Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/OOonDJfOHA12Mni8n1NtfyhhjKw.roa
File: OOonDJfOHA12Mni8n1NtfyhhjKw.roa (raw, json)
Hash identifier: MrvKTE1XuqNPzpUHIyQj1Vub4Id2wE+1t1Y7ZxZPPKY=
Subject key identifier: 38:EA:27:0C:97:CE:1C:0D:76:32:78:BC:9F:53:6D:7F:28:61:8C:AC
Certificate issuer: /CN=d476b006351a2f9cf2a91386de50ce27f1550595
Certificate serial: 041F56D4
Authority key identifier: D4:76:B0:06:35:1A:2F:9C:F2:A9:13:86:DE:50:CE:27:F1:55:05:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/OOonDJfOHA12Mni8n1NtfyhhjKw.roa
Signing time: Sat 01 Jan 2022 08:59:41 +0000
ROA not before: Sat 01 Jan 2022 08:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8586
IP address blocks: 178.239.96.0/20 maxlen: 24
195.12.0.0/19 maxlen: 24
164.40.208.0/20 maxlen: 24
195.74.128.0/19 maxlen: 24
212.58.32.0/19 maxlen: 24
185.13.140.0/22 maxlen: 24
84.252.192.0/18 maxlen: 24
146.255.0.0/20 maxlen: 24
213.83.64.0/18 maxlen: 24
94.250.224.0/20 maxlen: 24
62.8.96.0/19 maxlen: 24
5.102.80.0/20 maxlen: 24
37.152.32.0/20 maxlen: 24
213.246.128.0/18 maxlen: 24
2001:4160::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69162708 (0x41f56d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d476b006351a2f9cf2a91386de50ce27f1550595
Validity
Not Before: Jan 1 08:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38ea270c97ce1c0d763278bc9f536d7f28618cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:8b:98:75:fd:aa:d1:f7:02:88:33:e3:93:
16:e6:24:bd:49:01:89:c7:8b:97:d5:36:b8:20:59:
9a:be:84:ae:11:ec:53:11:97:d7:8c:33:62:9c:8e:
84:c2:f0:d5:4f:ed:26:33:b5:b9:c4:b2:2c:85:d0:
88:af:23:74:08:96:ed:a3:6e:2b:01:f8:f6:8c:1a:
81:ea:8c:ac:a3:e4:62:5e:19:19:76:14:cb:a7:87:
a5:34:fa:cc:db:41:a3:82:e5:20:fa:66:7b:14:61:
89:6f:c4:9f:89:04:5a:33:0e:ad:8f:46:ea:be:9c:
05:be:c7:10:77:b5:ed:af:8b:d4:22:3e:61:8a:57:
57:14:7c:68:a6:72:c9:02:69:e0:51:0b:94:76:43:
c8:56:94:9a:ff:92:88:1a:29:b1:9c:b6:55:b2:78:
64:ed:f1:36:31:4a:3c:bb:cf:a5:78:d2:50:9e:db:
58:c1:c9:7a:52:57:0f:c0:56:d4:50:3c:db:a9:f4:
d8:3e:0a:c4:78:29:06:ee:bc:cf:bd:06:6f:52:96:
d7:18:77:8e:94:18:57:80:48:d5:c7:6c:03:69:8a:
be:2d:7a:d1:1d:93:1e:ee:10:a4:78:d9:5e:ca:0d:
1d:b0:c5:45:ee:ac:6a:38:02:63:c6:b7:95:b4:f6:
69:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EA:27:0C:97:CE:1C:0D:76:32:78:BC:9F:53:6D:7F:28:61:8C:AC
X509v3 Authority Key Identifier:
keyid:D4:76:B0:06:35:1A:2F:9C:F2:A9:13:86:DE:50:CE:27:F1:55:05:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/OOonDJfOHA12Mni8n1NtfyhhjKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/1HawBjUaL5zyqROG3lDOJ_FVBZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.80.0/20
37.152.32.0/20
62.8.96.0/19
84.252.192.0/18
94.250.224.0/20
146.255.0.0/20
164.40.208.0/20
178.239.96.0/20
185.13.140.0/22
195.12.0.0/19
195.74.128.0/19
212.58.32.0/19
213.83.64.0/18
213.246.128.0/18
IPv6:
2001:4160::/32
Signature Algorithm: sha256WithRSAEncryption
a2:cd:68:d7:fe:0b:82:5b:3d:55:3f:6b:5e:ad:84:0f:7f:ce:
b9:80:79:3f:b9:5d:51:44:50:8e:d7:b7:26:d4:1a:d3:59:bc:
0f:10:98:a1:48:7e:98:8c:63:c1:0a:74:b2:49:fb:c6:2c:87:
4c:39:04:04:1d:02:1b:09:81:5c:1a:65:f8:a2:8d:68:d4:5b:
81:f2:eb:96:14:30:6e:e1:07:15:9c:65:59:80:f6:f6:55:a5:
bb:4a:c8:cf:4c:1e:0f:41:15:b7:d7:b5:e7:e9:04:e3:29:14:
aa:61:41:7d:f0:2f:b4:b5:ef:dd:3c:35:6d:87:da:6d:e9:72:
9f:bb:e4:2a:ed:64:6b:c3:88:a5:67:27:3a:c7:2f:a4:a7:44:
12:79:b5:97:1d:8d:c0:2b:4f:de:b3:e6:ae:b9:40:e5:c4:50:
57:ba:91:5a:c2:a8:94:82:26:83:42:ca:8a:cc:ee:51:89:12:
dc:85:2a:40:44:e2:94:2b:24:d1:f1:a2:66:07:0e:96:87:52:
5d:d2:36:ac:8a:5a:70:4d:b9:bd:19:ba:20:f3:0f:eb:c6:f7:
13:fd:cd:62:49:24:00:c1:dd:89:bc:d2:50:87:9a:56:40:d2:
81:77:50:3c:78:c1:10:53:6c:4f:8c:9c:a7:36:cb:45:2a:86:
eb:f3:eb:d8
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIEBB9W1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDc2YjAwNjM1MWEyZjljZjJhOTEzODZkZTUwY2UyN2YxNTUwNTk1MB4XDTIyMDEw
MTA4NTk0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhlYTI3MGM5N2Nl
MWMwZDc2MzI3OGJjOWY1MzZkN2YyODYxOGNhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0Ti5h1/arR9wKIM+OTFuYkvUkBiceLl9U2uCBZmr6ErhHs
UxGX14wzYpyOhMLw1U/tJjO1ucSyLIXQiK8jdAiW7aNuKwH49owageqMrKPkYl4Z
GXYUy6eHpTT6zNtBo4LlIPpmexRhiW/En4kEWjMOrY9G6r6cBb7HEHe17a+L1CI+
YYpXVxR8aKZyyQJp4FELlHZDyFaUmv+SiBopsZy2VbJ4ZO3xNjFKPLvPpXjSUJ7b
WMHJelJXD8BW1FA826n02D4KxHgpBu68z70Gb1KW1xh3jpQYV4BI1cdsA2mKvi16
0R2THu4QpHjZXsoNHbDFRe6sajgCY8a3lbT2aXECAwEAAaOCAmYwggJiMB0GA1Ud
DgQWBBQ46icMl84cDXYyeLyfU21/KGGMrDAfBgNVHSMEGDAWgBTUdrAGNRovnPKp
E4beUM4n8VUFlTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFIYXdCalVhTDV6eXFST0czbERPSl9GVkJaVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvNDYyMDdmLTdlMzQtNDI5Mi1iMTRhLTQ0YzA3ZjMxNDkwNC8x
L09Pb25ESmZPSEExMk1uaThuMU50ZnloaGpLdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
NDYyMDdmLTdlMzQtNDI5Mi1iMTRhLTQ0YzA3ZjMxNDkwNC8xLzFIYXdCalVhTDV6
eXFST0czbERPSl9GVkJaVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB8
BggrBgEFBQcBBwEB/wRtMGswWgQCAAEwVAMEBAVmUAMEBCWYIAMEBT4IYAMEBlT8
wAMEBF764AMEBJL/AAMEBKQo0AMEBLLvYAMEArkNjAMEBcMMAAMEBcNKgAMEBdQ6
IAMEBtVTQAMEBtX2gDANBAIAAjAHAwUAIAFBYDANBgkqhkiG9w0BAQsFAAOCAQEA
os1o1/4Lgls9VT9rXq2ED3/OuYB5P7ldUURQjte3JtQa01m8DxCYoUh+mIxjwQp0
skn7xiyHTDkEBB0CGwmBXBpl+KKNaNRbgfLrlhQwbuEHFZxlWYD29lWlu0rIz0we
D0EVt9e15+kE4ykUqmFBffAvtLXv3Tw1bYfabelyn7vkKu1ka8OIpWcnOscvpKdE
Enm1lx2NwCtP3rPmrrlA5cRQV7qRWsKolIImg0LKiszuUYkS3IUqQETilCsk0fGi
ZgcOlodSXdI2rIpacE25vRm6IPMP68b3E/3NYkkkAMHdibzSUIeaVkDSgXdQPHjB
EFNsT4ycpzbLRSqG6/Pr2A==
-----END CERTIFICATE-----
Generated at Tue Apr 15 05:21:44 2025 by rpki-client