Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/Oo8LspO10jftn-sVzy94jVF6rlI.roa
File: Oo8LspO10jftn-sVzy94jVF6rlI.roa (raw, json)
Hash identifier: 5tg377vScqUDZXPHCXDLP3sbP/GqWHYSayqmmZHgqUs=
Subject key identifier: 3A:8F:0B:B2:93:B5:D2:37:ED:9F:EB:15:CF:2F:78:8D:51:7A:AE:52
Certificate issuer: /CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Certificate serial: 05EAAC85
Authority key identifier: 01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/Oo8LspO10jftn-sVzy94jVF6rlI.roa
Signing time: Fri 29 Apr 2022 08:39:44 +0000
ROA not before: Fri 29 Apr 2022 08:39:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50369
IP address blocks: 195.200.86.0/23 maxlen: 23
89.46.168.0/22 maxlen: 22
89.46.172.0/22 maxlen: 22
185.135.64.0/24 maxlen: 24
194.150.216.0/23 maxlen: 23
185.135.66.0/23 maxlen: 23
185.135.65.0/24 maxlen: 24
188.241.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99265669 (0x5eaac85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Validity
Not Before: Apr 29 08:39:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a8f0bb293b5d237ed9feb15cf2f788d517aae52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:36:e0:76:ef:f4:5b:43:8b:94:9e:5d:90:87:
dc:53:e5:e8:06:af:52:0a:1c:aa:72:11:0f:be:25:
15:aa:f0:80:ee:1a:b5:96:27:4e:93:47:0e:f2:bf:
dc:66:bf:5e:c6:34:cd:c9:85:47:b7:21:51:81:f1:
ca:04:4e:e9:3b:cc:ca:fc:75:23:d8:8e:f8:25:68:
46:bb:28:2a:1a:e8:ec:b3:d7:e2:fd:b9:55:90:1e:
3e:ce:4c:16:bf:00:3b:d2:0d:cd:8a:e3:e8:0f:e0:
71:ae:48:49:d4:4b:35:c5:a4:8f:35:3f:d7:43:48:
9c:02:15:40:f4:5e:be:9e:27:e2:d1:a4:e9:4b:3b:
54:fb:85:b9:71:76:99:2d:e7:7c:ab:a0:31:78:3a:
b2:a0:d9:da:ac:25:85:4d:15:ff:20:12:0c:d0:c8:
f9:3c:97:86:08:a4:94:2b:55:96:97:aa:08:0e:ca:
fd:0a:03:df:26:ed:51:da:b5:bf:6f:80:7b:f9:b8:
d9:6a:15:27:bd:82:83:66:63:c1:42:b0:72:29:b0:
50:ee:29:ab:67:10:37:3c:9d:89:88:35:b2:3c:c7:
53:25:e8:b4:74:ac:9f:18:c3:37:a2:fd:4e:aa:c5:
b9:7f:dc:be:29:65:34:a3:0f:3c:79:5c:4f:62:15:
f9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8F:0B:B2:93:B5:D2:37:ED:9F:EB:15:CF:2F:78:8D:51:7A:AE:52
X509v3 Authority Key Identifier:
keyid:01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/Oo8LspO10jftn-sVzy94jVF6rlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/AUa0KfjElhH8_qHvoaUbnA7dtuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.168.0/21
185.135.64.0/22
188.241.210.0/24
194.150.216.0/23
195.200.86.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:2b:46:ca:f2:2b:81:3d:ab:68:64:5d:c8:fc:9a:81:08:6a:
22:78:29:a7:d1:f0:87:07:9c:e6:55:04:a0:de:e6:85:aa:38:
a7:e2:79:ea:61:84:3c:ef:f9:a3:6a:a3:fe:5e:89:af:89:54:
1e:1d:48:1d:99:81:5a:4e:c5:fc:4f:3d:46:c0:f2:f8:55:66:
39:d5:17:10:91:f3:3f:b8:7b:80:7a:88:10:4c:fb:95:36:79:
5f:ca:66:b9:aa:3c:60:84:9e:ae:ed:bc:dd:cc:1d:e9:32:ae:
de:c8:79:16:af:de:33:68:d5:57:db:39:df:bc:1b:1f:f9:89:
49:29:5e:cf:8c:04:ff:90:8e:46:ad:99:2c:32:dc:07:37:49:
90:84:53:39:6e:4c:3d:aa:de:71:8b:32:67:c4:69:41:66:44:
17:77:cd:9c:c4:7c:8d:4c:60:60:63:fc:49:6d:e9:6e:80:e0:
c8:2d:13:33:4a:3f:d6:55:65:8f:70:4a:52:34:40:e1:fe:3e:
eb:45:bc:c6:d0:d2:6c:b2:d2:97:99:2c:31:16:90:e3:ac:4f:
3c:d9:dc:68:92:ce:fd:21:7b:22:64:35:39:a6:31:5d:d6:f2:
ff:72:6d:58:5b:33:95:3b:67:f3:2b:68:61:c5:88:c3:1d:f8:
d8:f7:e4:31
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBeqshTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTQ2YjQyOWY4YzQ5NjExZmNmZWExZWZhMWE1MWI5YzBlZGRiNmU3MB4XDTIyMDQy
OTA4Mzk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E4ZjBiYjI5M2I1
ZDIzN2VkOWZlYjE1Y2YyZjc4OGQ1MTdhYWU1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKk24Hbv9FtDi5SeXZCH3FPl6AavUgocqnIRD74lFarwgO4a
tZYnTpNHDvK/3Ga/XsY0zcmFR7chUYHxygRO6TvMyvx1I9iO+CVoRrsoKhro7LPX
4v25VZAePs5MFr8AO9INzYrj6A/gca5ISdRLNcWkjzU/10NInAIVQPRevp4n4tGk
6Us7VPuFuXF2mS3nfKugMXg6sqDZ2qwlhU0V/yASDNDI+TyXhgiklCtVlpeqCA7K
/QoD3ybtUdq1v2+Ae/m42WoVJ72Cg2ZjwUKwcimwUO4pq2cQNzydiYg1sjzHUyXo
tHSsnxjDN6L9TqrFuX/cvillNKMPPHlcT2IV+Y8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQ6jwuyk7XSN+2f6xXPL3iNUXquUjAfBgNVHSMEGDAWgBQBRrQp+MSWEfz+
oe+hpRucDt225zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FVYTBLZmpFbGhIOF9xSHZvYVVibkE3ZHR1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvZTVlMzc5LTY1NmQtNDYyMi1hN2JjLWVhMjZlNzQ2YTBhZC8x
L09vOExzcE8xMGpmdG4tc1Z6eTk0alZGNnJsSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
ZTVlMzc5LTY1NmQtNDYyMi1hN2JjLWVhMjZlNzQ2YTBhZC8xL0FVYTBLZmpFbGhI
OF9xSHZvYVVibkE3ZHR1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEA1kuqAMEArmHQAMEALzx0gMEAcKW
2AMEAcPIVjANBgkqhkiG9w0BAQsFAAOCAQEATitGyvIrgT2raGRdyPyagQhqIngp
p9Hwhwec5lUEoN7mhao4p+J56mGEPO/5o2qj/l6Jr4lUHh1IHZmBWk7F/E89RsDy
+FVmOdUXEJHzP7h7gHqIEEz7lTZ5X8pmuao8YISeru283cwd6TKu3sh5Fq/eM2jV
V9s537wbH/mJSSlez4wE/5CORq2ZLDLcBzdJkIRTOW5MParecYsyZ8RpQWZEF3fN
nMR8jUxgYGP8SW3pboDgyC0TM0o/1lVlj3BKUjRA4f4+60W8xtDSbLLSl5ksMRaQ
46xPPNncaJLO/SF7ImQ1OaYxXdby/3JtWFszlTtn8ytoYcWIwx342PfkMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:58 2024 by rpki-client on console-ams.rpki-client.org