Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/Oj8s0EzkqWGnc5sqY7bdFvvOpvc.roa
File: Oj8s0EzkqWGnc5sqY7bdFvvOpvc.roa (raw, json)
Hash identifier: xYtv3XNDWWtpVVUEILBA3GmOYH+dML9XT8F96fFyO7g=
Subject key identifier: 3A:3F:2C:D0:4C:E4:A9:61:A7:73:9B:2A:63:B6:DD:16:FB:CE:A6:F7
Certificate issuer: /CN=d18647005fa8b06e47ee2efbfdedc97a0c7755f8
Certificate serial: 0A8D3E88
Authority key identifier: D1:86:47:00:5F:A8:B0:6E:47:EE:2E:FB:FD:ED:C9:7A:0C:77:55:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YZHAF-osG5H7i77_e3Jegx3Vfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/Oj8s0EzkqWGnc5sqY7bdFvvOpvc.roa
Signing time: Sat 01 Jan 2022 15:01:57 +0000
ROA not before: Sat 01 Jan 2022 15:01:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205206
IP address blocks: 91.207.214.0/23 maxlen: 24
193.29.201.0/24 maxlen: 24
185.224.16.0/22 maxlen: 24
2a0c:cc00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177028744 (0xa8d3e88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d18647005fa8b06e47ee2efbfdedc97a0c7755f8
Validity
Not Before: Jan 1 15:01:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a3f2cd04ce4a961a7739b2a63b6dd16fbcea6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:09:31:0e:0f:33:af:ab:3c:a1:63:72:a1:0e:
9f:59:76:76:83:85:1d:26:1d:6f:4f:31:e0:bc:83:
39:ea:0a:85:92:b0:f6:28:2f:ac:aa:af:03:b1:24:
51:b7:ab:3a:b8:d0:0f:c8:c0:dd:87:a9:51:7a:96:
b1:f7:b8:fb:a9:6c:e4:a3:bf:0b:3c:8e:2a:3b:29:
a0:93:bb:0f:f2:17:e9:f6:c9:1b:d7:59:31:01:a6:
50:a3:ad:94:cc:7d:2e:37:20:b7:25:b6:b6:20:5a:
c0:59:24:e2:06:58:51:eb:46:51:5a:e6:e9:e9:37:
d9:bd:a4:e7:97:08:42:7e:05:be:be:a8:4b:65:0a:
b2:4c:bb:af:8e:ca:c0:6b:03:90:ae:e7:fa:4d:92:
b3:6b:52:2f:c6:c0:a2:8a:e1:23:c3:35:1a:87:4c:
cd:e3:ab:92:21:71:7f:cb:8e:25:a8:d4:22:c2:65:
bc:70:8c:23:f9:94:2e:64:56:b6:38:d2:6c:2b:9d:
23:db:57:6d:07:d9:1e:65:46:0f:0f:fb:55:b4:c6:
48:48:b5:22:bc:6d:e3:61:31:5f:90:c5:0e:5e:03:
30:e4:eb:97:78:48:82:c1:38:c6:08:7b:ca:90:79:
dc:17:1b:77:5c:8c:57:75:9a:07:ba:9b:0f:3e:d7:
e8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3F:2C:D0:4C:E4:A9:61:A7:73:9B:2A:63:B6:DD:16:FB:CE:A6:F7
X509v3 Authority Key Identifier:
keyid:D1:86:47:00:5F:A8:B0:6E:47:EE:2E:FB:FD:ED:C9:7A:0C:77:55:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YZHAF-osG5H7i77_e3Jegx3Vfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/Oj8s0EzkqWGnc5sqY7bdFvvOpvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/0YZHAF-osG5H7i77_e3Jegx3Vfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.214.0/23
185.224.16.0/22
193.29.201.0/24
IPv6:
2a0c:cc00::/32
Signature Algorithm: sha256WithRSAEncryption
a2:a4:ad:ad:82:9d:a4:7a:25:76:ed:12:ba:72:55:27:da:5b:
4b:a3:ca:28:8a:d7:66:92:e8:ee:22:1c:b2:19:d6:d2:8d:70:
28:49:98:bb:7a:a3:e9:5b:fe:1c:f6:f3:78:1b:64:4b:32:a3:
bf:89:b3:bd:6e:53:04:23:7e:c8:a1:5a:fa:6c:b8:68:a6:f7:
b9:4d:e7:9f:2e:69:2d:2f:51:3b:79:73:36:66:b4:ee:fd:f4:
7b:f1:42:c1:90:de:09:b4:0e:0d:f5:c1:e6:a7:d4:7f:2c:cd:
3f:04:f9:04:a0:64:fd:3d:3b:9b:3d:a6:76:14:92:02:f5:5e:
ce:0c:55:35:ec:8b:ec:c1:ad:61:6c:4b:8b:64:b0:6a:ef:2d:
04:a1:8a:e2:ca:11:80:5a:3c:a2:2b:59:24:59:ea:3a:93:1c:
2d:dd:b7:82:47:48:09:80:a7:38:1b:3e:a7:8f:05:4b:f2:70:
66:56:1c:29:19:d2:cb:bc:9b:3d:5f:1b:69:b0:4a:d1:00:2f:
11:00:20:a6:1d:f8:35:b2:c2:f0:11:35:62:fb:08:02:4e:22:
b9:06:48:9b:25:ad:9d:b3:56:fd:f0:f9:29:c7:8c:34:01:4d:
42:79:1f:4d:46:79:e7:1b:15:38:6e:c7:8b:e1:2a:0f:10:71:
72:87:db:75
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECo0+iDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTg2NDcwMDVmYThiMDZlNDdlZTJlZmJmZGVkYzk3YTBjNzc1NWY4MB4XDTIyMDEw
MTE1MDE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2EzZjJjZDA0Y2U0
YTk2MWE3NzM5YjJhNjNiNmRkMTZmYmNlYTZmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMJMQ4PM6+rPKFjcqEOn1l2doOFHSYdb08x4LyDOeoKhZKw
9igvrKqvA7EkUberOrjQD8jA3YepUXqWsfe4+6ls5KO/CzyOKjspoJO7D/IX6fbJ
G9dZMQGmUKOtlMx9LjcgtyW2tiBawFkk4gZYUetGUVrm6ek32b2k55cIQn4Fvr6o
S2UKsky7r47KwGsDkK7n+k2Ss2tSL8bAoorhI8M1GodMzeOrkiFxf8uOJajUIsJl
vHCMI/mULmRWtjjSbCudI9tXbQfZHmVGDw/7VbTGSEi1Irxt42ExX5DFDl4DMOTr
l3hIgsE4xgh7ypB53Bcbd1yMV3WaB7qbDz7X6NsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQ6PyzQTOSpYadzmypjtt0W+86m9zAfBgNVHSMEGDAWgBTRhkcAX6iwbkfu
Lvv97cl6DHdV+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBZWkhBRi1vc0c1SDdpNzdfZTNKZWd4M1ZmZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvN2ZhNzkxLWIzYzktNDhhZS04MDM0LWMyMTA0NjczYzIwYi8x
L09qOHMwRXprcVdHbmM1c3FZN2JkRnZ2T3B2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
N2ZhNzkxLWIzYzktNDhhZS04MDM0LWMyMTA0NjczYzIwYi8xLzBZWkhBRi1vc0c1
SDdpNzdfZTNKZWd4M1ZmZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAVvP1gMEArngEAMEAMEdyTANBAIA
AjAHAwUAKgzMADANBgkqhkiG9w0BAQsFAAOCAQEAoqStrYKdpHoldu0SunJVJ9pb
S6PKKIrXZpLo7iIcshnW0o1wKEmYu3qj6Vv+HPbzeBtkSzKjv4mzvW5TBCN+yKFa
+my4aKb3uU3nny5pLS9RO3lzNma07v30e/FCwZDeCbQODfXB5qfUfyzNPwT5BKBk
/T07mz2mdhSSAvVezgxVNeyL7MGtYWxLi2Swau8tBKGK4soRgFo8oitZJFnqOpMc
Ld23gkdICYCnOBs+p48FS/JwZlYcKRnSy7ybPV8babBK0QAvEQAgph34NbLC8BE1
YvsIAk4iuQZImyWtnbNW/fD5KceMNAFNQnkfTUZ55xsVOG7Hi+EqDxBxcofbdQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:40 2023 by rpki-client on console-ams.rpki-client.org