Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/0JmBis_Vl95-Wf5Df0a6sHbs4q4.roa
File: 0JmBis_Vl95-Wf5Df0a6sHbs4q4.roa (raw, json)
Hash identifier: 7OyEvkYHL25Oj63pUENm6SVqQOSrACh9lOPqwK5oS+0=
Subject key identifier: D0:99:81:8A:CF:D5:97:DE:7E:59:FE:43:7F:46:BA:B0:76:EC:E2:AE
Certificate issuer: /CN=ac5eadc0032850236fee756eb58fbf05e1316b5e
Certificate serial: 1A41D854
Authority key identifier: AC:5E:AD:C0:03:28:50:23:6F:EE:75:6E:B5:8F:BF:05:E1:31:6B:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rF6twAMoUCNv7nVutY-_BeExa14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/0JmBis_Vl95-Wf5Df0a6sHbs4q4.roa
Signing time: Sat 01 Jan 2022 16:05:19 +0000
ROA not before: Sat 01 Jan 2022 16:05:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199938
IP address blocks: 194.39.215.0/24 maxlen: 24
194.40.244.0/24 maxlen: 24
194.39.187.0/24 maxlen: 24
185.41.106.0/23 maxlen: 24
194.41.1.0/24 maxlen: 24
2a01:55e0::/29 maxlen: 48
2a01:55e0::/30 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 440522836 (0x1a41d854)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac5eadc0032850236fee756eb58fbf05e1316b5e
Validity
Not Before: Jan 1 16:05:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d099818acfd597de7e59fe437f46bab076ece2ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c0:8e:7f:50:96:52:2e:b3:73:01:77:9a:bb:
5b:51:5d:2c:ff:6a:87:dd:d6:6d:dd:fc:0f:d1:9d:
4a:a6:9c:b4:7f:77:1f:87:72:e5:79:87:39:38:d6:
22:be:42:c3:51:4e:7e:fd:7a:aa:ee:b6:c7:b7:a9:
d0:7b:c1:ff:e6:f4:22:87:f0:09:74:fa:0f:03:4d:
4a:09:7f:e3:5f:18:b6:7e:87:b6:c4:2d:c2:60:2f:
a1:f9:7e:82:93:b6:08:90:16:70:80:81:b9:ac:c2:
95:af:b4:80:19:71:1f:35:c7:61:43:3a:07:98:0f:
8d:3c:e2:29:8f:fe:cf:0b:e4:af:6e:2b:9c:14:9e:
bc:51:24:b4:80:f4:77:fd:39:e0:08:c7:10:a8:1a:
59:fa:e5:04:32:1b:6c:f6:65:c8:f7:24:36:7f:ee:
fc:ea:54:95:94:7c:61:be:49:d8:e7:5a:3d:5d:b9:
6c:96:d6:79:25:9d:91:dc:c7:04:69:a1:c5:9a:d7:
c2:ae:7b:16:68:4b:b0:be:f0:98:c6:88:b7:70:8e:
ad:92:be:d3:c1:f6:d0:e8:4e:a1:25:32:db:e9:17:
89:f1:07:ab:6f:0c:b4:ce:71:4c:8f:5f:64:45:44:
70:b0:50:60:02:9c:00:f0:e7:86:eb:28:fa:52:c2:
b6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:99:81:8A:CF:D5:97:DE:7E:59:FE:43:7F:46:BA:B0:76:EC:E2:AE
X509v3 Authority Key Identifier:
keyid:AC:5E:AD:C0:03:28:50:23:6F:EE:75:6E:B5:8F:BF:05:E1:31:6B:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rF6twAMoUCNv7nVutY-_BeExa14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/0JmBis_Vl95-Wf5Df0a6sHbs4q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/rF6twAMoUCNv7nVutY-_BeExa14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.106.0/23
194.39.187.0/24
194.39.215.0/24
194.40.244.0/24
194.41.1.0/24
IPv6:
2a01:55e0::/29
Signature Algorithm: sha256WithRSAEncryption
90:e2:36:4e:e5:44:e6:8e:c9:d2:65:8e:cb:2c:7f:91:9d:94:
75:b5:9d:47:da:8d:67:15:fd:aa:7d:a5:87:88:d9:4f:28:f6:
ec:2a:8e:7b:81:e5:e9:85:d7:d8:f4:4b:fc:ef:61:18:c3:8c:
4e:dd:66:54:06:29:75:fc:e2:e4:f3:a7:95:48:f0:e4:d3:f7:
af:6a:93:25:30:fa:4b:53:e3:21:d2:4d:bc:20:8d:fb:0f:a7:
a1:d2:8f:69:64:7a:03:f1:e4:41:80:e1:e6:66:76:97:10:b8:
f3:cf:2e:af:53:3b:b0:7e:a3:75:c1:5d:7d:ba:40:85:a3:65:
0c:be:de:7b:e1:1a:e4:d4:c9:c4:fb:41:10:f7:a1:91:9a:c7:
a3:d4:bd:aa:6b:8f:b9:33:84:7b:75:6b:8f:9b:26:ef:6c:67:
20:09:3f:67:f1:fd:12:0f:f2:f7:60:63:7f:9c:7f:53:51:89:
a5:19:0c:97:60:14:73:ca:30:60:73:13:af:bd:86:cc:b7:93:
07:0c:4a:34:93:65:4b:07:fd:cc:8a:64:2d:e0:ef:e9:50:ef:
ae:30:ae:72:4a:ad:10:2f:05:10:8c:8c:52:44:2b:a3:66:49:
8d:2c:fb:1a:9b:0f:bc:04:cf:35:a5:ac:0a:41:96:05:cd:7e:
bb:e8:99:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEGkHYVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzVlYWRjMDAzMjg1MDIzNmZlZTc1NmViNThmYmYwNWUxMzE2YjVlMB4XDTIyMDEw
MTE2MDUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA5OTgxOGFjZmQ1
OTdkZTdlNTlmZTQzN2Y0NmJhYjA3NmVjZTJhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvAjn9QllIus3MBd5q7W1FdLP9qh93Wbd38D9GdSqactH93
H4dy5XmHOTjWIr5Cw1FOfv16qu62x7ep0HvB/+b0IofwCXT6DwNNSgl/418Ytn6H
tsQtwmAvofl+gpO2CJAWcICBuazCla+0gBlxHzXHYUM6B5gPjTziKY/+zwvkr24r
nBSevFEktID0d/054AjHEKgaWfrlBDIbbPZlyPckNn/u/OpUlZR8Yb5J2OdaPV25
bJbWeSWdkdzHBGmhxZrXwq57FmhLsL7wmMaIt3COrZK+08H20OhOoSUy2+kXifEH
q28MtM5xTI9fZEVEcLBQYAKcAPDnhuso+lLCthUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTQmYGKz9WX3n5Z/kN/RrqwduzirjAfBgNVHSMEGDAWgBSsXq3AAyhQI2/u
dW61j78F4TFrXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JGNnR3QU1vVUNOdjduVnV0WS1fQmVFeGExNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvNTI5NzVmLWZlYjItNDMzYi1iMmRjLWMyMzhjZTQ4MTdkYi8x
LzBKbUJpc19WbDk1LVdmNURmMGE2c0hiczRxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
NTI5NzVmLWZlYjItNDMzYi1iMmRjLWMyMzhjZTQ4MTdkYi8xL3JGNnR3QU1vVUNO
djduVnV0WS1fQmVFeGExNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAbkpagMEAMInuwMEAMIn1wMEAMIo
9AMEAMIpATANBAIAAjAHAwUDKgFV4DANBgkqhkiG9w0BAQsFAAOCAQEAkOI2TuVE
5o7J0mWOyyx/kZ2UdbWdR9qNZxX9qn2lh4jZTyj27CqOe4Hl6YXX2PRL/O9hGMOM
Tt1mVAYpdfzi5POnlUjw5NP3r2qTJTD6S1PjIdJNvCCN+w+nodKPaWR6A/HkQYDh
5mZ2lxC4888ur1M7sH6jdcFdfbpAhaNlDL7ee+Ea5NTJxPtBEPehkZrHo9S9qmuP
uTOEe3Vrj5sm72xnIAk/Z/H9Eg/y92Bjf5x/U1GJpRkMl2AUc8owYHMTr72GzLeT
BwxKNJNlSwf9zIpkLeDv6VDvrjCuckqtEC8FEIyMUkQro2ZJjSz7GpsPvATPNaWs
CkGWBc1+u+iZHA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:41 2025 by rpki-client