Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/oxLh_q0U9aQNuyyHDiMWb3nq2nE.roa
File: oxLh_q0U9aQNuyyHDiMWb3nq2nE.roa (raw, json)
Hash identifier: pqKovHxQVHFSSIua9KAf0eTBjOC6GOgRcZ+xm4ec/gY=
Subject key identifier: A3:12:E1:FE:AD:14:F5:A4:0D:BB:2C:87:0E:23:16:6F:79:EA:DA:71
Certificate issuer: /CN=4540daa4c245a4725f38041402b6bffded15ea78
Certificate serial: 01832772E92EDE17D70CD803C1D2DE6E49BF
Authority key identifier: 45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/oxLh_q0U9aQNuyyHDiMWb3nq2nE.roa
Signing time: Sat 10 Sep 2022 12:49:45 +0000
ROA not before: Sat 10 Sep 2022 12:49:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201746
IP address blocks: 217.61.224.0/23 maxlen: 23
217.61.224.0/22 maxlen: 24
185.49.168.0/22 maxlen: 24
217.61.226.0/23 maxlen: 23
2a01:9f20::/37 maxlen: 37
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:27:72:e9:2e:de:17:d7:0c:d8:03:c1:d2:de:6e:49:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4540daa4c245a4725f38041402b6bffded15ea78
Validity
Not Before: Sep 10 12:49:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a312e1fead14f5a40dbb2c870e23166f79eada71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7c:ee:6c:0d:59:c9:e6:55:27:4f:fa:38:f6:
1d:ec:62:64:03:8c:bf:bd:6c:fb:f2:57:48:7e:95:
9c:95:04:bc:e3:cc:de:f6:da:25:5c:89:69:52:01:
17:15:5e:68:9d:3a:ed:a1:ce:95:37:af:6d:af:65:
db:37:cd:9e:b0:09:c6:87:2b:c1:9f:07:c5:82:d2:
13:f8:6d:0f:e7:06:e1:51:fd:83:63:f6:bb:97:af:
81:3a:54:94:a9:7d:01:33:86:cc:05:78:ad:bd:22:
61:0c:0b:4a:99:b2:99:10:fb:ec:35:22:1a:14:55:
88:da:27:29:6f:0d:d9:12:26:fe:89:90:a7:5d:fe:
56:fa:bd:be:43:72:2e:b3:f8:3a:8e:39:e4:83:a7:
33:00:3d:5c:46:0f:85:43:e5:f4:32:99:cc:9e:24:
63:f6:58:4d:4e:d0:fa:ab:56:1e:c6:86:81:8b:77:
5b:e1:71:e8:38:3a:0b:0e:3e:a9:1f:47:2e:61:fa:
9e:b7:4f:99:7a:e2:43:c9:9d:21:8b:28:f6:f7:7c:
2f:5b:58:ec:5c:dc:4c:78:29:f6:fb:e7:f3:f9:1d:
9f:29:39:e0:c6:b8:f3:41:15:10:8b:f2:14:2d:6f:
37:41:c4:c3:64:d0:d1:f1:52:9e:60:e6:fa:4b:3f:
a3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:12:E1:FE:AD:14:F5:A4:0D:BB:2C:87:0E:23:16:6F:79:EA:DA:71
X509v3 Authority Key Identifier:
keyid:45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/oxLh_q0U9aQNuyyHDiMWb3nq2nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RUDapMJFpHJfOAQUAra__e0V6ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.168.0/22
217.61.224.0/22
IPv6:
2a01:9f20::/37
Signature Algorithm: sha256WithRSAEncryption
54:bf:b7:23:f8:36:ad:2d:f5:43:ad:c5:af:9b:0f:cb:b0:e1:
b4:86:7c:9a:1b:a7:ca:ed:3b:60:5f:9f:56:04:3f:fb:32:78:
c8:ad:46:69:a5:ba:07:ab:8d:a2:79:8f:9a:f5:73:69:d6:b1:
ea:1c:b7:7d:2f:89:73:76:1b:68:70:a4:7e:35:13:e9:0e:17:
a3:98:21:5a:10:9b:7d:a0:0e:5a:1c:cd:ac:ac:4e:ac:be:5e:
37:29:1a:3c:77:5c:b6:b3:1f:63:c6:e7:e3:a0:f3:a3:df:ec:
af:9d:b3:4b:91:c3:09:8e:13:3d:d5:ce:5d:ad:f1:4d:12:21:
a9:71:6d:8c:4f:0c:a8:5a:16:87:c9:9a:13:a7:af:ec:3e:ab:
9c:7e:67:88:4e:b7:61:5d:9d:be:5a:18:81:a1:0a:77:80:0d:
0c:fc:70:bf:1d:97:41:20:a2:5a:8d:b4:5c:b6:80:c8:ba:8b:
35:80:ce:a9:15:b6:b1:a9:c1:a2:a2:0f:82:72:fb:e2:b1:17:
62:bf:03:1e:82:a5:ae:5f:f7:ad:33:42:78:c9:d4:5a:db:59:
82:99:87:6d:79:3c:62:73:f3:ec:89:6d:f3:e7:ff:e2:d1:7b:
d1:2e:27:a8:6f:54:8b:36:9b:16:61:23:4b:0a:b1:c8:bb:e3:
df:0c:c0:1b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYMncuku3hfXDNgDwdLebkm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NDBkYWE0YzI0NWE0NzI1ZjM4MDQxNDAyYjZiZmZkZWQx
NWVhNzgwHhcNMjIwOTEwMTI0OTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzEyZTFmZWFkMTRmNWE0MGRiYjJjODcwZTIzMTY2Zjc5ZWFkYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHzubA1ZyeZVJ0/6OPYd7GJkA4y/
vWz78ldIfpWclQS848ze9tolXIlpUgEXFV5onTrtoc6VN69tr2XbN82esAnGhyvB
nwfFgtIT+G0P5wbhUf2DY/a7l6+BOlSUqX0BM4bMBXitvSJhDAtKmbKZEPvsNSIa
FFWI2icpbw3ZEib+iZCnXf5W+r2+Q3Ius/g6jjnkg6czAD1cRg+FQ+X0MpnMniRj
9lhNTtD6q1YexoaBi3db4XHoODoLDj6pH0cuYfqet0+ZeuJDyZ0hiyj293wvW1js
XNxMeCn2++fz+R2fKTngxrjzQRUQi/IULW83QcTDZNDR8VKeYOb6Sz+jtwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKMS4f6tFPWkDbsshw4jFm956tpxMB8GA1UdIwQY
MBaAFEVA2qTCRaRyXzgEFAK2v/3tFep4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2Et
ZDI1YWFhODA0MTQ1LzEvb3hMaF9xMFU5YVFOdXl5SERpTVdiM25xMm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2EtZDI1YWFhODA0MTQ1
LzEvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuTGoAwQC
2T3gMA4EAgACMAgDBgMqAZ8gADANBgkqhkiG9w0BAQsFAAOCAQEAVL+3I/g2rS31
Q63Fr5sPy7DhtIZ8mhunyu07YF+fVgQ/+zJ4yK1GaaW6B6uNonmPmvVzadax6hy3
fS+Jc3YbaHCkfjUT6Q4Xo5ghWhCbfaAOWhzNrKxOrL5eNykaPHdctrMfY8bn46Dz
o9/sr52zS5HDCY4TPdXOXa3xTRIhqXFtjE8MqFoWh8maE6ev7D6rnH5niE63YV2d
vloYgaEKd4ANDPxwvx2XQSCiWo20XLaAyLqLNYDOqRW2sanBoqIPgnL74rEXYr8D
HoKlrl/3rTNCeMnUWttZgpmHbXk8YnPz7Ilt8+f/4tF70S4nqG9UizabFmEjSwqx
yLvj3wzAGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:21 2024 by rpki-client on console-ams.rpki-client.org