Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/Ol3Ui20SaSCNaBc1DXpMV26OyTU.roa
File: Ol3Ui20SaSCNaBc1DXpMV26OyTU.roa (raw, json)
Hash identifier: qpG1f9VorNpy+e9f1FFi5Fyby4tihJw6johi6jrh/rY=
Subject key identifier: 3A:5D:D4:8B:6D:12:69:20:8D:68:17:35:0D:7A:4C:57:6E:8E:C9:35
Certificate issuer: /CN=d6fbd9ed504eef659ecfc919a195cd2a803b60a7
Certificate serial: 0D4045FE
Authority key identifier: D6:FB:D9:ED:50:4E:EF:65:9E:CF:C9:19:A1:95:CD:2A:80:3B:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1vvZ7VBO72Wez8kZoZXNKoA7YKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/Ol3Ui20SaSCNaBc1DXpMV26OyTU.roa
Signing time: Sat 01 Jan 2022 15:57:37 +0000
ROA not before: Sat 01 Jan 2022 15:57:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205169
IP address blocks: 185.227.238.0/24 maxlen: 24
185.227.239.0/24 maxlen: 24
185.227.236.0/24 maxlen: 24
185.227.237.0/24 maxlen: 24
2a0c:d600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 222316030 (0xd4045fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6fbd9ed504eef659ecfc919a195cd2a803b60a7
Validity
Not Before: Jan 1 15:57:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a5dd48b6d1269208d6817350d7a4c576e8ec935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:66:94:06:78:1a:41:82:45:da:6d:b9:55:a1:
52:f5:8e:51:7d:5e:a1:4e:33:9a:2b:5c:9e:06:ad:
2d:92:3c:64:30:57:16:08:8b:92:bc:25:cf:b9:20:
0d:86:c1:1b:18:0d:2f:c1:9f:ea:f3:5b:61:a0:c7:
d5:dc:01:10:2b:50:1b:1d:92:3d:fb:04:8b:6a:b3:
ed:6c:87:4e:50:c9:b2:69:ac:59:1c:7b:be:40:46:
9c:fe:f9:c5:8d:f2:1f:ac:e1:e6:1f:31:df:57:07:
98:de:81:6a:61:b8:a5:3e:0b:53:18:38:b7:9e:e6:
25:6c:bf:14:7a:75:2a:e1:2a:b0:af:b8:f0:19:15:
0b:41:11:64:b3:85:31:5b:92:c9:31:96:6a:b9:92:
0d:e8:ff:64:dd:e3:90:05:22:1a:52:ee:cb:51:21:
c0:d3:8d:02:63:70:5e:f5:ed:a8:4e:6c:85:29:b3:
3f:c0:42:73:04:9b:81:0f:18:fb:88:da:8f:bb:8b:
46:38:ab:be:c7:45:2e:82:04:cd:76:ca:16:fa:a1:
0d:32:64:c4:d3:c2:fd:1b:72:27:d6:34:45:a1:9e:
ec:9e:93:10:7a:02:4a:43:85:8d:5d:67:72:ce:fd:
ed:79:60:cb:94:ee:f1:60:f7:b1:8d:66:af:6f:97:
30:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5D:D4:8B:6D:12:69:20:8D:68:17:35:0D:7A:4C:57:6E:8E:C9:35
X509v3 Authority Key Identifier:
keyid:D6:FB:D9:ED:50:4E:EF:65:9E:CF:C9:19:A1:95:CD:2A:80:3B:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1vvZ7VBO72Wez8kZoZXNKoA7YKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/Ol3Ui20SaSCNaBc1DXpMV26OyTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/1vvZ7VBO72Wez8kZoZXNKoA7YKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.236.0/22
IPv6:
2a0c:d600::/29
Signature Algorithm: sha256WithRSAEncryption
b8:0a:5c:a3:e8:42:78:d3:d4:6e:17:7f:6d:02:bc:e0:bd:39:
c0:f8:07:ae:9d:4d:3e:ea:5d:5b:e7:2d:f0:ee:b9:75:d6:ab:
5d:aa:d6:f5:8b:b2:49:e2:9a:e2:45:e3:66:94:d7:60:71:f8:
76:cb:e4:97:74:cb:6e:4d:82:24:2f:5e:41:2b:6a:69:4b:17:
a5:cf:7b:5c:59:6a:a1:bb:e4:5d:d8:9a:e0:84:3b:11:0d:ee:
9f:cd:fc:40:78:22:48:b7:58:04:ba:68:5e:c1:f2:4c:0d:8a:
32:a5:cc:89:47:c4:92:fc:1c:99:8c:4d:ba:bd:bb:01:54:f7:
48:8c:6c:c5:1b:b6:9e:b5:c4:16:2d:3d:52:09:af:62:4c:6e:
c8:3e:a8:0a:93:6f:6f:b9:13:f9:4c:10:37:73:f2:2b:d2:fc:
52:36:cf:e9:39:56:5d:c0:f7:98:62:e1:63:ef:dd:6e:a3:93:
1a:db:4d:3e:d3:b7:0b:c2:41:7a:de:3e:df:21:0f:3d:b4:d7:
74:8a:a3:d5:64:75:d6:b9:ce:18:12:df:a3:6e:4e:f9:12:cc:
0b:4a:e6:02:e7:f6:3c:d8:be:48:02:9a:33:6b:32:c4:4e:1a:
26:e2:7e:2f:41:5e:93:60:84:16:9d:8b:20:dd:48:14:2f:05:
2d:d5:56:88
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDUBF/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NmZiZDllZDUwNGVlZjY1OWVjZmM5MTlhMTk1Y2QyYTgwM2I2MGE3MB4XDTIyMDEw
MTE1NTczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E1ZGQ0OGI2ZDEy
NjkyMDhkNjgxNzM1MGQ3YTRjNTc2ZThlYzkzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZmlAZ4GkGCRdptuVWhUvWOUX1eoU4zmitcngatLZI8ZDBX
FgiLkrwlz7kgDYbBGxgNL8Gf6vNbYaDH1dwBECtQGx2SPfsEi2qz7WyHTlDJsmms
WRx7vkBGnP75xY3yH6zh5h8x31cHmN6BamG4pT4LUxg4t57mJWy/FHp1KuEqsK+4
8BkVC0ERZLOFMVuSyTGWarmSDej/ZN3jkAUiGlLuy1EhwNONAmNwXvXtqE5shSmz
P8BCcwSbgQ8Y+4jaj7uLRjirvsdFLoIEzXbKFvqhDTJkxNPC/RtyJ9Y0RaGe7J6T
EHoCSkOFjV1ncs797Xlgy5Tu8WD3sY1mr2+XMEMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ6XdSLbRJpII1oFzUNekxXbo7JNTAfBgNVHSMEGDAWgBTW+9ntUE7vZZ7P
yRmhlc0qgDtgpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzF2dlo3VkJPNzJXZXo4a1pvWlhOS29BN1lLYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvNGE1ODVhLWYwZjAtNDk4Ny1hZTAzLWFjY2NhZTY5MGU3NS8x
L09sM1VpMjBTYVNDTmFCYzFEWHBNVjI2T3lUVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
NGE1ODVhLWYwZjAtNDk4Ny1hZTAzLWFjY2NhZTY5MGU3NS8xLzF2dlo3VkJPNzJX
ZXo4a1pvWlhOS29BN1lLYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnj7DANBAIAAjAHAwUDKgzWADAN
BgkqhkiG9w0BAQsFAAOCAQEAuApco+hCeNPUbhd/bQK84L05wPgHrp1NPupdW+ct
8O65ddarXarW9YuySeKa4kXjZpTXYHH4dsvkl3TLbk2CJC9eQStqaUsXpc97XFlq
obvkXdia4IQ7EQ3un838QHgiSLdYBLpoXsHyTA2KMqXMiUfEkvwcmYxNur27AVT3
SIxsxRu2nrXEFi09UgmvYkxuyD6oCpNvb7kT+UwQN3PyK9L8UjbP6TlWXcD3mGLh
Y+/dbqOTGttNPtO3C8JBet4+3yEPPbTXdIqj1WR11rnOGBLfo25O+RLMC0rmAuf2
PNi+SAKaM2syxE4aJuJ+L0Fek2CEFp2LIN1IFC8FLdVWiA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-fra.rpki-client.org