db:6e:b5:6f:7e:7d:22:81:
9c:31:5b:2f:26:dd:6e:1f:79:56:2a:71:e4:e3:bd:
10:dc:eb:a8:ed:07:ad:80:08:ff:aa:06:d1:67:61:
57:ac:3b:2a:fe:df:9d:dc:d1:5a:b3:32:bb:94:18:
86:39:0b:62:9f:e2:ab:79:1d:2e:20:c4:12:d1:7d:
f0:68:ce:6e:a4:b5:9a:a2:dc:46:58:fa:e5:12:33:
43:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F8:40:79:79:F0:0E:BC:26:57:94:85:CF:69:28:72:F2:8F:A6:DA
X509v3 Authority Key Identifier:
keyid:FC:F5:F0:80:31:E3:5A:F9:54:5D:3A:D3:D1:38:CA:D1:03:96:E2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_PXwgDHjWvlUXTrT0TjK0QOW4so.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b7bdf6-9df4-4d4f-8d95-bcbfb1898eba/1/oPhAeXnwDrwmV5SFz2kocvKPpto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b7bdf6-9df4-4d4f-8d95-bcbfb1898eba/1/_PXwgDHjWvlUXTrT0TjK0QOW4so.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.162.0/24
185.228.168.0/22
IPv6:
2a0d:2a00:1::-2a0d:2a00:2:ffff:ffff:ffff:ffff:ffff
2a0d:2a00:c0::/48
2a0d:2a00:ab1::-2a0d:2a00:ab2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5f:b3:98:20:31:88:12:27:0d:23:6d:49:35:68:26:42:8c:5d:
08:61:c5:9b:5f:19:d2:21:4e:3a:03:f1:8e:26:63:22:3a:51:
ac:19:6c:aa:d9:6c:38:8c:52:f2:44:05:f4:fe:5a:38:d4:58:
64:90:4f:21:65:6d:60:ad:6c:c8:ae:83:e1:a9:4c:90:9b:eb:
84:a5:ae:e7:43:27:2a:bc:76:0f:8e:d8:03:7d:f0:af:70:c4:
7a:61:0d:a3:64:d1:60:99:af:e7:b2:f4:f7:79:3e:cd:ca:33:
cf:15:4b:04:0d:a7:7d:8f:d9:b8:1f:c5:0e:b5:13:61:a8:14:
1b:fd:a0:ff:24:80:02:71:c0:c3:cf:4c:91:54:f3:f0:ac:32:
4b:a0:00:a0:f5:23:d3:3b:27:f4:7a:54:73:1b:f0:25:c1:87:
e8:88:ab:43:e4:8f:a2:0f:ad:2d:d0:7f:e4:bc:e6:ef:45:b2:
93:07:d4:0d:fe:d1:95:c7:52:af:28:d0:56:b2:81:fb:f7:a1:
26:cc:bb:70:31:27:f4:52:55:8e:35:25:f2:58:3a:c8:47:b2:
3a:32:92:77:ff:fc:7d:fe:fc:db:1b:b3:55:00:48:93:bb:62:
14:26:16:9b:60:cf:bf:1e:0a:3b:f7:92:1f:01:d8:78:49:5e:
56:a2:fc:f3
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIECnLt5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Y2Y1ZjA4MDMxZTM1YWY5NTQ1ZDNhZDNkMTM4Y2FkMTAzOTZlMmNhMB4XDTIyMDEw
MTE0NTkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBmODQwNzk3OWYw
MGViYzI2NTc5NDg1Y2Y2OTI4NzJmMjhmYTZkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8V24FTttdsDB5A+XjHakRasvWq6lNppg+jQ+6rYqVQ0aFm
Wcfv88NWQOKDofJo4ozX/KLxrbwfbk0u/6UIewhhjF7y+SeO+9HoAYRfcp85uFpT
Ji8yJweNDp56t8kenQG+b9xhAPsMIc79kHg2ME66boUdKULvgCNb1skZ88jmFJkL
jUcqJlsSuLevOzO49K3Sr53KfsTNpRrh1+Sspd0167sFjRaTs7L1rdtutW9+fSKB
nDFbLybdbh95Vipx5OO9ENzrqO0HrYAI/6oG0WdhV6w7Kv7fndzRWrMyu5QYhjkL
Yp/iq3kdLiDEEtF98GjObqS1mqLcRlj65RIzQ5UCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSg+EB5efAOvCZXlIXPaShy8o+m2jAfBgNVHSMEGDAWgBT89fCAMeNa+VRd
OtPROMrRA5biyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19QWHdnREhqV3ZsVVhUclQwVGpLMFFPVzRzby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvYjdiZGY2LTlkZjQtNGQ0Zi04ZDk1LWJjYmZiMTg5OGViYS8x
L29QaEFlWG53RHJ3bVY1U0Z6MmtvY3ZLUHB0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
YjdiZGY2LTlkZjQtNGQ0Zi04ZDk1LWJjYmZiMTg5OGViYS8xL19QWHdnREhqV3Zs
VVhUclQwVGpLMFFPVzRzby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wEgQCAAEwDAMEALlGogMEArnkqDA3BAIAAjAxMBID
BwAqDSoAAAEDBwAqDSoAAAIDBwAqDSoAAMAwEgMHACoNKgAKsQMHACoNKgAKsjAN
BgkqhkiG9w0BAQsFAAOCAQEAX7OYIDGIEicNI21JNWgmQoxdCGHFm18Z0iFOOgPx
jiZjIjpRrBlsqtlsOIxS8kQF9P5aONRYZJBPIWVtYK1syK6D4alMkJvrhKWu50Mn
Krx2D47YA33wr3DEemENo2TRYJmv57L093k+zcozzxVLBA2nfY/ZuB/FDrUTYagU
G/2g/ySAAnHAw89MkVTz8KwyS6AAoPUj0zsn9HpUcxvwJcGH6IirQ+SPog+tLdB/
5Lzm70WykwfUDf7RlcdSryjQVrKB+/ehJsy7cDEn9FJVjjUl8lg6yEeyOjKSd//8
ff782xuzVQBIk7tiFCYWm2DPvx4KO/eSHwHYeEleVqL88w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:58 2025 by rpki-client