Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/OIIMNzbv5EcaQ-A05DfgyDp3zl4.roa
File: OIIMNzbv5EcaQ-A05DfgyDp3zl4.roa (raw, json)
Hash identifier: gYVF9fBJ/ZKSk8dxYXnYT/jy7XY9Ft2IRKVQ7kPRcRs=
Subject key identifier: 38:82:0C:37:36:EF:E4:47:1A:43:E0:34:E4:37:E0:C8:3A:77:CE:5E
Certificate issuer: /CN=c25cb7132c19f7d51f002ed4ad811aecf5b20f57
Certificate serial: 018906397AABF2474761F0D11A46E15C8B8E
Authority key identifier: C2:5C:B7:13:2C:19:F7:D5:1F:00:2E:D4:AD:81:1A:EC:F5:B2:0F:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/OIIMNzbv5EcaQ-A05DfgyDp3zl4.roa
Signing time: Thu 29 Jun 2023 08:16:17 +0000
ROA not before: Thu 29 Jun 2023 08:16:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3245
IP address blocks: 193.68.0.0/19 maxlen: 19
193.68.128.0/17 maxlen: 17
185.143.80.0/22 maxlen: 22
2a02:6a80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:39:7a:ab:f2:47:47:61:f0:d1:1a:46:e1:5c:8b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c25cb7132c19f7d51f002ed4ad811aecf5b20f57
Validity
Not Before: Jun 29 08:16:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38820c3736efe4471a43e034e437e0c83a77ce5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6e:99:25:4e:d7:ca:51:1c:d5:83:93:da:84:
06:53:0c:70:17:14:e1:ed:6f:fb:41:af:51:f3:11:
5c:60:96:f1:76:dc:71:19:7e:6f:e4:27:4d:5f:a3:
f0:05:0f:e2:20:3a:ba:18:1a:b8:8e:45:1d:20:d9:
2c:a1:93:61:c2:7b:82:6b:53:e4:b4:2c:6e:16:3c:
0a:1f:85:9b:68:9e:43:ab:ea:1f:7b:e3:0d:40:db:
4f:ef:39:eb:c0:0f:f5:93:c2:45:85:18:ae:62:17:
83:c3:c7:4a:b4:7a:3d:99:c2:d6:08:60:3b:fe:1b:
52:3f:b6:89:af:27:9e:cc:a8:b8:4b:05:f3:5e:02:
dc:6a:7d:72:a9:f4:f1:6f:8c:b8:a1:99:61:ee:bf:
e4:59:e8:52:69:39:b9:ea:33:03:5e:bf:9f:fe:b3:
7e:13:a5:24:c0:4b:0b:a8:a8:45:1f:a2:c4:8d:8b:
35:59:f7:dc:e7:ca:30:dd:73:63:57:e4:6d:eb:56:
c7:42:46:cb:5a:b1:5c:95:2a:54:a5:cf:2a:d4:4d:
49:07:ac:8b:b8:41:02:e2:a3:dc:87:e6:71:a4:a8:
c3:63:3b:7f:60:47:a8:0c:c1:70:c9:c5:ab:37:82:
28:e9:86:80:ae:67:f8:2c:3f:67:4b:45:c9:6d:02:
43:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:82:0C:37:36:EF:E4:47:1A:43:E0:34:E4:37:E0:C8:3A:77:CE:5E
X509v3 Authority Key Identifier:
keyid:C2:5C:B7:13:2C:19:F7:D5:1F:00:2E:D4:AD:81:1A:EC:F5:B2:0F:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/OIIMNzbv5EcaQ-A05DfgyDp3zl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/wly3EywZ99UfAC7UrYEa7PWyD1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.80.0/22
193.68.0.0/19
193.68.128.0/17
IPv6:
2a02:6a80::/32
Signature Algorithm: sha256WithRSAEncryption
8a:0c:16:a1:3d:06:e7:f3:47:41:37:5a:8f:c3:05:e4:db:28:
79:6d:10:2c:bd:a0:f4:b2:c6:6d:09:83:f3:8b:ea:0b:6b:15:
22:1f:e1:ec:5a:0e:5f:80:d4:95:c5:25:30:5c:0a:01:8d:1b:
4f:3d:67:d4:cc:15:53:cc:a9:6a:8e:01:07:cd:88:6f:01:76:
bc:05:72:2e:04:1b:2f:82:e5:fd:3a:2e:ec:cd:29:03:b1:33:
31:42:8b:5f:e5:96:78:0a:b5:83:e9:08:a7:da:03:70:1a:5f:
0b:3a:81:c4:89:14:83:30:2d:52:41:62:2c:17:3e:55:84:f3:
d7:32:7e:9c:c3:5d:1f:01:ca:00:31:09:72:6c:16:a5:73:2e:
31:c6:a9:f4:36:e7:8c:0f:5f:49:a7:1a:88:8c:a0:46:34:df:
3d:14:d6:e9:b8:bb:34:f9:52:05:1d:75:c5:bf:c7:de:28:18:
bb:f6:22:d9:33:03:4f:a3:80:c2:77:a5:88:85:c4:c6:76:f6:
a7:92:ca:3a:6f:3b:98:fa:bd:51:c3:cc:d2:dd:2b:b6:d0:3f:
2d:e8:ca:2f:5b:d7:f7:26:11:69:18:9a:26:c5:e5:51:77:30:
ad:06:0e:fc:1f:06:bc:a5:71:6a:e6:5e:d0:42:c1:e6:77:0b:
fc:03:15:ac
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYkGOXqr8kdHYfDRGkbhXIuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNWNiNzEzMmMxOWY3ZDUxZjAwMmVkNGFkODExYWVjZjVi
MjBmNTcwHhcNMjMwNjI5MDgxNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODgyMGMzNzM2ZWZlNDQ3MWE0M2UwMzRlNDM3ZTBjODNhNzdjZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzW6ZJU7XylEc1YOT2oQGUwxwFxTh
7W/7Qa9R8xFcYJbxdtxxGX5v5CdNX6PwBQ/iIDq6GBq4jkUdINksoZNhwnuCa1Pk
tCxuFjwKH4WbaJ5Dq+ofe+MNQNtP7znrwA/1k8JFhRiuYheDw8dKtHo9mcLWCGA7
/htSP7aJryeezKi4SwXzXgLcan1yqfTxb4y4oZlh7r/kWehSaTm56jMDXr+f/rN+
E6UkwEsLqKhFH6LEjYs1Wffc58ow3XNjV+Rt61bHQkbLWrFclSpUpc8q1E1JB6yL
uEEC4qPch+ZxpKjDYzt/YEeoDMFwycWrN4Io6YaArmf4LD9nS0XJbQJDbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDiCDDc27+RHGkPgNOQ34Mg6d85eMB8GA1UdIwQY
MBaAFMJctxMsGffVHwAu1K2BGuz1sg9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2x5M0V5d1o5OVVmQUM3VXJZRWE3UFd5RDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMjcyMDMtOWQ0OC00OWE1LWFmMjUt
NDlkNDBhMTNjYmMyLzEvT0lJTU56YnY1RWNhUS1BMDVEZmd5RHAzemw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iMjcyMDMtOWQ0OC00OWE1LWFmMjUtNDlkNDBhMTNjYmMy
LzEvd2x5M0V5d1o5OVVmQUM3VXJZRWE3UFd5RDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuY9QAwQF
wUQAAwQHwUSAMA0EAgACMAcDBQAqAmqAMA0GCSqGSIb3DQEBCwUAA4IBAQCKDBah
PQbn80dBN1qPwwXk2yh5bRAsvaD0ssZtCYPzi+oLaxUiH+HsWg5fgNSVxSUwXAoB
jRtPPWfUzBVTzKlqjgEHzYhvAXa8BXIuBBsvguX9Oi7szSkDsTMxQotf5ZZ4CrWD
6Qin2gNwGl8LOoHEiRSDMC1SQWIsFz5VhPPXMn6cw10fAcoAMQlybBalcy4xxqn0
NueMD19JpxqIjKBGNN89FNbpuLs0+VIFHXXFv8feKBi79iLZMwNPo4DCd6WIhcTG
dvankso6bzuY+r1Rw8zS3Su20D8t6MovW9f3JhFpGJomxeVRdzCtBg78Hwa8pXFq
5l7QQsHmdwv8AxWs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:57 2025 by rpki-client