Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/Ow1qY6juR1yQV4Q0l9MfcLGUdSo.roa
File: Ow1qY6juR1yQV4Q0l9MfcLGUdSo.roa (raw, json)
Hash identifier: /i5rozF+5cgqzTtr6HEDWg/uJtpOnRHYbivtUV9FrV4=
Subject key identifier: 3B:0D:6A:63:A8:EE:47:5C:90:57:84:34:97:D3:1F:70:B1:94:75:2A
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 01829635742C222AB139FA6ACA386F2ED914
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/Ow1qY6juR1yQV4Q0l9MfcLGUdSo.roa
Signing time: Sat 13 Aug 2022 07:57:41 +0000
ROA not before: Sat 13 Aug 2022 07:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 212.68.164.0/24 maxlen: 24
212.68.164.0/23 maxlen: 23
212.68.166.0/24 maxlen: 24
212.68.165.0/24 maxlen: 24
212.68.166.0/23 maxlen: 23
212.68.167.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
212.68.190.0/23 maxlen: 23
212.68.191.0/24 maxlen: 24
212.68.188.0/23 maxlen: 23
212.68.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:96:35:74:2c:22:2a:b1:39:fa:6a:ca:38:6f:2e:d9:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Aug 13 07:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b0d6a63a8ee475c9057843497d31f70b194752a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f4:78:2a:85:87:17:b2:2a:74:b8:df:28:06:
0e:56:34:a1:07:fd:35:2a:05:59:3a:f0:7d:b8:55:
18:ce:c1:e6:35:c6:e2:87:a4:b1:ef:8c:19:9b:cf:
53:c7:ca:28:4c:f6:60:53:9f:5e:f3:6d:58:d5:d9:
5c:d8:00:1f:8f:1f:15:2b:ab:a7:72:e8:7b:dc:8e:
a2:82:33:e3:74:c5:ab:0a:15:94:9f:56:77:7e:eb:
3b:8d:54:f7:70:48:73:38:a2:62:26:18:23:b7:1c:
bb:46:23:88:af:ec:40:bf:0f:dc:9c:86:59:a3:21:
7b:8e:d9:ff:b4:cd:30:13:fc:82:13:fe:a1:a5:ce:
8c:e9:ed:93:0a:3c:05:6b:28:23:12:b9:92:26:79:
48:b9:56:e2:33:f6:4c:ae:64:b7:15:5e:69:0b:11:
29:77:70:4c:99:7e:06:36:a9:9f:d5:4a:29:81:45:
e3:1d:d5:c9:a8:04:f7:ea:7f:a9:0d:d8:64:33:be:
aa:30:ff:94:be:ef:97:a0:ce:83:aa:5d:d1:82:7f:
82:a8:b1:fc:a8:71:c7:83:6a:9a:15:ee:53:dc:98:
c9:1c:30:4a:15:ad:6d:76:af:7a:a1:b0:47:c4:85:
6c:ee:f4:f3:23:51:08:01:42:35:d7:20:0a:98:d4:
2d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0D:6A:63:A8:EE:47:5C:90:57:84:34:97:D3:1F:70:B1:94:75:2A
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/Ow1qY6juR1yQV4Q0l9MfcLGUdSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0/22
212.68.188.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:05:68:16:13:9f:18:4a:50:2a:82:ec:89:06:7b:78:e7:06:
f3:68:6a:79:6b:83:cb:aa:1f:7a:25:e4:a6:1c:88:fc:75:8b:
b2:4e:65:73:d0:87:19:63:38:0a:6d:5e:06:f7:16:d0:2f:4e:
41:34:b1:c5:85:38:e1:60:1c:88:ca:8a:3a:a9:d1:94:1e:4d:
90:e9:56:9e:b3:f5:a5:10:8e:ba:63:d0:99:15:25:94:90:29:
0e:1a:16:c8:99:1d:61:eb:bd:97:08:8d:4b:8c:7a:57:07:af:
8d:20:48:7d:2a:e1:39:3e:81:e9:dd:71:c8:d9:2f:7f:c1:4f:
70:02:48:83:aa:b0:c2:f7:1d:fa:32:ea:35:37:f9:1c:b0:bb:
a9:51:f4:68:d6:e6:b7:7a:a3:15:c5:ce:ac:59:24:37:8c:5a:
ab:88:77:35:0b:64:e6:aa:16:14:23:d5:29:3d:6e:83:3d:1e:
8d:83:7f:0a:a3:6e:b1:29:5c:27:23:b6:c3:7c:4c:3d:53:0d:
9c:13:54:14:95:3e:b7:16:25:d3:f5:ad:c3:80:0a:08:9a:12:
67:69:5c:f4:89:03:81:49:2f:78:f5:43:4a:01:f6:8b:b4:98:
72:3c:1a:bf:64:83:d5:5c:b4:5c:22:e5:5a:c8:0d:df:e2:79:
20:f8:88:cd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKWNXQsIiqxOfpqyjhvLtkUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjIwODEzMDc1NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjBkNmE2M2E4ZWU0NzVjOTA1Nzg0MzQ5N2QzMWY3MGIxOTQ3NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/R4KoWHF7IqdLjfKAYOVjShB/01
KgVZOvB9uFUYzsHmNcbih6Sx74wZm89Tx8ooTPZgU59e821Y1dlc2AAfjx8VK6un
cuh73I6igjPjdMWrChWUn1Z3fus7jVT3cEhzOKJiJhgjtxy7RiOIr+xAvw/cnIZZ
oyF7jtn/tM0wE/yCE/6hpc6M6e2TCjwFaygjErmSJnlIuVbiM/ZMrmS3FV5pCxEp
d3BMmX4GNqmf1UopgUXjHdXJqAT36n+pDdhkM76qMP+Uvu+XoM6Dql3Rgn+CqLH8
qHHHg2qaFe5T3JjJHDBKFa1tdq96obBHxIVs7vTzI1EIAUI11yAKmNQt6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDsNamOo7kdckFeENJfTH3CxlHUqMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvT3cxcVk2anVSMXlRVjRRMGw5TWZjTEdVZFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1ESkAwQC
1ES8MA0GCSqGSIb3DQEBCwUAA4IBAQC5BWgWE58YSlAqguyJBnt45wbzaGp5a4PL
qh96JeSmHIj8dYuyTmVz0IcZYzgKbV4G9xbQL05BNLHFhTjhYByIyoo6qdGUHk2Q
6Vaes/WlEI66Y9CZFSWUkCkOGhbImR1h672XCI1LjHpXB6+NIEh9KuE5PoHp3XHI
2S9/wU9wAkiDqrDC9x36Muo1N/kcsLupUfRo1ua3eqMVxc6sWSQ3jFqriHc1C2Tm
qhYUI9UpPW6DPR6Ng38Ko26xKVwnI7bDfEw9Uw2cE1QUlT63FiXT9a3DgAoImhJn
aVz0iQOBSS949UNKAfaLtJhyPBq/ZIPVXLRcIuVayA3f4nkg+IjN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org