Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/OomBfpI2cta8lQBxyWaNP73T3EY.roa
File: OomBfpI2cta8lQBxyWaNP73T3EY.roa (raw, json)
Hash identifier: h54jaChKZuRwbG7WVOj+62rV2g1to2ALxc7GHcgkwtw=
Subject key identifier: 3A:89:81:7E:92:36:72:D6:BC:95:00:71:C9:66:8D:3F:BD:D3:DC:46
Certificate issuer: /CN=e08e907c0fe50891a76bd99b2908700a6ac62e38
Certificate serial: 0637B2A7
Authority key identifier: E0:8E:90:7C:0F:E5:08:91:A7:6B:D9:9B:29:08:70:0A:6A:C6:2E:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4I6QfA_lCJGna9mbKQhwCmrGLjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/OomBfpI2cta8lQBxyWaNP73T3EY.roa
Signing time: Sat 01 Jan 2022 07:59:03 +0000
ROA not before: Sat 01 Jan 2022 07:59:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31511
IP address blocks: 185.30.252.0/22 maxlen: 22
195.62.68.0/23 maxlen: 23
2a04:4720::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104313511 (0x637b2a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e08e907c0fe50891a76bd99b2908700a6ac62e38
Validity
Not Before: Jan 1 07:59:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a89817e923672d6bc950071c9668d3fbdd3dc46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3b:6c:8e:38:d6:45:1d:84:54:5d:af:70:81:
f5:cb:99:7e:42:c3:3d:ee:d5:5a:75:d9:eb:68:d9:
b8:bd:b1:49:c6:f4:94:d2:25:24:54:5b:5b:5f:38:
89:52:45:0d:19:d4:13:98:3d:56:6b:09:49:23:49:
c0:ac:24:88:d4:9f:77:07:aa:7c:d9:19:f5:7d:a0:
c5:d8:0d:c4:ef:b4:5a:29:f2:f8:d1:9c:7e:a9:a5:
dc:2f:5d:80:15:a2:b1:ab:22:10:06:bd:2a:cf:54:
bb:f9:aa:86:cc:bc:9c:8e:8e:8c:29:eb:fb:a1:d1:
47:10:a6:0c:cd:30:0c:5d:47:8c:98:94:d5:49:d1:
80:fa:4e:1b:21:42:99:0b:88:68:04:8c:00:c6:bb:
ee:5a:5a:f3:49:7a:b9:86:be:dd:de:20:b8:8d:39:
00:2c:b5:ea:4d:0e:49:5e:db:f3:4f:cb:da:9b:3d:
d2:80:30:cc:5d:62:ad:bd:bc:40:ff:a6:9e:73:2c:
28:31:ec:3b:c1:45:72:a3:97:cf:a3:83:05:aa:71:
e0:7d:30:66:c2:61:ef:90:a1:39:76:ff:17:0e:97:
3a:6c:5f:32:f9:b4:84:43:aa:bf:37:f0:0f:31:7d:
37:9b:a8:72:c5:ff:29:08:ea:94:f0:21:1d:a5:cc:
db:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:89:81:7E:92:36:72:D6:BC:95:00:71:C9:66:8D:3F:BD:D3:DC:46
X509v3 Authority Key Identifier:
keyid:E0:8E:90:7C:0F:E5:08:91:A7:6B:D9:9B:29:08:70:0A:6A:C6:2E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4I6QfA_lCJGna9mbKQhwCmrGLjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/OomBfpI2cta8lQBxyWaNP73T3EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/4I6QfA_lCJGna9mbKQhwCmrGLjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.252.0/22
195.62.68.0/23
IPv6:
2a04:4720::/30
Signature Algorithm: sha256WithRSAEncryption
aa:4a:2c:e8:03:a1:15:f8:44:71:88:ef:4b:9b:9a:6f:b8:eb:
0b:37:b7:5c:4e:55:56:ee:69:bf:53:10:6c:0f:be:c6:02:b9:
22:17:6f:90:20:d6:ce:16:fc:e8:68:12:6c:79:3e:52:f3:a9:
8e:0b:4f:92:1b:9d:71:7c:f3:21:4a:42:ae:e3:49:3d:4e:2e:
13:e5:3f:ee:89:ca:3a:1c:10:bc:e8:2b:fe:7c:aa:a0:8f:0b:
89:22:ed:5d:af:55:fa:e2:4e:d1:97:94:3d:66:8a:1b:4e:fc:
55:29:14:f8:5f:60:d9:ce:f4:47:3c:a0:d9:57:2d:cd:04:52:
f6:6c:01:d6:fc:5f:91:d0:f1:16:8a:ae:35:66:32:a1:9d:16:
18:fc:0f:dc:5e:33:c7:dc:1a:43:fc:40:4b:8a:a2:b8:44:56:
e0:18:0e:5d:e5:97:65:d6:f0:2d:da:d6:31:18:02:dd:6f:6d:
c1:98:6c:b0:48:02:6b:a1:e0:2d:8e:95:8b:74:67:62:88:03:
5d:6d:c7:60:cc:7a:d4:d8:14:43:35:1f:15:e0:cc:c2:66:f7:
28:6b:33:41:33:61:26:89:d9:5c:52:d2:59:41:8d:aa:11:f0:
d5:a0:5b:75:5d:fe:a3:70:16:6b:d0:4e:bd:4c:df:75:9f:32:
6b:d0:a6:c8
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBjeypzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MDhlOTA3YzBmZTUwODkxYTc2YmQ5OWIyOTA4NzAwYTZhYzYyZTM4MB4XDTIyMDEw
MTA3NTkwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E4OTgxN2U5MjM2
NzJkNmJjOTUwMDcxYzk2NjhkM2ZiZGQzZGM0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKg7bI441kUdhFRdr3CB9cuZfkLDPe7VWnXZ62jZuL2xScb0
lNIlJFRbW184iVJFDRnUE5g9VmsJSSNJwKwkiNSfdweqfNkZ9X2gxdgNxO+0Winy
+NGcfqml3C9dgBWisasiEAa9Ks9Uu/mqhsy8nI6OjCnr+6HRRxCmDM0wDF1HjJiU
1UnRgPpOGyFCmQuIaASMAMa77lpa80l6uYa+3d4guI05ACy16k0OSV7b80/L2ps9
0oAwzF1irb28QP+mnnMsKDHsO8FFcqOXz6ODBapx4H0wZsJh75ChOXb/Fw6XOmxf
Mvm0hEOqvzfwDzF9N5uocsX/KQjqlPAhHaXM23MCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ6iYF+kjZy1ryVAHHJZo0/vdPcRjAfBgNVHSMEGDAWgBTgjpB8D+UIkadr
2ZspCHAKasYuODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRJNlFmQV9sQ0pHbmE5bWJLUWh3Q21yR0xqZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvYzI4ZTI3LWQwNWItNDc4YS05YjBiLWRiOTc4OTJhNTFmZC8x
L09vbUJmcEkyY3RhOGxRQnh5V2FOUDczVDNFWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
YzI4ZTI3LWQwNWItNDc4YS05YjBiLWRiOTc4OTJhNTFmZC8xLzRJNlFmQV9sQ0pH
bmE5bWJLUWh3Q21yR0xqZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArke/AMEAcM+RDANBAIAAjAHAwUC
KgRHIDANBgkqhkiG9w0BAQsFAAOCAQEAqkos6AOhFfhEcYjvS5uab7jrCze3XE5V
Vu5pv1MQbA++xgK5IhdvkCDWzhb86GgSbHk+UvOpjgtPkhudcXzzIUpCruNJPU4u
E+U/7onKOhwQvOgr/nyqoI8LiSLtXa9V+uJO0ZeUPWaKG078VSkU+F9g2c70Rzyg
2VctzQRS9mwB1vxfkdDxFoquNWYyoZ0WGPwP3F4zx9waQ/xAS4qiuERW4BgOXeWX
ZdbwLdrWMRgC3W9twZhssEgCa6HgLY6Vi3RnYogDXW3HYMx61NgUQzUfFeDMwmb3
KGszQTNhJonZXFLSWUGNqhHw1aBbdV3+o3AWa9BOvUzfdZ8ya9CmyA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:44 2023 by rpki-client on console-ams.rpki-client.org