Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/oszf0XfIb6uzTZwCWAVc2Y98Mt8.roa
File: oszf0XfIb6uzTZwCWAVc2Y98Mt8.roa (raw, json)
Hash identifier: PLgVQ4m5VbUTlgNOZEblUB2ayNrfPuKMKaJ6pQ/BfXs=
Subject key identifier: A2:CC:DF:D1:77:C8:6F:AB:B3:4D:9C:02:58:05:5C:D9:8F:7C:32:DF
Certificate issuer: /CN=0bb71e4264ce62c35e1cee64d18765d33290f2a4
Certificate serial: 0184BA4B30351BF6738C182F03B265D4E742
Authority key identifier: 0B:B7:1E:42:64:CE:62:C3:5E:1C:EE:64:D1:87:65:D3:32:90:F2:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7ceQmTOYsNeHO5k0Ydl0zKQ8qQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/oszf0XfIb6uzTZwCWAVc2Y98Mt8.roa
Signing time: Sun 27 Nov 2022 18:13:20 +0000
ROA not before: Sun 27 Nov 2022 18:13:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207470
IP address blocks: 193.104.98.0/24 maxlen: 24
193.104.110.0/24 maxlen: 24
193.104.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ba:4b:30:35:1b:f6:73:8c:18:2f:03:b2:65:d4:e7:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb71e4264ce62c35e1cee64d18765d33290f2a4
Validity
Not Before: Nov 27 18:13:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2ccdfd177c86fabb34d9c0258055cd98f7c32df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c7:6f:3e:22:aa:49:b4:61:a4:f4:92:21:6b:
5c:2e:2d:95:6b:e6:13:87:f4:6a:73:2d:a3:3a:1f:
0a:27:cd:84:9e:73:06:56:6d:a0:2c:20:a5:b1:26:
fe:0c:24:d2:4a:ae:a4:bd:76:48:f6:5b:e5:ca:1d:
0f:96:7c:b2:cd:c1:81:50:91:c2:40:7e:35:aa:84:
7d:fb:c1:87:0e:c3:21:c0:fa:ff:b7:78:23:f2:46:
2c:54:86:fa:c9:c0:c9:15:0e:c5:c6:b2:9a:20:8e:
31:62:00:5d:db:40:b5:ab:7d:fb:75:e3:aa:9c:44:
64:ea:dd:93:b8:06:ce:e9:1a:3d:6f:6e:99:e3:fd:
1c:98:68:11:5e:45:c3:f4:f5:c3:ad:a9:a5:04:84:
8e:78:81:5e:23:5d:a8:89:03:d5:f8:65:fa:73:34:
84:aa:62:42:5a:00:22:38:62:40:ff:7b:64:88:08:
51:4e:a7:a3:26:86:6f:ad:8a:99:f9:0e:1e:f4:fe:
bb:ea:26:60:2f:03:f5:0e:6c:0a:31:4f:cc:48:e8:
86:49:64:b4:ac:ab:92:b3:be:f0:c8:bf:11:42:45:
fc:39:37:77:ad:2e:09:a4:40:e3:da:69:0c:b0:7f:
72:32:73:06:0c:a7:94:3b:d8:60:8a:83:29:66:1a:
c0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:CC:DF:D1:77:C8:6F:AB:B3:4D:9C:02:58:05:5C:D9:8F:7C:32:DF
X509v3 Authority Key Identifier:
keyid:0B:B7:1E:42:64:CE:62:C3:5E:1C:EE:64:D1:87:65:D3:32:90:F2:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7ceQmTOYsNeHO5k0Ydl0zKQ8qQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/oszf0XfIb6uzTZwCWAVc2Y98Mt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/C7ceQmTOYsNeHO5k0Ydl0zKQ8qQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.98.0/24
193.104.110.0/24
193.104.130.0/24
Signature Algorithm: sha256WithRSAEncryption
69:1e:b6:b8:06:ab:e3:78:f4:b7:4f:17:ab:cb:d7:b0:63:bd:
9f:5e:d9:7e:51:95:e1:f7:b3:4c:ad:c4:6b:1d:1e:d6:ec:6a:
16:a8:91:9e:e4:e5:a8:1e:ba:1b:ab:ea:49:23:45:65:0d:e0:
23:8d:6b:da:69:c5:4c:bb:55:7d:86:d2:e7:63:8a:29:4e:ba:
c2:d8:e1:b7:1a:a0:c2:b6:ef:cd:c9:10:2c:f8:de:b3:b1:87:
e8:03:f0:01:2a:fd:7e:f3:1c:e6:ca:c8:f5:d4:70:09:68:82:
1c:37:5e:72:a4:98:7e:f9:c1:b9:dc:dd:d0:3a:38:76:36:01:
1a:4b:7c:aa:e9:da:ac:8e:d9:c6:07:67:fc:a1:2c:f1:bb:23:
43:0b:d7:e8:67:63:9b:3f:57:0c:41:c4:b2:67:ff:7b:92:27:
4e:84:76:a8:d1:44:83:a7:4c:67:6f:0a:dd:7a:62:14:30:f7:
79:81:d8:92:3f:2f:c7:4a:0f:2c:7b:22:53:48:39:2c:78:f4:
c1:da:61:9a:62:48:e3:24:73:c3:75:f5:60:29:68:df:38:68:
d4:6a:f1:eb:b6:2d:4a:3b:3b:4f:a6:1b:98:a9:21:a0:73:63:
17:0f:b6:5b:a1:75:fc:58:85:4c:37:79:41:4e:69:42:5c:53:
58:1c:0f:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYS6SzA1G/ZzjBgvA7Jl1OdCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjcxZTQyNjRjZTYyYzM1ZTFjZWU2NGQxODc2NWQzMzI5
MGYyYTQwHhcNMjIxMTI3MTgxMzIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmNjZGZkMTc3Yzg2ZmFiYjM0ZDljMDI1ODA1NWNkOThmN2MzMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsdvPiKqSbRhpPSSIWtcLi2Va+YT
h/Rqcy2jOh8KJ82EnnMGVm2gLCClsSb+DCTSSq6kvXZI9lvlyh0PlnyyzcGBUJHC
QH41qoR9+8GHDsMhwPr/t3gj8kYsVIb6ycDJFQ7FxrKaII4xYgBd20C1q337deOq
nERk6t2TuAbO6Ro9b26Z4/0cmGgRXkXD9PXDramlBISOeIFeI12oiQPV+GX6czSE
qmJCWgAiOGJA/3tkiAhRTqejJoZvrYqZ+Q4e9P676iZgLwP1DmwKMU/MSOiGSWS0
rKuSs77wyL8RQkX8OTd3rS4JpEDj2mkMsH9yMnMGDKeUO9hgioMpZhrALwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKLM39F3yG+rs02cAlgFXNmPfDLfMB8GA1UdIwQY
MBaAFAu3HkJkzmLDXhzuZNGHZdMykPKkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdjZVFtVE9Zc05lSE81azBZZGwwektROHFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xM2RhMDktNWUwZS00NWNiLTk1YTMt
Y2E1NDU4MzhhZmMwLzEvb3N6ZjBYZkliNnV6VFp3Q1dBVmMyWTk4TXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xM2RhMDktNWUwZS00NWNiLTk1YTMtY2E1NDU4MzhhZmMw
LzEvQzdjZVFtVE9Zc05lSE81azBZZGwwektROHFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwWhiAwQA
wWhuAwQAwWiCMA0GCSqGSIb3DQEBCwUAA4IBAQBpHra4BqvjePS3Txery9ewY72f
Xtl+UZXh97NMrcRrHR7W7GoWqJGe5OWoHrobq+pJI0VlDeAjjWvaacVMu1V9htLn
Y4opTrrC2OG3GqDCtu/NyRAs+N6zsYfoA/ABKv1+8xzmysj11HAJaIIcN15ypJh+
+cG53N3QOjh2NgEaS3yq6dqsjtnGB2f8oSzxuyNDC9foZ2ObP1cMQcSyZ/97kidO
hHao0USDp0xnbwrdemIUMPd5gdiSPy/HSg8seyJTSDksePTB2mGaYkjjJHPDdfVg
KWjfOGjUavHrti1KOztPphuYqSGgc2MXD7ZboXX8WIVMN3lBTmlCXFNYHA+G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:33 2024 by rpki-client on console-fra.rpki-client.org