Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/OUGOdxcLgqVLxbc-dzKG-MkOrVY.roa
File: OUGOdxcLgqVLxbc-dzKG-MkOrVY.roa (raw, json)
Hash identifier: DaNrB/F2v+MGCy8MAtbQvcEtT7DVOg1DJtmLfHxwg9E=
Subject key identifier: 39:41:8E:77:17:0B:82:A5:4B:C5:B7:3E:77:32:86:F8:C9:0E:AD:56
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0184757883AE9870089CC235E4E2C956B1C3
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/OUGOdxcLgqVLxbc-dzKG-MkOrVY.roa
Signing time: Mon 14 Nov 2022 09:29:02 +0000
ROA not before: Mon 14 Nov 2022 09:29:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198156
IP address blocks: 212.7.216.0/22 maxlen: 22
91.106.29.0/24 maxlen: 24
2a01:6e80:fffe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:78:83:ae:98:70:08:9c:c2:35:e4:e2:c9:56:b1:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Nov 14 09:29:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39418e77170b82a54bc5b73e773286f8c90ead56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:89:61:b0:d3:a3:4f:49:a3:8a:c0:1f:52:da:
c2:54:39:bb:89:e6:74:7e:a6:ef:f4:6b:4e:b7:5b:
66:b9:ec:f9:1f:6b:97:c3:6e:6e:6c:22:d5:f0:2e:
eb:d3:dd:b7:28:14:9e:24:16:c5:27:78:78:91:0b:
c5:be:a6:2f:05:e3:38:a4:7b:5c:f4:3a:d6:86:c3:
de:55:46:be:40:c9:d6:4e:c0:00:f2:78:c2:b1:8f:
20:0f:fc:f7:93:90:f2:51:a0:f7:1e:bd:52:16:d8:
3b:89:79:99:e8:b8:eb:a5:2b:ef:53:34:14:9d:b3:
00:1a:c9:ec:cf:ed:a0:e0:b5:d7:78:4e:b0:67:ba:
b9:0b:3d:12:4e:6a:9f:60:23:29:c8:f1:06:b0:43:
8e:fc:eb:27:7d:cd:bd:73:92:2e:7c:3b:4c:9f:a8:
6e:f4:de:83:ff:c9:d3:d8:56:d7:56:1b:f3:95:9c:
e1:a5:08:f4:30:23:fd:77:47:28:36:ee:96:bf:f4:
13:f3:b0:2e:9e:a8:e1:41:46:7f:f4:f8:7a:01:ba:
da:30:73:5f:88:40:51:71:2e:90:7e:bf:8a:5d:c7:
40:d0:8a:3c:bc:88:af:ad:1a:47:90:c3:b4:ca:75:
be:e6:e2:c7:f8:5e:b7:19:d4:34:68:1d:0d:28:22:
2a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:41:8E:77:17:0B:82:A5:4B:C5:B7:3E:77:32:86:F8:C9:0E:AD:56
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/OUGOdxcLgqVLxbc-dzKG-MkOrVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.29.0/24
212.7.216.0/22
IPv6:
2a01:6e80:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
1d:db:4b:89:0c:a2:fe:9d:c7:db:20:e5:40:23:44:80:91:e8:
4a:ed:87:1c:e4:74:9f:26:09:2d:e3:aa:ac:d5:82:d9:ab:ba:
b8:bf:53:86:da:c6:8e:ec:b7:06:a3:dc:f7:5c:41:a8:af:9b:
b2:b0:ca:09:8b:fd:3b:3e:d9:0e:c2:5f:5e:0a:b4:77:80:94:
c2:09:d3:88:95:55:01:ff:25:28:d4:3b:a0:99:bf:ff:e2:6b:
33:cf:1b:ac:c2:88:a7:83:59:81:d8:cc:30:58:6d:17:11:1d:
3a:24:9b:20:34:82:bf:a9:f1:88:29:b5:1c:31:d5:5a:2c:86:
df:46:e1:83:40:8f:de:28:ce:a8:8e:a8:b6:fe:dd:cb:85:08:
d0:12:d9:ab:26:c7:a3:d6:81:12:38:6c:73:b1:a0:53:ef:9c:
c8:1f:52:f4:dd:6d:59:fa:1f:13:f1:f2:66:6d:f2:09:13:04:
1b:0e:a3:03:48:b8:9d:68:9d:04:63:77:19:8b:bb:e2:98:b4:
7c:81:fd:c9:bf:c4:d4:27:73:1d:e2:71:80:ea:70:b7:56:f9:
66:2f:60:d5:5f:93:7c:9a:54:1b:1b:f0:ab:f7:df:86:f8:93:
89:90:85:e9:9e:d3:3c:d4:35:27:4f:b2:d1:29:fb:f5:e0:cb:
40:64:46:f7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYR1eIOumHAInMI15OLJVrHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjIxMTE0MDkyOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTQxOGU3NzE3MGI4MmE1NGJjNWI3M2U3NzMyODZmOGM5MGVhZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4lhsNOjT0mjisAfUtrCVDm7ieZ0
fqbv9GtOt1tmuez5H2uXw25ubCLV8C7r0923KBSeJBbFJ3h4kQvFvqYvBeM4pHtc
9DrWhsPeVUa+QMnWTsAA8njCsY8gD/z3k5DyUaD3Hr1SFtg7iXmZ6LjrpSvvUzQU
nbMAGsnsz+2g4LXXeE6wZ7q5Cz0STmqfYCMpyPEGsEOO/Osnfc29c5IufDtMn6hu
9N6D/8nT2FbXVhvzlZzhpQj0MCP9d0coNu6Wv/QT87AunqjhQUZ/9Ph6AbraMHNf
iEBRcS6Qfr+KXcdA0Io8vIivrRpHkMO0ynW+5uLH+F63GdQ0aB0NKCIqQwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDlBjncXC4KlS8W3PncyhvjJDq1WMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvT1VHT2R4Y0xncVZMeGJjLWR6S0ctTWtPclZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW2odAwQC
1AfYMA8EAgACMAkDBwAqAW6A//4wDQYJKoZIhvcNAQELBQADggEBAB3bS4kMov6d
x9sg5UAjRICR6ErthxzkdJ8mCS3jqqzVgtmruri/U4baxo7stwaj3PdcQaivm7Kw
ygmL/Ts+2Q7CX14KtHeAlMIJ04iVVQH/JSjUO6CZv//iazPPG6zCiKeDWYHYzDBY
bRcRHTokmyA0gr+p8YgptRwx1Vosht9G4YNAj94ozqiOqLb+3cuFCNAS2asmx6PW
gRI4bHOxoFPvnMgfUvTdbVn6HxPx8mZt8gkTBBsOowNIuJ1onQRjdxmLu+KYtHyB
/cm/xNQncx3icYDqcLdW+WYvYNVfk3yaVBsb8Kv334b4k4mQheme0zzUNSdPstEp
+/Xgy0BkRvc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org