Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/ogWF3GOMz5OFrmWWqsYN_qZ3ZSA.roa
File: ogWF3GOMz5OFrmWWqsYN_qZ3ZSA.roa (raw, json)
Hash identifier: cXGMMeYMndjo5NdTESvkzzFrgcyyneNea6hL6IS8ouc=
Subject key identifier: A2:05:85:DC:63:8C:CF:93:85:AE:65:96:AA:C6:0D:FE:A6:77:65:20
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 44CF8104
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/ogWF3GOMz5OFrmWWqsYN_qZ3ZSA.roa
Signing time: Sat 01 Jan 2022 14:06:47 +0000
ROA not before: Sat 01 Jan 2022 14:06:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20857
IP address blocks: 188.240.52.0/22 maxlen: 22
93.119.0.0/20 maxlen: 20
84.247.8.0/21 maxlen: 21
195.8.195.0/24 maxlen: 24
85.10.128.0/19 maxlen: 19
89.41.168.0/22 maxlen: 22
87.253.128.0/19 maxlen: 19
31.14.96.0/22 maxlen: 22
185.10.48.0/22 maxlen: 22
77.72.144.0/21 maxlen: 21
95.170.64.0/19 maxlen: 19
80.69.64.0/19 maxlen: 19
195.135.195.0/24 maxlen: 24
185.108.112.0/22 maxlen: 22
37.97.128.0/17 maxlen: 17
86.105.244.0/22 maxlen: 22
188.241.148.0/22 maxlen: 22
149.210.128.0/17 maxlen: 17
141.138.136.0/21 maxlen: 21
37.34.56.0/21 maxlen: 21
2a01:7c8::/32 maxlen: 32
2a01:7c8:7000::/36 maxlen: 36
2a01:7c8:d000::/36 maxlen: 36
2a01:7c8:e000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1154449668 (0x44cf8104)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 1 14:06:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a20585dc638ccf9385ae6596aac60dfea6776520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:33:af:9a:46:aa:d5:46:51:ea:f3:55:c5:de:
fe:9d:3a:27:25:ab:ea:29:43:2f:6c:0b:d3:cf:52:
c7:0e:ac:59:86:aa:6a:15:5a:2a:72:93:3e:62:67:
6d:ff:01:24:90:33:cb:ce:f6:2c:e9:43:a1:73:aa:
0e:c7:1b:e9:89:e8:ed:34:15:c2:a2:4c:35:40:df:
f4:8f:ca:96:cb:c3:7d:f6:ba:b2:a4:e1:19:e4:a9:
9d:98:48:04:6a:88:be:27:57:62:b1:2a:8b:92:47:
26:67:73:ad:65:89:85:41:fc:3f:2d:ef:d5:ec:6c:
ba:8e:4c:8f:3a:b8:1d:fd:39:70:59:fd:95:07:6b:
f3:59:2e:a4:12:c2:22:bb:74:2b:d0:e2:35:e8:db:
59:de:37:13:00:c0:28:d5:92:b7:8f:77:18:35:fe:
05:d0:f6:b5:6b:64:8e:84:80:53:53:c4:92:19:7b:
00:34:0b:60:86:67:9a:81:90:bd:ce:af:5b:9f:9a:
03:dc:cc:2a:a0:4d:09:46:18:40:62:eb:85:ba:69:
f6:d5:88:fc:87:ec:40:b1:0e:d5:dc:67:22:71:a3:
64:ee:7b:e0:47:68:64:83:a3:c7:3c:7b:c4:3b:6a:
33:7e:f9:87:0e:3a:01:09:0c:af:b5:bd:59:c2:ad:
0f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:05:85:DC:63:8C:CF:93:85:AE:65:96:AA:C6:0D:FE:A6:77:65:20
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/ogWF3GOMz5OFrmWWqsYN_qZ3ZSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.96.0/22
37.34.56.0/21
37.97.128.0/17
77.72.144.0/21
80.69.64.0/19
84.247.8.0/21
85.10.128.0/19
86.105.244.0/22
87.253.128.0/19
89.41.168.0/22
93.119.0.0/20
95.170.64.0/19
141.138.136.0/21
149.210.128.0/17
185.10.48.0/22
185.108.112.0/22
188.240.52.0/22
188.241.148.0/22
195.8.195.0/24
195.135.195.0/24
IPv6:
2a01:7c8::/32
Signature Algorithm: sha256WithRSAEncryption
64:8e:51:9d:cf:fe:77:d6:fc:1e:7d:90:60:9e:d5:66:6a:9c:
d6:be:98:a7:5a:bc:e4:23:f4:97:c8:22:b0:d3:d1:b7:42:a9:
4e:d1:36:54:e6:d6:6d:f4:5f:06:02:5f:76:a0:0f:4f:a3:2e:
9e:86:79:f6:67:de:1d:3b:ee:de:b3:d0:25:3f:2f:1f:e6:45:
4d:3f:56:d6:2b:df:51:28:38:8c:d3:26:0c:be:69:29:3f:19:
41:a7:4b:dd:cb:38:7b:95:d3:67:a1:d3:f1:d7:09:24:2e:e0:
2e:4f:5f:42:95:f0:e5:c7:16:d0:78:17:59:57:cc:09:f0:f1:
c3:fc:7f:06:e3:86:6d:4e:45:30:fe:1b:14:88:08:4d:46:8f:
88:33:bc:a3:1f:e9:9f:b6:d5:6f:05:c4:43:61:38:3a:fa:59:
5b:59:2f:63:8b:fc:5c:f0:db:1f:92:6e:3f:4b:9c:50:03:e3:
0d:44:a3:dc:06:d6:80:b4:6e:db:bd:79:b2:e5:4f:b1:dd:9e:
95:89:ac:8d:5a:f3:e7:16:b6:0f:d8:ce:71:5c:90:21:7d:ea:
24:52:c0:5d:af:62:56:63:cb:a6:9d:9d:c9:a1:73:9b:fd:9a:
ee:4e:c3:eb:6a:3b:36:69:6a:a2:e7:34:81:3c:29:81:7d:03:
e4:34:e3:b6
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIERM+BBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTEzNjljY2JmODZiMWU4NGUxYWViNDZlNmQzMzZkMzlmNzUyYWU3MB4XDTIyMDEw
MTE0MDY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTIwNTg1ZGM2Mzhj
Y2Y5Mzg1YWU2NTk2YWFjNjBkZmVhNjc3NjUyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJgzr5pGqtVGUerzVcXe/p06JyWr6ilDL2wL089Sxw6sWYaq
ahVaKnKTPmJnbf8BJJAzy872LOlDoXOqDscb6Yno7TQVwqJMNUDf9I/KlsvDffa6
sqThGeSpnZhIBGqIvidXYrEqi5JHJmdzrWWJhUH8Py3v1exsuo5Mjzq4Hf05cFn9
lQdr81kupBLCIrt0K9DiNejbWd43EwDAKNWSt493GDX+BdD2tWtkjoSAU1PEkhl7
ADQLYIZnmoGQvc6vW5+aA9zMKqBNCUYYQGLrhbpp9tWI/IfsQLEO1dxnInGjZO57
4EdoZIOjxzx7xDtqM375hw46AQkMr7W9WcKtD1ECAwEAAaOCAo0wggKJMB0GA1Ud
DgQWBBSiBYXcY4zPk4WuZZaqxg3+pndlIDAfBgNVHSMEGDAWgBT1E2nMv4ax6E4a
60bm0zbTn3Uq5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlSTnB6TC1Hc2VoT0d1dEc1dE0yMDU5MUt1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5MC8x
L29nV0YzR09NejVPRnJtV1dxc1lOX3FaM1pTQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5MC8xLzlSTnB6TC1Hc2Vo
T0d1dEc1dE0yMDU5MUt1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ogYIKwYBBQUHAQcBAf8EgZIwgY8wfgQCAAEweAMEAh8OYAMEAyUiOAMEByVhgAME
A01IkAMEBVBFQAMEA1T3CAMEBVUKgAMEAlZp9AMEBVf9gAMEAlkpqAMEBF13AAME
BV+qQAMEA42KiAMEB5XSgAMEArkKMAMEArlscAMEArzwNAMEArzxlAMEAMMIwwME
AMOHwzANBAIAAjAHAwUAKgEHyDANBgkqhkiG9w0BAQsFAAOCAQEAZI5Rnc/+d9b8
Hn2QYJ7VZmqc1r6Yp1q85CP0l8gisNPRt0KpTtE2VObWbfRfBgJfdqAPT6MunoZ5
9mfeHTvu3rPQJT8vH+ZFTT9W1ivfUSg4jNMmDL5pKT8ZQadL3cs4e5XTZ6HT8dcJ
JC7gLk9fQpXw5ccW0HgXWVfMCfDxw/x/BuOGbU5FMP4bFIgITUaPiDO8ox/pn7bV
bwXEQ2E4OvpZW1kvY4v8XPDbH5JuP0ucUAPjDUSj3AbWgLRu2715suVPsd2elYms
jVrz5xa2D9jOcVyQIX3qJFLAXa9iVmPLpp2dyaFzm/2a7k7D62o7Nmlqouc0gTwp
gX0D5DTjtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org