Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/OzHx0JDUII9li-b1dpqxfN3brgE.roa
File: OzHx0JDUII9li-b1dpqxfN3brgE.roa (raw, json)
Hash identifier: SWAkMPUmQ45NvhFeQNiXmiqVyZfxAj0nJ4a/adU5PSo=
Subject key identifier: 3B:31:F1:D0:90:D4:20:8F:65:8B:E6:F5:76:9A:B1:7C:DD:DB:AE:01
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0B88FF6E
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/OzHx0JDUII9li-b1dpqxfN3brgE.roa
Signing time: Tue 07 Jun 2022 10:38:02 +0000
ROA not before: Tue 07 Jun 2022 10:38:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15611
IP address blocks: 213.176.96.0/24 maxlen: 24
213.176.4.0/24 maxlen: 24
213.176.5.0/24 maxlen: 24
62.60.136.0/24 maxlen: 24
62.60.137.0/24 maxlen: 24
62.60.139.0/24 maxlen: 24
62.60.140.0/24 maxlen: 24
62.60.143.0/24 maxlen: 24
62.60.141.0/24 maxlen: 24
62.60.142.0/24 maxlen: 24
62.60.145.0/24 maxlen: 24
213.176.124.0/24 maxlen: 24
213.176.125.0/24 maxlen: 24
213.176.122.0/24 maxlen: 24
213.176.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193527662 (0xb88ff6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jun 7 10:38:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b31f1d090d4208f658be6f5769ab17cdddbae01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:60:4d:9d:31:b5:d8:ea:7a:a2:96:0f:18:4e:
ca:d3:d1:b6:07:c8:9a:1f:51:8e:a7:9c:46:77:d0:
97:72:82:c1:e2:43:a9:30:ac:01:62:46:43:86:af:
99:58:d8:ff:5c:73:a4:c7:ac:68:8a:b9:02:57:1b:
9a:44:2f:2f:d4:b8:90:77:b3:50:61:b2:67:60:f1:
d9:c4:82:91:c7:cb:10:d5:8f:53:4e:a7:9d:8f:35:
c6:c9:c1:34:7f:0f:c2:0e:6e:33:2e:14:6c:60:bf:
f8:72:17:f2:c5:b5:d4:16:ed:0d:ea:f0:4d:9e:41:
c0:00:fd:96:0c:93:cd:ce:f4:68:af:e6:ed:83:32:
a4:7c:6c:98:41:b0:94:24:70:2e:4b:9f:78:62:5a:
71:b5:aa:e6:85:1f:bf:a7:c9:8c:f5:8b:06:fc:a7:
d5:85:9c:58:02:19:58:f0:34:1c:d1:5b:91:8e:b5:
7f:55:87:2a:07:76:9e:4e:db:60:a6:12:bc:99:a4:
b0:d5:42:61:2f:ea:59:eb:56:04:3f:67:f8:b9:1d:
bd:19:3d:20:71:7f:fd:1d:f2:5b:90:c1:69:89:dd:
9f:08:b2:3f:b9:61:a6:f9:97:fc:04:88:7b:82:78:
30:22:13:52:21:e6:2a:82:7e:8f:70:04:bc:30:fb:
e0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:31:F1:D0:90:D4:20:8F:65:8B:E6:F5:76:9A:B1:7C:DD:DB:AE:01
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/OzHx0JDUII9li-b1dpqxfN3brgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.136.0/23
62.60.139.0-62.60.143.255
62.60.145.0/24
213.176.4.0/23
213.176.96.0/24
213.176.122.0-213.176.125.255
Signature Algorithm: sha256WithRSAEncryption
a2:00:f2:82:63:95:1b:e7:66:30:67:17:c1:85:a8:45:6a:cf:
62:cf:9d:af:5b:1b:a8:3a:0a:7c:81:34:fa:f6:4f:43:78:78:
c1:80:1c:65:bc:35:a5:9f:d9:60:0f:13:fa:7e:a8:6e:91:c7:
f3:03:b1:dd:7b:1e:82:64:44:69:c3:0b:81:a0:b6:d8:5c:d8:
96:f3:1a:ee:8e:2b:dd:64:74:28:2c:49:c1:05:3b:38:67:a8:
ee:a3:cf:7e:6c:45:bb:aa:40:24:62:29:c1:a4:58:3b:2b:11:
b7:6a:f0:5a:18:77:6c:ef:7a:a9:e5:e8:d0:40:11:15:58:fb:
c5:98:b4:c6:09:ac:cb:93:e1:59:d6:f4:76:d3:4e:89:7e:f8:
65:cb:e3:db:be:7a:b7:ce:48:e4:28:c8:2e:aa:aa:fc:17:db:
95:4e:e5:f7:11:8f:ff:6d:4f:29:65:a3:59:ae:5c:d9:f1:ec:
03:7f:c9:19:32:ea:ff:de:2d:24:87:e5:ad:22:d2:38:e3:d7:
1e:f6:5c:f8:75:54:29:39:27:73:a9:9f:53:32:28:42:86:e7:
ed:aa:1d:61:da:a2:55:db:21:4c:d3:d0:c3:9b:05:cc:ef:4c:
a2:4c:7d:77:10:83:5e:8a:8b:f4:60:30:39:04:6c:e3:8b:bf:
f7:b2:d7:42
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEC4j/bjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2MxODUyN2UzYTIwNmFmMjg0MjAyOGQ5NWFlYzQxMzM4ZThkYWY4MB4XDTIyMDYw
NzEwMzgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2IzMWYxZDA5MGQ0
MjA4ZjY1OGJlNmY1NzY5YWIxN2NkZGRiYWUwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPNgTZ0xtdjqeqKWDxhOytPRtgfImh9RjqecRnfQl3KCweJD
qTCsAWJGQ4avmVjY/1xzpMesaIq5AlcbmkQvL9S4kHezUGGyZ2Dx2cSCkcfLENWP
U06nnY81xsnBNH8Pwg5uMy4UbGC/+HIX8sW11BbtDerwTZ5BwAD9lgyTzc70aK/m
7YMypHxsmEGwlCRwLkufeGJacbWq5oUfv6fJjPWLBvyn1YWcWAIZWPA0HNFbkY61
f1WHKgd2nk7bYKYSvJmksNVCYS/qWetWBD9n+LkdvRk9IHF//R3yW5DBaYndnwiy
P7lhpvmX/ASIe4J4MCITUiHmKoJ+j3AEvDD74OUCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBQ7MfHQkNQgj2WL5vV2mrF83duuATAfBgNVHSMEGDAWgBTDwYUn46IGryhC
Ao2VrsQTOOja+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c4R0ZKLU9pQnE4b1FnS05sYTdFRXpqbzJ2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvMTMzOWRmLThlMDYtNDFkZS05NGYzLTBjYmEzM2VmYzViYi8x
L096SHgwSkRVSUk5bGktYjFkcHF4Zk4zYnJnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
MTMzOWRmLThlMDYtNDFkZS05NGYzLTBjYmEzM2VmYzViYi8xL3c4R0ZKLU9pQnE4
b1FnS05sYTdFRXpqbzJ2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAT48iDAMAwQAPjyLAwQEPjyAAwQA
PjyRAwQB1bAEAwQA1bBgMAwDBAHVsHoDBAHVsHwwDQYJKoZIhvcNAQELBQADggEB
AKIA8oJjlRvnZjBnF8GFqEVqz2LPna9bG6g6CnyBNPr2T0N4eMGAHGW8NaWf2WAP
E/p+qG6Rx/MDsd17HoJkRGnDC4Ggtthc2JbzGu6OK91kdCgsScEFOzhnqO6jz35s
RbuqQCRiKcGkWDsrEbdq8FoYd2zveqnl6NBAERVY+8WYtMYJrMuT4VnW9HbTTol+
+GXL49u+erfOSOQoyC6qqvwX25VO5fcRj/9tTyllo1muXNnx7AN/yRky6v/eLSSH
5a0i0jjj1x72XPh1VCk5J3Opn1MyKEKG5+2qHWHaolXbIUzT0MObBczvTKJMfXcQ
g16Ki/RgMDkEbOOLv/ey10I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org