Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/OpfPWLiNbtnHmQMnEaAqE97BOKY.roa
File: OpfPWLiNbtnHmQMnEaAqE97BOKY.roa (raw, json)
Hash identifier: kLcs9JiXFrFxQl/9v2Ea8+dx3eNm4OE9+ASAOa5pJ1I=
Subject key identifier: 3A:97:CF:58:B8:8D:6E:D9:C7:99:03:27:11:A0:2A:13:DE:C1:38:A6
Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Certificate serial: 11F2D716
Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/OpfPWLiNbtnHmQMnEaAqE97BOKY.roa
Signing time: Tue 26 Apr 2022 14:26:24 +0000
ROA not before: Tue 26 Apr 2022 14:26:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212462
IP address blocks: 109.234.80.0/24 maxlen: 24
185.33.67.0/24 maxlen: 24
185.33.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 301127446 (0x11f2d716)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Validity
Not Before: Apr 26 14:26:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a97cf58b88d6ed9c799032711a02a13dec138a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:2d:88:1c:0f:89:57:08:bd:d1:4a:9d:f5:2e:
f9:46:e3:34:9c:c8:31:79:e4:2c:87:2f:e9:8c:c9:
19:75:ce:d0:3d:ef:14:14:ba:36:e7:f9:93:e0:43:
12:d8:aa:ad:25:91:5b:bb:01:7b:d4:ea:f1:85:2f:
7b:4e:9e:8d:d2:34:0c:52:d1:d3:86:3f:dc:79:01:
8c:90:d5:cf:c3:16:74:29:4b:9a:d6:a9:e0:62:e0:
8c:e8:e7:55:50:21:4c:3a:0a:3d:ac:6e:55:ca:6b:
52:98:69:54:a9:6f:8c:67:5a:25:bb:83:ba:da:e0:
a9:6e:11:00:9c:99:6e:f9:0b:fd:4c:43:42:78:b4:
d4:21:97:df:4b:59:1e:92:44:6e:f3:76:fd:80:01:
35:2a:ef:d9:bb:a6:4b:e6:19:e1:f8:52:9f:30:fd:
f4:99:56:1b:5c:e9:c1:99:41:31:12:00:5d:c6:6c:
60:a7:13:86:71:26:a1:09:e7:b3:c3:98:c2:97:b9:
8d:3f:cd:fb:bb:ef:63:ee:45:fb:eb:3e:00:92:6e:
d9:bf:26:d1:92:ef:3e:47:0c:68:b7:77:58:c8:d3:
de:86:b0:c5:83:f4:5f:94:9a:94:1f:11:40:c8:22:
d8:cf:2d:7b:a3:77:af:2e:79:17:f3:63:23:78:b1:
a1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:97:CF:58:B8:8D:6E:D9:C7:99:03:27:11:A0:2A:13:DE:C1:38:A6
X509v3 Authority Key Identifier:
keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/OpfPWLiNbtnHmQMnEaAqE97BOKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.80.0/24
185.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
44:bb:0f:47:10:3c:5b:46:9c:4b:80:b3:02:79:f1:79:47:e3:
f7:c9:07:57:d5:7c:96:4a:72:94:6d:8d:fb:db:25:0f:7d:b6:
8c:c1:ad:08:2f:59:a3:14:78:e0:42:41:6c:1e:c2:8b:bd:74:
07:70:a0:e3:9c:33:53:88:e0:f9:e4:91:a4:5e:57:79:8a:a7:
9f:3f:91:c0:a9:db:94:f8:f7:6d:bc:9a:2e:b6:2c:39:a9:3a:
03:8d:12:e5:d0:a0:43:59:91:bb:24:6d:ff:f0:81:8b:75:05:
bf:af:23:39:2c:90:9e:20:80:ad:e1:7c:28:a3:ef:43:74:85:
0c:95:b6:0f:f6:ea:01:d4:23:d9:5d:83:de:bb:78:2c:92:29:
26:c6:7a:5e:c5:9e:03:2c:9d:4c:01:17:28:d4:4f:73:ce:3f:
15:67:2e:1f:a8:d5:43:6e:89:3a:a9:82:95:5b:31:9a:2b:73:
a6:af:64:7e:a3:7e:49:a8:30:8d:17:56:87:ff:15:c2:1d:4f:
54:2d:df:34:d2:b3:a7:2e:71:01:51:68:8b:bf:93:e4:dd:92:
3d:14:d1:8b:9a:b8:f1:5b:54:77:04:ec:99:1b:6c:27:68:da:
26:ff:b6:e0:27:fe:09:e5:ea:44:62:37:5d:2b:eb:7d:36:05:
db:c2:35:c8
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEfLXFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjU0ZmU4MzFiNmE3MTlmNDJlNmM4NDg2ZmQwM2I1NTBiZTc2MWZiMB4XDTIyMDQy
NjE0MjYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E5N2NmNThiODhk
NmVkOWM3OTkwMzI3MTFhMDJhMTNkZWMxMzhhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPgtiBwPiVcIvdFKnfUu+UbjNJzIMXnkLIcv6YzJGXXO0D3v
FBS6Nuf5k+BDEtiqrSWRW7sBe9Tq8YUve06ejdI0DFLR04Y/3HkBjJDVz8MWdClL
mtap4GLgjOjnVVAhTDoKPaxuVcprUphpVKlvjGdaJbuDutrgqW4RAJyZbvkL/UxD
Qni01CGX30tZHpJEbvN2/YABNSrv2bumS+YZ4fhSnzD99JlWG1zpwZlBMRIAXcZs
YKcThnEmoQnns8OYwpe5jT/N+7vvY+5F++s+AJJu2b8m0ZLvPkcMaLd3WMjT3oaw
xYP0X5SalB8RQMgi2M8te6N3ry55F/NjI3ixoZECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ6l89YuI1u2ceZAycRoCoT3sE4pjAfBgNVHSMEGDAWgBSrVP6DG2pxn0Lm
yEhv0DtVC+dh+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ExVC1neHRxY1o5QzVzaEliOUE3VlF2bllmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDViYS8x
L09wZlBXTGlOYnRuSG1RTW5FYUFxRTk3Qk9LWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDViYS8xL3ExVC1neHRxY1o5
QzVzaEliOUE3VlF2bllmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAG3qUAMEAbkhQjANBgkqhkiG9w0B
AQsFAAOCAQEARLsPRxA8W0acS4CzAnnxeUfj98kHV9V8lkpylG2N+9slD322jMGt
CC9ZoxR44EJBbB7Ci710B3Cg45wzU4jg+eSRpF5XeYqnnz+RwKnblPj3bbyaLrYs
Oak6A40S5dCgQ1mRuyRt//CBi3UFv68jOSyQniCAreF8KKPvQ3SFDJW2D/bqAdQj
2V2D3rt4LJIpJsZ6XsWeAyydTAEXKNRPc84/FWcuH6jVQ26JOqmClVsxmitzpq9k
fqN+SagwjRdWh/8Vwh1PVC3fNNKzpy5xAVFoi7+T5N2SPRTRi5q48VtUdwTsmRts
J2jaJv+24Cf+CeXqRGI3XSvrfTYF28I1yA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:33 2024 by rpki-client on console-ams.rpki-client.org