Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/M-ozd7LiaBB6mISXVTtox58ndgE.roa
File: M-ozd7LiaBB6mISXVTtox58ndgE.roa (raw, json)
Hash identifier: HHQxWRVwuHDLdNOcci6UApwEG85qFmIMKKrTfXZYL5k=
Subject key identifier: 33:EA:33:77:B2:E2:68:10:7A:98:84:97:55:3B:68:C7:9F:27:76:01
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01831EBD9145132B557820EDB8C89BC6F788
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/M-ozd7LiaBB6mISXVTtox58ndgE.roa
Signing time: Thu 08 Sep 2022 20:14:43 +0000
ROA not before: Thu 08 Sep 2022 20:14:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 194.15.96.0/22 maxlen: 24
188.209.128.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1e:bd:91:45:13:2b:55:78:20:ed:b8:c8:9b:c6:f7:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Sep 8 20:14:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33ea3377b2e268107a988497553b68c79f277601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a7:28:33:82:06:02:1f:a8:6e:75:a5:4b:8b:
09:ea:60:02:08:d7:69:dc:90:0a:5f:31:b7:1a:61:
cd:33:e1:0b:eb:f9:9e:0f:1d:bf:3c:5b:7b:7e:66:
31:c2:b4:19:0d:5c:73:4b:62:f8:76:83:66:4c:16:
01:da:ff:13:ff:aa:aa:f2:86:b0:41:74:d5:15:83:
d0:70:5d:16:e1:3f:88:d0:60:67:4e:07:21:7c:7a:
2c:23:6e:b3:58:a9:dd:21:8e:bc:90:a4:f9:b4:f8:
cf:63:76:85:cd:18:f5:b3:8d:21:19:91:a1:51:ca:
c9:a8:b8:e8:8b:68:6f:4f:04:d8:e6:b9:29:bd:07:
1d:01:71:dd:e0:99:33:a4:3c:e0:fc:fe:76:b7:38:
34:3e:e2:fc:e3:da:81:da:9f:78:9c:6a:bd:59:77:
e1:08:eb:cf:75:f5:92:82:9e:9e:06:81:6b:a5:d4:
b3:94:09:71:f1:74:c6:31:b9:b9:58:f9:ee:15:3e:
1a:57:a7:56:42:25:7d:3d:f1:c8:23:21:56:fe:73:
f2:e1:0f:d9:17:d6:2e:c0:35:9e:fd:b0:6e:8b:98:
b3:30:a8:c5:9f:21:01:82:22:ca:c2:27:e3:ca:10:
fc:dd:38:26:f3:7b:9c:f3:56:8d:97:b4:b0:11:55:
bb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:EA:33:77:B2:E2:68:10:7A:98:84:97:55:3B:68:C7:9F:27:76:01
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/M-ozd7LiaBB6mISXVTtox58ndgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
194.15.96.0/22
Signature Algorithm: sha256WithRSAEncryption
18:8c:8d:20:73:e0:23:b1:c6:3e:88:f9:fb:bd:59:50:cf:e9:
6f:2f:41:f7:ef:12:c9:2a:d1:2d:fc:b1:cf:bb:02:d3:c7:67:
7c:5d:06:75:a8:84:f4:1a:55:05:68:4c:ab:35:2a:bd:9a:f6:
29:17:9a:bf:2d:fd:7e:23:2b:65:48:ee:53:c0:88:68:4c:7e:
73:3d:e9:20:bf:e9:09:5f:63:09:7a:61:ef:4f:01:7c:ad:1b:
55:76:7f:d5:15:73:b0:9d:78:bc:70:c1:6f:a4:9c:aa:02:ca:
66:1a:f8:da:00:99:68:df:5f:21:a3:dd:3f:a6:7f:ba:dc:da:
87:95:83:16:c7:95:00:05:8f:63:77:3a:a5:74:19:bf:db:fe:
63:e0:fc:9c:b2:74:3c:24:62:af:62:d0:e0:dc:6e:74:d3:0f:
41:61:24:8a:d1:40:51:cb:4a:58:a0:72:1f:29:13:17:91:73:
54:f6:90:85:44:1e:d2:7f:79:d8:10:e1:a8:ec:9f:66:2f:ff:
83:af:d2:43:16:b8:32:d3:e1:46:c7:40:7d:1a:5d:55:99:a1:
62:30:78:4e:16:e5:5b:e0:eb:84:05:3f:e7:b2:e0:0d:41:f4:
10:07:cf:b4:9c:31:01:81:f4:fb:94:8b:c5:e9:75:90:40:0d:
5c:57:0c:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMevZFFEytVeCDtuMibxveIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjIwOTA4MjAxNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2VhMzM3N2IyZTI2ODEwN2E5ODg0OTc1NTNiNjhjNzlmMjc3NjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKcoM4IGAh+obnWlS4sJ6mACCNdp
3JAKXzG3GmHNM+EL6/meDx2/PFt7fmYxwrQZDVxzS2L4doNmTBYB2v8T/6qq8oaw
QXTVFYPQcF0W4T+I0GBnTgchfHosI26zWKndIY68kKT5tPjPY3aFzRj1s40hGZGh
UcrJqLjoi2hvTwTY5rkpvQcdAXHd4JkzpDzg/P52tzg0PuL849qB2p94nGq9WXfh
COvPdfWSgp6eBoFrpdSzlAlx8XTGMbm5WPnuFT4aV6dWQiV9PfHIIyFW/nPy4Q/Z
F9YuwDWe/bBui5izMKjFnyEBgiLKwifjyhD83Tgm83uc81aNl7SwEVW7iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDPqM3ey4mgQepiEl1U7aMefJ3YBMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTS1vemQ3TGlhQkI2bUlTWFZUdG94NThuZGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvNGAAwQC
wg9gMA0GCSqGSIb3DQEBCwUAA4IBAQAYjI0gc+AjscY+iPn7vVlQz+lvL0H37xLJ
KtEt/LHPuwLTx2d8XQZ1qIT0GlUFaEyrNSq9mvYpF5q/Lf1+IytlSO5TwIhoTH5z
Pekgv+kJX2MJemHvTwF8rRtVdn/VFXOwnXi8cMFvpJyqAspmGvjaAJlo318ho90/
pn+63NqHlYMWx5UABY9jdzqldBm/2/5j4PycsnQ8JGKvYtDg3G500w9BYSSK0UBR
y0pYoHIfKRMXkXNU9pCFRB7Sf3nYEOGo7J9mL/+Dr9JDFrgy0+FGx0B9Gl1VmaFi
MHhOFuVb4OuEBT/nsuANQfQQB8+0nDEBgfT7lIvF6XWQQA1cVwwn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org