Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6c78da-bded-41a9-b508-302ce1bc99c0/1/oQbiGntDHhCn_lpdZCGXLyOWXbo.roa
File: oQbiGntDHhCn_lpdZCGXLyOWXbo.roa (raw, json)
Hash identifier: ZYbnCjFj5cFpbgVii+fiJAtmiYYDyuyergdMEhDJDZE=
Subject key identifier: A1:06:E2:1A:7B:43:1E:10:A7:FE:5A:5D:64:21:97:2F:23:96:5D:BA
Certificate issuer: /CN=c1c20fbc48fa59a7d8dea57908f350a1b97459df
Certificate serial: 0488656A
Authority key identifier: C1:C2:0F:BC:48:FA:59:A7:D8:DE:A5:79:08:F3:50:A1:B9:74:59:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wcIPvEj6WafY3qV5CPNQobl0Wd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6c78da-bded-41a9-b508-302ce1bc99c0/1/oQbiGntDHhCn_lpdZCGXLyOWXbo.roa
Signing time: Sat 01 Jan 2022 00:58:45 +0000
ROA not before: Sat 01 Jan 2022 00:58:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33930
IP address blocks: 80.75.152.0/21 maxlen: 21
93.187.40.0/21 maxlen: 21
91.223.207.0/24 maxlen: 24
45.15.212.0/22 maxlen: 22
185.56.204.0/22 maxlen: 22
194.6.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76047722 (0x488656a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1c20fbc48fa59a7d8dea57908f350a1b97459df
Validity
Not Before: Jan 1 00:58:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a106e21a7b431e10a7fe5a5d6421972f23965dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b7:73:9c:19:ec:c1:5d:28:27:22:1c:97:3a:
2c:34:55:ec:85:57:67:35:16:ad:c1:51:85:68:5a:
eb:c5:be:5b:ad:95:84:1d:fa:bb:67:ea:1d:35:a6:
86:52:9d:de:3c:15:a8:81:4f:7c:85:47:5b:7f:ae:
8e:2f:01:20:d2:4b:54:aa:81:9f:f2:d5:05:a3:c4:
8a:86:47:6a:a5:10:d6:91:81:34:82:8d:03:b8:f6:
82:f0:dc:71:98:10:e2:1d:67:94:bf:f1:de:40:bc:
c5:d1:32:84:ef:70:4c:50:a6:5f:ba:2a:63:a3:30:
72:70:bd:81:70:c6:a6:71:60:d1:77:3f:9b:03:93:
19:84:ae:4a:b1:85:b9:27:85:92:b0:d9:f9:e3:e0:
93:ff:fe:da:42:81:8c:77:1e:82:28:3a:88:dd:9a:
62:b1:f1:6c:a3:7a:a6:b2:f8:68:e7:08:18:a6:22:
56:40:7f:07:59:0b:95:e5:ed:b5:84:ca:24:bb:aa:
c5:c0:38:1d:2a:f1:0d:cc:80:18:76:e0:e6:29:ef:
84:72:e2:66:84:4d:99:31:a6:e7:d6:d1:3e:75:ef:
e8:7b:fa:64:55:43:43:5f:17:f5:d9:b8:c1:28:36:
e8:de:66:76:9a:74:58:86:de:71:b3:74:44:63:7d:
41:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:06:E2:1A:7B:43:1E:10:A7:FE:5A:5D:64:21:97:2F:23:96:5D:BA
X509v3 Authority Key Identifier:
keyid:C1:C2:0F:BC:48:FA:59:A7:D8:DE:A5:79:08:F3:50:A1:B9:74:59:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wcIPvEj6WafY3qV5CPNQobl0Wd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6c78da-bded-41a9-b508-302ce1bc99c0/1/oQbiGntDHhCn_lpdZCGXLyOWXbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6c78da-bded-41a9-b508-302ce1bc99c0/1/wcIPvEj6WafY3qV5CPNQobl0Wd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.212.0/22
80.75.152.0/21
91.223.207.0/24
93.187.40.0/21
185.56.204.0/22
194.6.240.0/24
Signature Algorithm: sha256WithRSAEncryption
84:d8:d9:6a:e7:87:4a:1b:d9:15:84:5d:92:72:18:24:12:a9:
ee:2c:d3:c6:8e:22:ce:65:c8:4e:30:5e:f5:93:73:9b:e1:6a:
13:c2:e3:61:77:c6:81:0e:2b:37:1a:62:f7:aa:0a:3f:82:69:
eb:15:26:26:68:fb:24:46:ab:a5:ac:5b:9f:9f:6d:99:08:8e:
1c:d1:d3:f8:9e:0b:da:d4:07:8e:57:53:c1:df:51:92:21:02:
86:25:8c:c3:e1:9d:63:b7:a4:9e:3d:f7:d0:f9:61:58:1d:55:
88:fc:0c:83:8a:55:c0:65:96:fb:83:2b:cc:31:f1:01:1a:ad:
da:0d:c7:92:8b:0f:02:72:69:4a:30:44:7c:a8:44:8b:fc:a9:
aa:b8:4e:11:96:0c:af:28:84:20:94:12:e3:90:4d:47:ab:36:
33:77:1d:a3:f6:9f:79:06:8d:31:40:df:92:28:e1:85:e8:bb:
a1:e6:66:b7:57:2e:d2:46:09:2c:f1:f7:fc:8c:26:b8:3e:43:
95:fc:7f:2c:22:df:68:b9:3d:d0:6c:fa:3b:02:d2:6a:60:8d:
b8:7c:5f:07:3f:22:4d:29:d3:e4:6a:ab:02:7f:b8:7f:76:34:
ce:6f:34:60:d3:3d:67:0f:a6:7e:db:6a:2c:8e:2d:db:03:cf:
f3:71:be:26
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBIhlajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWMyMGZiYzQ4ZmE1OWE3ZDhkZWE1NzkwOGYzNTBhMWI5NzQ1OWRmMB4XDTIyMDEw
MTAwNTg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTEwNmUyMWE3YjQz
MWUxMGE3ZmU1YTVkNjQyMTk3MmYyMzk2NWRiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKG3c5wZ7MFdKCciHJc6LDRV7IVXZzUWrcFRhWha68W+W62V
hB36u2fqHTWmhlKd3jwVqIFPfIVHW3+uji8BINJLVKqBn/LVBaPEioZHaqUQ1pGB
NIKNA7j2gvDccZgQ4h1nlL/x3kC8xdEyhO9wTFCmX7oqY6MwcnC9gXDGpnFg0Xc/
mwOTGYSuSrGFuSeFkrDZ+ePgk//+2kKBjHcegig6iN2aYrHxbKN6prL4aOcIGKYi
VkB/B1kLleXttYTKJLuqxcA4HSrxDcyAGHbg5invhHLiZoRNmTGm59bRPnXv6Hv6
ZFVDQ18X9dm4wSg26N5mdpp0WIbecbN0RGN9Qf8CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBShBuIae0MeEKf+Wl1kIZcvI5ZdujAfBgNVHSMEGDAWgBTBwg+8SPpZp9je
pXkI81ChuXRZ3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3djSVB2RWo2V2FmWTNxVjVDUE5Rb2JsMFdkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNmM3OGRhLWJkZWQtNDFhOS1iNTA4LTMwMmNlMWJjOTljMC8x
L29RYmlHbnRESGhDbl9scGRaQ0dYTHlPV1hiby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NmM3OGRhLWJkZWQtNDFhOS1iNTA4LTMwMmNlMWJjOTljMC8xL3djSVB2RWo2V2Fm
WTNxVjVDUE5Rb2JsMFdkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi0P1AMEA1BLmAMEAFvfzwMEA127
KAMEArk4zAMEAMIG8DANBgkqhkiG9w0BAQsFAAOCAQEAhNjZaueHShvZFYRdknIY
JBKp7izTxo4izmXITjBe9ZNzm+FqE8LjYXfGgQ4rNxpi96oKP4Jp6xUmJmj7JEar
paxbn59tmQiOHNHT+J4L2tQHjldTwd9RkiEChiWMw+GdY7eknj330PlhWB1ViPwM
g4pVwGWW+4MrzDHxARqt2g3HkosPAnJpSjBEfKhEi/ypqrhOEZYMryiEIJQS45BN
R6s2M3cdo/afeQaNMUDfkijhhei7oeZmt1cu0kYJLPH3/IwmuD5Dlfx/LCLfaLk9
0Gz6OwLSamCNuHxfBz8iTSnT5GqrAn+4f3Y0zm80YNM9Zw+mfttqLI4t2wPP83G+
Jg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:01 2025 by rpki-client