Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/7OQIG71jPV1HWsQu_LvbpOYOhRo.roa
File: 7OQIG71jPV1HWsQu_LvbpOYOhRo.roa (raw, json)
Hash identifier: 5ijXeYjMCsxjv5kpHFrk4k3dPeaqLRXJbkYAZ5T9Z3g=
Subject key identifier: EC:E4:08:1B:BD:63:3D:5D:47:5A:C4:2E:FC:BB:DB:A4:E6:0E:85:1A
Certificate issuer: /CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Certificate serial: 0182EE58851C0531B37880033BE86FADCE40
Authority key identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/7OQIG71jPV1HWsQu_LvbpOYOhRo.roa
Signing time: Tue 30 Aug 2022 10:42:34 +0000
ROA not before: Tue 30 Aug 2022 10:42:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210213
IP address blocks: 195.244.146.0/24 maxlen: 24
195.244.152.0/24 maxlen: 24
195.244.153.0/24 maxlen: 24
195.244.156.0/24 maxlen: 24
2a00:1780:dc00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ee:58:85:1c:05:31:b3:78:80:03:3b:e8:6f:ad:ce:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Validity
Not Before: Aug 30 10:42:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ece4081bbd633d5d475ac42efcbbdba4e60e851a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:76:b4:94:a2:fa:de:9e:8c:16:f6:09:57:ba:
1b:86:6b:a6:a2:4d:71:13:9f:5a:39:1d:33:61:29:
07:ae:a5:1d:21:4b:71:89:ef:2b:2f:7e:ff:58:bd:
41:c3:57:6c:4e:ac:fa:6b:ca:3a:4c:c6:d9:61:95:
48:66:23:82:bb:a3:2e:d4:c1:cb:c3:35:51:2b:7f:
25:96:c8:5f:a5:37:c1:bf:4c:87:d2:11:bd:41:81:
48:07:2c:20:6f:fc:2d:da:6e:0b:09:28:c3:ee:4e:
41:d3:8e:3c:3a:bd:ee:aa:12:37:1b:a0:11:fa:ce:
14:09:04:71:3f:ae:17:ad:23:74:74:bb:ba:c8:59:
1e:98:f9:ba:91:14:44:52:2b:7e:3f:20:e7:c2:9e:
a8:1e:ed:52:0c:24:f6:d7:f2:a4:bc:84:d7:7f:e4:
84:fe:e5:45:d9:cd:26:1c:95:1a:87:e0:4d:19:8d:
94:0e:e7:24:18:db:91:1d:ec:72:a1:04:ea:4f:a8:
f3:5d:22:99:26:7e:55:f2:18:9e:e9:d2:58:20:d1:
c1:a0:9b:ed:d1:ef:55:e4:9c:a8:f2:64:c7:28:89:
62:32:80:c2:d6:df:ca:91:4d:99:77:8c:7f:15:9b:
a4:6f:7c:79:92:2b:23:d9:90:5d:b5:72:d3:a6:b3:
a1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E4:08:1B:BD:63:3D:5D:47:5A:C4:2E:FC:BB:DB:A4:E6:0E:85:1A
X509v3 Authority Key Identifier:
keyid:FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/7OQIG71jPV1HWsQu_LvbpOYOhRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.146.0/24
195.244.152.0/23
195.244.156.0/24
IPv6:
2a00:1780:dc00::/40
Signature Algorithm: sha256WithRSAEncryption
30:22:f7:99:b5:3f:0d:0c:b9:9e:d8:eb:c8:43:e8:cd:48:26:
4a:00:a5:86:2c:44:cc:be:1a:5f:d3:16:ab:f2:5c:77:40:d7:
67:f1:6b:9a:01:fc:ce:f5:45:02:11:6d:4b:3f:83:3a:0e:44:
64:fd:36:71:7a:cd:82:e8:3f:81:f7:4e:a4:7c:57:00:19:26:
0f:0f:cc:de:bb:b5:5c:1f:c7:91:13:fd:2e:72:1a:6b:57:0f:
cc:e8:57:7c:6b:e7:62:ce:0d:5c:9e:db:28:2e:cd:9f:c5:9f:
ad:b1:a0:8b:ca:aa:19:ee:38:e1:59:71:45:af:e4:1e:5d:5e:
22:8f:c4:da:5b:bb:d2:05:18:28:b7:d2:6e:c8:7e:e0:e4:f3:
16:e3:b4:a5:3e:3f:8c:83:ac:98:f6:02:03:b2:79:20:59:9b:
01:c6:c9:62:a6:4d:0b:98:4c:b0:13:dd:03:7a:ef:75:55:94:
c1:6c:af:c3:f8:64:1b:64:98:e1:0c:87:86:cb:fc:13:bd:5e:
93:0c:39:6c:26:6f:f8:36:c8:43:6f:73:16:5f:42:58:25:42:
34:16:ad:e3:9e:0d:0d:a0:e8:95:e4:15:94:05:d5:ba:00:03:
fa:8e:2e:01:ef:78:08:ed:27:96:b5:57:bd:c9:fa:25:cb:66:
03:77:dc:b7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYLuWIUcBTGzeIADO+hvrc5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjk4ZWViMmU0OWZjYjVmOWM2NWE5OTg1N2FmMjljZTA2
NjQxZDkwHhcNMjIwODMwMTA0MjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2U0MDgxYmJkNjMzZDVkNDc1YWM0MmVmY2JiZGJhNGU2MGU4NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqna0lKL63p6MFvYJV7obhmumok1x
E59aOR0zYSkHrqUdIUtxie8rL37/WL1Bw1dsTqz6a8o6TMbZYZVIZiOCu6Mu1MHL
wzVRK38llshfpTfBv0yH0hG9QYFIBywgb/wt2m4LCSjD7k5B0448Or3uqhI3G6AR
+s4UCQRxP64XrSN0dLu6yFkemPm6kRREUit+PyDnwp6oHu1SDCT21/KkvITXf+SE
/uVF2c0mHJUah+BNGY2UDuckGNuRHexyoQTqT6jzXSKZJn5V8hie6dJYINHBoJvt
0e9V5Jyo8mTHKIliMoDC1t/KkU2Zd4x/FZukb3x5kisj2ZBdtXLTprOh8wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOzkCBu9Yz1dR1rELvy726TmDoUaMB8GA1UdIwQY
MBaAFP9pjusuSfy1+cZamYV68pzgZkHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4Mzkt
NTdjZDY4ZDljYjRlLzEvN09RSUc3MWpQVjFIV3NRdV9MdmJwT1lPaFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4MzktNTdjZDY4ZDljYjRl
LzEvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAw/SSAwQB
w/SYAwQAw/ScMA4EAgACMAgDBgAqABeA3DANBgkqhkiG9w0BAQsFAAOCAQEAMCL3
mbU/DQy5ntjryEPozUgmSgClhixEzL4aX9MWq/Jcd0DXZ/FrmgH8zvVFAhFtSz+D
Og5EZP02cXrNgug/gfdOpHxXABkmDw/M3ru1XB/HkRP9LnIaa1cPzOhXfGvnYs4N
XJ7bKC7Nn8WfrbGgi8qqGe444VlxRa/kHl1eIo/E2lu70gUYKLfSbsh+4OTzFuO0
pT4/jIOsmPYCA7J5IFmbAcbJYqZNC5hMsBPdA3rvdVWUwWyvw/hkG2SY4QyHhsv8
E71ekww5bCZv+DbIQ29zFl9CWCVCNBat454NDaDoleQVlAXVugAD+o4uAe94CO0n
lrVXvcn6JctmA3fctw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:39 2024 by rpki-client on console-ams.rpki-client.org