Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/oV7CRIz_J-Gy671ddFWJfYGg3Rw.roa
File: oV7CRIz_J-Gy671ddFWJfYGg3Rw.roa (raw, json)
Hash identifier: ZmwayUhSol1N9lidBhjr+mL2qlf750pNKaB9Fqb8SCM=
Subject key identifier: A1:5E:C2:44:8C:FF:27:E1:B2:EB:BD:5D:74:55:89:7D:81:A0:DD:1C
Certificate issuer: /CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Certificate serial: 01833C84707E27A301951B7E0EDB58FBD25A
Authority key identifier: 31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/oV7CRIz_J-Gy671ddFWJfYGg3Rw.roa
Signing time: Wed 14 Sep 2022 15:00:55 +0000
ROA not before: Wed 14 Sep 2022 15:00:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43009
IP address blocks: 193.105.74.0/24 maxlen: 24
81.23.249.0/24 maxlen: 24
81.23.250.0/24 maxlen: 24
81.23.251.0/24 maxlen: 24
81.23.252.0/24 maxlen: 24
81.23.248.0/24 maxlen: 24
81.23.253.0/24 maxlen: 24
185.255.9.0/24 maxlen: 24
185.255.10.0/24 maxlen: 24
185.255.11.0/24 maxlen: 24
185.255.8.0/24 maxlen: 24
202.22.160.0/24 maxlen: 24
202.22.164.0/24 maxlen: 24
202.22.165.0/24 maxlen: 24
202.22.166.0/24 maxlen: 24
202.22.161.0/24 maxlen: 24
202.22.162.0/24 maxlen: 24
202.22.163.0/24 maxlen: 24
202.22.171.0/24 maxlen: 24
202.22.172.0/24 maxlen: 24
202.22.168.0/24 maxlen: 24
202.22.169.0/24 maxlen: 24
202.22.170.0/24 maxlen: 24
202.22.174.0/24 maxlen: 24
202.22.175.0/24 maxlen: 24
81.23.254.0/24 maxlen: 24
81.23.255.0/24 maxlen: 24
2a0c:55c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3c:84:70:7e:27:a3:01:95:1b:7e:0e:db:58:fb:d2:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Validity
Not Before: Sep 14 15:00:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a15ec2448cff27e1b2ebbd5d7455897d81a0dd1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:79:16:79:4c:b9:73:92:bc:70:50:7a:cb:34:
04:cb:c8:6a:2b:58:d0:34:28:9e:df:42:15:15:9d:
e4:b3:d4:79:f6:cd:41:f9:e8:5a:d9:eb:73:7e:d1:
54:ff:a4:05:c8:5d:a5:af:ec:c0:ae:77:92:39:53:
31:8e:31:a0:c0:d1:75:74:c2:b7:eb:0c:70:db:2c:
81:05:6d:55:e4:6a:34:94:83:11:a5:e6:fe:8c:d2:
9d:0b:ce:0d:a3:94:7f:5a:86:e0:af:9b:9d:91:7c:
8b:d6:2a:af:4e:aa:69:27:50:5d:ce:f3:8b:f5:ba:
36:59:5d:be:a0:8a:2d:9e:1c:e6:9b:19:89:b2:22:
0b:da:e5:29:ba:7c:96:55:3f:dc:17:a0:35:a4:1d:
ef:df:a7:b7:35:b6:c8:99:4e:64:23:b7:70:62:dd:
03:5e:78:8d:ce:ec:f5:1e:88:c6:62:e6:4a:69:6e:
98:71:40:b6:d5:d3:25:67:7d:54:89:2a:bf:79:9f:
06:79:51:5b:83:a6:6f:f4:0e:99:33:a0:08:f6:d8:
74:5e:bd:eb:d0:22:c4:b4:e5:93:53:1d:53:fc:59:
bf:85:64:02:13:94:d0:84:f6:76:ef:d9:90:e3:48:
ad:c0:2b:84:3d:1d:5c:60:09:fa:76:9b:3c:b5:3f:
22:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:5E:C2:44:8C:FF:27:E1:B2:EB:BD:5D:74:55:89:7D:81:A0:DD:1C
X509v3 Authority Key Identifier:
keyid:31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/oV7CRIz_J-Gy671ddFWJfYGg3Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.248.0/21
185.255.8.0/22
193.105.74.0/24
202.22.160.0-202.22.166.255
202.22.168.0-202.22.172.255
202.22.174.0/23
IPv6:
2a0c:55c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
8e:19:95:b0:8c:37:0f:4c:0a:a1:ac:3a:2f:33:e3:69:e5:e3:
e7:2a:de:64:58:80:ab:f1:62:7a:f4:80:d5:d9:9f:d7:5f:19:
d4:2d:34:16:77:c3:a8:97:c6:7e:5f:bf:8a:dc:3f:22:b1:24:
c0:03:a4:95:a1:93:b5:67:0f:eb:57:7f:44:8a:6a:91:f0:f9:
3d:8f:f5:9c:c4:29:44:6a:4e:68:d9:be:19:f0:c0:61:db:f5:
70:8c:3c:17:d9:b3:8b:af:53:0d:0e:b5:af:ad:c0:ca:5a:59:
95:80:12:2e:70:5e:8c:f7:b7:a5:7d:cb:0b:af:5e:28:c8:16:
94:3d:4f:8e:ad:bf:07:74:b5:6b:3b:8b:d7:b8:dc:f2:57:6f:
6d:5b:36:72:af:9c:f6:69:42:15:49:04:76:fb:f5:f0:c4:83:
0b:19:96:5e:29:f8:d2:3b:53:6f:b3:14:3a:bf:30:36:fe:5d:
b3:0f:a5:7c:23:ad:95:7c:48:91:0e:96:cb:50:57:75:23:fa:
a8:ef:73:ce:45:98:dc:c3:4d:a7:58:f3:bd:dd:74:a6:24:26:
9e:40:4b:6b:f0:21:cc:fa:be:37:3c:d5:15:bf:59:74:ad:e1:
92:e5:de:7e:28:5b:fe:12:ad:3f:e5:ec:82:8b:17:e4:c4:5d:
a1:4c:5e:e7
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYM8hHB+J6MBlRt+DttY+9JaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZWI5YjJkYjRhM2JkZGY4YzkyZmM1MGI5NzEzMDQzZGQ1
NmRjMzgwHhcNMjIwOTE0MTUwMDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTVlYzI0NDhjZmYyN2UxYjJlYmJkNWQ3NDU1ODk3ZDgxYTBkZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXkWeUy5c5K8cFB6yzQEy8hqK1jQ
NCie30IVFZ3ks9R59s1B+eha2etzftFU/6QFyF2lr+zArneSOVMxjjGgwNF1dMK3
6wxw2yyBBW1V5Go0lIMRpeb+jNKdC84No5R/Wobgr5udkXyL1iqvTqppJ1BdzvOL
9bo2WV2+oIotnhzmmxmJsiIL2uUpunyWVT/cF6A1pB3v36e3NbbImU5kI7dwYt0D
XniNzuz1HojGYuZKaW6YcUC21dMlZ31UiSq/eZ8GeVFbg6Zv9A6ZM6AI9th0Xr3r
0CLEtOWTUx1T/Fm/hWQCE5TQhPZ279mQ40itwCuEPR1cYAn6dps8tT8iqQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKFewkSM/yfhsuu9XXRViX2BoN0cMB8GA1UdIwQY
MBaAFDHrmy20o73fjJL8ULlxMEPdVtw4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgt
YmQyNGYwMDM1NzhmLzEvb1Y3Q1JJel9KLUd5NjcxZGRGV0pmWUdnM1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgtYmQyNGYwMDM1Nzhm
LzEvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA6BAIAATA0AwQDURf4AwQC
uf8IAwQAwWlKMAwDBAXKFqADBADKFqYwDAMEA8oWqAMEAMoWrAMEAcoWrjAPBAIA
AjAJAwcAKgxVwAABMA0GCSqGSIb3DQEBCwUAA4IBAQCOGZWwjDcPTAqhrDovM+Np
5ePnKt5kWICr8WJ69IDV2Z/XXxnULTQWd8Ool8Z+X7+K3D8isSTAA6SVoZO1Zw/r
V39EimqR8Pk9j/WcxClEak5o2b4Z8MBh2/VwjDwX2bOLr1MNDrWvrcDKWlmVgBIu
cF6M97elfcsLr14oyBaUPU+Orb8HdLVrO4vXuNzyV29tWzZyr5z2aUIVSQR2+/Xw
xIMLGZZeKfjSO1NvsxQ6vzA2/l2zD6V8I62VfEiRDpbLUFd1I/qo73PORZjcw02n
WPO93XSmJCaeQEtr8CHM+r43PNUVv1l0reGS5d5+KFv+Eq0/5eyCixfkxF2hTF7n
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:59 2023 by rpki-client on console-ams.rpki-client.org