Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/5c6c9f-691f-4284-b84d-1d367a5f86d4/1/Ows0tOerZmyIZmXb8b2IJ4G6nPA.roa
File: Ows0tOerZmyIZmXb8b2IJ4G6nPA.roa (raw, json)
Hash identifier: TGbW2ngO1tlRoxD0iV5pwRGeY8Q4e4pUgPrO7ukZzTk=
Subject key identifier: 3B:0B:34:B4:E7:AB:66:6C:88:66:65:DB:F1:BD:88:27:81:BA:9C:F0
Certificate issuer: /CN=7c6f4c8f3a377f46c5522009678f38d61571c6ca
Certificate serial: 0184AA114BD8C8F8F1CDDC2A50F1BE50B42E
Authority key identifier: 7C:6F:4C:8F:3A:37:7F:46:C5:52:20:09:67:8F:38:D6:15:71:C6:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fG9Mjzo3f0bFUiAJZ4841hVxxso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/5c6c9f-691f-4284-b84d-1d367a5f86d4/1/Ows0tOerZmyIZmXb8b2IJ4G6nPA.roa
Signing time: Thu 24 Nov 2022 14:36:11 +0000
ROA not before: Thu 24 Nov 2022 14:36:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29080
IP address blocks: 195.68.200.0/23 maxlen: 23
195.68.200.0/24 maxlen: 24
195.68.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:11:4b:d8:c8:f8:f1:cd:dc:2a:50:f1:be:50:b4:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c6f4c8f3a377f46c5522009678f38d61571c6ca
Validity
Not Before: Nov 24 14:36:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b0b34b4e7ab666c886665dbf1bd882781ba9cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:19:32:3a:f9:fc:33:f1:c1:0c:b4:79:55:16:
b0:ab:17:89:61:66:59:66:6b:b3:eb:e9:4c:57:bb:
cf:a7:25:19:c6:36:95:af:38:02:0d:47:dd:6e:1e:
fc:7c:7d:53:84:cf:a6:71:88:05:71:38:a3:a6:ed:
05:9b:3e:d3:73:ca:57:19:b7:45:13:5e:d8:b6:a4:
2c:83:d2:5e:df:7d:59:9f:e1:6d:84:40:33:7b:8b:
fa:7a:c9:18:14:35:2b:2c:89:7a:06:e8:82:0d:83:
ed:80:d3:bc:2b:eb:8b:2d:1f:24:cc:6c:b5:6b:89:
57:be:18:4a:da:5f:3d:ef:ae:0f:e9:3d:35:62:ab:
70:94:54:e7:c0:9b:05:46:ac:30:dd:ed:e1:3b:22:
7d:43:34:61:c4:6b:30:da:05:a1:04:78:20:a9:1a:
d5:15:f1:fa:9e:bc:65:a2:8d:59:03:b2:dd:f0:55:
d1:ab:26:69:57:7b:50:5d:3e:3c:57:fe:fe:1a:1b:
be:26:8a:b3:1e:86:34:0d:41:83:90:f4:3c:02:53:
87:a8:63:65:74:8d:69:0e:80:ec:21:71:72:81:70:
58:f9:69:5c:51:5e:da:e8:85:0e:86:e8:21:7c:53:
d7:f6:73:f6:7b:4a:1e:93:4b:94:d9:21:9c:73:2e:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0B:34:B4:E7:AB:66:6C:88:66:65:DB:F1:BD:88:27:81:BA:9C:F0
X509v3 Authority Key Identifier:
keyid:7C:6F:4C:8F:3A:37:7F:46:C5:52:20:09:67:8F:38:D6:15:71:C6:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fG9Mjzo3f0bFUiAJZ4841hVxxso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/5c6c9f-691f-4284-b84d-1d367a5f86d4/1/Ows0tOerZmyIZmXb8b2IJ4G6nPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/5c6c9f-691f-4284-b84d-1d367a5f86d4/1/fG9Mjzo3f0bFUiAJZ4841hVxxso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.68.200.0/23
Signature Algorithm: sha256WithRSAEncryption
23:97:71:f8:85:d1:59:24:e7:34:a5:13:eb:0f:7a:4c:85:67:
17:45:2f:9e:10:b0:64:60:a1:39:44:b2:e9:a3:6b:7a:08:7d:
42:ce:c5:90:0f:57:7c:25:6e:06:33:d5:16:aa:51:eb:b0:1d:
51:ad:8b:f4:00:0b:ee:0d:b1:e2:00:54:d9:06:d3:0e:a6:23:
d9:7d:63:77:3a:6d:9d:6b:b9:97:fe:1d:2a:52:34:0b:50:c7:
a6:7c:12:da:87:88:41:38:f2:1b:6f:fb:8e:a4:90:af:fe:1a:
6d:f0:a8:84:99:15:f6:b7:91:f6:f6:ff:02:08:2a:0a:06:e3:
51:2a:2d:dc:a5:b9:2a:d6:78:05:f0:ea:b9:ac:d6:35:00:e6:
56:07:df:e0:71:df:0e:5a:0b:46:e6:3e:af:71:3e:d3:33:7d:
bf:48:d2:bc:fc:3c:25:91:b0:24:db:e9:2d:3e:b6:ae:d0:a3:
1c:8d:1b:cd:b6:5d:78:29:42:f4:7b:9e:b1:0a:25:be:d5:28:
e3:02:66:be:7a:a6:bd:43:8f:1e:53:f2:f2:a2:1d:92:ab:d5:
4a:bc:0e:5b:a6:de:f2:bd:c0:9e:47:b8:f9:bb:f8:f3:62:ff:
04:5d:ec:0b:dc:92:06:09:96:d3:cc:5f:ae:0c:d8:84:06:1d:
7c:82:21:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSqEUvYyPjxzdwqUPG+ULQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNmY0YzhmM2EzNzdmNDZjNTUyMjAwOTY3OGYzOGQ2MTU3
MWM2Y2EwHhcNMjIxMTI0MTQzNjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjBiMzRiNGU3YWI2NjZjODg2NjY1ZGJmMWJkODgyNzgxYmE5Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRkyOvn8M/HBDLR5VRawqxeJYWZZ
Zmuz6+lMV7vPpyUZxjaVrzgCDUfdbh78fH1ThM+mcYgFcTijpu0Fmz7Tc8pXGbdF
E17YtqQsg9Je331Zn+FthEAze4v6eskYFDUrLIl6BuiCDYPtgNO8K+uLLR8kzGy1
a4lXvhhK2l89764P6T01YqtwlFTnwJsFRqww3e3hOyJ9QzRhxGsw2gWhBHggqRrV
FfH6nrxloo1ZA7Ld8FXRqyZpV3tQXT48V/7+Ghu+JoqzHoY0DUGDkPQ8AlOHqGNl
dI1pDoDsIXFygXBY+WlcUV7a6IUOhughfFPX9nP2e0oek0uU2SGccy5WWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsLNLTnq2ZsiGZl2/G9iCeBupzwMB8GA1UdIwQY
MBaAFHxvTI86N39GxVIgCWePONYVccbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkc5TWp6bzNmMGJGVWlBSlo0ODQxaFZ4eHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy81YzZjOWYtNjkxZi00Mjg0LWI4NGQt
MWQzNjdhNWY4NmQ0LzEvT3dzMHRPZXJabXlJWm1YYjhiMklKNEc2blBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy81YzZjOWYtNjkxZi00Mjg0LWI4NGQtMWQzNjdhNWY4NmQ0
LzEvZkc5TWp6bzNmMGJGVWlBSlo0ODQxaFZ4eHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0TIMA0G
CSqGSIb3DQEBCwUAA4IBAQAjl3H4hdFZJOc0pRPrD3pMhWcXRS+eELBkYKE5RLLp
o2t6CH1CzsWQD1d8JW4GM9UWqlHrsB1RrYv0AAvuDbHiAFTZBtMOpiPZfWN3Om2d
a7mX/h0qUjQLUMemfBLah4hBOPIbb/uOpJCv/hpt8KiEmRX2t5H29v8CCCoKBuNR
Ki3cpbkq1ngF8Oq5rNY1AOZWB9/gcd8OWgtG5j6vcT7TM32/SNK8/DwlkbAk2+kt
Prau0KMcjRvNtl14KUL0e56xCiW+1SjjAma+eqa9Q48eU/Lyoh2Sq9VKvA5bpt7y
vcCeR7j5u/jzYv8EXewL3JIGCZbTzF+uDNiEBh18giGr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:15 2024 by rpki-client on console-fra.rpki-client.org