Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/0gmMyCWJ0QvDxOH1WrlLPAMRb_Y.roa
File: 0gmMyCWJ0QvDxOH1WrlLPAMRb_Y.roa (raw, json)
Hash identifier: cf9kChIz956SWCy3140lfumICI3ErKt7aZHgNGc45JI=
Subject key identifier: D2:09:8C:C8:25:89:D1:0B:C3:C4:E1:F5:5A:B9:4B:3C:03:11:6F:F6
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 35C1DE5A
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/0gmMyCWJ0QvDxOH1WrlLPAMRb_Y.roa
Signing time: Sat 01 Jan 2022 12:06:31 +0000
ROA not before: Sat 01 Jan 2022 12:06:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2471
IP address blocks: 193.54.56.0/24 maxlen: 24
195.83.189.0/24 maxlen: 24
194.254.98.0/24 maxlen: 24
193.51.134.0/24 maxlen: 24
193.51.135.0/24 maxlen: 24
195.221.172.0/24 maxlen: 24
195.221.169.0/24 maxlen: 24
194.199.94.0/24 maxlen: 24
194.199.93.0/24 maxlen: 24
194.199.96.0/24 maxlen: 24
194.57.236.0/24 maxlen: 24
194.57.237.0/24 maxlen: 24
193.52.35.0/24 maxlen: 24
194.254.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 901897818 (0x35c1de5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 1 12:06:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2098cc82589d10bc3c4e1f55ab94b3c03116ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:07:f1:a4:ee:77:9e:de:d0:91:c6:ca:5f:b3:
db:5f:e9:49:0b:db:b8:df:f6:ac:fc:fc:c6:ad:b3:
af:c7:8f:b0:91:70:04:67:39:cc:76:d9:cf:64:11:
89:ca:a0:bf:da:78:13:0f:31:17:68:75:c0:09:36:
90:10:13:80:7d:2c:1b:57:d8:18:30:f1:14:9a:9a:
d8:1c:53:61:9a:2e:46:72:ae:a4:3a:26:4b:8a:31:
ff:25:e7:e8:79:75:ab:5c:31:bc:cd:21:91:9d:0d:
ee:94:b3:6c:2b:ec:74:29:c9:44:4f:65:5f:96:3e:
29:98:18:3e:f1:33:7f:81:d3:ec:f9:90:8a:79:d8:
7d:98:64:92:86:40:af:b4:82:63:3a:d2:9f:67:30:
d2:f1:97:9f:e7:63:79:7b:83:f8:7e:64:61:4d:76:
1e:d1:63:12:0c:58:38:78:2a:13:5c:fb:8c:00:d3:
71:7e:24:f8:84:0f:57:ef:e5:f4:62:a8:2e:eb:59:
0c:e9:21:24:c4:9a:59:06:af:50:2d:33:44:f7:5e:
49:96:e6:3f:21:b3:57:ae:c2:19:61:a0:72:b3:e3:
ef:28:ca:b1:d6:89:a7:1e:47:57:25:ba:a6:65:3b:
d6:b1:c9:e9:f3:05:4d:36:93:fe:d7:61:8d:b6:da:
3f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:09:8C:C8:25:89:D1:0B:C3:C4:E1:F5:5A:B9:4B:3C:03:11:6F:F6
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/0gmMyCWJ0QvDxOH1WrlLPAMRb_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.51.134.0/23
193.52.35.0/24
193.54.56.0/24
194.57.236.0/23
194.199.93.0-194.199.94.255
194.199.96.0/24
194.254.98.0/24
194.254.197.0/24
195.83.189.0/24
195.221.169.0/24
195.221.172.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:71:ea:5b:30:3c:c2:8e:18:4e:44:87:04:8b:44:d8:40:5b:
d4:f4:f6:58:72:38:2d:bd:01:f2:98:7d:9a:8e:e5:af:47:6f:
d1:0a:bd:f3:0c:87:75:6a:fb:9b:00:70:dc:c2:f0:75:89:bc:
e6:b4:22:92:26:06:a7:a6:a9:56:51:58:e9:f9:47:d9:27:f3:
7f:0d:07:01:f4:99:2e:5c:ac:6e:81:2c:e5:23:b1:82:20:62:
8f:7c:0b:ac:54:62:4a:ba:72:07:82:f9:36:96:62:1a:9d:58:
29:b4:ef:c3:d1:9e:a8:91:13:c6:01:2d:34:4c:db:a9:5d:9f:
ad:72:4a:bc:59:61:a6:de:54:7c:e2:63:44:f9:18:95:85:5a:
99:0e:95:25:60:10:9e:f3:c2:fb:95:c3:5f:98:ca:44:c2:00:
93:d5:3d:c5:ad:b1:42:3d:6b:9c:eb:3e:df:b4:a0:1b:89:54:
7a:39:96:0c:e3:3f:b2:bb:1e:a5:73:58:65:2d:e0:9a:42:6a:
be:54:70:7a:3f:da:ef:ef:31:51:85:58:91:f8:d1:dc:a9:fd:
41:f8:1a:3d:0e:35:6a:f2:da:9a:b7:03:7c:90:dd:87:e3:0a:
e1:b9:d8:83:73:bd:1b:d2:42:43:19:17:84:6d:10:82:7b:aa:
c1:f2:4d:72
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIENcHeWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWY5NTdhYmEyZWYwMDM1Mjg1MGUyMDI0NjRjNzFkMzNjYTgxNDQ4MB4XDTIyMDEw
MTEyMDYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDIwOThjYzgyNTg5
ZDEwYmMzYzRlMWY1NWFiOTRiM2MwMzExNmZmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4H8aTud57e0JHGyl+z21/pSQvbuN/2rPz8xq2zr8ePsJFw
BGc5zHbZz2QRicqgv9p4Ew8xF2h1wAk2kBATgH0sG1fYGDDxFJqa2BxTYZouRnKu
pDomS4ox/yXn6Hl1q1wxvM0hkZ0N7pSzbCvsdCnJRE9lX5Y+KZgYPvEzf4HT7PmQ
innYfZhkkoZAr7SCYzrSn2cw0vGXn+djeXuD+H5kYU12HtFjEgxYOHgqE1z7jADT
cX4k+IQPV+/l9GKoLutZDOkhJMSaWQavUC0zRPdeSZbmPyGzV67CGWGgcrPj7yjK
sdaJpx5HVyW6pmU71rHJ6fMFTTaT/tdhjbbaP50CAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBTSCYzIJYnRC8PE4fVauUs8AxFv9jAfBgNVHSMEGDAWgBQu+Verou8ANShQ
4gJGTHHTPKgUSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x2bFhxNkx2QURVb1VPSUNSa3h4MHp5b0ZFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvYTU4NGU0LWNjZDQtNGM0Zi05ZDE2LTA0YTI3YzRkNTQ1My8x
LzBnbU15Q1dKMFF2RHhPSDFXcmxMUEFNUmJfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
YTU4NGU0LWNjZDQtNGM0Zi05ZDE2LTA0YTI3YzRkNTQ1My8xL0x2bFhxNkx2QURV
b1VPSUNSa3h4MHp5b0ZFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEAcEzhgMEAME0IwMEAME2OAMEAcI5
7DAMAwQAwsddAwQAwsdeAwQAwsdgAwQAwv5iAwQAwv7FAwQAw1O9AwQAw92pAwQA
w92sMA0GCSqGSIb3DQEBCwUAA4IBAQBecepbMDzCjhhORIcEi0TYQFvU9PZYcjgt
vQHymH2ajuWvR2/RCr3zDId1avubAHDcwvB1ibzmtCKSJganpqlWUVjp+UfZJ/N/
DQcB9JkuXKxugSzlI7GCIGKPfAusVGJKunIHgvk2lmIanVgptO/D0Z6okRPGAS00
TNupXZ+tckq8WWGm3lR84mNE+RiVhVqZDpUlYBCe88L7lcNfmMpEwgCT1T3FrbFC
PWuc6z7ftKAbiVR6OZYM4z+yux6lc1hlLeCaQmq+VHB6P9rv7zFRhViR+NHcqf1B
+Bo9DjVq8tqatwN8kN2H4wrhudiDc70b0kJDGReEbRCCe6rB8k1y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:41 2025 by rpki-client