Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/OGNvsB-XKJZdt9xxUhMWz253yDQ.roa
File: OGNvsB-XKJZdt9xxUhMWz253yDQ.roa (raw, json)
Hash identifier: dmBwMISmm9jgkLlYdUriQl1UGyvfoEZGFLa4Q/W2oMM=
Subject key identifier: 38:63:6F:B0:1F:97:28:96:5D:B7:DC:71:52:13:16:CF:6E:77:C8:34
Certificate issuer: /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial: 0184A3D109D552A0F07CDC3BE7D329B054FB
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/OGNvsB-XKJZdt9xxUhMWz253yDQ.roa
Signing time: Wed 23 Nov 2022 09:28:16 +0000
ROA not before: Wed 23 Nov 2022 09:28:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42000
IP address blocks: 217.11.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:d1:09:d5:52:a0:f0:7c:dc:3b:e7:d3:29:b0:54:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Validity
Not Before: Nov 23 09:28:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38636fb01f9728965db7dc71521316cf6e77c834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4f:e3:23:20:82:49:8f:e0:42:89:c5:07:12:
13:a6:f8:84:fe:e1:f0:93:9b:f7:27:db:85:2c:8e:
e4:79:c8:4c:a3:e5:e3:c5:a8:7e:be:ec:06:9e:c2:
7e:6e:7d:71:84:f6:b7:f7:f4:e4:86:90:bf:8c:06:
aa:60:d7:ab:73:8e:b5:82:d2:1e:45:89:8a:ab:f1:
b6:8b:d4:f2:07:9a:67:3d:a9:20:45:27:4d:01:fc:
46:55:a3:3d:56:92:80:9a:ec:d0:0f:1d:a2:9d:ae:
48:a2:19:fd:c2:df:fb:ad:d8:87:f3:a5:61:98:19:
15:55:c5:de:5c:08:e1:d1:82:c1:28:31:a0:89:93:
47:f7:95:b4:0f:92:a1:bc:1a:1c:8a:2e:7b:09:02:
fb:3f:d2:48:34:7d:72:16:e9:e3:df:6e:e7:2e:d6:
ba:33:12:26:7d:fa:c1:da:35:12:d2:62:5c:49:29:
41:f5:b9:0a:e0:0f:77:7f:ed:cc:d9:7a:7e:d1:ad:
ed:41:c5:96:da:c4:1d:99:7c:99:ab:27:b5:ea:ac:
a6:3a:7c:19:e6:e1:ac:31:a2:95:db:07:43:c5:f6:
56:1f:cf:73:e8:45:41:2e:bf:42:4b:ff:7a:fe:22:
c4:eb:a9:e2:10:7f:f6:f5:51:aa:30:b6:78:b7:98:
e6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:63:6F:B0:1F:97:28:96:5D:B7:DC:71:52:13:16:CF:6E:77:C8:34
X509v3 Authority Key Identifier:
keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/OGNvsB-XKJZdt9xxUhMWz253yDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.11.245.0/24
Signature Algorithm: sha256WithRSAEncryption
82:9e:c1:03:8a:a0:72:37:da:b0:fd:1a:67:7f:f4:d6:5b:9b:
f6:25:7b:2c:e0:20:64:6d:60:34:b6:ed:63:32:46:ec:ff:82:
42:43:96:7d:05:10:18:76:5d:4e:b8:fb:38:61:bd:41:a7:e4:
7d:f8:35:86:23:8c:70:45:a4:03:fa:5e:69:89:66:4d:76:f3:
97:03:b6:8b:37:fe:87:05:75:e2:50:b6:32:f8:36:01:cb:68:
8b:2f:20:9c:fd:83:28:27:fd:1e:a7:95:2e:cb:42:b1:a2:58:
81:77:e1:f4:1e:84:08:ac:85:26:bc:26:51:ce:8c:88:06:85:
30:e2:06:4c:f9:08:f6:e0:10:af:ea:4e:d3:8c:91:75:5f:da:
75:6b:bf:6a:c2:83:4a:82:22:93:e7:f2:35:c5:13:61:5b:98:
5b:46:e5:77:3b:74:45:79:73:08:56:26:5a:66:8a:32:7c:97:
43:17:fb:cb:3f:29:b3:ee:88:b6:a1:ea:5d:95:0e:e5:3b:cd:
02:42:1c:5e:97:f3:fc:e3:51:80:93:2b:13:b8:7c:59:53:9f:
53:10:96:5d:a7:e3:90:b8:86:fe:51:35:e6:68:35:85:3c:52:
7b:74:99:74:b0:77:73:80:d0:cc:77:f9:67:87:da:fd:1a:3a:
21:dc:be:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSj0QnVUqDwfNw759MpsFT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjIxMTIzMDkyODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODYzNmZiMDFmOTcyODk2NWRiN2RjNzE1MjEzMTZjZjZlNzdjODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0/jIyCCSY/gQonFBxITpviE/uHw
k5v3J9uFLI7kechMo+Xjxah+vuwGnsJ+bn1xhPa39/TkhpC/jAaqYNerc461gtIe
RYmKq/G2i9TyB5pnPakgRSdNAfxGVaM9VpKAmuzQDx2ina5Iohn9wt/7rdiH86Vh
mBkVVcXeXAjh0YLBKDGgiZNH95W0D5KhvBocii57CQL7P9JINH1yFunj327nLta6
MxImffrB2jUS0mJcSSlB9bkK4A93f+3M2Xp+0a3tQcWW2sQdmXyZqye16qymOnwZ
5uGsMaKV2wdDxfZWH89z6EVBLr9CS/96/iLE66niEH/29VGqMLZ4t5jm8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDhjb7AflyiWXbfccVITFs9ud8g0MB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvT0dOdnNCLVhLSlpkdDl4eFVoTVd6MjUzeURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Qv1MA0G
CSqGSIb3DQEBCwUAA4IBAQCCnsEDiqByN9qw/Rpnf/TWW5v2JXss4CBkbWA0tu1j
Mkbs/4JCQ5Z9BRAYdl1OuPs4Yb1Bp+R9+DWGI4xwRaQD+l5piWZNdvOXA7aLN/6H
BXXiULYy+DYBy2iLLyCc/YMoJ/0ep5Uuy0KxoliBd+H0HoQIrIUmvCZRzoyIBoUw
4gZM+Qj24BCv6k7TjJF1X9p1a79qwoNKgiKT5/I1xRNhW5hbRuV3O3RFeXMIViZa
ZooyfJdDF/vLPymz7oi2oepdlQ7lO80CQhxel/P841GAkysTuHxZU59TEJZdp+OQ
uIb+UTXmaDWFPFJ7dJl0sHdzgNDMd/lnh9r9Gjoh3L6z
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:04 2023 by rpki-client on console-fra.rpki-client.org