Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/oaXAx_tA2R7A_AxDejvRXhPbzOM.roa
File: oaXAx_tA2R7A_AxDejvRXhPbzOM.roa (raw, json)
Hash identifier: BIy+na1c1JySy/q/ORL71uAhydhGosSpJD7TO4e6dBU=
Subject key identifier: A1:A5:C0:C7:FB:40:D9:1E:C0:FC:0C:43:7A:3B:D1:5E:13:DB:CC:E3
Certificate issuer: /CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Certificate serial: 04252EBB
Authority key identifier: 7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/oaXAx_tA2R7A_AxDejvRXhPbzOM.roa
Signing time: Wed 18 May 2022 16:15:17 +0000
ROA not before: Wed 18 May 2022 16:15:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30762
IP address blocks: 94.143.105.0/24 maxlen: 24
94.143.106.0/24 maxlen: 24
94.143.107.0/24 maxlen: 24
185.236.124.0/24 maxlen: 24
94.143.108.0/24 maxlen: 24
185.236.125.0/24 maxlen: 24
185.236.126.0/24 maxlen: 24
185.236.127.0/24 maxlen: 24
212.1.219.0/24 maxlen: 24
212.1.218.0/24 maxlen: 24
212.1.223.0/24 maxlen: 24
212.1.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69545659 (0x4252ebb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Validity
Not Before: May 18 16:15:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1a5c0c7fb40d91ec0fc0c437a3bd15e13dbcce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b8:02:a5:d2:0b:fc:df:aa:4f:e6:0b:a2:1d:
82:ff:dd:39:78:00:b7:34:6a:e7:85:59:8f:e2:67:
c4:f5:4c:0a:78:f0:a3:6e:ab:23:e2:45:3d:94:98:
60:5a:6c:98:0c:bb:8f:42:84:aa:fd:cb:65:12:c8:
f0:fa:f1:b7:37:40:e3:14:bc:52:96:fb:5d:1f:04:
12:42:43:d8:53:09:d4:bb:f9:32:84:3f:4a:bd:c3:
52:01:04:0f:14:48:86:c9:7c:3a:24:1c:d7:39:ec:
97:12:71:b2:f7:9c:f7:76:70:c3:2e:40:89:d7:f5:
c5:3d:46:59:c3:eb:7d:a7:89:46:9a:e8:1b:dd:ad:
5e:e9:54:e0:72:c6:2f:78:fa:64:27:3e:bf:bb:97:
96:78:a3:a3:98:96:dd:1a:40:69:f1:0f:3f:18:3c:
f5:21:21:ae:bc:8c:8a:f8:fd:8c:c3:7d:93:7b:b1:
b8:a6:d3:06:62:bb:64:80:f9:37:79:9f:84:e0:02:
24:9f:9e:39:e6:62:49:67:3a:4e:aa:18:16:f7:8e:
3c:d1:e8:70:c0:6b:d4:fa:11:95:03:00:a0:7d:13:
95:0e:60:fd:24:80:d1:8e:6f:18:04:c7:f0:d3:c4:
93:ba:58:60:47:14:5a:82:fd:58:ea:c7:68:1f:ff:
47:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A5:C0:C7:FB:40:D9:1E:C0:FC:0C:43:7A:3B:D1:5E:13:DB:CC:E3
X509v3 Authority Key Identifier:
keyid:7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/oaXAx_tA2R7A_AxDejvRXhPbzOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.105.0-94.143.108.255
185.236.124.0/22
212.1.218.0/23
212.1.222.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:61:e1:14:f4:d3:53:ad:22:bc:41:0b:92:4d:ee:6d:b5:d9:
5a:af:08:b4:1e:88:fa:e9:f4:dc:77:59:2e:8f:12:24:25:db:
2b:d2:5b:ab:2e:d2:fe:50:c3:c7:8f:0f:89:18:10:88:3b:bd:
f7:fd:bf:0e:98:21:59:ee:8d:bc:ec:f3:33:dd:3b:f5:5f:01:
fe:40:32:1f:ac:0f:d1:a1:d2:9f:8c:90:3f:44:52:21:b4:a0:
54:d7:53:83:b3:02:d0:90:a4:7c:cd:62:1a:12:c7:3e:ca:ff:
5a:e1:a0:2d:42:4d:2b:5d:6d:b2:76:f7:4d:11:53:a3:46:9f:
43:be:60:f5:92:13:38:1c:44:0a:78:ba:c6:43:ea:b1:c0:b8:
6d:d0:45:31:02:fa:2c:86:21:d4:be:a3:40:99:ec:29:d0:db:
7c:66:47:d2:ee:43:22:0b:73:ce:18:07:79:6d:77:d7:9f:13:
14:d5:9c:46:66:eb:be:41:98:43:8d:af:96:ae:5f:0b:fd:70:
c8:c8:6c:5c:7a:62:0b:09:0b:f2:c0:f4:fb:d5:1f:56:5a:e6:
0d:2f:78:28:2e:fd:fd:38:a5:cc:9c:e0:f6:0c:2d:58:53:f1:
5d:1a:6d:95:09:d1:00:4d:d6:f2:dd:5e:8c:37:10:93:d4:cc:
41:e4:3a:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBCUuuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YTQ3OGM1YWEyMjZhMjc4ZThiMTkwNmYzNzFjNjBjZmM3ZDg3ZThlMB4XDTIyMDUx
ODE2MTUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFhNWMwYzdmYjQw
ZDkxZWMwZmMwYzQzN2EzYmQxNWUxM2RiY2NlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANK4AqXSC/zfqk/mC6Idgv/dOXgAtzRq54VZj+JnxPVMCnjw
o26rI+JFPZSYYFpsmAy7j0KEqv3LZRLI8PrxtzdA4xS8Upb7XR8EEkJD2FMJ1Lv5
MoQ/Sr3DUgEEDxRIhsl8OiQc1znslxJxsvec93Zwwy5Aidf1xT1GWcPrfaeJRpro
G92tXulU4HLGL3j6ZCc+v7uXlnijo5iW3RpAafEPPxg89SEhrryMivj9jMN9k3ux
uKbTBmK7ZID5N3mfhOACJJ+eOeZiSWc6TqoYFveOPNHocMBr1PoRlQMAoH0TlQ5g
/SSA0Y5vGATH8NPEk7pYYEcUWoL9WOrHaB//R8sCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBShpcDH+0DZHsD8DEN6O9FeE9vM4zAfBgNVHSMEGDAWgBR6R4xaoiaieOix
kG83HGDPx9h+jjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VrZU1XcUltb25qb3NaQnZOeHhnejhmWWZvNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvNTFhNTIwLWUwOGQtNDNiMy1hNmIwLWQ3NmVjOWNjMGQyOC8x
L29hWEF4X3RBMlI3QV9BeERlanZSWGhQYnpPTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
NTFhNTIwLWUwOGQtNDNiMy1hNmIwLWQ3NmVjOWNjMGQyOC8xL2VrZU1XcUltb25q
b3NaQnZOeHhnejhmWWZvNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQAXo9pAwQAXo9sAwQCuex8AwQB
1AHaAwQB1AHeMA0GCSqGSIb3DQEBCwUAA4IBAQDKYeEU9NNTrSK8QQuSTe5ttdla
rwi0Hoj66fTcd1kujxIkJdsr0lurLtL+UMPHjw+JGBCIO733/b8OmCFZ7o287PMz
3Tv1XwH+QDIfrA/RodKfjJA/RFIhtKBU11ODswLQkKR8zWIaEsc+yv9a4aAtQk0r
XW2ydvdNEVOjRp9DvmD1khM4HEQKeLrGQ+qxwLht0EUxAvoshiHUvqNAmewp0Nt8
ZkfS7kMiC3POGAd5bXfXnxMU1ZxGZuu+QZhDja+Wrl8L/XDIyGxcemILCQvywPT7
1R9WWuYNL3goLv39OKXMnOD2DC1YU/FdGm2VCdEATdby3V6MNxCT1MxB5DoT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:04 2023 by rpki-client on console-ams.rpki-client.org