Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/256fab-de97-4679-a465-b96d6714a174/1/ObH001XvKF0Ltw5AvHF9Qu7SU3g.roa
File: ObH001XvKF0Ltw5AvHF9Qu7SU3g.roa (raw, json)
Hash identifier: x/TgjOBMzWr1HwSp0VUir4qvkR9Xgd7YBBYlz0ngsNA=
Subject key identifier: 39:B1:F4:D3:55:EF:28:5D:0B:B7:0E:40:BC:71:7D:42:EE:D2:53:78
Certificate issuer: /CN=c1e2464dd6d042309515f7e5b64ea65c089b4616
Certificate serial: 4119E7F1
Authority key identifier: C1:E2:46:4D:D6:D0:42:30:95:15:F7:E5:B6:4E:A6:5C:08:9B:46:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/weJGTdbQQjCVFffltk6mXAibRhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/256fab-de97-4679-a465-b96d6714a174/1/ObH001XvKF0Ltw5AvHF9Qu7SU3g.roa
Signing time: Sat 01 Jan 2022 06:03:14 +0000
ROA not before: Sat 01 Jan 2022 06:03:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198736
IP address blocks: 131.117.184.0/21 maxlen: 21
77.232.168.0/21 maxlen: 21
149.255.120.0/21 maxlen: 21
77.111.238.0/23 maxlen: 23
77.111.237.0/24 maxlen: 24
77.111.236.0/24 maxlen: 24
185.7.244.0/22 maxlen: 22
82.163.232.0/22 maxlen: 22
82.163.128.0/22 maxlen: 22
95.141.160.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1092216817 (0x4119e7f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1e2464dd6d042309515f7e5b64ea65c089b4616
Validity
Not Before: Jan 1 06:03:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39b1f4d355ef285d0bb70e40bc717d42eed25378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:77:57:93:8e:af:9d:52:ca:57:d7:c6:6e:74:
73:d4:c1:35:ea:83:84:d6:05:c9:f7:75:03:47:53:
23:a1:5d:23:27:c9:c3:f5:28:1f:07:ac:1e:19:f0:
1f:58:bb:6c:d8:53:a6:a1:1d:a8:6c:a9:86:f6:c9:
9a:1a:d8:b1:36:70:19:80:a3:fd:36:e6:1a:33:fa:
d6:95:0e:40:a5:39:c8:97:2d:81:f6:8d:99:a1:05:
b3:f7:98:d3:2b:37:f7:61:d3:cb:f0:bd:24:2f:35:
2b:3d:64:4b:3f:72:db:3d:9f:56:ca:ea:7c:43:72:
66:70:14:18:40:9c:d0:9e:9b:f5:59:8e:76:f9:fe:
e9:a9:fe:9d:5b:bc:2e:96:ba:53:b7:cf:59:5b:a4:
96:7f:9b:11:45:71:79:33:c2:67:ea:e3:43:6a:02:
8c:4e:c0:8a:19:9f:c9:c0:bf:ad:47:c9:fe:57:a0:
3c:06:03:46:24:0c:9b:cc:1f:e7:35:ce:c3:64:e5:
ff:9d:c7:53:7c:66:4c:af:e3:0e:07:a0:9d:d2:e6:
d7:3a:d5:62:9e:c0:04:98:85:77:4d:3c:38:3f:6e:
63:2b:a6:d1:27:03:f7:ad:b1:82:4a:95:e7:b5:88:
19:0f:b5:d7:e2:d2:4d:29:68:f6:9b:bf:e6:9d:06:
44:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B1:F4:D3:55:EF:28:5D:0B:B7:0E:40:BC:71:7D:42:EE:D2:53:78
X509v3 Authority Key Identifier:
keyid:C1:E2:46:4D:D6:D0:42:30:95:15:F7:E5:B6:4E:A6:5C:08:9B:46:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/weJGTdbQQjCVFffltk6mXAibRhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/256fab-de97-4679-a465-b96d6714a174/1/ObH001XvKF0Ltw5AvHF9Qu7SU3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/256fab-de97-4679-a465-b96d6714a174/1/weJGTdbQQjCVFffltk6mXAibRhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.236.0/22
77.232.168.0/21
82.163.128.0/22
82.163.232.0/22
95.141.160.0/20
131.117.184.0/21
149.255.120.0/21
185.7.244.0/22
Signature Algorithm: sha256WithRSAEncryption
49:b4:6b:b3:a7:f8:15:2b:6c:2b:14:a7:3d:53:3f:f4:b5:e0:
0b:41:fd:ab:86:87:48:ba:a7:dd:c0:c0:3e:79:38:b1:fd:7e:
1a:0c:29:bf:5a:50:20:29:d8:05:2c:7b:ad:1a:cc:86:4c:21:
e4:c1:de:35:f8:0c:bb:6f:2b:32:b8:6f:db:49:47:48:75:ef:
47:df:31:fb:21:1a:4e:d8:8f:a5:68:5a:e8:5a:f7:84:1f:75:
a6:62:0b:9a:d9:bb:7d:85:88:e6:b5:5b:7c:a6:41:85:46:22:
02:b7:5a:7e:48:bc:88:aa:f8:82:e6:b2:ca:f3:1e:13:01:69:
d9:55:99:3f:26:cd:22:28:b5:8c:4f:14:38:d7:5f:5b:9e:cb:
bc:ed:eb:07:c4:08:33:3e:96:21:c1:0e:e7:2b:4a:b3:84:f3:
44:5b:77:77:4c:40:30:0a:75:e9:fc:bd:86:a7:97:c0:da:6b:
1f:9f:7b:04:1a:a9:b8:54:d0:4e:13:8a:f1:2a:b9:2f:f8:6d:
0f:e1:c0:4d:dd:81:39:33:6d:70:b4:05:db:2f:34:07:dd:5e:
8d:3b:81:ce:fe:b0:56:26:65:9d:9c:06:a3:5b:ba:87:18:a7:
ec:2d:b3:74:9a:a8:94:d3:4a:41:c5:d6:c4:a7:a7:df:1e:a6:
e0:22:59:2c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEQRnn8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWUyNDY0ZGQ2ZDA0MjMwOTUxNWY3ZTViNjRlYTY1YzA4OWI0NjE2MB4XDTIyMDEw
MTA2MDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzliMWY0ZDM1NWVm
Mjg1ZDBiYjcwZTQwYmM3MTdkNDJlZWQyNTM3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAId3V5OOr51SylfXxm50c9TBNeqDhNYFyfd1A0dTI6FdIyfJ
w/UoHwesHhnwH1i7bNhTpqEdqGyphvbJmhrYsTZwGYCj/TbmGjP61pUOQKU5yJct
gfaNmaEFs/eY0ys392HTy/C9JC81Kz1kSz9y2z2fVsrqfENyZnAUGECc0J6b9VmO
dvn+6an+nVu8Lpa6U7fPWVukln+bEUVxeTPCZ+rjQ2oCjE7AihmfycC/rUfJ/leg
PAYDRiQMm8wf5zXOw2Tl/53HU3xmTK/jDgegndLm1zrVYp7ABJiFd008OD9uYyum
0ScD962xgkqV57WIGQ+11+LSTSlo9pu/5p0GROsCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQ5sfTTVe8oXQu3DkC8cX1C7tJTeDAfBgNVHSMEGDAWgBTB4kZN1tBCMJUV
9+W2TqZcCJtGFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dlSkdUZGJRUWpDVkZmZmx0azZtWEFpYlJoWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMjU2ZmFiLWRlOTctNDY3OS1hNDY1LWI5NmQ2NzE0YTE3NC8x
L09iSDAwMVh2S0YwTHR3NUF2SEY5UXU3U1UzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
MjU2ZmFiLWRlOTctNDY3OS1hNDY1LWI5NmQ2NzE0YTE3NC8xL3dlSkdUZGJRUWpD
VkZmZmx0azZtWEFpYlJoWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAk1v7AMEA03oqAMEAlKjgAMEAlKj
6AMEBF+NoAMEA4N1uAMEA5X/eAMEArkH9DANBgkqhkiG9w0BAQsFAAOCAQEASbRr
s6f4FStsKxSnPVM/9LXgC0H9q4aHSLqn3cDAPnk4sf1+Ggwpv1pQICnYBSx7rRrM
hkwh5MHeNfgMu28rMrhv20lHSHXvR98x+yEaTtiPpWha6Fr3hB91pmILmtm7fYWI
5rVbfKZBhUYiArdafki8iKr4guayyvMeEwFp2VWZPybNIii1jE8UONdfW57LvO3r
B8QIMz6WIcEO5ytKs4TzRFt3d0xAMAp16fy9hqeXwNprH597BBqpuFTQThOK8Sq5
L/htD+HATd2BOTNtcLQF2y80B91ejTuBzv6wViZlnZwGo1u6hxin7C2zdJqolNNK
QcXWxKen3x6m4CJZLA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:49 2025 by rpki-client