Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/oYZK-USXvcz-PT8ySrj4r_0-Ook.roa
File: oYZK-USXvcz-PT8ySrj4r_0-Ook.roa (raw, json)
Hash identifier: /D8U7P8fLuFEU5ik1YXlksZLjJkKnL5rZotVXbnBXSo=
Subject key identifier: A1:86:4A:F9:44:97:BD:CC:FE:3D:3F:32:4A:B8:F8:AF:FD:3E:3A:89
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 0183EC3BED82185DDE4F9B5ED4DA1D3A8804
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/oYZK-USXvcz-PT8ySrj4r_0-Ook.roa
Signing time: Tue 18 Oct 2022 17:54:53 +0000
ROA not before: Tue 18 Oct 2022 17:54:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31034
IP address blocks: 5.249.128.0/19 maxlen: 24
195.231.0.0/17 maxlen: 24
185.58.116.0/22 maxlen: 24
185.58.120.0/22 maxlen: 24
217.61.0.0/18 maxlen: 24
94.177.192.0/18 maxlen: 24
89.46.104.0/21 maxlen: 24
95.110.128.0/17 maxlen: 24
31.14.128.0/20 maxlen: 24
31.11.32.0/21 maxlen: 24
77.81.224.0/20 maxlen: 24
89.46.64.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
94.177.160.0/19 maxlen: 24
89.46.192.0/21 maxlen: 24
62.149.128.0/17 maxlen: 24
185.56.8.0/22 maxlen: 24
80.211.0.0/16 maxlen: 24
194.182.110.0/23 maxlen: 24
188.213.160.0/20 maxlen: 24
176.107.144.0/20 maxlen: 24
80.73.224.0/20 maxlen: 24
89.36.208.0/22 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ec:3b:ed:82:18:5d:de:4f:9b:5e:d4:da:1d:3a:88:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Oct 18 17:54:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1864af94497bdccfe3d3f324ab8f8affd3e3a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ba:1b:d4:35:34:1d:21:b7:dd:40:54:d8:88:
92:44:82:15:02:58:35:6c:fa:f9:66:cd:87:54:38:
46:cc:ba:55:59:af:bc:da:ea:fe:d5:fa:9c:f9:86:
19:2c:f3:80:21:2b:8c:ce:90:6c:d1:e3:96:2f:3f:
99:cb:9a:1f:ae:d0:ab:21:18:f2:29:d0:81:88:be:
4e:df:d3:76:8a:40:73:63:2e:bc:5d:2a:e0:02:86:
66:81:86:14:20:ca:86:79:f6:56:14:f8:ef:10:a3:
e1:bf:bb:ab:6e:7f:bb:41:27:e3:b6:56:bf:b2:9f:
80:da:67:42:6a:3e:b4:4f:1f:dc:5d:2c:1c:7d:a0:
56:01:f7:ec:aa:d7:c9:85:69:00:3b:93:45:17:f9:
20:18:e2:90:9c:e2:9f:95:6e:53:27:9c:bd:52:50:
5f:91:4d:e7:ee:b4:02:32:37:d3:e9:a7:76:9f:67:
65:7f:57:47:7e:b7:33:c6:5b:d1:b9:7b:d4:30:31:
8a:76:bd:1f:bd:fc:19:c0:29:d1:40:a8:2c:89:d2:
20:e5:4b:5f:f4:9d:82:ce:0e:09:c4:ae:91:bf:1e:
c4:b9:62:46:43:34:03:1e:57:09:42:93:40:22:9c:
84:92:3b:c1:ae:91:9b:82:77:60:db:cc:20:6a:5a:
f5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:86:4A:F9:44:97:BD:CC:FE:3D:3F:32:4A:B8:F8:AF:FD:3E:3A:89
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/oYZK-USXvcz-PT8ySrj4r_0-Ook.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
77.81.224.0/20
80.73.224.0/20
80.211.0.0/16
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/20
185.56.8.0/22
185.58.116.0-185.58.123.255
188.213.160.0/20
194.182.110.0/23
195.231.0.0/17
217.61.0.0/18
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
51:da:7d:03:a5:7d:1b:85:e0:b0:7c:0b:f7:31:17:d7:d6:15:
cf:09:bf:3e:6e:ac:2d:85:ac:79:92:eb:af:77:33:95:fc:49:
01:3c:b7:1b:eb:76:fd:fa:a5:4e:81:93:7d:ba:78:bf:a7:c5:
c4:cf:7b:e5:3d:4b:ab:2b:23:ec:26:6b:b5:a4:9f:23:d0:a5:
57:8b:18:d7:86:53:53:d0:38:7b:94:e3:83:ef:1e:c9:3e:35:
cf:d3:67:a6:b9:96:f2:51:77:79:96:a8:39:b0:e9:c5:95:19:
65:b8:73:4b:24:85:71:ad:24:62:bf:7e:66:5a:80:36:57:c7:
5f:2f:ea:fe:8d:36:6c:03:18:11:ec:ab:08:27:dd:9a:95:7c:
fa:a1:3b:cc:91:6d:d7:f4:60:66:dc:48:5d:98:28:9a:85:58:
1e:74:45:05:cc:19:6e:40:86:cd:e0:3d:c6:ee:f8:f8:f6:a2:
73:03:c4:75:39:0e:55:7d:c8:89:3f:40:33:f0:5b:c1:5f:bc:
9a:ab:06:73:b6:fd:7f:43:22:eb:90:8f:5a:9e:41:19:e4:18:
91:7d:28:5b:3b:6d:58:25:3e:3e:ef:c9:78:94:4b:66:b4:36:
e4:a3:26:cf:9c:aa:c6:49:a4:cf:fa:20:8d:3d:be:6d:00:5b:
f9:df:b1:39
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYPsO+2CGF3eT5te1NodOogEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjIxMDE4MTc1NDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTg2NGFmOTQ0OTdiZGNjZmUzZDNmMzI0YWI4ZjhhZmZkM2UzYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbob1DU0HSG33UBU2IiSRIIVAlg1
bPr5Zs2HVDhGzLpVWa+82ur+1fqc+YYZLPOAISuMzpBs0eOWLz+Zy5ofrtCrIRjy
KdCBiL5O39N2ikBzYy68XSrgAoZmgYYUIMqGefZWFPjvEKPhv7urbn+7QSfjtla/
sp+A2mdCaj60Tx/cXSwcfaBWAffsqtfJhWkAO5NFF/kgGOKQnOKflW5TJ5y9UlBf
kU3n7rQCMjfT6ad2n2dlf1dHfrczxlvRuXvUMDGKdr0fvfwZwCnRQKgsidIg5Utf
9J2Czg4JxK6Rvx7EuWJGQzQDHlcJQpNAIpyEkjvBrpGbgndg28wgalr1oQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFKGGSvlEl73M/j0/Mkq4+K/9PjqJMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvb1laSy1VU1h2Y3otUFQ4eVNyajRyXzAtT29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBARNUeADBARQSeADAwBQ0wMEAlkk
0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdfboADBASwa5ADBAK5
OAgwDAMEArk6dAMEArk6eAMEBLzVoAMEAcK2bgMEB8PnAAMEBtk9ADANBAIAAjAH
AwUDKgBtQDANBgkqhkiG9w0BAQsFAAOCAQEAUdp9A6V9G4XgsHwL9zEX19YVzwm/
Pm6sLYWseZLrr3czlfxJATy3G+t2/fqlToGTfbp4v6fFxM975T1Lqysj7CZrtaSf
I9ClV4sY14ZTU9A4e5Tjg+8eyT41z9NnprmW8lF3eZaoObDpxZUZZbhzSySFca0k
Yr9+ZlqANlfHXy/q/o02bAMYEeyrCCfdmpV8+qE7zJFt1/RgZtxIXZgomoVYHnRF
BcwZbkCGzeA9xu74+PaicwPEdTkOVX3IiT9AM/BbwV+8mqsGc7b9f0Mi65CPWp5B
GeQYkX0oWzttWCU+Pu/JeJRLZrQ25KMmz5yqxkmkz/ogjT2+bQBb+d+xOQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-ams.rpki-client.org