Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/o8sWl3PqSBKG6_cnbYXPz0clNrQ.roa
File: o8sWl3PqSBKG6_cnbYXPz0clNrQ.roa (raw, json)
Hash identifier: mnrlClQ/SBXQtg0ykqaNlx88Zt0xjbfMLKD8lQDwNb4=
Subject key identifier: A3:CB:16:97:73:EA:48:12:86:EB:F7:27:6D:85:CF:CF:47:25:36:B4
Certificate issuer: /CN=6264318c1aaa7ca0603155a883d43926ef97e87c
Certificate serial: 018374B25878DFE854B29550D4958D3AFBDC
Authority key identifier: 62:64:31:8C:1A:AA:7C:A0:60:31:55:A8:83:D4:39:26:EF:97:E8:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/o8sWl3PqSBKG6_cnbYXPz0clNrQ.roa
Signing time: Sun 25 Sep 2022 12:49:48 +0000
ROA not before: Sun 25 Sep 2022 12:49:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56616
IP address blocks: 185.116.22.0/23 maxlen: 23
185.116.20.0/23 maxlen: 23
185.116.20.0/22 maxlen: 22
31.7.88.0/22 maxlen: 22
31.7.88.0/23 maxlen: 23
31.7.90.0/23 maxlen: 23
2a0a:d340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:74:b2:58:78:df:e8:54:b2:95:50:d4:95:8d:3a:fb:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6264318c1aaa7ca0603155a883d43926ef97e87c
Validity
Not Before: Sep 25 12:49:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3cb169773ea481286ebf7276d85cfcf472536b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d4:6c:ee:8a:e0:ff:49:cd:75:25:69:78:60:
66:c1:4a:bf:a1:9e:55:6d:ec:5e:49:25:34:b0:d7:
fb:10:a1:41:7c:e0:37:16:a0:bb:59:6e:8a:37:aa:
c5:89:9e:d0:6a:a8:0d:a5:09:65:37:3a:06:e7:a6:
c1:13:9b:5f:bf:e5:72:be:fa:3a:7d:9e:51:b2:7d:
a8:a6:92:3a:5c:c8:5e:f5:8e:c1:ba:ad:98:85:89:
de:53:12:57:22:99:21:c9:e8:a8:75:2e:4a:13:c8:
70:70:f8:2f:b6:2d:e0:3a:fb:6c:81:de:01:24:a7:
2c:a8:12:5c:3f:02:6c:79:53:40:44:1f:6f:c3:98:
6e:47:40:be:ef:c2:ae:2d:ac:21:d5:62:e0:01:f9:
19:ea:ef:0e:be:ff:a5:f5:43:34:af:10:03:03:24:
43:5c:f3:eb:0d:a9:5a:f1:8d:08:18:c3:85:ce:b3:
f5:91:a2:fd:8c:35:f3:28:b9:b9:3e:3a:28:37:84:
cd:33:59:35:c7:16:d0:99:dd:04:bd:cf:7f:22:a5:
7a:5e:29:18:89:ca:01:a1:36:fe:53:12:58:3e:1b:
6f:05:c7:84:c7:08:63:35:40:3d:6f:58:81:9a:6f:
f8:b0:03:05:8f:53:66:6d:18:97:5d:a2:d6:1f:3b:
9f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CB:16:97:73:EA:48:12:86:EB:F7:27:6D:85:CF:CF:47:25:36:B4
X509v3 Authority Key Identifier:
keyid:62:64:31:8C:1A:AA:7C:A0:60:31:55:A8:83:D4:39:26:EF:97:E8:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/o8sWl3PqSBKG6_cnbYXPz0clNrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.88.0/22
185.116.20.0/22
IPv6:
2a0a:d340::/29
Signature Algorithm: sha256WithRSAEncryption
7b:e3:3e:66:a8:02:1f:ca:d3:c4:05:da:3b:e6:50:e1:73:6e:
b9:6d:44:18:e4:b2:df:78:41:50:2d:1c:21:ef:1b:06:a7:cc:
ce:bc:c8:87:bc:8c:b4:52:1f:18:5b:d2:2c:7b:5a:32:49:7f:
03:f5:bd:6e:2c:c4:3e:e2:e4:10:7a:af:9b:a3:2b:a6:52:b2:
f7:0d:1c:88:89:7d:86:83:20:4d:44:3e:5b:6a:cd:8e:e0:45:
8a:93:d7:93:e2:11:fa:ed:1d:92:ed:49:dd:df:5d:2c:75:78:
ad:b7:83:ec:c3:cb:67:82:04:10:97:8d:be:a8:fb:0d:bd:f3:
d8:9c:f0:bc:b9:73:75:4e:7e:7e:e8:c2:99:b9:10:19:09:31:
5d:c4:ea:02:31:3b:d0:02:79:9a:72:b1:ef:21:12:5a:eb:63:
8f:85:c2:b2:21:ac:f0:b9:15:12:f0:28:de:1c:fd:91:1c:48:
57:3f:26:32:38:a6:3a:91:1f:14:68:40:55:3d:d7:24:41:a0:
ef:a6:6e:c3:a2:ec:fb:17:ef:ca:ac:00:b5:74:41:f6:cb:21:
6a:46:3f:df:25:77:22:45:2a:49:a6:6d:17:78:ac:e2:a3:33:
e5:e8:35:2b:39:e3:22:29:3f:be:9a:93:a8:32:f0:1f:31:86:
74:c5:cd:19
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYN0slh43+hUspVQ1JWNOvvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNjQzMThjMWFhYTdjYTA2MDMxNTVhODgzZDQzOTI2ZWY5
N2U4N2MwHhcNMjIwOTI1MTI0OTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NiMTY5NzczZWE0ODEyODZlYmY3Mjc2ZDg1Y2ZjZjQ3MjUzNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNRs7org/0nNdSVpeGBmwUq/oZ5V
bexeSSU0sNf7EKFBfOA3FqC7WW6KN6rFiZ7QaqgNpQllNzoG56bBE5tfv+Vyvvo6
fZ5Rsn2oppI6XMhe9Y7Buq2YhYneUxJXIpkhyeiodS5KE8hwcPgvti3gOvtsgd4B
JKcsqBJcPwJseVNARB9vw5huR0C+78KuLawh1WLgAfkZ6u8Ovv+l9UM0rxADAyRD
XPPrDala8Y0IGMOFzrP1kaL9jDXzKLm5PjooN4TNM1k1xxbQmd0Evc9/IqV6XikY
icoBoTb+UxJYPhtvBceExwhjNUA9b1iBmm/4sAMFj1NmbRiXXaLWHzufwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKPLFpdz6kgShuv3J22Fz89HJTa0MB8GA1UdIwQY
MBaAFGJkMYwaqnygYDFVqIPUOSbvl+h8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1ReGpCcXFmS0JnTVZXb2c5UTVKdS1YNkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9mNmI2NDItODcyYi00YjdkLWJkNmEt
YjkxYTI3MDU1MjA0LzEvbzhzV2wzUHFTQktHNl9jbmJZWFB6MGNsTnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9mNmI2NDItODcyYi00YjdkLWJkNmEtYjkxYTI3MDU1MjA0
LzEvWW1ReGpCcXFmS0JnTVZXb2c5UTVKdS1YNkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCHwdYAwQC
uXQUMA0EAgACMAcDBQMqCtNAMA0GCSqGSIb3DQEBCwUAA4IBAQB74z5mqAIfytPE
Bdo75lDhc265bUQY5LLfeEFQLRwh7xsGp8zOvMiHvIy0Uh8YW9Ise1oySX8D9b1u
LMQ+4uQQeq+boyumUrL3DRyIiX2GgyBNRD5bas2O4EWKk9eT4hH67R2S7Und310s
dXitt4Psw8tnggQQl42+qPsNvfPYnPC8uXN1Tn5+6MKZuRAZCTFdxOoCMTvQAnma
crHvIRJa62OPhcKyIazwuRUS8CjeHP2RHEhXPyYyOKY6kR8UaEBVPdckQaDvpm7D
ouz7F+/KrAC1dEH2yyFqRj/fJXciRSpJpm0XeKziozPl6DUrOeMiKT++mpOoMvAf
MYZ0xc0Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:15 2024 by rpki-client on console-ams.rpki-client.org