Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/oJFTg76_xIXLdoAdyT6EDavXkgc.roa
File: oJFTg76_xIXLdoAdyT6EDavXkgc.roa (raw, json)
Hash identifier: UITdv1z2c/ng6VIyPXMO7tLd5sujOJWXvuVmE/9Es/E=
Subject key identifier: A0:91:53:83:BE:BF:C4:85:CB:76:80:1D:C9:3E:84:0D:AB:D7:92:07
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018A276A6A12371DF3577C528504226C5470
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/oJFTg76_xIXLdoAdyT6EDavXkgc.roa
Signing time: Thu 24 Aug 2023 11:59:59 +0000
ROA not before: Thu 24 Aug 2023 11:59:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8966
IP address blocks: 195.229.3.0/24 maxlen: 24
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.2.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
5.195.166.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.166.0/23 maxlen: 24
5.195.175.0/24 maxlen: 24
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
31.219.179.0/24 maxlen: 24
31.219.180.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
194.170.186.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:6a:6a:12:37:1d:f3:57:7c:52:85:04:22:6c:54:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Aug 24 11:59:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0915383bebfc485cb76801dc93e840dabd79207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e3:58:e1:06:8b:55:3a:80:a2:d1:19:9f:a9:
9d:df:fc:80:1f:68:ce:72:b5:dd:49:25:05:b1:65:
90:a8:59:88:8f:63:4c:91:f0:9f:14:c7:fa:cd:d3:
a2:fc:48:1d:83:b3:6d:3a:21:e5:39:5f:5d:7f:a3:
57:a1:22:1c:90:8f:4d:37:00:61:ed:f9:bd:27:3d:
e2:e9:fb:1c:0b:2a:c9:d6:61:96:61:87:87:de:41:
aa:be:3f:9c:77:c2:56:d7:16:df:85:d3:cd:9a:ec:
7a:11:78:b4:58:2f:d9:e8:04:a1:d6:9b:d4:b8:d7:
99:46:7b:ce:d0:2e:d2:73:0d:07:b8:2b:39:06:07:
77:ab:66:94:3a:fe:59:b4:2e:55:65:44:ff:56:fe:
d1:cf:51:be:ff:2a:b3:94:2a:db:c0:80:4e:c9:9e:
c0:ae:93:bc:ec:71:f7:88:5c:74:92:db:8e:84:8c:
cd:30:c9:ae:36:f0:c8:67:49:02:50:c6:1a:a8:7a:
5b:1a:ca:46:38:17:58:20:27:71:3c:70:cf:b7:0e:
cb:2e:88:46:b3:77:16:cf:e1:70:a8:52:73:9b:34:
13:fe:09:bc:b2:6a:8c:ec:a3:24:0c:44:fd:de:52:
82:e0:8c:40:45:7f:a7:10:cf:9f:fb:bd:aa:ac:af:
ec:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:91:53:83:BE:BF:C4:85:CB:76:80:1D:C9:3E:84:0D:AB:D7:92:07
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/oJFTg76_xIXLdoAdyT6EDavXkgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.166.0/23
5.195.173.0-5.195.175.255
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
31.219.179.0-31.219.180.255
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
23:19:01:75:57:24:ab:2a:22:86:54:78:a0:43:60:22:9e:0a:
25:c8:9f:e7:16:08:20:5c:6b:35:3c:82:a8:c1:29:f9:ce:ee:
04:1c:37:e9:be:18:a9:ab:0c:f7:71:6c:79:bc:c6:c6:91:97:
0f:f3:88:8a:83:56:89:ca:fc:96:8b:19:98:a4:76:70:7a:ca:
e6:c4:ee:6c:32:aa:de:7c:fc:1f:05:5e:91:a8:0f:71:f2:7a:
eb:3a:08:70:f1:31:9f:e5:8c:54:d6:b3:0b:5f:8d:f3:d3:12:
a4:a6:bb:8a:1c:e0:69:34:d7:86:7d:1d:f6:03:c8:88:8b:75:
18:df:8b:69:58:75:47:06:6d:2d:ed:c5:3a:26:6b:95:26:da:
9c:2f:b1:07:b5:42:75:c0:c0:76:ff:00:1e:50:70:f9:60:9c:
62:4f:a0:83:bc:fe:50:a8:af:90:15:44:d8:92:65:8f:63:43:
a8:50:27:81:fe:81:ba:d9:7a:da:b4:f9:03:f7:49:d0:ec:41:
62:62:9b:0c:96:b0:3f:da:c5:8d:61:e5:ca:c7:16:3d:db:1c:
3b:dd:90:94:58:3c:d0:4f:55:ac:b8:cf:93:5b:24:15:40:fc:
10:ee:6d:95:3f:f7:ae:46:af:d7:88:a7:c5:16:7a:de:25:ff:
2c:3c:05:9b
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYonamoSNx3zV3xShQQibFRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwODI0MTE1OTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkxNTM4M2JlYmZjNDg1Y2I3NjgwMWRjOTNlODQwZGFiZDc5MjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneNY4QaLVTqAotEZn6md3/yAH2jO
crXdSSUFsWWQqFmIj2NMkfCfFMf6zdOi/Egdg7NtOiHlOV9df6NXoSIckI9NNwBh
7fm9Jz3i6fscCyrJ1mGWYYeH3kGqvj+cd8JW1xbfhdPNmux6EXi0WC/Z6ASh1pvU
uNeZRnvO0C7Scw0HuCs5Bgd3q2aUOv5ZtC5VZUT/Vv7Rz1G+/yqzlCrbwIBOyZ7A
rpO87HH3iFx0ktuOhIzNMMmuNvDIZ0kCUMYaqHpbGspGOBdYICdxPHDPtw7LLohG
s3cWz+FwqFJzmzQT/gm8smqM7KMkDET93lKC4IxARX+nEM+f+72qrK/sNwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFKCRU4O+v8SFy3aAHck+hA2r15IHMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvb0pGVGc3Nl94SVhMZG9BZHlUNkVEYXZYa2djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQBBcOmMAwD
BAAFw60DBAQFw6ADBAAFw9ADBAAFw98DBAAf27EwDAMEAB/bswMEAB/btAMEAMKq
ugMEBcPlAAMEAMPlIjANBAIAAjAHAwUAIAEI+DANBgkqhkiG9w0BAQsFAAOCAQEA
IxkBdVckqyoihlR4oENgIp4KJcif5xYIIFxrNTyCqMEp+c7uBBw36b4YqasM93Fs
ebzGxpGXD/OIioNWicr8losZmKR2cHrK5sTubDKq3nz8HwVekagPcfJ66zoIcPEx
n+WMVNazC1+N89MSpKa7ihzgaTTXhn0d9gPIiIt1GN+LaVh1RwZtLe3FOiZrlSba
nC+xB7VCdcDAdv8AHlBw+WCcYk+gg7z+UKivkBVE2JJlj2NDqFAngf6Butl62rT5
A/dJ0OxBYmKbDJawP9rFjWHlyscWPdscO92QlFg80E9VrLjPk1skFUD8EO5tlT/3
rkav14inxRZ63iX/LDwFmw==
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:55:06 2025 by rpki-client