Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/okYrYF9YwgJsp5ELwGvNV13jZI8.roa
File: okYrYF9YwgJsp5ELwGvNV13jZI8.roa (raw, json)
Hash identifier: 6BrUNOokRntR8ARXVObc5DVqRtGtbuOqNNt5D+YVdvY=
Subject key identifier: A2:46:2B:60:5F:58:C2:02:6C:A7:91:0B:C0:6B:CD:57:5D:E3:64:8F
Certificate issuer: /CN=344f5eb0efc517d6caaeb7c74a847f965c0e14d9
Certificate serial: 03DFC072
Authority key identifier: 34:4F:5E:B0:EF:C5:17:D6:CA:AE:B7:C7:4A:84:7F:96:5C:0E:14:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NE9esO_FF9bKrrfHSoR_llwOFNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/okYrYF9YwgJsp5ELwGvNV13jZI8.roa
Signing time: Sat 01 Jan 2022 11:58:38 +0000
ROA not before: Sat 01 Jan 2022 11:58:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201295
IP address blocks: 185.252.28.0/24 maxlen: 24
185.252.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64995442 (0x3dfc072)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=344f5eb0efc517d6caaeb7c74a847f965c0e14d9
Validity
Not Before: Jan 1 11:58:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2462b605f58c2026ca7910bc06bcd575de3648f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:77:f2:31:f7:39:af:9b:61:1a:6c:7e:3c:41:
24:2b:18:b8:ff:4c:9d:2f:f2:b0:f5:1c:49:fb:af:
da:56:82:f5:e4:fc:ad:48:74:8c:8c:0b:d9:d1:0b:
34:47:be:79:ad:36:b5:86:b8:ca:13:4e:ab:f8:01:
93:d7:3e:8f:82:20:31:9e:d1:d6:06:13:92:c7:24:
9e:2b:3b:1b:f6:bf:29:bb:3b:70:ba:a3:81:cc:60:
50:06:11:99:c0:09:1e:cd:51:dc:19:78:8b:9d:fa:
c2:e8:e9:3a:ba:62:1a:cd:77:bc:0a:76:10:81:d4:
54:26:92:a7:55:c9:84:5a:1b:26:6e:d1:ae:88:31:
0e:79:88:23:99:b0:12:08:ee:9c:98:12:0f:ae:ea:
14:54:dd:fb:1d:ec:b4:d3:b5:3a:07:71:a1:03:1d:
57:d0:a4:0e:43:aa:a0:bf:43:9a:76:81:f3:7b:ad:
b1:a5:e6:16:05:17:20:f4:00:7f:92:4d:59:b9:dc:
71:98:1f:4b:51:d1:fb:00:56:d5:3c:b3:b6:25:b5:
8f:e3:c5:5d:03:5c:83:80:95:75:7d:f8:af:0f:10:
1a:b0:d1:18:ce:de:8d:d7:c8:7a:fb:ab:c6:65:5b:
49:1e:12:b4:c2:1b:ec:fb:bb:51:28:53:f3:62:a6:
45:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:46:2B:60:5F:58:C2:02:6C:A7:91:0B:C0:6B:CD:57:5D:E3:64:8F
X509v3 Authority Key Identifier:
keyid:34:4F:5E:B0:EF:C5:17:D6:CA:AE:B7:C7:4A:84:7F:96:5C:0E:14:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NE9esO_FF9bKrrfHSoR_llwOFNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/okYrYF9YwgJsp5ELwGvNV13jZI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/NE9esO_FF9bKrrfHSoR_llwOFNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.28.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:a8:08:5d:3a:9e:f7:74:3a:58:27:ff:af:b0:0f:bc:02:a4:
d6:6a:2b:b2:e1:4f:e3:7a:ab:b1:ce:eb:16:27:31:a9:9d:13:
75:d6:36:10:eb:ab:fc:32:7c:79:a9:1e:1e:9f:01:c5:0f:f0:
a5:f1:c1:a3:37:88:2d:e1:1f:51:e1:99:66:4a:96:b7:e7:b8:
21:5f:ad:c5:15:33:58:0d:43:1a:fb:f9:74:ed:c2:ef:f8:5c:
84:c4:3a:83:ec:8a:1d:a2:34:38:2a:18:9d:c9:e5:51:4d:59:
95:cd:8d:2b:ad:35:eb:6f:ec:2c:77:e4:a7:21:ee:79:ed:6c:
e7:91:a6:df:38:3b:e6:18:91:71:67:72:f9:42:85:e8:ea:6e:
af:77:8d:65:23:44:22:cb:6a:ba:4d:c2:d2:b4:01:6d:11:d8:
c3:53:be:18:8c:4f:5a:20:92:e6:fa:af:60:29:fd:3e:c0:fe:
38:e6:bd:fc:83:53:13:db:78:bc:80:d6:53:13:72:10:6e:c7:
bd:ec:49:d4:c1:6b:be:10:5e:d4:e9:22:c7:88:82:31:f9:07:
76:20:03:fc:36:e2:86:52:17:e1:a7:5c:44:d2:b8:d5:a4:ed:
7b:8d:f4:bd:e3:a3:c2:2d:06:b5:2c:ee:99:41:15:a6:84:17:
c9:5c:bd:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9/AcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDRmNWViMGVmYzUxN2Q2Y2FhZWI3Yzc0YTg0N2Y5NjVjMGUxNGQ5MB4XDTIyMDEw
MTExNTgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI0NjJiNjA1ZjU4
YzIwMjZjYTc5MTBiYzA2YmNkNTc1ZGUzNjQ4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANt38jH3Oa+bYRpsfjxBJCsYuP9MnS/ysPUcSfuv2laC9eT8
rUh0jIwL2dELNEe+ea02tYa4yhNOq/gBk9c+j4IgMZ7R1gYTkscknis7G/a/Kbs7
cLqjgcxgUAYRmcAJHs1R3Bl4i536wujpOrpiGs13vAp2EIHUVCaSp1XJhFobJm7R
rogxDnmII5mwEgjunJgSD67qFFTd+x3stNO1OgdxoQMdV9CkDkOqoL9DmnaB83ut
saXmFgUXIPQAf5JNWbnccZgfS1HR+wBW1TyztiW1j+PFXQNcg4CVdX34rw8QGrDR
GM7ejdfIevurxmVbSR4StMIb7Pu7UShT82KmRRMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSiRitgX1jCAmynkQvAa81XXeNkjzAfBgNVHSMEGDAWgBQ0T16w78UX1squ
t8dKhH+WXA4U2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05FOWVzT19GRjliS3JyZkhTb1JfbGx3T0ZOay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvYjNmMmU0LTUxNzctNDhhZS05NTVlLTVkODE2YTgyYzI4My8x
L29rWXJZRjlZd2dKc3A1RUx3R3ZOVjEzalpJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
YjNmMmU0LTUxNzctNDhhZS05NTVlLTVkODE2YTgyYzI4My8xL05FOWVzT19GRjli
S3JyZkhTb1JfbGx3T0ZOay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbn8HDANBgkqhkiG9w0BAQsFAAOC
AQEATagIXTqe93Q6WCf/r7APvAKk1morsuFP43qrsc7rFicxqZ0TddY2EOur/DJ8
eakeHp8BxQ/wpfHBozeILeEfUeGZZkqWt+e4IV+txRUzWA1DGvv5dO3C7/hchMQ6
g+yKHaI0OCoYncnlUU1Zlc2NK60162/sLHfkpyHuee1s55Gm3zg75hiRcWdy+UKF
6Opur3eNZSNEIstquk3C0rQBbRHYw1O+GIxPWiCS5vqvYCn9PsD+OOa9/INTE9t4
vIDWUxNyEG7HvexJ1MFrvhBe1Okix4iCMfkHdiAD/DbihlIX4adcRNK41aTte430
veOjwi0GtSzumUEVpoQXyVy9+Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:01 2023 by rpki-client on console-ams.rpki-client.org