Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/oCIf_59RvRKPBZAXSAPMSf-Ta0Q.roa
File: oCIf_59RvRKPBZAXSAPMSf-Ta0Q.roa (raw, json)
Hash identifier: /60IRf0Y0n3stRDMa+DJKG1ZA2C5uYM9tiZo1/yUGaw=
Subject key identifier: A0:22:1F:FF:9F:51:BD:12:8F:05:90:17:48:03:CC:49:FF:93:6B:44
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 01849F7D40566E6661D2F4839F8701985BF4
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/oCIf_59RvRKPBZAXSAPMSf-Ta0Q.roa
Signing time: Tue 22 Nov 2022 13:18:16 +0000
ROA not before: Tue 22 Nov 2022 13:18:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42739
IP address blocks: 188.112.57.0/24 maxlen: 24
92.55.220.0/24 maxlen: 24
92.55.226.0/24 maxlen: 24
77.242.224.0/20 maxlen: 20
77.242.233.0/24 maxlen: 24
77.242.234.0/24 maxlen: 24
77.242.235.0/24 maxlen: 24
188.112.0.0/18 maxlen: 18
185.46.92.0/22 maxlen: 22
78.159.64.0/20 maxlen: 20
78.159.83.0/24 maxlen: 24
92.55.192.0/18 maxlen: 18
37.139.148.0/24 maxlen: 24
37.139.149.0/24 maxlen: 24
37.139.144.0/24 maxlen: 24
37.139.145.0/24 maxlen: 24
2a02:7f0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:7d:40:56:6e:66:61:d2:f4:83:9f:87:01:98:5b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Nov 22 13:18:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0221fff9f51bd128f0590174803cc49ff936b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:15:b3:f0:00:66:1a:95:33:fe:b9:ba:88:32:
31:12:ce:ae:01:63:8c:60:a2:75:c8:73:dc:8b:90:
84:4a:d3:5b:3c:1d:72:c4:61:1c:ff:73:16:14:21:
3a:5a:14:11:d1:2f:40:36:2b:13:2b:65:b1:8e:35:
85:65:b3:60:e0:f1:cd:b0:e8:a6:25:d6:72:34:06:
32:56:20:88:21:ab:d0:da:da:fc:71:8c:3e:eb:eb:
3a:9b:a1:c1:fd:f2:58:e7:df:48:39:de:93:b6:ed:
1d:b7:24:d3:31:5c:33:46:c5:87:a4:a7:16:84:0e:
56:ad:7f:20:f4:80:b6:63:e0:a4:a1:6b:be:6c:b1:
05:de:18:b4:cb:e3:39:d0:f9:e9:df:c5:e2:2c:db:
78:e5:08:ab:9f:fd:43:ff:a3:1e:d6:07:1c:f5:56:
4c:72:92:77:5a:54:d8:c1:34:26:c7:fc:0b:bd:24:
51:ae:af:b0:44:1d:73:7f:ee:dc:6b:7d:aa:05:40:
68:c5:94:52:61:4d:f8:10:c1:33:08:a5:80:fd:74:
14:7b:e1:bb:75:30:3d:ab:2f:8c:ee:55:c5:1d:a8:
4d:bc:e9:5a:88:1e:83:e0:57:1d:a3:0b:70:38:9b:
77:18:cf:5c:90:3e:43:d4:cd:d6:71:fd:37:12:b8:
c3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:22:1F:FF:9F:51:BD:12:8F:05:90:17:48:03:CC:49:FF:93:6B:44
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/oCIf_59RvRKPBZAXSAPMSf-Ta0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.144.0/23
37.139.148.0/23
77.242.224.0/20
78.159.64.0/20
78.159.83.0/24
92.55.192.0/18
185.46.92.0/22
188.112.0.0/18
IPv6:
2a02:7f0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:43:eb:4e:17:9f:ab:0c:fb:93:70:39:0f:78:50:e0:35:0f:
2a:4b:8c:5b:ef:62:90:92:be:28:63:bd:c7:31:41:d0:64:64:
82:44:27:92:e6:0a:df:91:62:a0:82:05:19:db:61:d7:1e:8a:
32:c4:18:3e:39:9f:eb:e9:fd:09:b1:a1:b4:b2:d1:55:46:93:
3d:fc:04:49:5a:79:f5:54:d3:d3:cc:6d:04:b5:1b:38:13:06:
58:95:2e:82:ed:a0:78:f9:f8:42:54:1d:b7:ab:ad:54:19:47:
47:13:fb:aa:d8:7b:57:db:93:58:1a:74:89:1c:7d:1a:5d:19:
90:fd:f7:d6:fc:74:36:a2:83:2f:62:6b:16:a4:01:53:c7:94:
34:d5:5f:66:b7:5f:3d:20:4d:fa:fc:3c:16:30:c0:1b:ba:ea:
5f:4b:cb:89:7b:0d:e7:09:b1:34:ff:8a:da:cf:e7:61:c5:af:
3a:ae:80:78:01:75:fd:ed:b2:cc:6b:e0:ad:0f:00:c0:c5:a8:
19:f1:d3:27:0e:8a:16:8d:5b:93:20:7e:91:58:dd:58:00:be:
2d:d6:66:49:63:5f:7e:7e:37:5e:f3:53:2c:66:e0:e7:c2:d0:
65:e5:60:bb:c0:11:9d:f5:9a:d1:8c:e1:0c:49:56:a0:fe:5a:
e4:b4:c2:1c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYSffUBWbmZh0vSDn4cBmFv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjIxMTIyMTMxODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIyMWZmZjlmNTFiZDEyOGYwNTkwMTc0ODAzY2M0OWZmOTM2YjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBWz8ABmGpUz/rm6iDIxEs6uAWOM
YKJ1yHPci5CEStNbPB1yxGEc/3MWFCE6WhQR0S9ANisTK2WxjjWFZbNg4PHNsOim
JdZyNAYyViCIIavQ2tr8cYw+6+s6m6HB/fJY599IOd6Ttu0dtyTTMVwzRsWHpKcW
hA5WrX8g9IC2Y+CkoWu+bLEF3hi0y+M50Pnp38XiLNt45Qirn/1D/6Me1gcc9VZM
cpJ3WlTYwTQmx/wLvSRRrq+wRB1zf+7ca32qBUBoxZRSYU34EMEzCKWA/XQUe+G7
dTA9qy+M7lXFHahNvOlaiB6D4FcdowtwOJt3GM9ckD5D1M3Wcf03ErjDqwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFKAiH/+fUb0SjwWQF0gDzEn/k2tEMB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvb0NJZl81OVJ2UktQQlpBWFNBUE1TZi1UYTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQBJYuQAwQB
JYuUAwQETfLgAwQETp9AAwQATp9TAwQGXDfAAwQCuS5cAwQGvHAAMA0EAgACMAcD
BQAqAgfwMA0GCSqGSIb3DQEBCwUAA4IBAQArQ+tOF5+rDPuTcDkPeFDgNQ8qS4xb
72KQkr4oY73HMUHQZGSCRCeS5grfkWKgggUZ22HXHooyxBg+OZ/r6f0JsaG0stFV
RpM9/ARJWnn1VNPTzG0EtRs4EwZYlS6C7aB4+fhCVB23q61UGUdHE/uq2HtX25NY
GnSJHH0aXRmQ/ffW/HQ2ooMvYmsWpAFTx5Q01V9mt189IE36/DwWMMAbuupfS8uJ
ew3nCbE0/4raz+dhxa86roB4AXX97bLMa+CtDwDAxagZ8dMnDooWjVuTIH6RWN1Y
AL4t1mZJY19+fjde81MsZuDnwtBl5WC7wBGd9ZrRjOEMSVag/lrktMIc
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:28 2025 by rpki-client