Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/O7yMqww2brwIO1TwSysPlM27fRw.roa
File: O7yMqww2brwIO1TwSysPlM27fRw.roa (raw, json)
Hash identifier: UElhR6qaW0j2u31H6gGJYVV7GtYk7R+9dWshGsVqwe8=
Subject key identifier: 3B:BC:8C:AB:0C:36:6E:BC:08:3B:54:F0:4B:2B:0F:94:CD:BB:7D:1C
Certificate issuer: /CN=56e3353d5f423ad4271c3261caa543140530bddb
Certificate serial: 01825ACC6E9BD0712029E4183286F940EC39
Authority key identifier: 56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/O7yMqww2brwIO1TwSysPlM27fRw.roa
Signing time: Mon 01 Aug 2022 19:05:23 +0000
ROA not before: Mon 01 Aug 2022 19:05:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34757
IP address blocks: 5.44.168.0/23 maxlen: 24
193.238.128.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5a:cc:6e:9b:d0:71:20:29:e4:18:32:86:f9:40:ec:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56e3353d5f423ad4271c3261caa543140530bddb
Validity
Not Before: Aug 1 19:05:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bbc8cab0c366ebc083b54f04b2b0f94cdbb7d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0d:5c:e6:5a:f1:f5:4a:c2:2a:22:40:a5:56:
a6:cd:be:5d:16:0f:8c:f7:22:78:3f:e2:32:04:10:
a8:b7:d2:c1:89:32:d2:49:7a:f0:5a:86:61:8d:5f:
44:f1:65:02:bb:2c:da:ab:a8:f3:40:1a:59:2d:ae:
f0:0c:4a:af:f4:fa:79:4e:35:4a:81:e0:6f:e0:7b:
b9:4f:d2:39:d7:f2:3e:79:52:9b:f3:26:89:a6:b3:
db:05:95:41:a8:cc:71:2a:83:c6:4f:a9:5a:72:4d:
49:ef:f3:e4:25:84:fa:87:98:55:1d:a9:d6:a5:9d:
d1:c9:37:fd:4f:8c:74:0f:f0:a7:bc:2a:fd:7a:a8:
b2:29:bb:a0:92:01:17:d9:3c:4e:85:d2:69:e0:49:
99:0e:60:39:5a:98:b3:9d:36:f5:30:b3:72:7b:4b:
56:d6:23:88:0d:81:3e:28:d8:62:62:3c:62:29:67:
26:e3:c2:50:1f:88:91:df:c1:67:90:26:e8:fd:eb:
02:1d:95:5a:16:bf:aa:06:a2:75:d0:b4:0c:d2:ce:
5e:d7:94:c7:57:3d:8e:91:af:0c:bf:d6:61:bf:31:
d9:68:0b:1b:78:6a:f5:fa:cb:24:b9:82:ff:9d:2d:
48:34:28:c3:1e:08:e7:52:79:ba:d2:8b:ec:6e:f4:
cf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BC:8C:AB:0C:36:6E:BC:08:3B:54:F0:4B:2B:0F:94:CD:BB:7D:1C
X509v3 Authority Key Identifier:
keyid:56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/O7yMqww2brwIO1TwSysPlM27fRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.168.0/23
193.238.128.0/22
Signature Algorithm: sha256WithRSAEncryption
51:04:65:ec:fd:7d:d3:85:ab:d6:b1:da:20:c7:9e:c0:0d:e3:
32:61:34:ba:26:69:af:9d:c0:43:32:cd:88:9a:aa:d3:b2:33:
04:f3:8e:3f:c3:3a:91:d9:a8:cc:bb:ea:db:b3:f8:f6:db:47:
bb:3b:36:66:fd:93:f5:30:2a:d3:30:d5:55:73:62:32:3a:ef:
59:68:5c:8d:fd:a1:f5:fa:d1:e4:6f:8d:60:2a:3c:6f:9f:e0:
f4:c1:aa:c8:fd:d7:c9:1f:56:10:ad:2b:f4:b5:27:d1:30:fc:
36:17:61:c2:51:a4:b0:70:f5:9a:8b:5d:47:d8:c2:cb:6a:73:
02:0f:0c:fd:ea:02:34:4b:4a:81:1f:e7:97:4c:40:22:52:1e:
aa:f2:9c:44:77:df:f1:ba:c7:67:b5:e9:dc:03:c0:6b:26:06:
e4:05:9b:f8:af:89:42:b5:44:c3:46:08:67:5b:b8:17:9d:c8:
41:fe:25:7d:2d:ab:44:5c:55:7d:9d:f2:09:21:af:aa:e8:41:
4b:20:b2:c4:aa:5c:0b:af:1b:ad:87:78:83:7c:eb:02:00:a6:
ff:05:96:e8:3f:ca:91:bf:fe:b0:05:da:d6:d1:31:89:35:72:
46:fb:26:55:ad:39:dc:bc:e3:98:52:5a:9a:06:19:2c:96:cf:
a2:6e:d3:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJazG6b0HEgKeQYMob5QOw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZTMzNTNkNWY0MjNhZDQyNzFjMzI2MWNhYTU0MzE0MDUz
MGJkZGIwHhcNMjIwODAxMTkwNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJjOGNhYjBjMzY2ZWJjMDgzYjU0ZjA0YjJiMGY5NGNkYmI3ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ1c5lrx9UrCKiJApVamzb5dFg+M
9yJ4P+IyBBCot9LBiTLSSXrwWoZhjV9E8WUCuyzaq6jzQBpZLa7wDEqv9Pp5TjVK
geBv4Hu5T9I51/I+eVKb8yaJprPbBZVBqMxxKoPGT6lack1J7/PkJYT6h5hVHanW
pZ3RyTf9T4x0D/CnvCr9eqiyKbugkgEX2TxOhdJp4EmZDmA5WpiznTb1MLNye0tW
1iOIDYE+KNhiYjxiKWcm48JQH4iR38FnkCbo/esCHZVaFr+qBqJ10LQM0s5e15TH
Vz2Oka8Mv9ZhvzHZaAsbeGr1+sskuYL/nS1INCjDHgjnUnm60ovsbvTPoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDu8jKsMNm68CDtU8EsrD5TNu30cMB8GA1UdIwQY
MBaAFFbjNT1fQjrUJxwyYcqlQxQFML3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTIt
ZTUyZGEzYjg2NzU0LzEvTzd5TXF3dzJicndJTzFUd1N5c1BsTTI3ZlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTItZTUyZGEzYjg2NzU0
LzEvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBSyoAwQC
we6AMA0GCSqGSIb3DQEBCwUAA4IBAQBRBGXs/X3ThavWsdogx57ADeMyYTS6Jmmv
ncBDMs2ImqrTsjME844/wzqR2ajMu+rbs/j220e7OzZm/ZP1MCrTMNVVc2IyOu9Z
aFyN/aH1+tHkb41gKjxvn+D0warI/dfJH1YQrSv0tSfRMPw2F2HCUaSwcPWai11H
2MLLanMCDwz96gI0S0qBH+eXTEAiUh6q8pxEd9/xusdntencA8BrJgbkBZv4r4lC
tUTDRghnW7gXnchB/iV9LatEXFV9nfIJIa+q6EFLILLEqlwLrxuth3iDfOsCAKb/
BZboP8qRv/6wBdrW0TGJNXJG+yZVrTncvOOYUlqaBhksls+ibtM+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:51 2024 by rpki-client on console-ams.rpki-client.org