Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/0QDGHrT3y3mE7DrJo5jF9KlOavM.roa
File: 0QDGHrT3y3mE7DrJo5jF9KlOavM.roa (raw, json)
Hash identifier: inJJAu2rBA6/8YDTVpA9zbmrHskHkrJuR363RgXYdLI=
Subject key identifier: D1:00:C6:1E:B4:F7:CB:79:84:EC:3A:C9:A3:98:C5:F4:A9:4E:6A:F3
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 05938F41
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/0QDGHrT3y3mE7DrJo5jF9KlOavM.roa
Signing time: Sat 01 Jan 2022 07:03:55 +0000
ROA not before: Sat 01 Jan 2022 07:03:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5606
IP address blocks: 176.223.114.0/24 maxlen: 24
92.114.3.0/24 maxlen: 24
92.114.2.0/24 maxlen: 24
93.174.160.0/24 maxlen: 24
84.247.23.0/24 maxlen: 24
93.174.167.0/24 maxlen: 24
188.240.0.0/24 maxlen: 24
185.220.184.0/24 maxlen: 24
185.220.186.0/24 maxlen: 24
185.220.185.0/24 maxlen: 24
45.67.39.0/24 maxlen: 24
193.200.63.0/24 maxlen: 24
193.200.62.0/24 maxlen: 24
45.82.28.0/23 maxlen: 23
188.241.73.0/24 maxlen: 24
188.241.74.0/23 maxlen: 23
193.16.144.0/24 maxlen: 24
45.67.36.0/24 maxlen: 24
45.67.38.0/24 maxlen: 24
31.14.21.0/24 maxlen: 24
45.14.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93556545 (0x5938f41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 07:03:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d100c61eb4f7cb7984ec3ac9a398c5f4a94e6af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0a:07:28:69:de:7e:aa:13:95:53:94:50:18:
97:72:ee:ed:f2:8e:b9:12:a9:80:32:7e:c2:44:2f:
65:c1:c4:8c:c7:8c:1d:34:bc:7d:97:d5:ea:ef:92:
17:19:a6:45:64:dd:b9:20:e2:f0:84:8f:74:2f:a5:
98:1d:69:1f:5f:1a:d5:0b:69:2b:fe:89:68:70:b9:
cb:92:e5:a4:4c:00:7d:14:46:56:7c:fc:31:e6:1f:
c5:ea:93:8d:47:ae:3e:02:68:52:ac:16:ef:8e:e1:
bc:fe:26:8f:f9:c8:b2:4b:a3:c6:88:3a:84:97:75:
50:08:d2:56:33:b7:88:9a:a4:0b:bd:82:92:41:5d:
c8:f6:70:98:a7:a8:2a:11:d4:17:13:41:3a:36:10:
f2:2c:5d:f3:ab:73:ae:04:5b:a5:3e:7f:24:b0:dd:
4f:7a:a4:ba:2a:50:e3:1e:4a:a8:21:de:b8:37:ee:
70:31:9e:f0:da:2c:5d:c1:bb:be:75:af:43:09:3a:
f2:5c:25:3c:93:99:2d:b3:f8:dc:f4:84:3a:12:e8:
2b:23:72:dc:0b:85:93:95:f8:51:cb:a6:5a:de:4a:
9f:74:da:48:8f:3b:8c:e4:c4:ea:7c:d9:b1:f1:f5:
43:86:f6:c6:df:d5:ba:82:3c:64:f5:5e:51:7f:d3:
da:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:00:C6:1E:B4:F7:CB:79:84:EC:3A:C9:A3:98:C5:F4:A9:4E:6A:F3
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/0QDGHrT3y3mE7DrJo5jF9KlOavM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.21.0/24
45.14.238.0/24
45.67.36.0/24
45.67.38.0/23
45.82.28.0/23
84.247.23.0/24
92.114.2.0/23
93.174.160.0/24
93.174.167.0/24
176.223.114.0/24
185.220.184.0-185.220.186.255
188.240.0.0/24
188.241.73.0-188.241.75.255
193.16.144.0/24
193.200.62.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:5f:ac:29:0a:5b:43:5a:3c:13:61:c2:21:61:24:ea:47:15:
40:28:16:04:50:52:09:a4:64:8a:bb:a2:6c:79:7d:d2:f8:19:
b8:11:9d:12:45:bd:e4:13:15:b9:dd:04:31:a6:c6:d4:e8:0f:
de:68:20:7e:71:ce:e6:38:a7:f9:cb:71:5d:5f:7d:58:3e:6c:
e2:2d:70:b0:2c:21:42:d4:12:f3:d1:ae:99:9c:79:58:13:37:
73:5e:37:57:35:1c:5c:e9:7d:47:18:d2:d3:62:ef:7a:98:83:
21:20:88:99:40:31:28:61:a3:d0:24:5a:b6:c5:ac:d9:da:a0:
91:2a:91:a8:85:d7:b1:b2:78:4b:9a:01:be:01:93:2a:a8:c1:
db:92:9b:bc:b9:9e:66:28:ee:57:f0:23:6b:df:92:3d:ad:88:
a2:20:37:86:a6:e7:92:d0:57:d9:c8:de:3c:11:af:d3:e5:2b:
db:30:23:66:2d:61:e8:23:2d:a0:57:30:db:b4:83:60:b2:e5:
e2:e7:5d:ca:03:17:17:39:86:42:30:77:6c:40:cb:98:00:60:
09:a6:9b:38:34:77:01:94:a6:c4:2f:ef:20:f5:76:68:43:74:
c9:b1:1c:a5:97:c6:c1:47:cb:8b:99:2d:66:e6:72:95:04:97:
5e:10:46:af
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIEBZOPQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2VmNThkNGNmYTM1NTQzZjg0ODhhMjc1NmU2OTI0ZTY0N2I0NTg5MB4XDTIyMDEw
MTA3MDM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDEwMGM2MWViNGY3
Y2I3OTg0ZWMzYWM5YTM5OGM1ZjRhOTRlNmFmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwKByhp3n6qE5VTlFAYl3Lu7fKOuRKpgDJ+wkQvZcHEjMeM
HTS8fZfV6u+SFxmmRWTduSDi8ISPdC+lmB1pH18a1QtpK/6JaHC5y5LlpEwAfRRG
Vnz8MeYfxeqTjUeuPgJoUqwW747hvP4mj/nIskujxog6hJd1UAjSVjO3iJqkC72C
kkFdyPZwmKeoKhHUFxNBOjYQ8ixd86tzrgRbpT5/JLDdT3qkuipQ4x5KqCHeuDfu
cDGe8NosXcG7vnWvQwk68lwlPJOZLbP43PSEOhLoKyNy3AuFk5X4UcumWt5Kn3Ta
SI87jOTE6nzZsfH1Q4b2xt/VuoI8ZPVeUX/T2t8CAwEAAaOCAm4wggJqMB0GA1Ud
DgQWBBTRAMYetPfLeYTsOsmjmMX0qU5q8zAfBgNVHSMEGDAWgBTc71jUz6NVQ/hI
iidW5pJOZHtFiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNPOVkxTS1qVlVQNFNJb25WdWFTVG1SN1JZay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8x
LzBRREdIclQzeTNtRTdEckpvNWpGOUtsT2F2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8xLzNPOVkxTS1qVlVQ
NFNJb25WdWFTVG1SN1JZay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gwYIKwYBBQUHAQcBAf8EdDByMHAEAgABMGoDBAAfDhUDBAAtDu4DBAAtQyQDBAEt
QyYDBAEtUhwDBABU9xcDBAFccgIDBABdrqADBABdrqcDBACw33IwDAMEA7ncuAME
ALncugMEALzwADAMAwQAvPFJAwQCvPFIAwQAwRCQAwQBwcg+MA0GCSqGSIb3DQEB
CwUAA4IBAQC/X6wpCltDWjwTYcIhYSTqRxVAKBYEUFIJpGSKu6JseX3S+Bm4EZ0S
Rb3kExW53QQxpsbU6A/eaCB+cc7mOKf5y3FdX31YPmziLXCwLCFC1BLz0a6ZnHlY
EzdzXjdXNRxc6X1HGNLTYu96mIMhIIiZQDEoYaPQJFq2xazZ2qCRKpGohdexsnhL
mgG+AZMqqMHbkpu8uZ5mKO5X8CNr35I9rYiiIDeGpueS0FfZyN48Ea/T5SvbMCNm
LWHoIy2gVzDbtINgsuXi513KAxcXOYZCMHdsQMuYAGAJpps4NHcBlKbEL+8g9XZo
Q3TJsRyll8bBR8uLmS1m5nKVBJdeEEav
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:54 2023 by rpki-client on console-ams.rpki-client.org