Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/O8ePvgVDQ5Ah01mZOOHJVa4iTGQ.roa
File: O8ePvgVDQ5Ah01mZOOHJVa4iTGQ.roa (raw, json)
Hash identifier: TL8sODPnfPtXoduhccEzSyWkOhHfdrcpzfNa4KQkdDE=
Subject key identifier: 3B:C7:8F:BE:05:43:43:90:21:D3:59:99:38:E1:C9:55:AE:22:4C:64
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0182348BF3B3E23613EEBD5B3FDB1F9DEBDA
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/O8ePvgVDQ5Ah01mZOOHJVa4iTGQ.roa
Signing time: Mon 25 Jul 2022 08:49:23 +0000
ROA not before: Mon 25 Jul 2022 08:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 159.148.246.0/23 maxlen: 23
85.254.178.0/23 maxlen: 23
85.254.174.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.80.0/22 maxlen: 22
85.254.104.0/21 maxlen: 21
85.254.122.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:34:8b:f3:b3:e2:36:13:ee:bd:5b:3f:db:1f:9d:eb:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jul 25 08:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bc78fbe0543439021d3599938e1c955ae224c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0f:89:50:2a:99:0b:96:42:4a:fe:9a:3e:dd:
b7:6c:8d:f3:a5:03:90:60:06:c9:2f:6f:39:ae:c1:
c0:f2:6c:c5:69:97:48:f6:a2:b8:94:95:91:1b:eb:
f7:a7:9f:80:77:48:00:66:66:5e:06:be:bf:e6:02:
c6:8d:c1:63:50:d4:89:de:16:70:fe:d2:bd:8d:4a:
61:25:c2:85:7f:6d:66:50:2f:5c:34:e2:b2:f0:7a:
f5:1a:3d:96:b9:81:2d:6b:56:09:85:7d:47:87:b9:
ab:c5:59:08:14:49:4a:24:39:dc:a6:89:72:ab:e0:
65:1c:31:2d:38:37:9c:d0:39:d3:1c:e9:c8:23:a8:
9f:b5:1a:0e:bf:13:65:29:48:f1:79:15:6e:4c:1e:
3f:1b:fd:36:73:6f:70:b9:f4:8f:59:74:7b:cd:de:
99:d2:85:27:c8:c0:1f:86:31:fd:d7:ca:b6:1b:83:
ea:10:4d:7b:f5:b4:fe:b8:ee:1b:cc:18:b7:6a:bd:
64:61:5d:2d:7a:3e:73:ec:77:c6:cb:45:a2:ca:ea:
6d:cb:c6:65:4c:5e:eb:20:b8:b1:80:60:93:6c:92:
d6:5e:62:6a:72:7f:75:ed:b3:dc:6b:af:25:0e:40:
0d:4f:98:28:6a:73:d3:f0:30:a0:12:58:68:e8:fe:
b1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C7:8F:BE:05:43:43:90:21:D3:59:99:38:E1:C9:55:AE:22:4C:64
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/O8ePvgVDQ5Ah01mZOOHJVa4iTGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.76.0-85.254.83.255
85.254.104.0/21
85.254.122.0/23
85.254.174.0/23
85.254.178.0-85.254.181.255
159.148.246.0/23
Signature Algorithm: sha256WithRSAEncryption
45:f5:30:5f:27:35:65:f5:e1:3b:a8:67:39:7b:32:88:cb:d0:
0d:68:70:dd:c3:2b:f9:3d:fe:0f:4c:99:6f:dc:d1:54:8a:c8:
52:4d:9c:4e:2b:46:dc:11:16:8b:bb:f7:22:e4:9c:76:e8:48:
ef:36:da:85:d0:d0:3e:1c:9e:46:94:89:c6:39:56:02:b0:b9:
99:3e:bc:6b:fc:7c:1d:86:13:98:2c:cd:75:7c:65:4e:0e:53:
d9:3b:2f:e7:70:6b:67:a9:05:7e:a9:d9:2c:c9:75:c9:2c:05:
8a:6b:6c:d1:d8:47:dc:8b:99:2a:53:d7:b4:93:18:40:b0:1e:
db:1d:5e:2f:80:7d:0d:68:c4:1d:c8:aa:8e:48:03:6e:a4:86:
17:fb:2c:10:cb:be:96:d5:ed:f2:d9:e3:1c:54:d2:72:fe:35:
91:19:a6:ce:61:e1:52:f6:c7:52:34:25:19:f1:61:fe:b9:cd:
49:87:54:1e:f4:56:13:a2:74:17:16:04:60:fd:2c:9d:e8:89:
62:2a:81:dd:f1:d0:b3:46:9a:9d:ba:e5:12:52:59:9c:e3:01:
c6:68:f2:63:a0:a4:65:f8:98:e2:fb:a3:29:9f:5d:8e:6b:db:
a5:94:0e:ad:ef:f9:36:9f:4e:73:37:2d:cd:d8:1b:de:f6:c8:
0e:e3:69:90
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYI0i/Oz4jYT7r1bP9sfnevaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIwNzI1MDg0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM3OGZiZTA1NDM0MzkwMjFkMzU5OTkzOGUxYzk1NWFlMjI0YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA+JUCqZC5ZCSv6aPt23bI3zpQOQ
YAbJL285rsHA8mzFaZdI9qK4lJWRG+v3p5+Ad0gAZmZeBr6/5gLGjcFjUNSJ3hZw
/tK9jUphJcKFf21mUC9cNOKy8Hr1Gj2WuYEta1YJhX1Hh7mrxVkIFElKJDncpoly
q+BlHDEtODec0DnTHOnII6iftRoOvxNlKUjxeRVuTB4/G/02c29wufSPWXR7zd6Z
0oUnyMAfhjH918q2G4PqEE179bT+uO4bzBi3ar1kYV0tej5z7HfGy0Wiyupty8Zl
TF7rILixgGCTbJLWXmJqcn917bPca68lDkANT5goanPT8DCgElho6P6xuwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDvHj74FQ0OQIdNZmTjhyVWuIkxkMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTzhlUHZnVkRRNUFoMDFtWk9PSEpWYTRpVEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAJV/kwD
BAJV/lADBANV/mgDBAFV/noDBAFV/q4wDAMEAVX+sgMEAVX+tAMEAZ+U9jANBgkq
hkiG9w0BAQsFAAOCAQEARfUwXyc1ZfXhO6hnOXsyiMvQDWhw3cMr+T3+D0yZb9zR
VIrIUk2cTitG3BEWi7v3IuScduhI7zbahdDQPhyeRpSJxjlWArC5mT68a/x8HYYT
mCzNdXxlTg5T2Tsv53BrZ6kFfqnZLMl1ySwFimts0dhH3IuZKlPXtJMYQLAe2x1e
L4B9DWjEHciqjkgDbqSGF/ssEMu+ltXt8tnjHFTScv41kRmmzmHhUvbHUjQlGfFh
/rnNSYdUHvRWE6J0FxYEYP0sneiJYiqB3fHQs0aanbrlElJZnOMBxmjyY6CkZfiY
4vujKZ9djmvbpZQOre/5Np9Oczctzdgb3vbIDuNpkA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org