Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/3Oy0At62pbz2ATb0a105Cw88tC4.roa
File: 3Oy0At62pbz2ATb0a105Cw88tC4.roa (raw, json)
Hash identifier: HknOytItVPWZ1a8jaExMRaLWQfopg7fHUIFbd6jUgl0=
Subject key identifier: DC:EC:B4:02:DE:B6:A5:BC:F6:01:36:F4:6B:5D:39:0B:0F:3C:B4:2E
Certificate issuer: /CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Certificate serial: 0877BBE6
Authority key identifier: 57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/3Oy0At62pbz2ATb0a105Cw88tC4.roa
Signing time: Sat 01 Jan 2022 06:55:33 +0000
ROA not before: Sat 01 Jan 2022 06:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12365
IP address blocks: 185.78.136.0/22 maxlen: 22
89.146.84.0/22 maxlen: 22
89.146.80.0/22 maxlen: 22
82.215.92.0/22 maxlen: 22
89.146.88.0/22 maxlen: 22
82.215.112.0/22 maxlen: 22
89.146.96.0/22 maxlen: 22
89.146.92.0/22 maxlen: 22
89.146.104.0/22 maxlen: 22
82.215.116.0/22 maxlen: 22
81.95.224.0/20 maxlen: 20
89.146.100.0/22 maxlen: 22
89.146.112.0/22 maxlen: 22
82.215.124.0/22 maxlen: 22
89.146.108.0/22 maxlen: 22
82.215.120.0/22 maxlen: 22
89.146.116.0/22 maxlen: 22
89.146.124.0/22 maxlen: 22
89.146.120.0/22 maxlen: 22
82.215.68.0/23 maxlen: 23
82.215.66.0/23 maxlen: 23
89.146.64.0/22 maxlen: 22
82.215.77.0/24 maxlen: 24
82.215.78.0/23 maxlen: 23
82.215.72.0/22 maxlen: 22
82.215.85.0/24 maxlen: 24
89.146.68.0/22 maxlen: 22
89.146.64.0/18 maxlen: 18
82.215.80.0/22 maxlen: 22
89.146.76.0/22 maxlen: 22
82.215.88.0/22 maxlen: 22
82.215.86.0/23 maxlen: 23
89.146.72.0/22 maxlen: 22
2a00:8841::/32 maxlen: 32
2a00:8840::/32 maxlen: 32
2a00:8842::/32 maxlen: 32
2a00:8846::/32 maxlen: 32
2a00:8843::/32 maxlen: 32
2a00:8844::/32 maxlen: 32
2a00:8845::/32 maxlen: 32
2a00:8847::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142064614 (0x877bbe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Validity
Not Before: Jan 1 06:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcecb402deb6a5bcf60136f46b5d390b0f3cb42e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d5:bb:e5:d3:b8:04:9f:a7:37:81:72:ec:99:
b8:cd:8f:fe:79:8d:14:e3:37:1c:81:3c:d9:41:72:
36:61:5a:7d:79:09:38:eb:35:e0:96:a1:f2:09:11:
ca:28:9b:c3:a0:95:3a:f5:2f:63:23:13:47:12:a9:
29:e6:db:c5:e6:f5:bd:96:86:7d:8c:f2:f1:c1:00:
1f:e5:28:aa:06:f1:8f:0f:bd:90:b3:69:e0:a4:a2:
6e:b8:0a:cb:79:a5:08:fd:0f:b6:fc:4c:dd:cd:90:
90:b8:06:6e:bb:23:de:45:ca:ad:63:51:54:77:a3:
e0:7e:5d:5a:f8:6a:ab:44:51:71:5f:07:16:59:cb:
59:31:40:22:61:bf:ed:58:5e:ed:57:55:7c:02:58:
f2:81:69:55:6a:f7:15:35:3e:fe:90:5a:81:0d:29:
1d:cd:1a:2f:ad:f4:e0:92:77:72:1a:da:9a:f0:89:
dc:d3:12:2a:b8:e1:ea:aa:dd:a9:2e:04:21:06:0d:
e7:20:0d:23:85:73:4d:77:ca:5a:70:95:1b:7b:42:
18:f1:53:ff:70:c5:f3:d6:98:e2:35:3f:12:fa:49:
a5:e3:f8:aa:ce:1e:96:b5:88:fa:e5:21:d2:3a:c5:
91:d6:12:75:ba:68:ff:5d:b3:8a:78:4b:53:4d:54:
01:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:EC:B4:02:DE:B6:A5:BC:F6:01:36:F4:6B:5D:39:0B:0F:3C:B4:2E
X509v3 Authority Key Identifier:
keyid:57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/3Oy0At62pbz2ATb0a105Cw88tC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/V0zKiZ71v0I38Pa90XeSIbIAUvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.224.0/20
82.215.66.0-82.215.69.255
82.215.72.0/22
82.215.77.0-82.215.83.255
82.215.85.0-82.215.95.255
82.215.112.0/20
89.146.64.0/18
185.78.136.0/22
IPv6:
2a00:8840::/29
Signature Algorithm: sha256WithRSAEncryption
31:2f:b2:ad:03:9b:dd:ae:46:b9:b3:1d:d3:1e:ea:d9:cd:ab:
27:6b:54:c5:32:d2:03:a4:a8:a9:05:5c:df:86:17:1d:29:a5:
ac:f2:78:8c:6f:48:80:55:a1:d8:0a:62:66:1e:0c:a8:5d:e0:
c5:b9:0c:ef:36:02:70:36:a6:db:e5:51:0b:4d:d4:49:44:61:
82:65:72:05:e8:bd:59:61:4a:94:e5:d1:8a:12:2b:02:06:a3:
45:07:f6:7c:60:f1:64:ff:1d:e6:48:d7:73:95:1b:78:3b:57:
a8:c2:2a:ae:9a:32:90:cc:46:34:d3:ec:68:59:c3:a9:d5:0b:
5c:a6:68:eb:6a:4e:6b:b0:0d:67:cc:ce:96:ea:42:a7:7c:04:
8e:0a:ec:83:34:cd:4d:24:97:64:2b:1f:4e:67:63:fe:ac:f7:
86:db:61:41:d9:b5:ee:d0:d7:01:92:f0:c5:6a:82:fe:e9:0d:
fd:20:8c:51:c3:4c:44:71:02:26:65:d9:e9:9e:01:9d:dd:ab:
3e:8f:20:32:e3:8e:b1:73:c9:80:50:23:d9:3e:7d:30:59:f7:
9b:bb:b9:24:9e:41:c6:11:51:6a:16:87:d9:a0:b6:93:70:ac:
8a:f2:19:b0:72:5a:d9:56:d1:c1:0b:1e:3d:56:3d:26:11:95:
17:4b:55:1f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIECHe75jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzRjY2E4OTllZjViZjQyMzdmMGY2YmRkMTc3OTIyMWIyMDA1MmYzMB4XDTIyMDEw
MTA2NTUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNlY2I0MDJkZWI2
YTViY2Y2MDEzNmY0NmI1ZDM5MGIwZjNjYjQyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3Vu+XTuASfpzeBcuyZuM2P/nmNFOM3HIE82UFyNmFafXkJ
OOs14Jah8gkRyiibw6CVOvUvYyMTRxKpKebbxeb1vZaGfYzy8cEAH+Uoqgbxjw+9
kLNp4KSibrgKy3mlCP0PtvxM3c2QkLgGbrsj3kXKrWNRVHej4H5dWvhqq0RRcV8H
FlnLWTFAImG/7Vhe7VdVfAJY8oFpVWr3FTU+/pBagQ0pHc0aL6304JJ3chramvCJ
3NMSKrjh6qrdqS4EIQYN5yANI4VzTXfKWnCVG3tCGPFT/3DF89aY4jU/EvpJpeP4
qs4elrWI+uUh0jrFkdYSdbpo/12zinhLU01UASUCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBTc7LQC3ralvPYBNvRrXTkLDzy0LjAfBgNVHSMEGDAWgBRXTMqJnvW/Qjfw
9r3Rd5IhsgBS8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1YwektpWjcxdjBJMzhQYTkwWGVTSWJJQVV2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvOTM4YWJkLTEwMTktNGU3YS1hYTgyLWVlMTEyNmEyODE5NS8x
LzNPeTBBdDYycGJ6MkFUYjBhMTA1Q3c4OHRDNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
OTM4YWJkLTEwMTktNGU3YS1hYTgyLWVlMTEyNmEyODE5NS8xL1YwektpWjcxdjBJ
MzhQYTkwWGVTSWJJQVV2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEBFFf4DAMAwQBUtdCAwQBUtdEAwQC
UtdIMAwDBABS100DBAJS11AwDAMEAFLXVQMEBVLXQAMEBFLXcAMEBlmSQAMEArlO
iDANBAIAAjAHAwUDKgCIQDANBgkqhkiG9w0BAQsFAAOCAQEAMS+yrQOb3a5GubMd
0x7q2c2rJ2tUxTLSA6SoqQVc34YXHSmlrPJ4jG9IgFWh2ApiZh4MqF3gxbkM7zYC
cDam2+VRC03USURhgmVyBei9WWFKlOXRihIrAgajRQf2fGDxZP8d5kjXc5UbeDtX
qMIqrpoykMxGNNPsaFnDqdULXKZo62pOa7ANZ8zOlupCp3wEjgrsgzTNTSSXZCsf
Tmdj/qz3htthQdm17tDXAZLwxWqC/ukN/SCMUcNMRHECJmXZ6Z4Bnd2rPo8gMuOO
sXPJgFAj2T59MFn3m7u5JJ5BxhFRahaH2aC2k3CsivIZsHJa2VbRwQsePVY9JhGV
F0tVHw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:42 2025 by rpki-client