Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/OFDsZj50yI18ny68h4tOrHu_mDM.roa
File: OFDsZj50yI18ny68h4tOrHu_mDM.roa (raw, json)
Hash identifier: MQAEkU0YcNEcNyWbe3Jc6nAE1TEtxT9gkcdJNYtbreI=
Subject key identifier: 38:50:EC:66:3E:74:C8:8D:7C:9F:2E:BC:87:8B:4E:AC:7B:BF:98:33
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42E72A78
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/OFDsZj50yI18ny68h4tOrHu_mDM.roa
Signing time: Fri 04 Feb 2022 11:05:15 +0000
ROA not before: Fri 04 Feb 2022 11:05:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43893
IP address blocks: 192.165.66.0/24 maxlen: 24
194.103.4.0/24 maxlen: 24
194.103.221.0/24 maxlen: 24
194.71.224.0/24 maxlen: 24
194.103.17.0/24 maxlen: 24
192.165.30.0/24 maxlen: 24
194.71.161.0/24 maxlen: 24
194.71.162.0/24 maxlen: 24
194.132.80.0/24 maxlen: 24
193.234.52.0/24 maxlen: 24
194.132.82.0/23 maxlen: 23
193.234.53.0/24 maxlen: 24
192.121.13.0/24 maxlen: 24
194.132.30.0/24 maxlen: 24
192.121.62.0/24 maxlen: 24
192.71.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1122445944 (0x42e72a78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 4 11:05:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3850ec663e74c88d7c9f2ebc878b4eac7bbf9833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:80:d0:a9:6c:57:47:eb:d4:08:f3:51:7b:1e:
1c:72:d4:06:0c:fa:84:24:a5:92:97:be:b9:8f:ed:
82:62:91:02:d3:30:8c:86:47:c1:97:da:2c:d8:cb:
1d:20:67:f4:ca:f1:fc:3f:b1:8e:49:68:4d:65:e5:
41:7e:cd:0e:e4:be:6e:0e:ab:01:93:21:c1:2c:96:
3d:4d:c4:4a:ce:91:97:62:e1:f7:b7:f6:9e:1f:9e:
92:a6:fe:a0:34:7b:9e:07:8f:27:65:77:48:a4:79:
13:fb:45:cc:56:c7:35:72:ab:06:37:bc:b8:74:7b:
24:a6:57:d5:e0:aa:8d:26:34:39:28:87:f6:4c:e5:
bb:ee:e8:a0:db:7f:92:6b:1a:df:cc:22:96:5a:72:
9a:94:d2:42:78:7e:0b:cd:10:b1:1a:8e:1e:22:28:
10:5e:d5:07:1e:23:30:4a:ce:62:b7:c2:02:ab:2f:
bf:12:43:91:20:cd:da:c2:ef:7b:0a:66:07:2c:2b:
41:d8:b3:de:80:72:47:b1:a5:c6:61:f2:4b:f2:c8:
35:a6:0b:6e:a5:9b:02:41:31:b0:14:ef:fd:da:f7:
38:89:e9:b3:7d:bf:22:20:50:fa:c0:33:b3:25:c4:
7d:75:29:92:53:64:ef:a7:83:48:1b:44:22:fd:f8:
6e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:50:EC:66:3E:74:C8:8D:7C:9F:2E:BC:87:8B:4E:AC:7B:BF:98:33
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/OFDsZj50yI18ny68h4tOrHu_mDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.58.0/24
192.121.13.0/24
192.121.62.0/24
192.165.30.0/24
192.165.66.0/24
193.234.52.0/23
194.71.161.0-194.71.162.255
194.71.224.0/24
194.103.4.0/24
194.103.17.0/24
194.103.221.0/24
194.132.30.0/24
194.132.80.0/24
194.132.82.0/23
Signature Algorithm: sha256WithRSAEncryption
30:d3:71:cb:0d:91:c9:dc:3b:f3:82:27:b9:2b:44:e5:9d:d0:
1a:15:95:20:e2:80:84:06:4e:f8:a5:7e:0b:c8:96:50:f6:27:
5a:fc:d5:c6:9b:2a:66:37:7b:f4:66:aa:23:93:17:51:f1:29:
b1:d2:fd:8b:ee:62:37:6d:0f:a9:4d:2b:bb:fe:47:53:99:f4:
6d:55:f0:92:78:86:8c:19:3e:89:8f:ac:03:67:34:5d:5d:39:
6f:44:82:e1:e6:25:96:2b:af:ba:c8:01:d7:f4:9d:0e:80:54:
d7:29:f3:22:ca:37:5f:86:93:8c:df:39:0f:c4:3c:26:9f:2f:
b2:b6:b7:2a:8c:21:e1:a5:2f:89:f0:2e:08:77:8f:92:2c:ec:
44:3d:9e:26:f3:8b:a8:70:34:86:0a:c6:b8:6e:1e:22:4e:95:
01:de:eb:41:7e:4b:1e:ae:70:41:df:96:b6:c0:b7:b5:17:f9:
9e:5d:f9:59:01:43:9a:99:cd:b8:18:ca:c0:d2:bf:8a:f2:0f:
3c:39:54:37:06:1f:d5:43:af:41:70:37:14:7c:19:62:ea:ab:
e0:05:ef:15:56:b5:96:ed:2f:99:36:6c:82:c0:ad:2f:19:a3:
c0:77:80:3a:8a:9f:34:17:96:80:fd:1e:56:61:87:7e:35:6c:
6c:dc:da:38
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIEQucqeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDIw
NDExMDUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg1MGVjNjYzZTc0
Yzg4ZDdjOWYyZWJjODc4YjRlYWM3YmJmOTgzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqA0KlsV0fr1AjzUXseHHLUBgz6hCSlkpe+uY/tgmKRAtMw
jIZHwZfaLNjLHSBn9Mrx/D+xjkloTWXlQX7NDuS+bg6rAZMhwSyWPU3ESs6Rl2Lh
97f2nh+ekqb+oDR7ngePJ2V3SKR5E/tFzFbHNXKrBje8uHR7JKZX1eCqjSY0OSiH
9kzlu+7ooNt/kmsa38willpympTSQnh+C80QsRqOHiIoEF7VBx4jMErOYrfCAqsv
vxJDkSDN2sLvewpmBywrQdiz3oByR7GlxmHyS/LINaYLbqWbAkExsBTv/dr3OInp
s32/IiBQ+sAzsyXEfXUpklNk76eDSBtEIv34bkkCAwEAAaOCAl8wggJbMB0GA1Ud
DgQWBBQ4UOxmPnTIjXyfLryHi06se7+YMzAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L09GRHNaajUweUkxOG55NjhoNHRPckh1X21ETS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1
BggrBgEFBQcBBwEB/wRmMGQwYgQCAAEwXAMEAMBHOgMEAMB5DQMEAMB5PgMEAMCl
HgMEAMClQgMEAcHqNDAMAwQAwkehAwQAwkeiAwQAwkfgAwQAwmcEAwQAwmcRAwQA
wmfdAwQAwoQeAwQAwoRQAwQBwoRSMA0GCSqGSIb3DQEBCwUAA4IBAQAw03HLDZHJ
3Dvzgie5K0TlndAaFZUg4oCEBk74pX4LyJZQ9ida/NXGmypmN3v0ZqojkxdR8Smx
0v2L7mI3bQ+pTSu7/kdTmfRtVfCSeIaMGT6Jj6wDZzRdXTlvRILh5iWWK6+6yAHX
9J0OgFTXKfMiyjdfhpOM3zkPxDwmny+ytrcqjCHhpS+J8C4Id4+SLOxEPZ4m84uo
cDSGCsa4bh4iTpUB3utBfksernBB35a2wLe1F/meXflZAUOamc24GMrA0r+K8g88
OVQ3Bh/VQ69BcDcUfBli6qvgBe8VVrWW7S+ZNmyCwK0vGaPAd4A6ip80F5aA/R5W
YYd+NWxs3No4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:01 2025 by rpki-client