Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/oPMO7CRHIa-IA82chc3BTzOuSMA.roa
File: oPMO7CRHIa-IA82chc3BTzOuSMA.roa (raw, json)
Hash identifier: Stv6V45SMKGHeUW7hvpQSto+V2S+RlUnxf3YtDhHrHQ=
Subject key identifier: A0:F3:0E:EC:24:47:21:AF:88:03:CD:9C:85:CD:C1:4F:33:AE:48:C0
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 14806CB3
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/oPMO7CRHIa-IA82chc3BTzOuSMA.roa
Signing time: Mon 28 Mar 2022 15:26:17 +0000
ROA not before: Mon 28 Mar 2022 15:26:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35346
IP address blocks: 91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
91.242.112.0/21 maxlen: 24
194.114.144.0/24 maxlen: 25
45.67.116.0/24 maxlen: 24
91.242.64.0/18 maxlen: 24
2a07:5540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 343960755 (0x14806cb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 28 15:26:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0f30eec244721af8803cd9c85cdc14f33ae48c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:87:0d:c2:a5:24:5a:c5:c9:d0:a0:4c:28:9b:
bb:58:ea:3e:de:c4:d6:8e:d8:fe:83:26:7a:6b:aa:
73:95:3e:1b:fa:66:50:cc:7a:2b:67:c6:ef:48:4d:
56:4f:5d:55:0b:fe:6c:71:0e:5b:83:b8:58:2f:52:
11:d3:fe:54:0f:d6:c2:bc:60:8d:f8:22:e0:d7:2c:
6f:39:fb:b5:35:f1:cc:9b:c1:ec:a7:b7:f3:5e:46:
50:3a:d6:1f:fa:6e:f6:11:11:60:15:56:3d:e0:2f:
2a:22:81:f2:6e:f7:fd:2e:9f:15:29:8d:f2:88:57:
96:ca:3e:2a:05:93:dc:79:a2:6e:80:10:7c:80:51:
f2:b4:d4:98:b3:fc:36:74:b6:69:9c:68:21:f1:5e:
fc:5a:f4:c5:a4:65:40:69:e3:46:9e:f7:ae:2a:94:
a7:16:bc:22:0e:48:00:83:25:9e:5a:11:6a:39:53:
48:97:e2:07:36:8a:0a:42:34:94:bd:d4:21:70:9d:
b9:c5:ac:7f:d7:55:c7:70:98:b1:5a:e9:ba:35:52:
40:f5:38:85:3f:2e:23:55:57:01:57:8a:8e:74:fd:
e6:da:92:78:42:83:d1:ec:ba:01:a0:d4:8e:41:48:
69:a6:05:d7:04:51:8c:37:5f:4d:90:56:d8:2e:43:
a6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F3:0E:EC:24:47:21:AF:88:03:CD:9C:85:CD:C1:4F:33:AE:48:C0
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/oPMO7CRHIa-IA82chc3BTzOuSMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
194.114.144.0/24
IPv6:
2a07:5540::/29
Signature Algorithm: sha256WithRSAEncryption
59:8d:a5:ab:66:22:69:f9:78:49:40:a1:bd:9e:fa:99:99:86:
94:ef:be:99:ef:ef:fe:90:97:56:ed:60:71:b9:ec:4f:6c:ca:
26:a8:7a:54:49:05:da:18:ac:3b:2b:7a:50:62:67:e6:19:94:
b5:bd:73:de:33:1c:bc:6d:2d:14:fc:d6:eb:87:3f:35:19:69:
12:f1:40:68:9c:04:89:15:23:7b:cc:ac:ab:b9:2a:d2:7a:28:
70:d7:0a:84:05:e3:9b:08:4c:ed:83:75:8f:2d:73:2b:4f:8b:
ad:26:e5:99:d2:40:4d:41:a2:33:08:a2:15:80:63:4e:ab:b1:
97:0e:f5:8c:7b:00:75:ac:18:95:66:db:5d:f1:bb:ba:69:9a:
9c:a6:cd:b5:ea:96:59:6c:46:ab:af:b8:96:a8:70:23:7f:1f:
17:7b:36:1d:a8:ea:f1:43:ea:64:a1:8e:ca:04:3e:ca:dc:fc:
a6:98:0c:9b:42:3a:97:9b:01:b8:4d:39:15:de:67:89:d7:04:
c0:e7:d3:4d:63:c6:17:63:7e:74:0b:84:4e:80:54:50:ec:a5:
3d:9b:9d:89:9f:cd:9b:5d:20:2c:41:02:ae:22:32:6c:2f:4d:
a0:7c:e6:98:59:cc:0d:01:69:29:1f:47:db:e3:ca:37:52:05:
a7:a9:d3:52
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFIBsszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDMy
ODE1MjYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBmMzBlZWMyNDQ3
MjFhZjg4MDNjZDljODVjZGMxNGYzM2FlNDhjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+HDcKlJFrFydCgTCibu1jqPt7E1o7Y/oMmemuqc5U+G/pm
UMx6K2fG70hNVk9dVQv+bHEOW4O4WC9SEdP+VA/Wwrxgjfgi4Ncsbzn7tTXxzJvB
7Ke3815GUDrWH/pu9hERYBVWPeAvKiKB8m73/S6fFSmN8ohXlso+KgWT3HmiboAQ
fIBR8rTUmLP8NnS2aZxoIfFe/Fr0xaRlQGnjRp73riqUpxa8Ig5IAIMlnloRajlT
SJfiBzaKCkI0lL3UIXCducWsf9dVx3CYsVrpujVSQPU4hT8uI1VXAVeKjnT95tqS
eEKD0ey6AaDUjkFIaaYF1wRRjDdfTZBW2C5Dpv8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSg8w7sJEchr4gDzZyFzcFPM65IwDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L29QTU83Q1JISWEtSUE4MmNoYzNCVHpPdVNNQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAC1DdAMEBlvyQAMEAMJykDANBAIA
AjAHAwUDKgdVQDANBgkqhkiG9w0BAQsFAAOCAQEAWY2lq2Yiafl4SUChvZ76mZmG
lO++me/v/pCXVu1gcbnsT2zKJqh6VEkF2hisOyt6UGJn5hmUtb1z3jMcvG0tFPzW
64c/NRlpEvFAaJwEiRUje8ysq7kq0noocNcKhAXjmwhM7YN1jy1zK0+LrSblmdJA
TUGiMwiiFYBjTquxlw71jHsAdawYlWbbXfG7ummanKbNteqWWWxGq6+4lqhwI38f
F3s2Hajq8UPqZKGOygQ+ytz8ppgMm0I6l5sBuE05Fd5nidcEwOfTTWPGF2N+dAuE
ToBUUOylPZudiZ/Nm10gLEECriIybC9NoHzmmFnMDQFpKR9H2+PKN1IFp6nTUg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org