Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e4d903-5baa-4341-9392-a3e481fb51b9/1/OgtmDNA-HLj6jy4S_2heVG6FvpQ.roa
File: OgtmDNA-HLj6jy4S_2heVG6FvpQ.roa (raw, json)
Hash identifier: Rkl9lMcwJsR4K9k71A8glV6FYcVK3pRO3hv5z1oUL8g=
Subject key identifier: 3A:0B:66:0C:D0:3E:1C:B8:FA:8F:2E:12:FF:68:5E:54:6E:85:BE:94
Certificate issuer: /CN=b7f6c33bfb9d94bd0f74a738e7f16d0e9da0c3b9
Certificate serial: 01850F922157E2AD1E83D13816F185737BE1
Authority key identifier: B7:F6:C3:3B:FB:9D:94:BD:0F:74:A7:38:E7:F1:6D:0E:9D:A0:C3:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t_bDO_udlL0PdKc45_FtDp2gw7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e4d903-5baa-4341-9392-a3e481fb51b9/1/OgtmDNA-HLj6jy4S_2heVG6FvpQ.roa
Signing time: Wed 14 Dec 2022 07:38:32 +0000
ROA not before: Wed 14 Dec 2022 07:38:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202913
IP address blocks: 185.130.144.0/24 maxlen: 24
185.130.144.0/22 maxlen: 22
185.130.145.0/24 maxlen: 24
185.130.144.0/23 maxlen: 23
185.130.146.0/23 maxlen: 23
185.130.147.0/24 maxlen: 24
185.130.146.0/24 maxlen: 24
80.78.131.0/24 maxlen: 24
80.78.128.0/24 maxlen: 24
80.78.129.0/24 maxlen: 24
80.78.128.0/22 maxlen: 22
80.78.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:92:21:57:e2:ad:1e:83:d1:38:16:f1:85:73:7b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7f6c33bfb9d94bd0f74a738e7f16d0e9da0c3b9
Validity
Not Before: Dec 14 07:38:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a0b660cd03e1cb8fa8f2e12ff685e546e85be94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6f:03:12:03:b8:6e:e6:e8:c2:a6:19:0a:de:
52:f7:ac:c4:c5:35:3f:aa:27:b4:fc:e8:d6:c1:d4:
70:1b:9a:2a:eb:11:b2:8b:2e:72:65:6a:4f:6d:44:
ca:85:b9:00:16:b4:e4:cb:1d:20:17:7a:5a:40:5e:
a7:b2:25:0a:60:81:90:d4:5d:2e:87:a3:30:19:36:
2f:b2:d1:b6:8c:3e:5c:01:97:91:34:f0:02:a3:f7:
aa:3b:0b:af:a4:e5:33:00:db:3b:85:e3:28:50:47:
ac:58:72:42:64:37:7d:a9:4a:6c:d9:b9:18:98:b7:
8d:f2:5e:e2:ae:1d:b8:07:3a:b5:02:85:d4:98:03:
b2:f0:d4:01:bd:9e:87:5c:8e:81:62:af:da:2a:ef:
f7:e3:77:2c:93:22:8a:50:6f:5e:3d:37:2d:2a:15:
fe:fa:04:a3:15:bb:47:8f:9f:69:16:e8:f5:29:b3:
26:4e:85:47:1b:a0:2f:e7:2e:da:c2:14:5b:a0:f3:
7b:62:a7:dc:b5:70:ea:83:74:a7:b6:54:7f:b6:df:
69:3c:31:17:bd:10:ee:b8:2f:a8:d8:b7:79:ca:25:
33:a7:db:f6:14:39:84:f8:de:76:9c:74:72:e7:d2:
99:49:1b:bd:50:d9:70:31:d6:39:29:ac:db:1c:79:
44:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0B:66:0C:D0:3E:1C:B8:FA:8F:2E:12:FF:68:5E:54:6E:85:BE:94
X509v3 Authority Key Identifier:
keyid:B7:F6:C3:3B:FB:9D:94:BD:0F:74:A7:38:E7:F1:6D:0E:9D:A0:C3:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t_bDO_udlL0PdKc45_FtDp2gw7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e4d903-5baa-4341-9392-a3e481fb51b9/1/OgtmDNA-HLj6jy4S_2heVG6FvpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e4d903-5baa-4341-9392-a3e481fb51b9/1/t_bDO_udlL0PdKc45_FtDp2gw7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.128.0/22
185.130.144.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:09:63:39:2f:50:b8:9d:b1:f1:35:64:12:7e:fe:c5:86:68:
dc:01:46:03:2f:b8:6f:b9:82:97:b2:13:db:41:30:a2:55:77:
da:d6:23:bf:4d:87:0b:a7:fa:9a:05:79:de:d2:8b:f4:97:9d:
df:99:39:0f:23:48:ba:95:5e:4e:11:83:71:5a:1a:24:d0:4d:
27:58:03:5f:19:61:ce:a3:21:e3:ba:81:61:4b:ce:b7:10:e7:
17:97:2a:fb:09:80:66:55:12:78:c1:42:4b:7e:2f:c4:86:91:
6f:9f:41:53:da:56:ca:ca:e2:0f:e1:49:b2:e2:67:4c:69:5d:
9d:6c:27:df:0e:be:10:20:5f:36:19:ad:7c:bd:26:7a:77:c1:
5d:f4:f2:eb:6d:45:fe:26:16:4f:df:c1:ef:bf:a8:1c:1a:a9:
37:47:d9:e2:b6:a9:11:a9:7f:3e:70:4c:8f:9b:08:8f:2d:b1:
e7:5b:c4:69:b6:9f:82:5e:64:92:a5:64:fd:d6:44:e3:72:97:
12:28:a5:13:db:e0:99:6d:d2:b5:8c:d5:67:fb:31:5c:f2:32:
83:68:2b:e8:50:ba:7b:0a:52:2a:d3:56:69:de:6d:5e:bb:2e:
00:a5:dd:c8:d2:69:fd:f3:c8:66:f3:94:b9:db:0f:91:58:2a:
f1:85:4f:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUPkiFX4q0eg9E4FvGFc3vhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZjZjMzNiZmI5ZDk0YmQwZjc0YTczOGU3ZjE2ZDBlOWRh
MGMzYjkwHhcNMjIxMjE0MDczODMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBiNjYwY2QwM2UxY2I4ZmE4ZjJlMTJmZjY4NWU1NDZlODViZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW8DEgO4bubowqYZCt5S96zExTU/
qie0/OjWwdRwG5oq6xGyiy5yZWpPbUTKhbkAFrTkyx0gF3paQF6nsiUKYIGQ1F0u
h6MwGTYvstG2jD5cAZeRNPACo/eqOwuvpOUzANs7heMoUEesWHJCZDd9qUps2bkY
mLeN8l7irh24Bzq1AoXUmAOy8NQBvZ6HXI6BYq/aKu/343cskyKKUG9ePTctKhX+
+gSjFbtHj59pFuj1KbMmToVHG6Av5y7awhRboPN7YqfctXDqg3SntlR/tt9pPDEX
vRDuuC+o2Ld5yiUzp9v2FDmE+N52nHRy59KZSRu9UNlwMdY5KazbHHlEHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDoLZgzQPhy4+o8uEv9oXlRuhb6UMB8GA1UdIwQY
MBaAFLf2wzv7nZS9D3SnOOfxbQ6doMO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdF9iRE9fdWRsTDBQZEtjNDVfRnREcDJndzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNGQ5MDMtNWJhYS00MzQxLTkzOTIt
YTNlNDgxZmI1MWI5LzEvT2d0bUROQS1ITGo2ank0U18yaGVWRzZGdnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNGQ5MDMtNWJhYS00MzQxLTkzOTItYTNlNDgxZmI1MWI5
LzEvdF9iRE9fdWRsTDBQZEtjNDVfRnREcDJndzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUE6AAwQC
uYKQMA0GCSqGSIb3DQEBCwUAA4IBAQChCWM5L1C4nbHxNWQSfv7FhmjcAUYDL7hv
uYKXshPbQTCiVXfa1iO/TYcLp/qaBXne0ov0l53fmTkPI0i6lV5OEYNxWhok0E0n
WANfGWHOoyHjuoFhS863EOcXlyr7CYBmVRJ4wUJLfi/EhpFvn0FT2lbKyuIP4Umy
4mdMaV2dbCffDr4QIF82Ga18vSZ6d8Fd9PLrbUX+JhZP38Hvv6gcGqk3R9nitqkR
qX8+cEyPmwiPLbHnW8Rptp+CXmSSpWT91kTjcpcSKKUT2+CZbdK1jNVn+zFc8jKD
aCvoULp7ClIq01Zp3m1euy4Apd3I0mn988hm85S52w+RWCrxhU+i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:49 2024 by rpki-client on console-fra.rpki-client.org