Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/d2OSm-UR_BQ5QrNvlaRQaa4PxoI.roa
File: d2OSm-UR_BQ5QrNvlaRQaa4PxoI.roa (raw, json)
Hash identifier: LHG4XHUjR9Jyqcw3zurks3F3DXTZf+cr+xL1oFo/YdE=
Subject key identifier: 77:63:92:9B:E5:11:FC:14:39:42:B3:6F:95:A4:50:69:AE:0F:C6:82
Certificate issuer: /CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Certificate serial: 018506AD366D5128153958F43968BF25FFC2
Authority key identifier: 1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/d2OSm-UR_BQ5QrNvlaRQaa4PxoI.roa
Signing time: Mon 12 Dec 2022 14:11:33 +0000
ROA not before: Mon 12 Dec 2022 14:11:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41176
IP address blocks: 188.117.64.0/18 maxlen: 18
188.117.76.0/24 maxlen: 24
188.117.76.0/22 maxlen: 22
188.117.77.0/24 maxlen: 24
188.117.78.0/24 maxlen: 24
188.117.72.0/22 maxlen: 22
188.117.84.0/22 maxlen: 22
188.117.84.0/24 maxlen: 24
188.117.85.0/24 maxlen: 24
188.117.81.0/24 maxlen: 24
188.117.86.0/24 maxlen: 24
188.117.87.0/24 maxlen: 24
188.117.93.0/24 maxlen: 24
188.117.96.0/21 maxlen: 21
188.117.104.0/24 maxlen: 24
188.117.100.0/23 maxlen: 23
188.117.107.0/24 maxlen: 24
188.117.109.0/24 maxlen: 24
188.117.124.0/24 maxlen: 24
212.76.64.0/24 maxlen: 24
212.76.64.0/19 maxlen: 19
212.76.70.0/24 maxlen: 24
212.76.69.0/24 maxlen: 24
212.76.68.0/24 maxlen: 24
212.76.73.0/24 maxlen: 24
212.76.83.0/24 maxlen: 24
212.76.88.0/24 maxlen: 24
212.76.95.0/24 maxlen: 24
89.108.0.0/18 maxlen: 18
89.108.29.0/24 maxlen: 24
89.108.28.0/24 maxlen: 24
89.108.30.0/24 maxlen: 24
89.108.26.0/24 maxlen: 24
89.108.26.0/23 maxlen: 23
89.108.27.0/24 maxlen: 24
213.236.32.0/19 maxlen: 19
213.236.35.0/24 maxlen: 24
213.236.38.0/24 maxlen: 24
213.236.37.0/24 maxlen: 24
185.20.152.0/24 maxlen: 24
185.20.152.0/22 maxlen: 22
213.236.41.0/24 maxlen: 24
213.236.48.0/24 maxlen: 24
213.236.56.0/22 maxlen: 22
213.236.56.0/21 maxlen: 21
213.236.53.0/24 maxlen: 24
213.236.59.0/24 maxlen: 24
213.236.60.0/24 maxlen: 24
89.108.60.0/22 maxlen: 22
2a02:d70::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:ad:36:6d:51:28:15:39:58:f4:39:68:bf:25:ff:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Validity
Not Before: Dec 12 14:11:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7763929be511fc143942b36f95a45069ae0fc682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:dd:e4:d4:09:27:e3:6a:40:d6:e0:46:20:2f:
82:52:30:a3:91:26:84:51:b0:df:6e:56:1e:64:32:
1c:ca:1d:df:ab:aa:08:9b:81:1d:22:c1:4a:b8:69:
eb:6d:a8:76:a7:96:3a:d2:74:b1:72:43:1c:02:74:
60:3b:15:fb:81:c7:85:0e:7e:6c:58:26:dc:1d:0d:
0b:dc:16:0f:54:5d:23:b9:e6:e8:d2:b4:59:a8:95:
95:b7:eb:9f:7e:02:44:41:99:ad:3b:d2:9c:bf:fb:
1b:f9:bc:d4:13:26:e3:03:c6:e8:8a:db:9f:c9:bf:
04:90:3f:37:91:99:82:bf:5d:1e:9d:3a:d8:c1:28:
00:a0:6a:46:0a:a9:03:e3:af:96:c5:18:1b:1e:8e:
2a:d1:0f:d4:7c:58:a0:88:09:a7:81:13:7c:4d:53:
be:9d:ad:f3:9b:37:a6:8b:cc:f5:ec:2f:f9:19:09:
b9:63:39:a2:62:5e:79:e5:35:b1:91:53:e9:07:dd:
3b:fe:86:05:e5:ab:0a:b5:3e:cd:1c:85:90:9a:78:
e8:f0:e6:30:b8:9e:92:d6:07:ac:f6:e5:c9:59:5f:
5d:50:e1:33:ab:26:83:22:77:e7:83:86:07:15:7e:
a4:b1:a1:13:c3:8c:e7:09:83:a2:01:b7:96:2e:99:
02:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:63:92:9B:E5:11:FC:14:39:42:B3:6F:95:A4:50:69:AE:0F:C6:82
X509v3 Authority Key Identifier:
keyid:1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/d2OSm-UR_BQ5QrNvlaRQaa4PxoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.0.0/18
185.20.152.0/22
188.117.64.0/18
212.76.64.0/19
213.236.32.0/19
IPv6:
2a02:d70::/32
Signature Algorithm: sha256WithRSAEncryption
3a:fc:14:5d:c4:ab:95:06:11:1e:ac:f3:9e:37:73:51:36:f3:
6d:82:f1:23:16:5f:d0:5a:f6:f6:b8:ad:84:66:bf:32:bf:72:
78:44:42:7f:f8:be:60:d6:44:94:1b:2c:19:45:48:a9:e7:fa:
5f:87:c8:d8:1b:f4:b8:50:91:27:4d:a0:69:31:c5:d2:2c:d5:
00:93:14:03:9d:83:11:68:84:26:5d:34:65:14:64:1a:f8:1f:
8e:1d:a3:22:7c:86:05:8c:b5:3d:64:0f:5b:1f:97:cc:b2:19:
f8:de:d1:4c:25:f0:c3:3f:c6:98:5b:13:28:89:fb:99:cd:e6:
43:68:cc:09:f0:3c:91:40:f4:fc:65:bd:b0:60:e1:82:ad:84:
7d:f4:d4:e1:bb:dd:f9:52:05:b3:51:be:f4:23:57:48:ef:c9:
90:13:9f:2d:ee:3a:e4:58:f4:4c:b5:ea:31:55:4e:13:93:0f:
ce:c2:79:d9:05:2c:9b:5c:bb:48:b9:34:39:38:1e:61:f9:1a:
22:71:cf:04:02:44:0f:5b:31:23:20:1d:72:68:0d:04:e8:49:
e9:44:4a:fb:c7:1d:b3:b1:c0:59:aa:4d:72:3d:0a:b5:f5:9f:
55:63:5d:8d:d2:e7:9b:ed:1f:8b:ed:55:5c:4c:c7:a1:02:aa:
21:99:23:c5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYUGrTZtUSgVOVj0OWi/Jf/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMmE0YmZkMmMwYzY5NzY1YTgyOTllZjc0OTY1Zjg2MmE3
MTQ4YjcwHhcNMjIxMjEyMTQxMTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzYzOTI5YmU1MTFmYzE0Mzk0MmIzNmY5NWE0NTA2OWFlMGZjNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgN3k1Akn42pA1uBGIC+CUjCjkSaE
UbDfblYeZDIcyh3fq6oIm4EdIsFKuGnrbah2p5Y60nSxckMcAnRgOxX7gceFDn5s
WCbcHQ0L3BYPVF0juebo0rRZqJWVt+uffgJEQZmtO9Kcv/sb+bzUEybjA8boituf
yb8EkD83kZmCv10enTrYwSgAoGpGCqkD46+WxRgbHo4q0Q/UfFigiAmngRN8TVO+
na3zmzemi8z17C/5GQm5YzmiYl555TWxkVPpB907/oYF5asKtT7NHIWQmnjo8OYw
uJ6S1ges9uXJWV9dUOEzqyaDInfng4YHFX6ksaETw4znCYOiAbeWLpkCYQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHdjkpvlEfwUOUKzb5WkUGmuD8aCMB8GA1UdIwQY
MBaAFBoqS/0sDGl2WoKZ73SWX4YqcUi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUt
YmI3MDgwMGMyYTY1LzEvZDJPU20tVVJfQlE1UXJOdmxhUlFhYTRQeG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUtYmI3MDgwMGMyYTY1
LzEvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGWWwAAwQC
uRSYAwQGvHVAAwQF1ExAAwQF1ewgMA0EAgACMAcDBQAqAg1wMA0GCSqGSIb3DQEB
CwUAA4IBAQA6/BRdxKuVBhEerPOeN3NRNvNtgvEjFl/QWvb2uK2EZr8yv3J4REJ/
+L5g1kSUGywZRUip5/pfh8jYG/S4UJEnTaBpMcXSLNUAkxQDnYMRaIQmXTRlFGQa
+B+OHaMifIYFjLU9ZA9bH5fMshn43tFMJfDDP8aYWxMoifuZzeZDaMwJ8DyRQPT8
Zb2wYOGCrYR99NThu935UgWzUb70I1dI78mQE58t7jrkWPRMteoxVU4Tkw/OwnnZ
BSybXLtIuTQ5OB5h+Roicc8EAkQPWzEjIB1yaA0E6EnpREr7xx2zscBZqk1yPQq1
9Z9VY12N0ueb7R+L7VVcTMehAqohmSPF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:39 2025 by rpki-client