Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/ea376d-8efc-4440-8f54-949aa5b75a45/1/oTNiOheEnn6cwl9geUlDPk0IdiY.roa
File: oTNiOheEnn6cwl9geUlDPk0IdiY.roa (raw, json)
Hash identifier: O0djP1Z/cZ/taBFvz0EqKo9CVGWX1Ul5TMhgdVeh5Zk=
Subject key identifier: A1:33:62:3A:17:84:9E:7E:9C:C2:5F:60:79:49:43:3E:4D:08:76:26
Certificate issuer: /CN=196379769c57ca5b26a2c61fa5d9acc527bea789
Certificate serial: 09D7BB0C
Authority key identifier: 19:63:79:76:9C:57:CA:5B:26:A2:C6:1F:A5:D9:AC:C5:27:BE:A7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWN5dpxXylsmosYfpdmsxSe-p4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/ea376d-8efc-4440-8f54-949aa5b75a45/1/oTNiOheEnn6cwl9geUlDPk0IdiY.roa
Signing time: Sat 01 Jan 2022 16:06:53 +0000
ROA not before: Sat 01 Jan 2022 16:06:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48885
IP address blocks: 185.167.4.0/24 maxlen: 24
185.167.5.0/24 maxlen: 24
185.167.7.0/24 maxlen: 24
185.167.6.0/24 maxlen: 24
185.196.137.0/24 maxlen: 24
185.196.136.0/24 maxlen: 24
2a0a:6d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165133068 (0x9d7bb0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=196379769c57ca5b26a2c61fa5d9acc527bea789
Validity
Not Before: Jan 1 16:06:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a133623a17849e7e9cc25f607949433e4d087626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cd:8b:53:3a:64:f7:e1:c6:6d:e0:7a:3d:64:
32:10:a6:b5:f6:27:0d:9a:41:8b:e8:b9:87:23:22:
1c:92:e5:60:5d:8e:1e:8f:33:29:8f:24:45:a9:3b:
bd:40:86:95:1d:1a:61:94:c5:be:e3:50:db:c2:82:
2b:a6:f4:16:4a:c1:68:38:81:91:44:24:af:f0:3b:
ee:48:03:d7:21:80:d4:b1:c1:90:ae:70:8d:f5:b0:
6c:16:b6:38:1b:5d:71:1e:22:5d:45:21:19:c7:04:
0b:2b:bd:55:c8:a0:ca:ab:96:8f:8c:7b:55:85:61:
ec:ce:f8:38:1a:09:3a:13:86:97:57:f9:70:b7:61:
d3:d0:d6:3a:69:8d:e6:b8:27:62:94:f2:f8:b4:d3:
1a:e4:7a:e4:ea:df:62:47:62:ae:90:29:1d:d0:cd:
f4:0a:08:01:a6:84:8b:47:89:fb:ef:d0:e1:48:31:
34:08:c8:af:06:30:ce:02:c2:44:d9:d1:87:e0:9b:
6d:60:13:47:1c:b3:ba:29:39:d8:b6:57:a1:c3:70:
d4:29:89:fa:8d:96:b6:27:b4:82:e1:a3:b1:98:58:
21:c4:4b:df:0c:7a:d5:1c:cd:6c:01:bc:57:b6:d2:
e3:ff:7d:e4:f3:39:e6:a7:3b:23:ed:c7:60:a4:76:
f9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:33:62:3A:17:84:9E:7E:9C:C2:5F:60:79:49:43:3E:4D:08:76:26
X509v3 Authority Key Identifier:
keyid:19:63:79:76:9C:57:CA:5B:26:A2:C6:1F:A5:D9:AC:C5:27:BE:A7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWN5dpxXylsmosYfpdmsxSe-p4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/ea376d-8efc-4440-8f54-949aa5b75a45/1/oTNiOheEnn6cwl9geUlDPk0IdiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/ea376d-8efc-4440-8f54-949aa5b75a45/1/GWN5dpxXylsmosYfpdmsxSe-p4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.4.0/22
185.196.136.0/23
IPv6:
2a0a:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
85:0e:9f:6d:a5:69:05:7b:77:c4:7c:73:1d:35:15:6b:59:0e:
6a:e3:0e:f8:bf:66:a9:df:35:fb:e3:16:87:9d:ac:af:62:ef:
89:29:68:a6:d3:09:50:5d:b6:6b:95:cf:66:bc:e8:5a:cf:fb:
95:91:5f:29:7e:00:b3:69:3d:1f:a4:65:c1:8a:fe:6f:43:83:
6e:46:26:42:36:d9:56:4d:18:9e:4c:ac:61:65:81:fa:f6:ce:
ed:b7:02:2d:ad:c2:74:a5:3d:a8:fd:b4:c9:28:9e:36:0c:d4:
5a:1a:14:8d:0d:2c:28:1b:e2:de:40:ea:23:5b:c1:a4:e2:33:
92:f3:4e:a2:d1:6d:fb:28:cf:9c:b9:c2:09:d9:d1:34:47:5f:
8d:24:2c:3d:85:e3:62:1a:b1:82:be:d4:13:ab:7d:1e:23:50:
ac:90:4b:5b:55:4e:c8:01:e9:84:3f:14:af:b2:e4:21:37:e3:
fe:a9:78:22:c1:d9:04:57:31:8b:1c:bc:85:c7:1a:02:dd:0f:
9d:db:64:4d:75:db:10:17:8c:d5:7c:0e:05:68:eb:64:31:40:
dc:59:f3:9e:b6:f2:6a:b8:e9:d6:8b:f7:d2:aa:d7:89:7b:5e:
c9:ce:14:90:40:fc:24:a5:f9:0e:68:9c:23:82:7b:63:06:42:
b3:57:e2:9c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECde7DDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTYzNzk3NjljNTdjYTViMjZhMmM2MWZhNWQ5YWNjNTI3YmVhNzg5MB4XDTIyMDEw
MTE2MDY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTEzMzYyM2ExNzg0
OWU3ZTljYzI1ZjYwNzk0OTQzM2U0ZDA4NzYyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrNi1M6ZPfhxm3gej1kMhCmtfYnDZpBi+i5hyMiHJLlYF2O
Ho8zKY8kRak7vUCGlR0aYZTFvuNQ28KCK6b0FkrBaDiBkUQkr/A77kgD1yGA1LHB
kK5wjfWwbBa2OBtdcR4iXUUhGccECyu9VcigyquWj4x7VYVh7M74OBoJOhOGl1f5
cLdh09DWOmmN5rgnYpTy+LTTGuR65OrfYkdirpApHdDN9AoIAaaEi0eJ++/Q4Ugx
NAjIrwYwzgLCRNnRh+CbbWATRxyzuik52LZXocNw1CmJ+o2Wtie0guGjsZhYIcRL
3wx61RzNbAG8V7bS4/995PM55qc7I+3HYKR2+W0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBShM2I6F4SefpzCX2B5SUM+TQh2JjAfBgNVHSMEGDAWgBQZY3l2nFfKWyai
xh+l2azFJ76niTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dXTjVkcHhYeWxzbW9zWWZwZG1zeFNlLXA0ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvZWEzNzZkLThlZmMtNDQ0MC04ZjU0LTk0OWFhNWI3NWE0NS8x
L29UTmlPaGVFbm42Y3dsOWdlVWxEUGswSWRpWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
ZWEzNzZkLThlZmMtNDQ0MC04ZjU0LTk0OWFhNWI3NWE0NS8xL0dXTjVkcHhYeWxz
bW9zWWZwZG1zeFNlLXA0ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArmnBAMEAbnEiDANBAIAAjAHAwUD
KgptQDANBgkqhkiG9w0BAQsFAAOCAQEAhQ6fbaVpBXt3xHxzHTUVa1kOauMO+L9m
qd81++MWh52sr2LviSloptMJUF22a5XPZrzoWs/7lZFfKX4As2k9H6RlwYr+b0OD
bkYmQjbZVk0YnkysYWWB+vbO7bcCLa3CdKU9qP20ySieNgzUWhoUjQ0sKBvi3kDq
I1vBpOIzkvNOotFt+yjPnLnCCdnRNEdfjSQsPYXjYhqxgr7UE6t9HiNQrJBLW1VO
yAHphD8Ur7LkITfj/ql4IsHZBFcxixy8hccaAt0PndtkTXXbEBeM1XwOBWjrZDFA
3Fnznrbyarjp1ov30qrXiXteyc4UkED8JKX5DmicI4J7YwZCs1finA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org