Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/w76FDmuITuPE2hLUW8P2-oxahCo.roa
File: w76FDmuITuPE2hLUW8P2-oxahCo.roa (raw, json)
Hash identifier: BhH+7utOHpY7BGUEkRso9nq8st7NFab7D/RSlrQNkWA=
Subject key identifier: C3:BE:85:0E:6B:88:4E:E3:C4:DA:12:D4:5B:C3:F6:FA:8C:5A:84:2A
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 018576BB90F6C259262EB7A529180B9F1E8E
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/w76FDmuITuPE2hLUW8P2-oxahCo.roa
Signing time: Tue 03 Jan 2023 08:24:41 +0000
ROA not before: Tue 03 Jan 2023 08:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8262
IP address blocks: 194.12.224.0/19 maxlen: 19
194.12.231.0/24 maxlen: 24
194.12.249.0/24 maxlen: 24
194.12.254.0/24 maxlen: 24
82.119.92.0/24 maxlen: 24
82.119.94.0/24 maxlen: 24
185.92.132.0/22 maxlen: 22
82.119.64.0/19 maxlen: 19
82.119.68.0/24 maxlen: 24
82.119.69.0/24 maxlen: 24
82.119.84.0/24 maxlen: 24
82.119.83.0/24 maxlen: 24
82.119.80.0/21 maxlen: 21
89.252.223.0/24 maxlen: 24
89.252.241.0/24 maxlen: 24
89.252.246.0/24 maxlen: 24
89.252.192.0/18 maxlen: 18
85.14.36.0/24 maxlen: 24
85.14.44.0/24 maxlen: 24
85.14.49.0/24 maxlen: 24
85.14.47.0/24 maxlen: 24
176.67.233.0/24 maxlen: 24
85.14.0.0/23 maxlen: 23
85.14.0.0/18 maxlen: 18
176.67.234.0/24 maxlen: 24
85.14.12.0/24 maxlen: 24
85.14.13.0/24 maxlen: 24
85.14.24.0/24 maxlen: 24
2001:1ae0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:76:bb:90:f6:c2:59:26:2e:b7:a5:29:18:0b:9f:1e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 3 08:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3be850e6b884ee3c4da12d45bc3f6fa8c5a842a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b2:b5:3b:50:4e:81:67:d9:b0:53:d4:f2:70:
84:d9:d9:b1:61:56:e9:95:ae:b9:14:06:00:76:a2:
dc:db:20:19:ec:0a:be:7b:e8:30:d1:ad:8d:57:f9:
19:62:ac:c2:5d:e0:f5:67:d1:21:98:7b:c9:6b:9a:
56:45:da:3e:cd:7f:4c:45:58:3b:9c:5a:39:8a:3b:
ed:56:6f:3f:eb:56:9b:1c:c9:b2:e3:2b:e8:8d:40:
f7:43:ca:c2:ad:51:49:a6:10:d0:57:c0:e4:c9:a9:
28:3a:7c:6d:b9:37:6b:86:f7:21:96:b2:d3:30:4d:
91:55:f8:a0:48:21:a8:d1:0f:71:c3:7b:7e:1d:5e:
5a:5c:1f:ec:53:dd:c0:09:29:91:8d:ba:2e:51:ba:
9f:03:33:9e:6a:e3:e1:48:19:35:03:fc:0f:20:70:
77:c2:15:d8:2c:75:18:a2:c6:bf:95:d4:ce:0f:8c:
e3:60:a5:a3:54:e2:e3:0c:c5:0c:0c:4e:8e:cc:7c:
60:8e:61:bb:2d:27:76:3e:ed:cf:fd:f0:06:8b:2a:
fe:37:96:8c:c7:7a:93:65:ca:86:38:a9:b4:8d:ef:
75:3c:60:2a:b8:bc:91:69:ea:e8:34:d2:d3:53:b5:
b4:57:62:93:09:14:73:c3:fe:2a:32:cc:83:3e:b0:
5b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BE:85:0E:6B:88:4E:E3:C4:DA:12:D4:5B:C3:F6:FA:8C:5A:84:2A
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/w76FDmuITuPE2hLUW8P2-oxahCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.64.0/19
85.14.0.0/18
89.252.192.0/18
176.67.233.0-176.67.234.255
185.92.132.0/22
194.12.224.0/19
IPv6:
2001:1ae0::/32
Signature Algorithm: sha256WithRSAEncryption
c0:8b:b5:fb:a1:f4:2f:85:93:59:b1:bb:b4:98:be:b4:ea:69:
6d:bd:83:8f:ec:9a:92:e6:19:4f:09:df:5a:03:e1:d9:4b:d8:
c3:82:cb:45:a1:26:5f:da:70:48:c9:d7:ce:c4:6e:03:75:e3:
22:53:3f:5c:aa:05:17:b9:9f:6d:f4:47:2c:a3:72:36:a4:e2:
a1:bb:24:1d:23:c4:0d:8f:83:46:86:3e:0c:2d:29:95:fa:06:
bb:45:a2:bc:42:5b:cb:c0:7a:f3:4d:59:80:f8:e8:5e:0b:d5:
ed:29:8e:e3:a3:46:b8:03:1d:9f:b1:a1:d0:53:db:83:e1:bf:
64:b1:bf:55:f4:95:06:8d:c7:ab:e0:e7:a7:53:44:c2:27:4d:
2f:cc:91:3d:23:8d:69:12:01:52:be:5d:9e:67:58:4f:e1:2e:
04:8e:94:fa:57:51:12:69:c4:c9:17:a4:8e:e7:c4:7c:b6:59:
94:81:dc:0a:d3:3d:b9:8d:62:a4:df:84:5c:9e:a2:fa:b7:5a:
4b:f9:5b:8f:78:ba:b7:68:3f:e3:18:ab:56:8d:ec:2c:fc:c2:
f3:51:ef:17:09:8d:39:bd:de:fb:b2:26:5e:80:6a:c4:e2:83:
bc:be:f3:c5:ec:7a:94:f6:24:1a:6d:5e:91:3c:fe:01:31:01:
7f:d6:14:80
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYV2u5D2wlkmLrelKRgLnx6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAzMDgyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2JlODUwZTZiODg0ZWUzYzRkYTEyZDQ1YmMzZjZmYThjNWE4NDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbK1O1BOgWfZsFPU8nCE2dmxYVbp
la65FAYAdqLc2yAZ7Aq+e+gw0a2NV/kZYqzCXeD1Z9EhmHvJa5pWRdo+zX9MRVg7
nFo5ijvtVm8/61abHMmy4yvojUD3Q8rCrVFJphDQV8DkyakoOnxtuTdrhvchlrLT
ME2RVfigSCGo0Q9xw3t+HV5aXB/sU93ACSmRjbouUbqfAzOeauPhSBk1A/wPIHB3
whXYLHUYosa/ldTOD4zjYKWjVOLjDMUMDE6OzHxgjmG7LSd2Pu3P/fAGiyr+N5aM
x3qTZcqGOKm0je91PGAquLyRaeroNNLTU7W0V2KTCRRzw/4qMsyDPrBbvwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFMO+hQ5riE7jxNoS1FvD9vqMWoQqMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvdzc2RkRtdUlUdVBFMmhMVVc4UDItb3hhaENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQFUndAAwQG
VQ4AAwQGWfzAMAwDBACwQ+kDBACwQ+oDBAK5XIQDBAXCDOAwDQQCAAIwBwMFACAB
GuAwDQYJKoZIhvcNAQELBQADggEBAMCLtfuh9C+Fk1mxu7SYvrTqaW29g4/smpLm
GU8J31oD4dlL2MOCy0WhJl/acEjJ187EbgN14yJTP1yqBRe5n230Ryyjcjak4qG7
JB0jxA2Pg0aGPgwtKZX6BrtForxCW8vAevNNWYD46F4L1e0pjuOjRrgDHZ+xodBT
24Phv2Sxv1X0lQaNx6vg56dTRMInTS/MkT0jjWkSAVK+XZ5nWE/hLgSOlPpXURJp
xMkXpI7nxHy2WZSB3ArTPbmNYqTfhFyeovq3Wkv5W494urdoP+MYq1aN7Cz8wvNR
7xcJjTm93vuyJl6AasTig7y+88XsepT2JBptXpE8/gExAX/WFIA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:28 2025 by rpki-client