Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/O5e0KTcewsJfq3B400cbocL5wkg.roa
File: O5e0KTcewsJfq3B400cbocL5wkg.roa (raw, json)
Hash identifier: vk8mzJVpAvaiEoIj9E/LsR9Lv9gq84JC5l33VjlvBw4=
Subject key identifier: 3B:97:B4:29:37:1E:C2:C2:5F:AB:70:78:D3:47:1B:A1:C2:F9:C2:48
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 018866CFF515FFF0789C8CAC57458B44A425
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/O5e0KTcewsJfq3B400cbocL5wkg.roa
Signing time: Mon 29 May 2023 09:21:24 +0000
ROA not before: Mon 29 May 2023 09:21:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203593
IP address blocks: 185.129.253.0/24 maxlen: 24
185.129.252.0/24 maxlen: 24
185.129.254.0/24 maxlen: 24
185.129.255.0/24 maxlen: 24
213.244.52.0/24 maxlen: 24
213.244.63.0/24 maxlen: 24
213.244.35.0/24 maxlen: 24
213.244.32.0/24 maxlen: 24
213.244.33.0/24 maxlen: 24
213.244.38.0/24 maxlen: 24
213.244.36.0/24 maxlen: 24
213.244.37.0/24 maxlen: 24
213.244.41.0/24 maxlen: 24
157.97.163.0/24 maxlen: 24
213.244.42.0/24 maxlen: 24
213.244.40.0/24 maxlen: 24
213.244.48.0/22 maxlen: 22
193.254.202.0/24 maxlen: 24
193.254.203.0/24 maxlen: 24
2a06:d680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:cf:f5:15:ff:f0:78:9c:8c:ac:57:45:8b:44:a4:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: May 29 09:21:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b97b429371ec2c25fab7078d3471ba1c2f9c248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e8:38:15:b3:72:d1:9a:6f:bd:e8:ef:c2:7c:
2a:fa:e9:f7:97:bc:e5:57:3b:67:50:ec:eb:ec:8c:
55:c0:ae:3c:de:4c:d1:8e:76:59:2a:63:e3:0e:7d:
06:34:b1:ac:e7:c4:37:d8:e4:8e:ce:3a:92:b0:c1:
a8:78:e0:1c:47:9d:bd:9a:03:d7:54:ab:aa:bb:f5:
de:16:94:97:12:d9:6c:56:84:c7:03:16:4a:5a:4b:
2f:c6:92:d7:cf:29:97:b8:ef:6a:44:7f:2b:7c:48:
b9:31:a9:9b:bd:9b:86:d8:e8:d6:f7:b6:af:b5:d9:
84:6a:95:a8:5a:be:0f:56:02:b4:1d:19:bd:d3:af:
2c:35:f7:1a:91:55:c8:9c:a1:79:c8:fa:fd:d9:9a:
3d:c5:34:7c:19:f2:d9:8a:86:91:57:f4:e9:6a:fb:
8e:0e:9a:52:13:98:f7:0b:55:fa:1f:cc:f8:27:62:
52:b9:36:cd:2f:e4:1d:f9:62:7b:f3:12:b3:04:6d:
99:79:ce:42:80:93:53:e1:b9:c8:70:f6:61:69:45:
17:82:ca:9f:48:15:ff:31:b2:16:66:22:ed:3c:3a:
c0:86:1c:40:28:d7:b6:ea:77:63:4a:ea:12:40:eb:
df:2e:52:b0:2f:b9:ae:90:56:ae:db:60:18:de:39:
c1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:97:B4:29:37:1E:C2:C2:5F:AB:70:78:D3:47:1B:A1:C2:F9:C2:48
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/O5e0KTcewsJfq3B400cbocL5wkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.163.0/24
185.129.252.0/22
193.254.202.0/23
213.244.32.0/23
213.244.35.0-213.244.38.255
213.244.40.0-213.244.42.255
213.244.48.0-213.244.52.255
213.244.63.0/24
IPv6:
2a06:d680::/29
Signature Algorithm: sha256WithRSAEncryption
1f:77:b4:a1:6f:cb:27:76:6f:60:2c:3c:ce:5e:64:30:bf:2e:
32:b1:66:e0:61:99:89:02:d7:7e:06:73:1b:0c:a0:7b:ca:56:
c5:51:6f:40:1b:0d:7a:aa:90:59:34:56:8f:b1:7e:15:f7:ea:
44:f9:86:0c:a5:15:eb:34:be:00:c8:7e:3b:c6:f2:be:85:9a:
72:95:bd:96:c8:bb:f2:7f:c6:11:d1:ea:94:14:7c:32:9a:f3:
fc:81:a0:83:67:5d:7b:f1:92:66:43:63:7a:f8:ea:d4:11:9b:
18:9e:8b:1d:57:ac:09:1c:89:b5:be:0a:6f:65:32:d7:e6:b7:
5a:36:c6:3b:91:41:e2:78:d2:30:dc:29:e5:c0:8f:2c:71:87:
7e:7a:88:8a:35:f9:37:7a:79:4a:18:4e:22:8b:41:51:e2:f8:
a1:14:ad:3b:a1:a6:1c:d3:fa:cd:65:9a:d9:d3:51:f2:81:75:
d8:68:a7:b4:6e:94:8a:3a:50:fc:5a:ce:28:6b:c1:81:94:c1:
a1:d0:23:1c:d4:07:e5:02:b9:f6:84:7f:d4:94:02:4b:a6:7e:
f1:1d:b6:d2:8e:77:20:b2:61:51:03:65:8d:1f:97:1e:8d:bb:
c0:16:52:a3:b1:36:2e:72:d2:71:1f:2c:bd:7b:4b:33:fb:8d:
8f:ee:71:28
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYhmz/UV//B4nIysV0WLRKQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjMwNTI5MDkyMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjk3YjQyOTM3MWVjMmMyNWZhYjcwNzhkMzQ3MWJhMWMyZjljMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoug4FbNy0Zpvvejvwnwq+un3l7zl
VztnUOzr7IxVwK483kzRjnZZKmPjDn0GNLGs58Q32OSOzjqSsMGoeOAcR529mgPX
VKuqu/XeFpSXEtlsVoTHAxZKWksvxpLXzymXuO9qRH8rfEi5MambvZuG2OjW97av
tdmEapWoWr4PVgK0HRm9068sNfcakVXInKF5yPr92Zo9xTR8GfLZioaRV/TpavuO
DppSE5j3C1X6H8z4J2JSuTbNL+Qd+WJ78xKzBG2Zec5CgJNT4bnIcPZhaUUXgsqf
SBX/MbIWZiLtPDrAhhxAKNe26ndjSuoSQOvfLlKwL7mukFau22AY3jnB5wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDuXtCk3HsLCX6tweNNHG6HC+cJIMB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvTzVlMEtUY2V3c0pmcTNCNDAwY2JvY0w1d2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAnWGjAwQC
uYH8AwQBwf7KAwQB1fQgMAwDBADV9CMDBADV9CYwDAMEA9X0KAMEANX0KjAMAwQE
1fQwAwQA1fQ0AwQA1fQ/MA0EAgACMAcDBQMqBtaAMA0GCSqGSIb3DQEBCwUAA4IB
AQAfd7Shb8sndm9gLDzOXmQwvy4ysWbgYZmJAtd+BnMbDKB7ylbFUW9AGw16qpBZ
NFaPsX4V9+pE+YYMpRXrNL4AyH47xvK+hZpylb2WyLvyf8YR0eqUFHwymvP8gaCD
Z1178ZJmQ2N6+OrUEZsYnosdV6wJHIm1vgpvZTLX5rdaNsY7kUHieNIw3CnlwI8s
cYd+eoiKNfk3enlKGE4ii0FR4vihFK07oaYc0/rNZZrZ01HygXXYaKe0bpSKOlD8
Ws4oa8GBlMGh0CMc1AflArn2hH/UlAJLpn7xHbbSjncgsmFRA2WNH5cejbvAFlKj
sTYuctJxHyy9e0sz+42P7nEo
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:42:37 2025 by rpki-client