Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/o2vJppa173rdZTrZsx8srCa7LeY.roa
File: o2vJppa173rdZTrZsx8srCa7LeY.roa (raw, json)
Hash identifier: NH2xDf+kN6a7UrrN29cMkJjT5jSmcxLDuuO4t0EeVzs=
Subject key identifier: A3:6B:C9:A6:96:B5:EF:7A:DD:65:3A:D9:B3:1F:2C:AC:26:BB:2D:E6
Certificate issuer: /CN=c4eba1fdf6c4de192c1d3edf8a800ca597f97d68
Certificate serial: 0181DCAAB9A754F862935758DB7D4709771F
Authority key identifier: C4:EB:A1:FD:F6:C4:DE:19:2C:1D:3E:DF:8A:80:0C:A5:97:F9:7D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xOuh_fbE3hksHT7fioAMpZf5fWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/o2vJppa173rdZTrZsx8srCa7LeY.roa
Signing time: Fri 08 Jul 2022 07:16:25 +0000
ROA not before: Fri 08 Jul 2022 07:16:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197692
IP address blocks: 185.131.0.0/22 maxlen: 24
31.22.120.0/21 maxlen: 24
2a02:6f00::/32 maxlen: 48
2a02:6f00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:dc:aa:b9:a7:54:f8:62:93:57:58:db:7d:47:09:77:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4eba1fdf6c4de192c1d3edf8a800ca597f97d68
Validity
Not Before: Jul 8 07:16:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a36bc9a696b5ef7add653ad9b31f2cac26bb2de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c1:40:12:bc:98:bd:a9:27:e9:35:1c:69:b5:
fc:26:d4:33:a2:16:80:ac:4a:4a:14:c3:2a:37:9e:
b0:d7:2a:56:e7:74:06:ef:63:43:ec:aa:12:cd:64:
5c:d8:7f:2c:70:80:84:31:b6:7d:b3:13:7a:c3:12:
65:31:21:7a:e9:77:f8:c9:ae:fd:eb:e0:ac:02:6d:
c5:28:40:a3:b8:d1:7d:06:f3:2b:2a:e9:64:00:bf:
f4:bd:44:f1:f1:0e:5a:2a:a4:0e:ee:33:f3:6f:f2:
ea:e2:81:59:c0:3d:de:86:15:3e:4a:16:66:00:04:
f1:d8:0c:f8:bc:a0:9b:d2:da:68:41:cc:c1:c0:64:
54:7e:e4:d3:5e:75:7c:a8:cf:f0:48:b4:2a:bf:a3:
97:b6:44:4c:43:80:52:a3:ec:66:b2:4d:2d:5e:73:
4a:97:04:53:05:d5:42:04:b3:22:eb:61:0d:37:b3:
3d:bb:4d:dd:81:39:9d:06:36:63:71:b3:2f:ba:60:
62:4b:1c:b9:a1:07:0a:09:1e:01:c1:b6:c1:7c:12:
56:5b:51:d3:bc:bc:1d:b9:4f:02:18:72:bd:9f:c1:
a4:38:f3:48:62:ec:f9:86:8f:dd:a4:8f:d3:3a:e2:
8a:eb:f1:24:87:2a:fd:31:c5:fd:f5:a0:4f:d1:97:
ad:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:6B:C9:A6:96:B5:EF:7A:DD:65:3A:D9:B3:1F:2C:AC:26:BB:2D:E6
X509v3 Authority Key Identifier:
keyid:C4:EB:A1:FD:F6:C4:DE:19:2C:1D:3E:DF:8A:80:0C:A5:97:F9:7D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xOuh_fbE3hksHT7fioAMpZf5fWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/o2vJppa173rdZTrZsx8srCa7LeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/xOuh_fbE3hksHT7fioAMpZf5fWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.120.0/21
185.131.0.0/22
IPv6:
2a02:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
a5:20:02:4e:40:47:2f:d5:43:97:6e:28:1b:c8:d2:7b:47:74:
1a:47:19:44:0b:90:ab:7e:1d:52:ae:07:ba:06:0a:08:f8:43:
40:86:73:0c:24:88:17:2e:de:40:c1:83:22:c4:56:b3:7b:9d:
06:b7:23:87:26:ef:b3:df:03:b0:a7:3c:bd:3e:71:ab:84:10:
5e:df:4b:3a:16:a0:d1:fe:07:de:c2:76:f1:5a:b9:3a:1e:27:
37:43:0d:5c:09:13:46:4d:7c:5a:03:eb:a1:df:cb:67:9a:83:
43:b8:8b:16:fb:c8:10:90:9f:62:65:b5:c0:48:22:2e:7b:5f:
fc:09:47:32:09:21:93:b3:15:8a:d7:bd:4f:f7:d9:fd:fa:ba:
2a:bf:fd:cc:a7:59:04:a0:5e:df:e5:5d:8d:fb:85:99:93:c3:
17:6e:a3:58:a8:41:32:8d:28:d8:c8:b5:26:43:9d:65:04:23:
06:2e:d8:cc:c0:2e:b7:99:2e:8f:68:db:53:c0:70:8f:d4:4f:
48:2e:18:4c:94:6c:aa:7d:e6:8e:e2:c7:3e:90:a7:64:54:7b:
f0:b4:51:bf:51:92:18:5a:aa:af:39:41:57:6a:6b:85:2d:c7:
43:42:4e:8d:00:58:ba:cb:ce:b2:8b:ff:49:30:a7:6c:9e:ea:
31:33:8d:16
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYHcqrmnVPhik1dY231HCXcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZWJhMWZkZjZjNGRlMTkyYzFkM2VkZjhhODAwY2E1OTdm
OTdkNjgwHhcNMjIwNzA4MDcxNjI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzZiYzlhNjk2YjVlZjdhZGQ2NTNhZDliMzFmMmNhYzI2YmIyZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8FAEryYvakn6TUcabX8JtQzohaA
rEpKFMMqN56w1ypW53QG72ND7KoSzWRc2H8scICEMbZ9sxN6wxJlMSF66Xf4ya79
6+CsAm3FKECjuNF9BvMrKulkAL/0vUTx8Q5aKqQO7jPzb/Lq4oFZwD3ehhU+ShZm
AATx2Az4vKCb0tpoQczBwGRUfuTTXnV8qM/wSLQqv6OXtkRMQ4BSo+xmsk0tXnNK
lwRTBdVCBLMi62ENN7M9u03dgTmdBjZjcbMvumBiSxy5oQcKCR4BwbbBfBJWW1HT
vLwduU8CGHK9n8GkOPNIYuz5ho/dpI/TOuKK6/Ekhyr9McX99aBP0ZetwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKNryaaWte963WU62bMfLKwmuy3mMB8GA1UdIwQY
MBaAFMTrof32xN4ZLB0+34qADKWX+X1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE91aF9mYkUzaGtzSFQ3ZmlvQU1wWmY1ZldnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xYTYxNTktMWRjNi00YTA5LTg0NGYt
NTEyODU2MGRiZGZjLzEvbzJ2SnBwYTE3M3JkWlRyWnN4OHNyQ2E3TGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xYTYxNTktMWRjNi00YTA5LTg0NGYtNTEyODU2MGRiZGZj
LzEveE91aF9mYkUzaGtzSFQ3ZmlvQU1wWmY1ZldnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHxZ4AwQC
uYMAMA0EAgACMAcDBQMqAm8AMA0GCSqGSIb3DQEBCwUAA4IBAQClIAJOQEcv1UOX
bigbyNJ7R3QaRxlEC5Crfh1Srge6BgoI+ENAhnMMJIgXLt5AwYMixFaze50GtyOH
Ju+z3wOwpzy9PnGrhBBe30s6FqDR/gfewnbxWrk6Hic3Qw1cCRNGTXxaA+uh38tn
moNDuIsW+8gQkJ9iZbXASCIue1/8CUcyCSGTsxWK171P99n9+roqv/3Mp1kEoF7f
5V2N+4WZk8MXbqNYqEEyjSjYyLUmQ51lBCMGLtjMwC63mS6PaNtTwHCP1E9ILhhM
lGyqfeaO4sc+kKdkVHvwtFG/UZIYWqqvOUFXamuFLcdDQk6NAFi6y86yi/9JMKds
nuoxM40W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:20 2024 by rpki-client on console-fra.rpki-client.org