Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/oQeZ2p5lk-NUs6TPk6h-UNAyPBo.roa
File: oQeZ2p5lk-NUs6TPk6h-UNAyPBo.roa (raw, json)
Hash identifier: C2N8F3JwzpV6rsR8kOVqzEjwi402pxIg191afTleTp0=
Subject key identifier: A1:07:99:DA:9E:65:93:E3:54:B3:A4:CF:93:A8:7E:50:D0:32:3C:1A
Certificate issuer: /CN=c53b4cf0a7471f000f8a56a049b163967cc3bd99
Certificate serial: 05D7EC98
Authority key identifier: C5:3B:4C:F0:A7:47:1F:00:0F:8A:56:A0:49:B1:63:96:7C:C3:BD:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTtM8KdHHwAPilagSbFjlnzDvZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/oQeZ2p5lk-NUs6TPk6h-UNAyPBo.roa
Signing time: Fri 04 Mar 2022 17:23:26 +0000
ROA not before: Fri 04 Mar 2022 17:23:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210150
IP address blocks: 217.145.232.0/22 maxlen: 22
79.171.64.0/21 maxlen: 21
85.158.80.0/21 maxlen: 21
2a0d:9c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98036888 (0x5d7ec98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53b4cf0a7471f000f8a56a049b163967cc3bd99
Validity
Not Before: Mar 4 17:23:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a10799da9e6593e354b3a4cf93a87e50d0323c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cc:62:32:05:92:be:7f:96:ff:1d:4b:fb:29:
29:c8:02:cf:f1:63:7a:48:a6:14:58:85:9d:f1:8e:
e6:45:51:41:79:57:0c:10:0d:45:48:89:37:07:fa:
5b:49:e6:2c:99:43:91:80:3b:6b:bb:06:2d:e6:9f:
2a:7d:b4:aa:02:80:7b:50:16:76:d5:0e:d0:4b:0e:
03:1c:b5:d4:0e:b7:a0:aa:c9:63:96:f7:2f:43:ca:
34:63:ae:a3:40:fa:72:03:91:05:22:11:bd:74:57:
c6:fa:0d:76:96:e9:d9:c6:5b:83:63:95:83:de:6a:
94:26:c5:a2:cd:53:7c:da:c9:3d:ac:90:c1:7c:df:
83:15:47:00:3d:05:7a:d4:34:5e:ad:ec:0f:c5:1e:
b9:c5:a6:da:29:4e:09:0f:47:da:1e:59:25:f1:65:
eb:37:a6:1a:4b:18:43:ab:25:51:dc:6e:4e:a1:4f:
eb:99:89:ce:aa:96:e6:85:47:c4:4d:ab:43:b9:e4:
95:ee:c9:49:8d:90:16:d6:79:be:51:73:44:e2:a0:
85:4a:29:bc:b6:5d:49:4f:66:5a:bb:f7:ce:a6:4e:
c7:f5:47:28:94:42:87:8c:93:df:cb:ee:6f:63:f5:
ec:76:fb:25:f9:5d:74:4f:91:41:fa:6d:39:02:1a:
d9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:07:99:DA:9E:65:93:E3:54:B3:A4:CF:93:A8:7E:50:D0:32:3C:1A
X509v3 Authority Key Identifier:
keyid:C5:3B:4C:F0:A7:47:1F:00:0F:8A:56:A0:49:B1:63:96:7C:C3:BD:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTtM8KdHHwAPilagSbFjlnzDvZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/oQeZ2p5lk-NUs6TPk6h-UNAyPBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/xTtM8KdHHwAPilagSbFjlnzDvZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.64.0/21
85.158.80.0/21
217.145.232.0/22
IPv6:
2a0d:9c40::/29
Signature Algorithm: sha256WithRSAEncryption
05:0f:7b:95:a3:53:c7:bd:87:78:94:d9:ba:d0:0c:97:32:04:
3e:f8:c4:d3:58:4f:eb:16:10:54:e4:7e:a2:e3:a6:45:db:1c:
24:70:3e:0d:2e:96:61:fa:85:32:19:43:4c:b3:ed:48:ae:dc:
d3:ba:b0:70:4c:df:07:d2:5c:df:2f:91:03:cf:8e:d8:9c:00:
95:97:53:44:9d:c9:49:70:e5:44:59:de:75:1b:df:1b:f9:74:
95:95:78:0f:71:99:fb:4c:d1:0e:58:32:fc:e2:f4:53:50:71:
e2:07:21:7c:35:26:8e:59:f6:15:77:fa:68:55:68:3f:4a:2a:
51:22:1f:d6:40:52:e9:85:6c:bb:50:46:0f:94:1d:6b:04:02:
b9:df:29:f2:fd:88:33:0f:db:a8:ba:52:73:d8:15:de:8c:5b:
10:8b:f3:ad:4e:92:ab:6c:15:56:50:b3:b7:7f:a3:ab:39:0a:
57:1e:89:72:f4:18:4f:3f:81:ea:96:c5:ca:bc:9a:6b:a8:46:
17:34:f3:72:67:8a:81:6d:48:d4:8e:20:c5:fa:eb:d0:27:7a:
9b:89:61:1d:39:93:3a:65:db:5b:c7:be:58:cb:2c:dd:b1:0a:
00:a9:d9:96:89:24:76:60:23:f2:e2:b0:8b:fa:3c:5c:1d:be:
95:18:7c:37
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBdfsmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NTNiNGNmMGE3NDcxZjAwMGY4YTU2YTA0OWIxNjM5NjdjYzNiZDk5MB4XDTIyMDMw
NDE3MjMyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTEwNzk5ZGE5ZTY1
OTNlMzU0YjNhNGNmOTNhODdlNTBkMDMyM2MxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJDMYjIFkr5/lv8dS/spKcgCz/FjekimFFiFnfGO5kVRQXlX
DBANRUiJNwf6W0nmLJlDkYA7a7sGLeafKn20qgKAe1AWdtUO0EsOAxy11A63oKrJ
Y5b3L0PKNGOuo0D6cgORBSIRvXRXxvoNdpbp2cZbg2OVg95qlCbFos1TfNrJPayQ
wXzfgxVHAD0FetQ0Xq3sD8UeucWm2ilOCQ9H2h5ZJfFl6zemGksYQ6slUdxuTqFP
65mJzqqW5oVHxE2rQ7nkle7JSY2QFtZ5vlFzROKghUopvLZdSU9mWrv3zqZOx/VH
KJRCh4yT38vub2P17Hb7JflddE+RQfptOQIa2UcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBShB5nanmWT41SzpM+TqH5Q0DI8GjAfBgNVHSMEGDAWgBTFO0zwp0cfAA+K
VqBJsWOWfMO9mTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hUdE04S2RISHdBUGlsYWdTYkZqbG56RHZaay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvYmIyYjc1LWJjMDItNGE2Yi05OGQ2LWQ4NGU2ZDNhZjk3NS8x
L29RZVoycDVsay1OVXM2VFBrNmgtVU5BeVBCby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
YmIyYjc1LWJjMDItNGE2Yi05OGQ2LWQ4NGU2ZDNhZjk3NS8xL3hUdE04S2RISHdB
UGlsYWdTYkZqbG56RHZaay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA0+rQAMEA1WeUAMEAtmR6DANBAIA
AjAHAwUDKg2cQDANBgkqhkiG9w0BAQsFAAOCAQEABQ97laNTx72HeJTZutAMlzIE
PvjE01hP6xYQVOR+ouOmRdscJHA+DS6WYfqFMhlDTLPtSK7c07qwcEzfB9Jc3y+R
A8+O2JwAlZdTRJ3JSXDlRFnedRvfG/l0lZV4D3GZ+0zRDlgy/OL0U1Bx4gchfDUm
jln2FXf6aFVoP0oqUSIf1kBS6YVsu1BGD5QdawQCud8p8v2IMw/bqLpSc9gV3oxb
EIvzrU6Sq2wVVlCzt3+jqzkKVx6JcvQYTz+B6pbFyryaa6hGFzTzcmeKgW1I1I4g
xfrr0Cd6m4lhHTmTOmXbW8e+WMss3bEKAKnZlokkdmAj8uKwi/o8XB2+lRh8Nw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:46 2024 by rpki-client on console-fra.rpki-client.org