Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/ONJM4jfJWYzOWoN6-kIiJKQ6E34.roa
File: ONJM4jfJWYzOWoN6-kIiJKQ6E34.roa (raw, json)
Hash identifier: ATtayFzHgGXzTydvKUh2F0syR5p0GooaAxBTQnXOSr0=
Subject key identifier: 38:D2:4C:E2:37:C9:59:8C:CE:5A:83:7A:FA:42:22:24:A4:3A:13:7E
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01849A0AE588DAE18C8A87CF5986C80CCA0D
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/ONJM4jfJWYzOWoN6-kIiJKQ6E34.roa
Signing time: Mon 21 Nov 2022 11:55:16 +0000
ROA not before: Mon 21 Nov 2022 11:55:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20857
IP address blocks: 188.240.52.0/22 maxlen: 22
93.119.0.0/20 maxlen: 20
84.247.8.0/21 maxlen: 24
195.8.195.0/24 maxlen: 24
85.10.128.0/19 maxlen: 24
89.41.168.0/22 maxlen: 24
87.253.128.0/19 maxlen: 24
31.14.96.0/22 maxlen: 22
185.10.48.0/22 maxlen: 24
77.72.144.0/21 maxlen: 21
95.170.64.0/19 maxlen: 24
80.69.64.0/19 maxlen: 19
195.135.195.0/24 maxlen: 24
185.108.112.0/22 maxlen: 24
37.97.128.0/17 maxlen: 17
86.105.244.0/22 maxlen: 24
188.241.148.0/22 maxlen: 22
149.210.128.0/17 maxlen: 24
141.138.136.0/21 maxlen: 24
37.34.56.0/21 maxlen: 21
2a01:7c8::/32 maxlen: 32
2a01:7c8:7000::/36 maxlen: 36
2a01:7c8:d000::/36 maxlen: 36
2a01:7c8:e000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:0a:e5:88:da:e1:8c:8a:87:cf:59:86:c8:0c:ca:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Nov 21 11:55:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38d24ce237c9598cce5a837afa422224a43a137e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bd:cc:fa:9a:73:a9:97:ce:93:ef:26:66:7c:
00:18:17:fb:47:11:92:dd:72:a2:16:78:f1:f0:30:
90:99:bd:e0:c0:30:00:96:c0:4a:9d:8a:6b:2a:de:
26:3e:47:89:88:86:0f:ee:23:a7:69:6c:b7:f0:c1:
fb:46:b6:b3:e5:2e:5f:e4:2d:93:59:06:1d:14:85:
9b:3f:40:63:76:36:4a:94:08:16:03:99:74:4d:0d:
bb:36:6f:99:05:99:84:8b:1d:ef:16:92:29:0c:05:
b8:35:af:00:7d:92:43:8c:8d:37:ac:18:c6:3f:38:
35:36:04:01:8e:be:55:54:e5:61:02:5b:07:2b:53:
a9:6c:c9:19:cf:31:d2:d3:99:2f:af:e5:4b:1f:bb:
c3:ed:eb:6c:10:12:1f:7b:2f:24:22:76:d3:33:84:
f4:12:42:5b:9b:18:07:ea:d1:9a:7d:84:dd:29:f2:
63:3a:ed:03:55:77:7a:da:28:59:f4:ba:2b:74:be:
9c:db:a8:21:c2:7a:b4:cd:de:71:de:ac:74:7d:60:
ca:82:c6:97:5d:e0:20:a8:99:f0:96:08:98:13:c2:
d6:de:d1:90:a7:91:9c:84:84:89:69:4e:4b:cf:c0:
f8:c6:17:7b:bb:3b:06:1c:33:0b:8e:f0:7b:13:da:
f9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D2:4C:E2:37:C9:59:8C:CE:5A:83:7A:FA:42:22:24:A4:3A:13:7E
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/ONJM4jfJWYzOWoN6-kIiJKQ6E34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.96.0/22
37.34.56.0/21
37.97.128.0/17
77.72.144.0/21
80.69.64.0/19
84.247.8.0/21
85.10.128.0/19
86.105.244.0/22
87.253.128.0/19
89.41.168.0/22
93.119.0.0/20
95.170.64.0/19
141.138.136.0/21
149.210.128.0/17
185.10.48.0/22
185.108.112.0/22
188.240.52.0/22
188.241.148.0/22
195.8.195.0/24
195.135.195.0/24
IPv6:
2a01:7c8::/32
Signature Algorithm: sha256WithRSAEncryption
a4:b6:2c:61:a4:0d:cb:49:cd:f0:88:19:91:6f:a4:3b:54:87:
5f:db:03:d5:a9:65:9c:3e:81:7f:fd:b5:c2:f6:e4:04:43:96:
82:cc:75:bd:ef:07:60:09:73:06:3e:7a:34:8a:e8:d7:ed:ca:
ea:80:da:84:35:0c:14:b0:46:04:fb:0e:4e:57:a9:b2:70:62:
bf:df:53:b1:d4:7f:6f:4d:90:85:99:51:8b:ac:05:47:74:ac:
64:ff:35:f1:f1:64:c6:a8:c7:d0:a7:ca:a2:31:68:96:1b:56:
1c:9e:80:18:1e:a5:c1:c9:55:bd:00:0c:5b:31:cd:9e:56:5f:
30:3f:5e:26:8b:ce:f3:ce:f7:57:4e:f0:06:99:3c:c9:c5:70:
14:83:53:9d:3f:70:c1:05:19:b6:30:bb:61:c3:4d:c8:56:e6:
21:b4:c9:5b:59:96:e6:1a:2c:a6:78:e6:14:bb:e4:5d:32:e6:
c3:a7:8d:60:fc:3d:ba:22:d5:59:12:5e:0f:57:59:6e:06:90:
13:95:0a:cd:2f:8d:28:c7:49:aa:a9:50:1e:26:f5:45:f4:08:
41:ae:0f:73:21:4e:d0:5e:cc:18:79:31:d4:cf:11:bc:be:ca:
30:96:e5:8d:78:1d:f6:18:52:21:30:4e:fe:b0:dc:40:f7:f2:
e1:f0:1b:e3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYSaCuWI2uGMiofPWYbIDMoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjIxMTIxMTE1NTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQyNGNlMjM3Yzk1OThjY2U1YTgzN2FmYTQyMjIyNGE0M2ExMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs73M+ppzqZfOk+8mZnwAGBf7RxGS
3XKiFnjx8DCQmb3gwDAAlsBKnYprKt4mPkeJiIYP7iOnaWy38MH7Rraz5S5f5C2T
WQYdFIWbP0BjdjZKlAgWA5l0TQ27Nm+ZBZmEix3vFpIpDAW4Na8AfZJDjI03rBjG
Pzg1NgQBjr5VVOVhAlsHK1OpbMkZzzHS05kvr+VLH7vD7etsEBIfey8kInbTM4T0
EkJbmxgH6tGafYTdKfJjOu0DVXd62ihZ9LordL6c26ghwnq0zd5x3qx0fWDKgsaX
XeAgqJnwlgiYE8LW3tGQp5GchISJaU5Lz8D4xhd7uzsGHDMLjvB7E9r5NwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFDjSTOI3yVmMzlqDevpCIiSkOhN+MB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvT05KTTRqZkpXWXpPV29ONi1rSWlKS1E2RTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQCHw5g
AwQDJSI4AwQHJWGAAwQDTUiQAwQFUEVAAwQDVPcIAwQFVQqAAwQCVmn0AwQFV/2A
AwQCWSmoAwQEXXcAAwQFX6pAAwQDjYqIAwQHldKAAwQCuQowAwQCuWxwAwQCvPA0
AwQCvPGUAwQAwwjDAwQAw4fDMA0EAgACMAcDBQAqAQfIMA0GCSqGSIb3DQEBCwUA
A4IBAQCktixhpA3LSc3wiBmRb6Q7VIdf2wPVqWWcPoF//bXC9uQEQ5aCzHW97wdg
CXMGPno0iujX7crqgNqENQwUsEYE+w5OV6mycGK/31Ox1H9vTZCFmVGLrAVHdKxk
/zXx8WTGqMfQp8qiMWiWG1YcnoAYHqXByVW9AAxbMc2eVl8wP14mi87zzvdXTvAG
mTzJxXAUg1OdP3DBBRm2MLthw03IVuYhtMlbWZbmGiymeOYUu+RdMubDp41g/D26
ItVZEl4PV1luBpATlQrNL40ox0mqqVAeJvVF9AhBrg9zIU7QXswYeTHUzxG8vsow
luWNeB32GFIhME7+sNxA9/Lh8Bvj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org