Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/87206f-33d0-4f33-b781-84f8fdc0c698/1/OHfluKcOYe7zWepnOeLGbmx5ZpM.roa
File: OHfluKcOYe7zWepnOeLGbmx5ZpM.roa (raw, json)
Hash identifier: jG/7zG8Ut0p5KPfwPSFe3/nfRTonPO/3kc+xnQh3u08=
Subject key identifier: 38:77:E5:B8:A7:0E:61:EE:F3:59:EA:67:39:E2:C6:6E:6C:79:66:93
Certificate issuer: /CN=8a38d1191f66f1f0315de5f45cc194d1cd19d1fb
Certificate serial: 01856F1D8B0D68A3C9B6C15B98FEAAE51D19
Authority key identifier: 8A:38:D1:19:1F:66:F1:F0:31:5D:E5:F4:5C:C1:94:D1:CD:19:D1:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ijjRGR9m8fAxXeX0XMGU0c0Z0fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/87206f-33d0-4f33-b781-84f8fdc0c698/1/OHfluKcOYe7zWepnOeLGbmx5ZpM.roa
Signing time: Sun 01 Jan 2023 20:54:45 +0000
ROA not before: Sun 01 Jan 2023 20:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198279
IP address blocks: 37.26.85.0/24 maxlen: 24
37.26.80.0/21 maxlen: 21
37.26.82.0/24 maxlen: 24
37.26.84.0/24 maxlen: 24
37.26.83.0/24 maxlen: 24
37.26.86.0/24 maxlen: 24
37.26.87.0/24 maxlen: 24
185.89.156.0/24 maxlen: 24
185.89.156.0/22 maxlen: 22
185.89.157.0/24 maxlen: 24
185.89.159.0/24 maxlen: 24
185.89.158.0/24 maxlen: 24
2a00:4940::/32 maxlen: 32
2a00:4940::/48 maxlen: 48
2a00:4940:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:8b:0d:68:a3:c9:b6:c1:5b:98:fe:aa:e5:1d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a38d1191f66f1f0315de5f45cc194d1cd19d1fb
Validity
Not Before: Jan 1 20:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3877e5b8a70e61eef359ea6739e2c66e6c796693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4e:07:74:dc:b7:b2:94:21:2a:74:5e:12:6b:
1c:73:13:6d:c5:26:1e:c4:5c:fa:d7:5f:5d:56:65:
35:61:da:e6:7c:0e:45:3c:fb:0b:2f:79:a2:f7:8e:
ef:31:14:ce:83:a1:50:df:51:55:b5:43:63:45:57:
88:37:0f:86:e9:32:8f:29:d7:1b:71:ca:78:7f:72:
6a:dc:a1:f2:fd:2e:cf:36:4c:3f:cd:02:35:a9:37:
90:b4:df:4c:2d:6b:39:97:73:8a:28:6a:cc:35:35:
66:db:34:5a:ad:b9:1f:01:51:af:b8:eb:7e:24:f5:
e7:f1:41:94:b4:c7:5c:e8:f8:d9:82:78:f1:07:c7:
21:a4:9c:e5:46:9b:69:cb:41:14:f0:72:76:da:10:
ca:f1:96:d0:f6:04:70:1c:4f:11:03:4b:8d:83:e8:
9f:7d:cb:3e:00:80:22:f7:8e:5d:d5:71:01:5c:b2:
c7:85:ff:ad:0a:b6:03:af:ca:3b:58:2b:ab:8c:24:
85:c5:49:f1:48:d9:d0:f0:b4:6f:19:92:bf:11:ad:
69:f4:4b:16:f2:eb:92:b1:40:8e:22:2e:ce:fc:ee:
fc:fc:10:91:29:53:7c:60:85:e3:06:4b:7e:b0:3f:
ee:a7:34:32:56:d0:fd:10:e5:60:99:33:fd:94:42:
ae:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:77:E5:B8:A7:0E:61:EE:F3:59:EA:67:39:E2:C6:6E:6C:79:66:93
X509v3 Authority Key Identifier:
keyid:8A:38:D1:19:1F:66:F1:F0:31:5D:E5:F4:5C:C1:94:D1:CD:19:D1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ijjRGR9m8fAxXeX0XMGU0c0Z0fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/87206f-33d0-4f33-b781-84f8fdc0c698/1/OHfluKcOYe7zWepnOeLGbmx5ZpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/87206f-33d0-4f33-b781-84f8fdc0c698/1/ijjRGR9m8fAxXeX0XMGU0c0Z0fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.80.0/21
185.89.156.0/22
IPv6:
2a00:4940::/32
Signature Algorithm: sha256WithRSAEncryption
61:97:70:41:d7:f9:6e:bf:6c:21:e2:a1:5e:ab:e8:80:cb:8e:
24:cb:4f:e4:ee:82:54:a5:25:e5:30:1d:8a:f9:d5:8c:42:7f:
92:6f:f8:e6:6c:bb:e1:c4:a3:46:d6:30:b0:bb:30:4c:c8:9f:
81:6c:f7:a0:f7:9e:11:e4:97:8c:8a:c7:b0:d1:d3:56:fb:52:
da:7a:25:5e:1a:b5:1e:21:0b:81:fb:35:ef:48:6c:a1:ff:9b:
65:a3:6d:19:d1:2f:87:12:a4:7d:c1:0c:99:0b:61:19:6e:5c:
03:3a:2c:38:20:6b:38:20:72:c1:92:3b:bf:c8:89:8a:42:91:
d5:cb:ec:2b:96:c4:9e:27:a3:f1:bb:24:6b:ae:8d:54:74:ed:
f4:08:19:42:fb:a2:4e:21:6a:38:3a:a9:d2:7a:39:62:c5:10:
cf:07:93:ae:85:f0:af:a9:5f:43:f9:fe:a1:68:e5:a2:aa:a9:
97:a8:24:f5:bb:d0:4c:10:92:a1:8d:82:c4:94:bb:34:83:10:
e3:d4:35:e3:8e:e6:9a:6d:a4:54:27:31:80:cd:73:19:6e:c3:
1c:e7:7a:4f:21:6f:b3:b4:9f:3e:7c:0c:99:4e:15:f6:f9:a8:
33:90:48:59:33:2b:0b:7c:b8:eb:fe:c4:26:87:ef:68:50:6c:
5c:e6:5d:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvHYsNaKPJtsFbmP6q5R0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMzhkMTE5MWY2NmYxZjAzMTVkZTVmNDVjYzE5NGQxY2Qx
OWQxZmIwHhcNMjMwMTAxMjA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODc3ZTViOGE3MGU2MWVlZjM1OWVhNjczOWUyYzY2ZTZjNzk2NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh04HdNy3spQhKnReEmsccxNtxSYe
xFz6119dVmU1YdrmfA5FPPsLL3mi947vMRTOg6FQ31FVtUNjRVeINw+G6TKPKdcb
ccp4f3Jq3KHy/S7PNkw/zQI1qTeQtN9MLWs5l3OKKGrMNTVm2zRarbkfAVGvuOt+
JPXn8UGUtMdc6PjZgnjxB8chpJzlRptpy0EU8HJ22hDK8ZbQ9gRwHE8RA0uNg+if
fcs+AIAi945d1XEBXLLHhf+tCrYDr8o7WCurjCSFxUnxSNnQ8LRvGZK/Ea1p9EsW
8uuSsUCOIi7O/O78/BCRKVN8YIXjBkt+sD/upzQyVtD9EOVgmTP9lEKueQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDh35binDmHu81nqZznixm5seWaTMB8GA1UdIwQY
MBaAFIo40RkfZvHwMV3l9FzBlNHNGdH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWpqUkdSOW04ZkF4WGVYMFhNR1UwYzBaMGZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi84NzIwNmYtMzNkMC00ZjMzLWI3ODEt
ODRmOGZkYzBjNjk4LzEvT0hmbHVLY09ZZTd6V2Vwbk9lTEdibXg1WnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi84NzIwNmYtMzNkMC00ZjMzLWI3ODEtODRmOGZkYzBjNjk4
LzEvaWpqUkdSOW04ZkF4WGVYMFhNR1UwYzBaMGZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJRpQAwQC
uVmcMA0EAgACMAcDBQAqAElAMA0GCSqGSIb3DQEBCwUAA4IBAQBhl3BB1/luv2wh
4qFeq+iAy44ky0/k7oJUpSXlMB2K+dWMQn+Sb/jmbLvhxKNG1jCwuzBMyJ+BbPeg
954R5JeMisew0dNW+1LaeiVeGrUeIQuB+zXvSGyh/5tlo20Z0S+HEqR9wQyZC2EZ
blwDOiw4IGs4IHLBkju/yImKQpHVy+wrlsSeJ6PxuyRrro1UdO30CBlC+6JOIWo4
OqnSejlixRDPB5OuhfCvqV9D+f6haOWiqqmXqCT1u9BMEJKhjYLElLs0gxDj1DXj
juaabaRUJzGAzXMZbsMc53pPIW+ztJ8+fAyZThX2+agzkEhZMysLfLjr/sQmh+9o
UGxc5l19
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:12:23 2025 by rpki-client