Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/OJ27x9OnTUXLThPhT87WZohocTg.roa
File: OJ27x9OnTUXLThPhT87WZohocTg.roa (raw, json)
Hash identifier: qXww4uMQN1hYK88u0EBY71Bhd/dZNYd4Qtb/5ecM+x4=
Subject key identifier: 38:9D:BB:C7:D3:A7:4D:45:CB:4E:13:E1:4F:CE:D6:66:88:68:71:38
Certificate issuer: /CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Certificate serial: 120D5CC7
Authority key identifier: DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/OJ27x9OnTUXLThPhT87WZohocTg.roa
Signing time: Thu 10 Feb 2022 16:27:15 +0000
ROA not before: Thu 10 Feb 2022 16:27:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39351
IP address blocks: 45.129.56.0/24 maxlen: 24
185.209.196.0/24 maxlen: 24
185.209.197.0/24 maxlen: 24
193.32.249.0/24 maxlen: 24
185.65.132.0/24 maxlen: 24
185.65.134.0/24 maxlen: 24
185.65.133.0/24 maxlen: 24
185.65.135.0/24 maxlen: 24
141.98.252.0/24 maxlen: 24
141.98.255.0/24 maxlen: 24
141.98.254.0/24 maxlen: 24
45.83.220.0/24 maxlen: 24
185.213.152.0/24 maxlen: 24
185.213.153.0/24 maxlen: 24
185.213.155.0/24 maxlen: 24
185.213.154.0/24 maxlen: 24
193.138.216.0/22 maxlen: 22
193.32.127.0/24 maxlen: 24
193.32.126.0/24 maxlen: 24
185.195.232.0/24 maxlen: 24
185.195.233.0/24 maxlen: 24
2a03:1b20:8::/48 maxlen: 48
2a03:1b20:3::/48 maxlen: 48
2a03:1b20:6::/48 maxlen: 48
2a03:1b20:1::/48 maxlen: 48
2a03:1b20:a::/48 maxlen: 48
2a03:1b20:5::/48 maxlen: 48
2a03:1b20:beef::/48 maxlen: 48
2a03:1b20:2::/48 maxlen: 48
2a03:1b20:7::/48 maxlen: 48
2a03:1b20:9::/48 maxlen: 48
2a03:1b20:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302865607 (0x120d5cc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Validity
Not Before: Feb 10 16:27:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=389dbbc7d3a74d45cb4e13e14fced66688687138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c9:92:d7:30:8c:11:31:3a:4e:31:a9:ef:28:
77:a0:4e:45:28:ae:20:ea:ce:9c:4a:ef:49:63:9e:
ce:b6:a6:48:f0:67:70:95:75:10:a3:18:84:28:d0:
db:75:9a:7f:c9:43:04:82:94:13:b4:45:d0:a5:c7:
0a:18:5f:af:50:99:e9:29:75:cd:55:97:cc:ca:29:
20:53:07:fc:9b:2a:8e:55:9c:37:77:52:fe:45:62:
60:69:96:21:f8:63:4f:83:01:ba:43:13:ba:1c:16:
31:ae:2f:bb:d4:51:ef:d3:44:42:bf:b7:12:ef:06:
9c:a1:62:9e:dc:c7:51:35:5c:09:c2:ef:09:47:9c:
21:b3:72:9a:51:4e:a1:63:64:37:60:e8:32:29:51:
0f:19:6f:b0:2f:32:62:fe:dc:97:b1:fd:98:29:f9:
46:4c:ef:d9:64:70:66:a7:72:09:52:41:76:b4:fa:
8a:8f:0c:1c:a0:87:58:72:d3:ac:17:a0:bc:64:81:
07:03:ce:9e:08:c1:a9:10:68:af:c4:48:8d:77:1b:
3f:d9:d6:52:c4:b9:c6:8e:bf:d5:d8:a0:6c:36:e1:
db:50:07:e9:8f:a9:bc:d1:32:01:80:c1:eb:1c:00:
4e:c8:eb:3b:4b:22:dd:41:72:36:05:7a:e1:45:9e:
09:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9D:BB:C7:D3:A7:4D:45:CB:4E:13:E1:4F:CE:D6:66:88:68:71:38
X509v3 Authority Key Identifier:
keyid:DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/OJ27x9OnTUXLThPhT87WZohocTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.220.0/24
45.129.56.0/24
141.98.252.0/24
141.98.254.0/23
185.65.132.0/22
185.195.232.0/23
185.209.196.0/23
185.213.152.0/22
193.32.126.0/23
193.32.249.0/24
193.138.216.0/22
IPv6:
2a03:1b20:1::-2a03:1b20:a:ffff:ffff:ffff:ffff:ffff
2a03:1b20:beef::/48
Signature Algorithm: sha256WithRSAEncryption
5f:aa:b4:82:a6:b8:5a:57:d2:a7:6d:5b:58:21:32:36:08:0e:
55:b8:10:4e:b3:13:04:eb:3b:26:fc:a6:ed:34:6f:22:ff:d1:
20:b3:d5:d1:69:6d:31:52:61:8b:e5:5d:1b:e0:06:60:45:9b:
ee:41:6e:0f:8b:72:37:b4:9d:1d:9c:65:93:5e:5c:be:5d:b1:
c2:bd:38:ca:50:d6:77:33:42:46:5f:da:08:6b:a7:be:2c:d9:
db:e7:18:2c:8b:41:81:80:57:33:29:48:86:c3:29:c1:68:cf:
3f:be:5f:60:b3:9c:e1:46:60:60:5a:c5:c2:14:90:c1:c0:e8:
df:39:f6:13:c7:23:e2:8e:80:dc:06:2c:dc:a5:3b:76:b6:5a:
5d:c3:52:82:44:69:e5:4a:30:5e:af:92:40:0e:c9:ee:79:89:
f0:da:23:e0:61:76:49:7a:88:4c:f6:dc:f3:20:9c:c4:35:94:
d7:e5:ca:0c:5b:7a:57:22:3b:96:8f:6e:c1:e9:a1:84:e9:6f:
29:54:ab:f3:d5:2b:d9:bf:26:b9:e6:f1:10:41:f4:16:47:7b:
c0:ec:70:b8:17:f8:53:6c:f6:f8:b6:3a:48:02:0c:00:15:49:
96:f9:91:fb:57:db:02:35:81:2e:3e:74:fc:3c:1f:a9:d7:d2:
a0:5d:a7:ad
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIEEg1cxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTJlOTE3MzE1ZjBhODc4YjIxZmMxMzlkNDlhODIxYWFkZGMzYzk3MB4XDTIyMDIx
MDE2MjcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg5ZGJiYzdkM2E3
NGQ0NWNiNGUxM2UxNGZjZWQ2NjY4ODY4NzEzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPJktcwjBExOk4xqe8od6BORSiuIOrOnErvSWOezramSPBn
cJV1EKMYhCjQ23Waf8lDBIKUE7RF0KXHChhfr1CZ6Sl1zVWXzMopIFMH/JsqjlWc
N3dS/kViYGmWIfhjT4MBukMTuhwWMa4vu9RR79NEQr+3Eu8GnKFintzHUTVcCcLv
CUecIbNymlFOoWNkN2DoMilRDxlvsC8yYv7cl7H9mCn5Rkzv2WRwZqdyCVJBdrT6
io8MHKCHWHLTrBegvGSBBwPOngjBqRBor8RIjXcbP9nWUsS5xo6/1digbDbh21AH
6Y+pvNEyAYDB6xwATsjrO0si3UFyNgV64UWeCcsCAwEAAaOCAmswggJnMB0GA1Ud
DgQWBBQ4nbvH06dNRctOE+FPztZmiGhxODAfBgNVHSMEGDAWgBTeLpFzFfCoeLIf
wTnUmoIardw8lzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNpNlJjeFh3cUhpeUg4RTUxSnFDR3EzY1BKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMmQ1YmM4LTVkOTMtNGIwYS1hOGI2LWY4ZDY1Yzk4Mzc0NC8x
L09KMjd4OU9uVFVYTFRoUGhUODdXWm9ob2NUZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MmQ1YmM4LTVkOTMtNGIwYS1hOGI2LWY4ZDY1Yzk4Mzc0NC8xLzNpNlJjeFh3cUhp
eUg4RTUxSnFDR3EzY1BKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gAYIKwYBBQUHAQcBAf8EcTBvMEgEAgABMEIDBAAtU9wDBAAtgTgDBACNYvwDBAGN
Yv4DBAK5QYQDBAG5w+gDBAG50cQDBAK51ZgDBAHBIH4DBADBIPkDBALBitgwIwQC
AAIwHTASAwcAKgMbIAABAwcAKgMbIAAKAwcAKgMbIL7vMA0GCSqGSIb3DQEBCwUA
A4IBAQBfqrSCprhaV9KnbVtYITI2CA5VuBBOsxME6zsm/KbtNG8i/9Egs9XRaW0x
UmGL5V0b4AZgRZvuQW4Pi3I3tJ0dnGWTXly+XbHCvTjKUNZ3M0JGX9oIa6e+LNnb
5xgsi0GBgFczKUiGwynBaM8/vl9gs5zhRmBgWsXCFJDBwOjfOfYTxyPijoDcBizc
pTt2tlpdw1KCRGnlSjBer5JADsnueYnw2iPgYXZJeohM9tzzIJzENZTX5coMW3pX
IjuWj27B6aGE6W8pVKvz1SvZvya55vEQQfQWR3vA7HC4F/hTbPb4tjpIAgwAFUmW
+ZH7V9sCNYEuPnT8PB+p19KgXaet
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:04 2025 by rpki-client