Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/OPtf4Z-Y8oK0Iipn90bHQ8kd-5M.roa
File: OPtf4Z-Y8oK0Iipn90bHQ8kd-5M.roa (raw, json)
Hash identifier: h3M9TRLvhGbqiQOUItAdRaG6K3AB52SGEQt0E798004=
Subject key identifier: 38:FB:5F:E1:9F:98:F2:82:B4:22:2A:67:F7:46:C7:43:C9:1D:FB:93
Certificate issuer: /CN=88727fad5b5c06852e1dafa071ce4767a799e050
Certificate serial: 0D852F1C
Authority key identifier: 88:72:7F:AD:5B:5C:06:85:2E:1D:AF:A0:71:CE:47:67:A7:99:E0:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/OPtf4Z-Y8oK0Iipn90bHQ8kd-5M.roa
Signing time: Sat 01 Jan 2022 07:54:22 +0000
ROA not before: Sat 01 Jan 2022 07:54:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48944
IP address blocks: 185.226.132.0/22 maxlen: 22
185.226.132.0/24 maxlen: 24
185.226.135.0/24 maxlen: 24
185.226.134.0/24 maxlen: 24
185.226.133.0/24 maxlen: 24
185.193.211.0/24 maxlen: 24
185.193.208.0/22 maxlen: 22
185.193.208.0/23 maxlen: 23
185.193.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226832156 (0xd852f1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88727fad5b5c06852e1dafa071ce4767a799e050
Validity
Not Before: Jan 1 07:54:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38fb5fe19f98f282b4222a67f746c743c91dfb93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:07:55:39:99:57:6a:09:64:9f:62:79:00:83:
27:fb:aa:47:51:a5:89:6f:3c:b0:d0:e9:16:cc:a0:
70:36:e4:11:c1:d2:d5:81:c6:d8:8c:ab:93:a9:53:
d3:9e:ba:3e:28:84:60:f2:fc:7b:b4:07:1a:fa:10:
e1:c8:93:9a:f3:8b:97:8c:1f:36:88:43:c9:9e:7a:
f0:0a:5b:be:63:a2:73:2f:6b:89:2e:ca:40:ca:24:
0a:2e:5d:4e:21:69:a2:2e:02:3a:48:45:34:58:4a:
35:9a:fe:15:be:fa:f2:89:21:bd:93:1c:a6:0f:e7:
7e:85:f0:e5:7b:36:eb:25:1c:39:54:5c:e9:2a:38:
63:4e:8e:13:d7:73:e3:6a:1c:35:f5:ad:27:29:86:
0b:b2:6b:cb:ac:6b:3e:5e:e1:0f:b9:a2:df:f6:76:
3e:fa:e2:03:c5:ca:de:c4:b5:4d:f5:c6:73:0d:8d:
9d:1d:5b:5a:6d:44:32:fc:b8:65:96:99:e6:12:4e:
ea:82:5e:5a:c8:2a:e4:4b:8c:e8:e0:fb:02:a3:a3:
84:5f:03:1a:50:13:cb:d5:3d:7e:7f:ea:be:fe:cb:
71:07:5c:14:23:82:ce:d8:3d:de:3f:1a:c2:fe:1d:
59:20:94:8b:c0:3f:c0:4a:23:fa:4a:cd:fd:d0:96:
b1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FB:5F:E1:9F:98:F2:82:B4:22:2A:67:F7:46:C7:43:C9:1D:FB:93
X509v3 Authority Key Identifier:
keyid:88:72:7F:AD:5B:5C:06:85:2E:1D:AF:A0:71:CE:47:67:A7:99:E0:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/OPtf4Z-Y8oK0Iipn90bHQ8kd-5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.208.0/22
185.226.132.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:57:f0:5a:16:ee:ce:bc:f4:36:38:69:12:3b:85:c9:09:0e:
7c:c3:7b:2a:fb:63:5b:e2:a6:a5:47:99:f7:7f:37:95:ad:78:
58:bd:90:a4:fe:bd:a9:cc:64:45:af:da:62:78:b5:0a:b8:c4:
83:d3:29:f6:22:af:ed:1b:56:a4:2a:c5:ec:f6:9d:c8:94:a9:
85:5f:22:14:6a:82:29:48:fa:e8:64:66:ea:be:2f:bc:c9:91:
0a:1b:f6:1d:2b:0d:b3:ad:1e:a3:1f:3a:c5:28:ee:69:5b:e1:
e0:55:f9:9e:a0:46:30:c6:30:45:ae:25:20:a6:c6:6e:0a:15:
34:f9:5c:0e:03:1b:23:c3:43:d5:71:8a:9c:f8:7e:41:b3:d9:
11:39:82:13:b2:31:ba:86:23:18:b0:c1:27:3d:58:f1:3c:22:
69:0e:63:cc:6f:f7:29:1d:54:64:3f:a3:5a:a3:d8:da:e6:9b:
4f:bb:1d:bb:0d:2a:bd:d7:38:90:02:1d:e9:53:0c:a1:78:21:
57:6e:d7:47:8f:9f:31:58:11:3f:87:d4:cc:09:c4:d6:7d:0c:
86:24:2b:67:0d:1d:63:2a:c2:12:49:ca:1a:ea:20:41:f2:79:
72:00:b9:13:c2:c2:2e:0d:e0:1c:ac:d2:27:ed:0e:5e:41:2c:
29:56:3f:96
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDYUvHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODcyN2ZhZDViNWMwNjg1MmUxZGFmYTA3MWNlNDc2N2E3OTllMDUwMB4XDTIyMDEw
MTA3NTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhmYjVmZTE5Zjk4
ZjI4MmI0MjIyYTY3Zjc0NmM3NDNjOTFkZmI5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMHVTmZV2oJZJ9ieQCDJ/uqR1GliW88sNDpFsygcDbkEcHS
1YHG2Iyrk6lT0566PiiEYPL8e7QHGvoQ4ciTmvOLl4wfNohDyZ568ApbvmOicy9r
iS7KQMokCi5dTiFpoi4COkhFNFhKNZr+Fb768okhvZMcpg/nfoXw5Xs26yUcOVRc
6So4Y06OE9dz42ocNfWtJymGC7Jry6xrPl7hD7mi3/Z2PvriA8XK3sS1TfXGcw2N
nR1bWm1EMvy4ZZaZ5hJO6oJeWsgq5EuM6OD7AqOjhF8DGlATy9U9fn/qvv7LcQdc
FCOCztg93j8awv4dWSCUi8A/wEoj+krN/dCWsTECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ4+1/hn5jygrQiKmf3RsdDyR37kzAfBgNVHSMEGDAWgBSIcn+tW1wGhS4d
r6Bxzkdnp5ngUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lISl9yVnRjQm9VdUhhLWdjYzVIWjZlWjRGQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvYTRhMjYwLTg0YjAtNDY4ZS1iNDk3LTVhNDE5MjZmZWQ3Yy8x
L09QdGY0Wi1ZOG9LMElpcG45MGJIUThrZC01TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
YTRhMjYwLTg0YjAtNDY4ZS1iNDk3LTVhNDE5MjZmZWQ3Yy8xL2lISl9yVnRjQm9V
dUhhLWdjYzVIWjZlWjRGQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArnB0AMEArnihDANBgkqhkiG9w0B
AQsFAAOCAQEAi1fwWhbuzrz0NjhpEjuFyQkOfMN7KvtjW+KmpUeZ9383la14WL2Q
pP69qcxkRa/aYni1CrjEg9Mp9iKv7RtWpCrF7PadyJSphV8iFGqCKUj66GRm6r4v
vMmRChv2HSsNs60eox86xSjuaVvh4FX5nqBGMMYwRa4lIKbGbgoVNPlcDgMbI8ND
1XGKnPh+QbPZETmCE7IxuoYjGLDBJz1Y8TwiaQ5jzG/3KR1UZD+jWqPY2uabT7sd
uw0qvdc4kAId6VMMoXghV27XR4+fMVgRP4fUzAnE1n0MhiQrZw0dYyrCEknKGuog
QfJ5cgC5E8LCLg3gHKzSJ+0OXkEsKVY/lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:58 2024 by rpki-client on console-ams.rpki-client.org