Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/oGphBzLIy-Jcv_V90P6lnbPs9N0.roa
File: oGphBzLIy-Jcv_V90P6lnbPs9N0.roa (raw, json)
Hash identifier: VKzwPNzyeYiajUVlAqnrUsIp3pKc6u7HNrBjkazIlD4=
Subject key identifier: A0:6A:61:07:32:C8:CB:E2:5C:BF:F5:7D:D0:FE:A5:9D:B3:EC:F4:DD
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 3A7E2F6F
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/oGphBzLIy-Jcv_V90P6lnbPs9N0.roa
Signing time: Sat 01 Jan 2022 05:59:58 +0000
ROA not before: Sat 01 Jan 2022 05:59:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40980
IP address blocks: 144.208.192.0/22 maxlen: 32
144.208.200.0/22 maxlen: 22
185.50.234.0/24 maxlen: 24
2a01:aea0:dd5::/48 maxlen: 48
2a01:aea0:df5::/48 maxlen: 48
2a01:aea0:df3::/48 maxlen: 48
2a01:aea0:dd3::/48 maxlen: 48
2a01:aea0:df4::/48 maxlen: 48
2a01:aea0:dd4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 981348207 (0x3a7e2f6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 05:59:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a06a610732c8cbe25cbff57dd0fea59db3ecf4dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b8:dc:c9:f4:4a:99:44:ed:34:ef:09:29:f6:
89:20:ae:7b:7b:10:b1:c0:36:73:44:37:ef:bc:56:
15:ad:e6:38:e6:61:c7:56:7d:58:7f:f4:0c:d9:8a:
34:e8:9f:fa:00:93:88:84:8f:88:e8:b9:c9:e2:aa:
7c:f8:e1:d1:cf:2b:48:29:28:cd:3d:48:e3:86:8b:
29:c0:3b:d9:ba:0d:a1:05:bf:9a:7c:d6:54:3a:22:
e8:52:23:34:5c:98:dd:06:e7:70:ac:ec:b4:b6:03:
b6:a6:1b:38:33:4a:20:dc:2a:ac:01:89:60:6b:7c:
df:31:5b:19:1a:9b:af:b8:b4:10:4f:d6:45:b3:8c:
f2:35:ca:48:c7:89:db:74:6b:a9:04:cc:1d:68:f0:
52:81:86:28:b0:9e:55:ed:b7:7f:df:0c:da:10:b0:
81:4f:f8:c6:69:bc:ad:57:4f:d1:b1:05:6e:bc:54:
9c:6f:a3:aa:9a:a4:78:33:16:b4:3b:9c:9d:8a:26:
4c:79:5a:d4:0a:cc:a2:82:fe:90:52:ad:23:5f:7d:
4b:b2:40:b1:e7:b8:ec:a1:46:50:31:a7:62:4d:5d:
13:f4:75:3f:8b:90:04:d5:38:92:ec:dd:47:30:94:
35:a3:0c:03:fd:a4:a9:da:eb:8e:07:22:3c:a8:83:
05:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:6A:61:07:32:C8:CB:E2:5C:BF:F5:7D:D0:FE:A5:9D:B3:EC:F4:DD
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/oGphBzLIy-Jcv_V90P6lnbPs9N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.192.0/22
144.208.200.0/22
185.50.234.0/24
IPv6:
2a01:aea0:dd3::-2a01:aea0:dd5:ffff:ffff:ffff:ffff:ffff
2a01:aea0:df3::-2a01:aea0:df5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:c3:4a:35:1f:49:1e:e9:6c:b6:6a:14:ca:b9:5a:68:4f:78:
c9:d9:44:77:d6:c4:94:f8:2f:ee:49:6d:f0:98:b2:50:be:b9:
68:f7:16:27:a1:1f:56:46:c0:0e:35:4f:ef:98:58:3d:a1:98:
a6:74:33:13:a2:a3:e9:96:de:54:83:06:38:9c:d9:81:b4:7a:
fc:66:cf:19:ce:9b:94:9a:b1:be:d5:ed:58:b9:2c:c3:49:25:
1f:a4:46:c5:29:05:21:a1:cb:b6:36:a4:77:93:1a:3b:0c:48:
23:a0:42:29:6b:f7:78:7c:f9:bc:d1:af:e3:54:63:95:65:14:
5f:96:bc:9f:18:a7:2c:c7:b3:5b:95:82:2a:ea:3b:b9:73:6f:
ec:3b:98:59:a5:be:93:1a:db:1f:10:06:74:0d:9b:25:6c:c6:
96:01:c9:2b:46:35:1e:27:aa:f5:8a:4e:9b:c7:2e:14:c0:96:
8f:4e:97:50:e4:5c:c8:a4:1a:57:99:53:03:ed:1b:64:a7:4f:
0f:77:a5:38:24:42:40:70:a7:43:b6:06:15:6f:ca:88:7d:f7:
dd:85:8c:00:51:d1:6f:91:19:98:97:95:50:a4:d0:dc:46:d7:
36:f3:69:0b:f8:a8:7f:6d:fd:b1:6e:06:27:27:47:10:66:5a:
c2:ad:84:b7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEOn4vbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTM5YWZlYmFjZTg5OWE4ZWUwYmI0ZjhiYjQ0NzVmZTI0N2ExNTI4MB4XDTIyMDEw
MTA1NTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA2YTYxMDczMmM4
Y2JlMjVjYmZmNTdkZDBmZWE1OWRiM2VjZjRkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMq43Mn0SplE7TTvCSn2iSCue3sQscA2c0Q377xWFa3mOOZh
x1Z9WH/0DNmKNOif+gCTiISPiOi5yeKqfPjh0c8rSCkozT1I44aLKcA72boNoQW/
mnzWVDoi6FIjNFyY3QbncKzstLYDtqYbODNKINwqrAGJYGt83zFbGRqbr7i0EE/W
RbOM8jXKSMeJ23RrqQTMHWjwUoGGKLCeVe23f98M2hCwgU/4xmm8rVdP0bEFbrxU
nG+jqpqkeDMWtDucnYomTHla1ArMooL+kFKtI199S7JAsee47KFGUDGnYk1dE/R1
P4uQBNU4kuzdRzCUNaMMA/2kqdrrjgciPKiDBZkCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBSgamEHMsjL4ly/9X3Q/qWds+z03TAfBgNVHSMEGDAWgBSlOa/rrOiZqO4L
tPi7RHX+JHoVKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BUbXY2NnpvbWFqdUM3VDR1MFIxX2lSNkZTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvOThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8x
L29HcGhCekxJeS1KY3ZfVjkwUDZsbmJQczlOMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
OThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8xL3BUbXY2NnpvbWFq
dUM3VDR1MFIxX2lSNkZTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowGAQCAAEwEgMEApDQwAMEApDQyAMEALky6jAuBAIA
AjAoMBIDBwAqAa6gDdMDBwEqAa6gDdQwEgMHACoBrqAN8wMHASoBrqAN9DANBgkq
hkiG9w0BAQsFAAOCAQEAAcNKNR9JHulstmoUyrlaaE94ydlEd9bElPgv7klt8Jiy
UL65aPcWJ6EfVkbADjVP75hYPaGYpnQzE6Kj6ZbeVIMGOJzZgbR6/GbPGc6blJqx
vtXtWLksw0klH6RGxSkFIaHLtjakd5MaOwxII6BCKWv3eHz5vNGv41RjlWUUX5a8
nxinLMezW5WCKuo7uXNv7DuYWaW+kxrbHxAGdA2bJWzGlgHJK0Y1Hieq9YpOm8cu
FMCWj06XUORcyKQaV5lTA+0bZKdPD3elOCRCQHCnQ7YGFW/KiH333YWMAFHRb5EZ
mJeVUKTQ3EbXNvNpC/iof239sW4GJydHEGZawq2Etw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org