Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/OcvwvyWa3MxoKaLMwNEw_o-LJuo.roa
File: OcvwvyWa3MxoKaLMwNEw_o-LJuo.roa (raw, json)
Hash identifier: 9GDWcvu1hcTZArlVxUzr86FDcRXRGHjYzbrcovHagsM=
Subject key identifier: 39:CB:F0:BF:25:9A:DC:CC:68:29:A2:CC:C0:D1:30:FE:8F:8B:26:EA
Certificate issuer: /CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Certificate serial: 01856E01FE85750A080918B04F6B67061DCB
Authority key identifier: 88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/OcvwvyWa3MxoKaLMwNEw_o-LJuo.roa
Signing time: Sun 01 Jan 2023 15:45:02 +0000
ROA not before: Sun 01 Jan 2023 15:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202486
IP address blocks: 194.76.221.0/24 maxlen: 24
194.76.220.0/23 maxlen: 24
194.76.220.0/24 maxlen: 24
194.76.237.0/24 maxlen: 24
194.76.236.0/24 maxlen: 24
194.76.236.0/23 maxlen: 24
5.183.183.0/24 maxlen: 24
5.183.182.0/24 maxlen: 24
193.161.212.0/24 maxlen: 24
193.161.213.0/24 maxlen: 24
5.183.180.0/24 maxlen: 24
5.183.181.0/24 maxlen: 24
193.161.214.0/24 maxlen: 24
193.161.215.0/24 maxlen: 24
92.118.93.0/24 maxlen: 24
193.25.188.0/24 maxlen: 24
92.118.92.0/24 maxlen: 24
92.118.95.0/24 maxlen: 24
193.25.189.0/24 maxlen: 24
92.118.94.0/24 maxlen: 24
193.25.210.0/24 maxlen: 24
193.25.211.0/24 maxlen: 24
2a0c:a0c1::/32 maxlen: 32
2a0c:a0c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:fe:85:75:0a:08:09:18:b0:4f:6b:67:06:1d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Validity
Not Before: Jan 1 15:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39cbf0bf259adccc6829a2ccc0d130fe8f8b26ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1f:aa:96:f7:35:e6:e1:01:1e:52:af:4d:d9:
81:81:67:46:3c:d9:7d:00:ba:98:9d:0d:e0:f5:86:
b9:4d:a1:ec:30:04:e8:da:73:af:d8:bb:66:c1:21:
3e:6a:45:5a:30:fe:00:1e:2c:da:2b:cc:00:53:11:
9f:ec:4b:e7:dd:cd:65:0c:24:76:c0:23:48:a0:59:
b9:d0:0b:cd:fb:80:09:d6:a1:85:1e:e9:75:1e:b1:
b8:2b:9c:f5:15:1e:d6:09:77:e8:82:f6:9e:62:b3:
3b:72:a4:3d:cd:d3:8b:6a:b6:76:cd:a3:f2:05:4d:
c7:2f:67:15:78:c1:07:3a:ba:bd:4f:52:95:e7:ba:
fe:fc:ef:52:88:27:74:77:50:26:25:5a:43:6a:6a:
d0:73:93:7f:fb:51:a2:79:ea:5f:df:dc:23:5e:26:
8a:fd:29:c1:1e:c5:cf:2b:de:aa:46:c9:44:b1:23:
ee:ba:e8:ea:55:eb:e0:db:60:f5:cb:44:4a:b0:98:
d3:9b:0a:8a:56:00:7c:f7:bf:a7:f3:1d:6e:ef:50:
31:c6:72:1d:b4:5a:33:bd:7e:05:79:52:22:fe:4e:
ba:a5:57:4d:01:b2:ca:c7:aa:cb:67:17:aa:5c:28:
ec:94:a4:7f:c0:39:de:95:9a:0c:69:32:0e:39:8f:
84:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:CB:F0:BF:25:9A:DC:CC:68:29:A2:CC:C0:D1:30:FE:8F:8B:26:EA
X509v3 Authority Key Identifier:
keyid:88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/OcvwvyWa3MxoKaLMwNEw_o-LJuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iEv4DnL1Dwm_VjST69sRo0u6MS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.180.0/22
92.118.92.0/22
193.25.188.0/23
193.25.210.0/23
193.161.212.0/22
194.76.220.0/23
194.76.236.0/23
IPv6:
2a0c:a0c0::/31
Signature Algorithm: sha256WithRSAEncryption
15:de:40:a0:b8:a5:a8:ca:74:13:6a:7d:7e:24:eb:b9:45:4f:
e0:04:da:f6:1d:97:2a:9c:c1:54:cf:d5:42:33:60:28:37:60:
44:c6:b2:ad:a2:7d:d1:42:5f:ad:a0:54:d3:c0:9a:fc:1a:5c:
a4:18:fa:b9:13:f8:ed:6f:26:ed:dc:fc:f6:75:f5:28:ab:24:
86:5a:5c:d4:72:47:e0:54:95:6f:8b:9d:bb:cd:5e:cf:31:0f:
6c:33:62:a4:f9:1c:0e:bf:3f:94:e8:e5:b3:db:d1:33:f6:57:
e6:a8:b8:11:da:c6:dd:0c:3e:4b:5c:34:5a:82:2c:72:79:87:
88:0e:9b:81:56:2d:c4:22:03:10:9a:f5:2a:55:8b:1a:1e:75:
89:4a:bc:b2:34:16:67:fa:31:bb:9c:4e:cb:91:31:85:02:d9:
15:4b:66:e3:a9:08:32:b3:95:f6:7e:08:ac:04:0c:62:23:bd:
77:e4:47:60:70:64:5b:a9:6f:0d:c8:c4:6c:a6:04:a8:ac:fb:
fb:7f:bd:0e:96:8c:67:ff:a4:8f:5f:4c:08:e8:f7:0c:41:60:
8d:5f:dc:f6:3e:74:f3:ef:ff:83:84:f2:2f:ec:5f:3a:4b:8e:
41:90:89:eb:d8:66:7c:05:99:c2:66:4c:09:8b:55:43:ea:cc:
60:84:2b:63
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVuAf6FdQoICRiwT2tnBh3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NGJmODBlNzJmNTBmMDliZjU2MzQ5M2ViZGIxMWEzNGJi
YTMxMmQwHhcNMjMwMTAxMTU0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWNiZjBiZjI1OWFkY2NjNjgyOWEyY2NjMGQxMzBmZThmOGIyNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkx+qlvc15uEBHlKvTdmBgWdGPNl9
ALqYnQ3g9Ya5TaHsMATo2nOv2LtmwSE+akVaMP4AHizaK8wAUxGf7Evn3c1lDCR2
wCNIoFm50AvN+4AJ1qGFHul1HrG4K5z1FR7WCXfogvaeYrM7cqQ9zdOLarZ2zaPy
BU3HL2cVeMEHOrq9T1KV57r+/O9SiCd0d1AmJVpDamrQc5N/+1Gieepf39wjXiaK
/SnBHsXPK96qRslEsSPuuujqVevg22D1y0RKsJjTmwqKVgB897+n8x1u71AxxnId
tFozvX4FeVIi/k66pVdNAbLKx6rLZxeqXCjslKR/wDnelZoMaTIOOY+EtQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDnL8L8lmtzMaCmizMDRMP6PiybqMB8GA1UdIwQY
MBaAFIhL+A5y9Q8Jv1Y0k+vbEaNLujEtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUV2NERuTDFEd21fVmpTVDY5c1JvMHU2TVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMTJlNGQtOGExYS00MDEwLTlhOGIt
MzZmOTg0N2FjMzViLzEvT2N2d3Z5V2EzTXhvS2FMTXdORXdfby1MSnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMTJlNGQtOGExYS00MDEwLTlhOGItMzZmOTg0N2FjMzVi
LzEvaUV2NERuTDFEd21fVmpTVDY5c1JvMHU2TVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCBbe0AwQC
XHZcAwQBwRm8AwQBwRnSAwQCwaHUAwQBwkzcAwQBwkzsMA0EAgACMAcDBQEqDKDA
MA0GCSqGSIb3DQEBCwUAA4IBAQAV3kCguKWoynQTan1+JOu5RU/gBNr2HZcqnMFU
z9VCM2AoN2BExrKton3RQl+toFTTwJr8GlykGPq5E/jtbybt3Pz2dfUoqySGWlzU
ckfgVJVvi527zV7PMQ9sM2Kk+RwOvz+U6OWz29Ez9lfmqLgR2sbdDD5LXDRagixy
eYeIDpuBVi3EIgMQmvUqVYsaHnWJSryyNBZn+jG7nE7LkTGFAtkVS2bjqQgys5X2
fgisBAxiI7135EdgcGRbqW8NyMRspgSorPv7f70Oloxn/6SPX0wI6PcMQWCNX9z2
PnTz7/+DhPIv7F86S45BkInr2GZ8BZnCZkwJi1VD6sxghCtj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:25 2025 by rpki-client