Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/v0Oagg7OdyoAEcWUAHnd4eO5Uz0.roa
File: v0Oagg7OdyoAEcWUAHnd4eO5Uz0.roa (raw, json)
Hash identifier: nQQevAvf7EDoJOe9ImvZ9tIkLX4PpF8QajFbMHjq1PY=
Subject key identifier: BF:43:9A:82:0E:CE:77:2A:00:11:C5:94:00:79:DD:E1:E3:B9:53:3D
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 0186E04DE8C018B2F4781126CF3E5241AFB9
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/v0Oagg7OdyoAEcWUAHnd4eO5Uz0.roa
Signing time: Tue 14 Mar 2023 13:27:27 +0000
ROA not before: Tue 14 Mar 2023 13:27:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39216
IP address blocks: 188.72.60.0/24 maxlen: 24
188.72.63.0/24 maxlen: 24
188.72.62.0/24 maxlen: 24
188.72.61.0/24 maxlen: 24
188.72.35.0/24 maxlen: 24
188.72.34.0/24 maxlen: 24
188.72.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:4d:e8:c0:18:b2:f4:78:11:26:cf:3e:52:41:af:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Mar 14 13:27:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf439a820ece772a0011c5940079dde1e3b9533d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d8:15:18:43:01:92:c5:52:f0:09:0b:c1:db:
9a:f1:d2:f1:76:4b:2b:9a:8c:ed:c6:d0:12:63:ad:
4d:db:34:85:ab:fc:31:00:f9:61:d2:20:3d:06:9a:
6a:0e:f3:01:80:28:16:f1:5a:92:8a:b2:14:55:ae:
6c:c5:82:a1:47:fb:1e:88:c2:54:72:7f:32:7f:61:
02:31:f4:9a:34:71:0e:fb:9a:7b:59:d5:6c:83:4f:
1f:c8:42:8d:46:68:b1:cd:fc:98:b9:1f:3c:f8:a8:
d5:84:63:7e:c1:8d:c0:3f:79:4d:81:0a:05:cc:be:
a7:ab:6a:9a:0a:4a:2b:74:d5:f3:2e:fe:e0:d9:1c:
4b:36:d0:35:6a:9c:68:63:ad:22:27:00:a7:38:e5:
1f:46:05:17:90:e6:97:ef:54:84:65:7a:cc:24:22:
fe:96:fd:8c:b3:98:31:bb:6e:58:6e:d1:64:8d:89:
5a:61:42:1a:10:65:b4:23:6d:76:8f:5b:e8:0a:c6:
29:37:fb:29:6b:2e:79:6c:c0:39:47:5f:f6:98:13:
05:bf:e1:79:44:9f:bb:d5:07:7a:9f:f0:9c:65:88:
2b:3d:58:97:e3:be:b6:87:a1:22:c2:2e:27:7b:4a:
86:d3:f1:1a:02:b9:9f:20:aa:99:fa:f7:63:0f:67:
2d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:43:9A:82:0E:CE:77:2A:00:11:C5:94:00:79:DD:E1:E3:B9:53:3D
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/v0Oagg7OdyoAEcWUAHnd4eO5Uz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.34.0/23
188.72.40.0/24
188.72.60.0/22
Signature Algorithm: sha256WithRSAEncryption
94:e4:1c:09:99:62:35:9b:a7:79:88:fb:ac:34:43:c1:05:6d:
59:9e:db:67:06:3f:ff:66:82:e0:bb:58:f1:2d:65:5f:fc:ac:
31:60:5c:a2:4f:08:64:e7:54:b7:4b:ed:09:e2:c0:31:57:ab:
da:04:22:52:57:6c:12:b0:fe:f6:ca:a4:ba:4f:2a:08:c9:ff:
6f:56:1a:98:ef:c7:b7:55:be:14:0c:e4:53:98:f9:bd:3d:63:
f0:b1:fd:7d:87:bd:0f:e4:7e:1b:0a:7d:ed:2e:8a:34:e0:f5:
44:b2:46:f2:ae:6e:3e:d9:a9:5e:e3:1b:89:06:a7:6e:e8:32:
29:a9:e5:73:91:23:3c:4a:15:74:8a:97:bb:8d:65:4c:da:dd:
57:1d:fb:91:01:33:27:df:4c:b1:fe:94:d8:8e:ac:ea:fd:eb:
0e:ad:b8:66:02:b3:05:e4:0f:6c:6f:4e:a2:f2:48:c3:c8:a9:
d9:ca:2d:47:05:cd:f9:61:f8:b9:90:6a:b0:97:14:ee:ac:44:
28:5c:ba:46:a9:6c:ad:2e:05:9d:9c:95:81:96:2c:16:a2:34:
cf:93:0d:f1:63:5f:9f:a8:da:bb:45:c7:0b:ee:5e:1b:9e:26:
b2:ef:90:78:7d:95:9d:0b:a9:97:38:6a:5a:64:c2:11:29:01:
36:e2:f2:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbgTejAGLL0eBEmzz5SQa+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjMwMzE0MTMyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQzOWE4MjBlY2U3NzJhMDAxMWM1OTQwMDc5ZGRlMWUzYjk1MzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9gVGEMBksVS8AkLwdua8dLxdksr
moztxtASY61N2zSFq/wxAPlh0iA9BppqDvMBgCgW8VqSirIUVa5sxYKhR/seiMJU
cn8yf2ECMfSaNHEO+5p7WdVsg08fyEKNRmixzfyYuR88+KjVhGN+wY3AP3lNgQoF
zL6nq2qaCkordNXzLv7g2RxLNtA1apxoY60iJwCnOOUfRgUXkOaX71SEZXrMJCL+
lv2Ms5gxu25YbtFkjYlaYUIaEGW0I212j1voCsYpN/spay55bMA5R1/2mBMFv+F5
RJ+71Qd6n/CcZYgrPViX4762h6Eiwi4ne0qG0/EaArmfIKqZ+vdjD2ctLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL9DmoIOzncqABHFlAB53eHjuVM9MB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvdjBPYWdnN09keW9BRWNXVUFIbmQ0ZU81VXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBvEgiAwQA
vEgoAwQCvEg8MA0GCSqGSIb3DQEBCwUAA4IBAQCU5BwJmWI1m6d5iPusNEPBBW1Z
nttnBj//ZoLgu1jxLWVf/KwxYFyiTwhk51S3S+0J4sAxV6vaBCJSV2wSsP72yqS6
TyoIyf9vVhqY78e3Vb4UDORTmPm9PWPwsf19h70P5H4bCn3tLoo04PVEskbyrm4+
2ale4xuJBqdu6DIpqeVzkSM8ShV0ipe7jWVM2t1XHfuRATMn30yx/pTYjqzq/esO
rbhmArMF5A9sb06i8kjDyKnZyi1HBc35Yfi5kGqwlxTurEQoXLpGqWytLgWdnJWB
liwWojTPkw3xY1+fqNq7RccL7l4bniay75B4fZWdC6mXOGpaZMIRKQE24vLG
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:03:50 2025 by rpki-client