Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OE3zHj4LB3oJlMYuT4NFsF5bov0.roa
File: OE3zHj4LB3oJlMYuT4NFsF5bov0.roa (raw, json)
Hash identifier: 8ELaGRkoWWt0+FXeNWZt43ls0dvO3WF/UF20Jw3yBXc=
Subject key identifier: 38:4D:F3:1E:3E:0B:07:7A:09:94:C6:2E:4F:83:45:B0:5E:5B:A2:FD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184A45D5A4013528D1832CD18163CF9C280
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OE3zHj4LB3oJlMYuT4NFsF5bov0.roa
Signing time: Wed 23 Nov 2022 12:01:32 +0000
ROA not before: Wed 23 Nov 2022 12:01:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 84.21.173.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
194.180.51.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:5d:5a:40:13:52:8d:18:32:cd:18:16:3c:f9:c2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 23 12:01:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=384df31e3e0b077a0994c62e4f8345b05e5ba2fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0f:6b:8e:f8:e2:29:e5:7d:cc:0a:1a:fa:b2:
75:66:9a:dc:1d:7f:e7:a3:b9:65:ad:92:fe:ea:27:
3e:4a:70:4b:dd:14:f6:24:fa:21:fc:84:cd:73:9c:
b1:6b:06:0e:69:bf:a1:44:c6:29:bd:47:a7:38:de:
83:d1:7c:cc:be:17:8c:81:88:a6:8f:b7:ec:42:7a:
8c:0a:8d:23:23:b9:9c:1b:1c:eb:7a:8c:8e:b6:91:
19:3f:68:59:75:df:d3:fe:38:1a:db:24:f3:23:13:
01:d0:d3:ea:14:1e:ee:31:9a:54:a6:7e:e2:0b:f7:
da:60:4d:62:18:04:0f:0b:f1:31:b8:2f:c1:78:00:
a7:69:7a:e9:fd:b0:98:f2:b3:9f:ae:d1:07:e0:82:
54:07:87:b8:34:69:7d:7b:12:68:e7:d6:77:de:39:
6f:c1:2a:fe:a0:b4:d7:c2:71:70:92:6c:af:bd:9a:
72:68:3c:84:0e:df:b1:9a:e3:70:1a:68:95:7a:eb:
eb:a0:b2:b3:09:4d:63:d7:bd:d7:f5:27:a7:3f:34:
35:0c:60:b7:a5:07:8b:48:2b:0f:33:4b:cd:3f:0a:
95:ff:2e:5b:e4:4c:82:80:66:e9:cc:77:a8:18:88:
d4:ff:2f:c4:c8:dd:75:3d:f1:b9:53:f6:2f:9a:64:
a2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4D:F3:1E:3E:0B:07:7A:09:94:C6:2E:4F:83:45:B0:5E:5B:A2:FD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OE3zHj4LB3oJlMYuT4NFsF5bov0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.219.96.0/24
84.21.173.0/24
84.54.50.0/24
87.121.220.0/24
94.154.162.0/24
193.42.34.0/24
193.47.60.0/24
194.55.224.0/23
194.55.227.0/24
194.169.173.0/24
194.180.51.0/24
Signature Algorithm: sha256WithRSAEncryption
39:51:2a:c7:04:5a:ac:cb:eb:48:b7:b5:3b:b3:3a:26:35:6d:
12:5f:2b:c3:1f:76:62:cf:29:c3:9b:44:78:05:2b:65:52:01:
5b:46:e3:db:19:b9:eb:44:ef:3e:59:ea:1a:e7:15:7a:67:c6:
16:b1:07:f0:d1:99:3e:ca:fe:30:e5:1b:78:94:ac:94:7f:07:
00:7d:e6:d7:f6:92:ef:e8:89:04:04:89:61:af:32:9f:a3:fb:
e6:d9:6c:3b:80:1f:08:75:2a:f4:b4:a1:ed:3c:ee:6d:3d:ab:
bb:b6:28:9b:20:d2:89:44:83:64:45:5c:4b:23:c7:e3:5d:52:
5b:86:08:1e:fb:24:24:f5:b1:aa:65:56:5a:34:2b:d4:5f:a4:
42:ad:b9:16:20:aa:48:4f:51:ce:f8:0f:1e:7a:38:37:fd:3f:
ca:ef:4e:a4:0c:dd:17:a0:94:d7:9c:37:89:ee:47:23:3b:6d:
07:ec:1a:7c:9e:e1:6c:d9:0d:68:c2:f0:d8:49:e5:b9:fb:9a:
8e:13:c6:ce:b0:42:6e:40:61:88:92:d9:49:5b:65:65:83:6d:
e7:97:2e:d1:2b:ce:2e:ef:3a:48:42:1b:4e:dc:a4:67:df:78:
a9:db:a7:c3:d8:36:29:d0:93:66:6d:70:db:4f:f9:aa:25:72:
92:49:9a:93
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYSkXVpAE1KNGDLNGBY8+cKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTIzMTIwMTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODRkZjMxZTNlMGIwNzdhMDk5NGM2MmU0ZjgzNDViMDVlNWJhMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlg9rjvjiKeV9zAoa+rJ1ZprcHX/n
o7llrZL+6ic+SnBL3RT2JPoh/ITNc5yxawYOab+hRMYpvUenON6D0XzMvheMgYim
j7fsQnqMCo0jI7mcGxzreoyOtpEZP2hZdd/T/jga2yTzIxMB0NPqFB7uMZpUpn7i
C/faYE1iGAQPC/ExuC/BeACnaXrp/bCY8rOfrtEH4IJUB4e4NGl9exJo59Z33jlv
wSr+oLTXwnFwkmyvvZpyaDyEDt+xmuNwGmiVeuvroLKzCU1j173X9SenPzQ1DGC3
pQeLSCsPM0vNPwqV/y5b5EyCgGbpzHeoGIjU/y/EyN11PfG5U/YvmmSiFQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDhN8x4+Cwd6CZTGLk+DRbBeW6L9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT0UzekhqNExCM29KbE1ZdVQ0TkZzRjVib3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAU9tgAwQA
VBWtAwQAVDYyAwQAV3ncAwQAXpqiAwQAwSoiAwQAwS88AwQBwjfgAwQAwjfjAwQA
wqmtAwQAwrQzMA0GCSqGSIb3DQEBCwUAA4IBAQA5USrHBFqsy+tIt7U7szomNW0S
XyvDH3ZizynDm0R4BStlUgFbRuPbGbnrRO8+Weoa5xV6Z8YWsQfw0Zk+yv4w5Rt4
lKyUfwcAfebX9pLv6IkEBIlhrzKfo/vm2Ww7gB8IdSr0tKHtPO5tPau7tiibINKJ
RINkRVxLI8fjXVJbhgge+yQk9bGqZVZaNCvUX6RCrbkWIKpIT1HO+A8eejg3/T/K
706kDN0XoJTXnDeJ7kcjO20H7Bp8nuFs2Q1owvDYSeW5+5qOE8bOsEJuQGGIktlJ
W2Vlg23nly7RK84u7zpIQhtO3KRn33ip26fD2DYp0JNmbXDbT/mqJXKSSZqT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-ams.rpki-client.org