Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/Oj3E9nHShjNdfmsZ65Ehx8BcQeY.roa
File: Oj3E9nHShjNdfmsZ65Ehx8BcQeY.roa (raw, json)
Hash identifier: g3mKnlu75Eu8XlrYelb8aReFcA13abMfY1xCBiuxNMM=
Subject key identifier: 3A:3D:C4:F6:71:D2:86:33:5D:7E:6B:19:EB:91:21:C7:C0:5C:41:E6
Certificate issuer: /CN=7c6dc7395815af045048f4ce3910d04008ff3a7c
Certificate serial: 0372B500
Authority key identifier: 7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fG3HOVgVrwRQSPTOORDQQAj_Onw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/Oj3E9nHShjNdfmsZ65Ehx8BcQeY.roa
Signing time: Sat 01 Jan 2022 12:56:44 +0000
ROA not before: Sat 01 Jan 2022 12:56:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8560
IP address blocks: 82.223.0.0/16 maxlen: 24
217.76.128.0/19 maxlen: 24
94.143.136.0/21 maxlen: 24
93.93.112.0/21 maxlen: 24
62.151.160.0/21 maxlen: 24
62.151.176.0/21 maxlen: 24
2001:ba0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57849088 (0x372b500)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c6dc7395815af045048f4ce3910d04008ff3a7c
Validity
Not Before: Jan 1 12:56:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a3dc4f671d286335d7e6b19eb9121c7c05c41e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:97:08:34:b1:d8:17:ad:49:ce:dc:25:95:07:
f4:f0:9b:a9:1e:90:24:e2:20:32:bf:73:b0:36:aa:
f7:1b:8a:45:29:15:da:66:2c:2d:40:06:64:5c:b7:
44:1e:76:4c:18:77:81:ea:fd:03:d0:6f:55:c9:01:
2d:d4:12:9c:12:47:99:96:bd:a9:9a:fd:f3:43:84:
52:3a:93:36:10:2c:b6:e0:7a:4f:1e:5a:71:80:78:
ad:41:7c:7d:bf:9b:d4:c1:c3:14:43:fd:aa:d6:8b:
8f:ea:ae:53:ba:ff:71:f1:43:94:91:88:bf:b6:60:
95:99:34:c2:36:0b:12:86:e6:63:ab:46:72:15:16:
ee:22:14:17:99:16:86:e7:26:28:3a:aa:4c:80:bd:
a4:40:87:67:0b:45:cd:16:1a:c4:f9:51:40:ab:85:
aa:67:5b:fe:c9:3d:34:42:e0:6b:9d:bf:6b:1b:95:
34:c9:64:77:d8:62:df:92:f2:9c:40:b5:66:f4:63:
fb:04:ee:da:51:23:fb:45:11:fa:a9:7b:b4:b1:70:
4a:5e:62:d8:f1:b6:d1:8d:ec:93:6b:8a:3d:04:7e:
9a:c9:3e:86:72:b6:5d:ce:22:53:ca:34:10:bf:eb:
3d:df:76:d1:db:af:d4:75:ad:97:37:be:ee:6f:4f:
23:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3D:C4:F6:71:D2:86:33:5D:7E:6B:19:EB:91:21:C7:C0:5C:41:E6
X509v3 Authority Key Identifier:
keyid:7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fG3HOVgVrwRQSPTOORDQQAj_Onw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/Oj3E9nHShjNdfmsZ65Ehx8BcQeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/fG3HOVgVrwRQSPTOORDQQAj_Onw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.151.160.0/21
62.151.176.0/21
82.223.0.0/16
93.93.112.0/21
94.143.136.0/21
217.76.128.0/19
IPv6:
2001:ba0::/32
Signature Algorithm: sha256WithRSAEncryption
33:16:44:e7:8a:28:b9:40:44:47:3b:60:b4:e0:65:4b:48:26:
57:61:68:aa:77:3f:e6:5d:e6:b4:7d:5e:f0:a3:45:66:30:af:
ee:91:b9:8b:cd:22:37:23:6d:ba:74:61:d1:97:51:bc:a2:24:
a3:2d:72:fc:e9:1b:8f:8e:15:e0:a4:f9:62:cc:45:27:44:1a:
46:c6:eb:c6:88:21:77:41:ee:76:b7:49:47:ea:dd:bb:1c:57:
b7:7c:48:b4:f9:74:75:84:57:fa:b9:7f:50:49:ac:b6:93:11:
e8:da:f1:e0:88:35:1a:ce:f4:f2:54:05:c1:65:62:81:65:7a:
3a:40:20:1d:db:e5:28:d5:93:fe:27:3d:29:24:c7:e8:29:27:
8d:89:84:88:39:91:30:79:8a:58:30:d1:06:ed:55:50:48:0e:
96:0c:59:75:cb:cf:28:0f:0e:ee:c8:87:26:a6:2b:cf:35:7c:
1c:c8:d5:82:09:5a:3a:55:77:35:1d:bd:d9:cd:f0:05:e4:c0:
84:30:f9:bf:de:0c:47:05:88:75:c2:f2:52:84:bd:8a:e4:73:
32:a4:8d:53:be:47:ce:e3:1d:ba:d2:b4:63:1d:be:af:04:5c:
aa:a0:3e:84:bc:79:ad:40:50:a6:d5:15:ca:4a:1f:01:a9:6e:
3f:e5:be:a3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEA3K1ADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzZkYzczOTU4MTVhZjA0NTA0OGY0Y2UzOTEwZDA0MDA4ZmYzYTdjMB4XDTIyMDEw
MTEyNTY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2EzZGM0ZjY3MWQy
ODYzMzVkN2U2YjE5ZWI5MTIxYzdjMDVjNDFlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWXCDSx2BetSc7cJZUH9PCbqR6QJOIgMr9zsDaq9xuKRSkV
2mYsLUAGZFy3RB52TBh3ger9A9BvVckBLdQSnBJHmZa9qZr980OEUjqTNhAstuB6
Tx5acYB4rUF8fb+b1MHDFEP9qtaLj+quU7r/cfFDlJGIv7ZglZk0wjYLEobmY6tG
chUW7iIUF5kWhucmKDqqTIC9pECHZwtFzRYaxPlRQKuFqmdb/sk9NELga52/axuV
NMlkd9hi35LynEC1ZvRj+wTu2lEj+0UR+ql7tLFwSl5i2PG20Y3sk2uKPQR+msk+
hnK2Xc4iU8o0EL/rPd920duv1HWtlze+7m9PIxkCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBQ6PcT2cdKGM11+axnrkSHHwFxB5jAfBgNVHSMEGDAWgBR8bcc5WBWvBFBI
9M45ENBACP86fDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZHM0hPVmdWcndSUVNQVE9PUkRRUUFqX09udy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvNTQ2ODdmLWVmYTUtNDYyMC04NjE5LTMxNTViYThjYjc0Zi8x
L09qM0U5bkhTaGpOZGZtc1o2NUVoeDhCY1FlWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
NTQ2ODdmLWVmYTUtNDYyMC04NjE5LTMxNTViYThjYjc0Zi8xL2ZHM0hPVmdWcndS
UVNQVE9PUkRRUUFqX09udy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowKQQCAAEwIwMEAz6XoAMEAz6XsAMDAFLfAwQDXV1w
AwQDXo+IAwQF2UyAMA0EAgACMAcDBQAgAQugMA0GCSqGSIb3DQEBCwUAA4IBAQAz
FkTniii5QERHO2C04GVLSCZXYWiqdz/mXea0fV7wo0VmMK/ukbmLzSI3I226dGHR
l1G8oiSjLXL86RuPjhXgpPlizEUnRBpGxuvGiCF3Qe52t0lH6t27HFe3fEi0+XR1
hFf6uX9QSay2kxHo2vHgiDUazvTyVAXBZWKBZXo6QCAd2+Uo1ZP+Jz0pJMfoKSeN
iYSIOZEweYpYMNEG7VVQSA6WDFl1y88oDw7uyIcmpivPNXwcyNWCCVo6VXc1Hb3Z
zfAF5MCEMPm/3gxHBYh1wvJShL2K5HMypI1TvkfO4x260rRjHb6vBFyqoD6EvHmt
QFCm1RXKSh8BqW4/5b6j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:48 2024 by rpki-client on console-fra.rpki-client.org