Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/OpI03ihOSA0a6DaFzazZtM4eL84.roa
File: OpI03ihOSA0a6DaFzazZtM4eL84.roa (raw, json)
Hash identifier: 8SDTw+MmNxuDsWqkgkBZG3ySjgw35pfdmPkk908qmKQ=
Subject key identifier: 3A:92:34:DE:28:4E:48:0D:1A:E8:36:85:CD:AC:D9:B4:CE:1E:2F:CE
Certificate issuer: /CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Certificate serial: 01869ED735F44F8D5F8BC15A4C0EE4C25851
Authority key identifier: 7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/OpI03ihOSA0a6DaFzazZtM4eL84.roa
Signing time: Wed 01 Mar 2023 20:22:29 +0000
ROA not before: Wed 01 Mar 2023 20:22:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210756
IP address blocks: 95.181.180.0/24 maxlen: 24
5.101.68.0/24 maxlen: 24
5.101.69.0/24 maxlen: 24
5.101.70.0/24 maxlen: 24
5.188.176.0/24 maxlen: 24
5.188.177.0/24 maxlen: 24
5.188.178.0/24 maxlen: 24
5.188.179.0/24 maxlen: 24
37.9.37.0/24 maxlen: 24
37.9.38.0/24 maxlen: 24
37.9.36.0/24 maxlen: 24
37.9.39.0/24 maxlen: 24
37.9.54.0/24 maxlen: 24
37.9.55.0/24 maxlen: 24
37.9.52.0/24 maxlen: 24
37.9.53.0/24 maxlen: 24
146.185.197.0/24 maxlen: 24
146.185.198.0/24 maxlen: 24
146.185.199.0/24 maxlen: 24
146.185.196.0/24 maxlen: 24
2a11:27c0:1010::/44 maxlen: 44
2a11:27c0:1b0::/44 maxlen: 44
2a11:27c0:1f0::/44 maxlen: 44
2a11:27c0:170::/44 maxlen: 44
2a11:27c0:190::/44 maxlen: 44
2a11:27c0:150::/44 maxlen: 44
2a11:27c0:130::/44 maxlen: 44
2a11:27c0:110::/44 maxlen: 44
2a11:27c0:1d0::/44 maxlen: 44
2a11:27c0:1000::/44 maxlen: 44
2a11:27c0:120::/44 maxlen: 44
2a11:27c0:140::/44 maxlen: 44
2a11:27c0:160::/44 maxlen: 44
2a11:27c0:1e0::/44 maxlen: 44
2a11:27c0:1c0::/44 maxlen: 44
2a11:27c0:1a0::/44 maxlen: 44
2a11:27c0:180::/44 maxlen: 44
2a11:27c0:100::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9e:d7:35:f4:4f:8d:5f:8b:c1:5a:4c:0e:e4:c2:58:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Validity
Not Before: Mar 1 20:22:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a9234de284e480d1ae83685cdacd9b4ce1e2fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9d:5a:30:16:20:59:ec:c5:88:71:60:c2:70:
e3:d8:6b:c8:0b:ec:61:aa:57:ce:ef:4d:7b:c6:5d:
3a:9b:72:b5:71:a0:58:b4:85:72:3f:29:ab:b6:01:
9c:52:e8:6c:3a:ad:07:91:55:d3:80:bf:fa:07:d9:
71:89:11:35:3f:3a:79:55:47:61:07:1c:d4:77:46:
c5:6a:9d:fc:e4:07:22:9a:2b:bb:e8:16:e9:62:47:
04:40:26:42:29:96:7a:7c:da:cb:15:25:79:b2:f5:
85:01:66:21:e6:a7:1f:07:86:5d:66:43:41:e2:49:
44:75:18:ca:98:70:ac:b9:08:02:89:b6:7e:6d:96:
58:40:24:4d:ac:24:f3:0b:83:f4:ab:2d:61:f0:0b:
81:3b:f7:2c:05:e2:72:7b:98:88:b9:b5:23:34:0e:
c8:bc:b6:e9:d7:83:da:c9:05:d1:1c:13:e9:ca:ed:
40:0d:51:9d:59:62:77:32:88:a8:ac:b5:65:1a:0b:
c8:cc:81:55:a7:5e:e6:21:d8:26:f4:da:a6:14:78:
4f:d8:50:05:3b:7b:d6:f4:4f:fa:8c:1e:9b:ce:e9:
ae:e7:37:d6:51:6f:39:bd:e1:be:9c:f3:27:81:ef:
9d:48:78:5b:a3:73:9f:d0:86:39:57:2a:8d:07:98:
67:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:92:34:DE:28:4E:48:0D:1A:E8:36:85:CD:AC:D9:B4:CE:1E:2F:CE
X509v3 Authority Key Identifier:
keyid:7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/OpI03ihOSA0a6DaFzazZtM4eL84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.68.0-5.101.70.255
5.188.176.0/22
37.9.36.0/22
37.9.52.0/22
95.181.180.0/24
146.185.196.0/22
IPv6:
2a11:27c0:100::/40
2a11:27c0:1000::/43
Signature Algorithm: sha256WithRSAEncryption
72:7a:5b:78:0b:92:9d:3e:00:b4:a2:ac:0e:e5:50:e0:2b:15:
26:8f:fc:47:a1:cf:70:7b:bf:0e:df:f2:68:6e:8b:59:02:44:
a5:d0:ac:66:0f:7b:a5:b4:4c:30:72:79:27:d0:bd:b4:0d:e8:
17:a8:4d:60:bd:8e:f3:40:d5:a4:c2:e3:9a:14:82:2b:61:e2:
67:4b:5b:25:38:ee:4a:13:74:f5:9b:b7:e8:bc:00:ed:9a:79:
e1:91:e6:03:09:92:d4:a1:54:8e:5d:f5:c8:c0:02:7c:7b:fb:
2b:8b:19:a7:04:db:22:7f:61:0b:8d:6c:27:c7:08:ce:41:3b:
99:08:ca:eb:37:8c:29:54:32:fc:47:fe:74:aa:d5:c0:d0:0a:
62:3d:dd:2e:13:b1:10:8f:02:7f:80:55:5f:f4:5a:1a:46:68:
49:3c:64:9f:a0:a0:0d:05:7f:41:c8:b0:5b:7f:75:0a:68:28:
39:4a:23:a0:1c:4b:e4:c9:14:ee:3b:66:ad:52:c5:d6:57:f2:
11:01:92:ac:21:ab:1b:93:bf:78:e8:58:d1:37:4a:88:c1:6d:
e9:bd:70:8f:7a:da:02:3f:4d:f8:a4:76:64:84:85:d8:29:1f:
b3:80:c3:93:3d:9a:4c:16:a2:a7:9b:e1:58:d1:b9:89:78:1a:
b0:da:43:ab
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYae1zX0T41fi8FaTA7kwlhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2U1ODVhNTliNTIzYmI4NmQ2NjBhNzE2OGUxYzFlYmEw
OTRkYTAwHhcNMjMwMzAxMjAyMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTkyMzRkZTI4NGU0ODBkMWFlODM2ODVjZGFjZDliNGNlMWUyZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ1aMBYgWezFiHFgwnDj2GvIC+xh
qlfO7017xl06m3K1caBYtIVyPymrtgGcUuhsOq0HkVXTgL/6B9lxiRE1Pzp5VUdh
BxzUd0bFap385Acimiu76BbpYkcEQCZCKZZ6fNrLFSV5svWFAWYh5qcfB4ZdZkNB
4klEdRjKmHCsuQgCibZ+bZZYQCRNrCTzC4P0qy1h8AuBO/csBeJye5iIubUjNA7I
vLbp14PayQXRHBPpyu1ADVGdWWJ3MoiorLVlGgvIzIFVp17mIdgm9NqmFHhP2FAF
O3vW9E/6jB6bzumu5zfWUW85veG+nPMnge+dSHhbo3Of0IY5VyqNB5hnAQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDqSNN4oTkgNGug2hc2s2bTOHi/OMB8GA1UdIwQY
MBaAFHw+WFpZtSO7htZgpxaOHB66CU2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUt
NmRjMWY1NjAzMWViLzEvT3BJMDNpaE9TQTBhNkRhRnphelp0TTRlTDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUtNmRjMWY1NjAzMWVi
LzEvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAyBAIAATAsMAwDBAIFZUQD
BAAFZUYDBAIFvLADBAIlCSQDBAIlCTQDBABftbQDBAKSucQwFwQCAAIwEQMGACoR
J8ABAwcFKhEnwBAAMA0GCSqGSIb3DQEBCwUAA4IBAQByelt4C5KdPgC0oqwO5VDg
KxUmj/xHoc9we78O3/JobotZAkSl0KxmD3ultEwwcnkn0L20DegXqE1gvY7zQNWk
wuOaFIIrYeJnS1slOO5KE3T1m7fovADtmnnhkeYDCZLUoVSOXfXIwAJ8e/srixmn
BNsif2ELjWwnxwjOQTuZCMrrN4wpVDL8R/50qtXA0ApiPd0uE7EQjwJ/gFVf9Foa
RmhJPGSfoKANBX9ByLBbf3UKaCg5SiOgHEvkyRTuO2atUsXWV/IRAZKsIasbk794
6FjRN0qIwW3pvXCPetoCP034pHZkhIXYKR+zgMOTPZpMFqKnm+FY0bmJeBqw2kOr
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:17:04 2025 by rpki-client