Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/ofeq1MGmGBAoBAur_C-jSdHHPTs.roa
File: ofeq1MGmGBAoBAur_C-jSdHHPTs.roa (raw, json)
Hash identifier: zqmnJ3+URM3EAeYLYd0q4u2doIDlrp6o6PwWxxMXPBI=
Subject key identifier: A1:F7:AA:D4:C1:A6:18:10:28:04:0B:AB:FC:2F:A3:49:D1:C7:3D:3B
Certificate issuer: /CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Certificate serial: 0184CEA21969D577C34ABE48A3C4DCB67199
Authority key identifier: 19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/ofeq1MGmGBAoBAur_C-jSdHHPTs.roa
Signing time: Thu 01 Dec 2022 17:00:40 +0000
ROA not before: Thu 01 Dec 2022 17:00:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202246
IP address blocks: 185.128.16.0/22 maxlen: 22
2a10:a5c5::/32 maxlen: 32
2a10:a5c3::/32 maxlen: 32
2a10:a5c7::/32 maxlen: 32
2a10:a5c1::/32 maxlen: 32
2a10:a5c4::/32 maxlen: 32
2a10:a5c2::/32 maxlen: 32
2a10:a5c0::/32 maxlen: 32
2a10:a5c6::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:a2:19:69:d5:77:c3:4a:be:48:a3:c4:dc:b6:71:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Validity
Not Before: Dec 1 17:00:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1f7aad4c1a6181028040babfc2fa349d1c73d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:aa:82:92:11:a6:3b:15:e8:28:36:2a:9f:b4:
45:7f:4a:b7:ee:93:21:13:14:ce:c3:68:09:c8:16:
44:87:46:b2:15:41:4b:2b:92:19:d0:cb:d4:0b:54:
a4:ff:84:d6:aa:a1:ad:c8:61:d1:ee:7e:34:97:52:
5f:86:99:9f:a8:02:d9:8d:c4:3c:f5:e2:97:1a:0e:
03:16:f0:94:a3:2d:c4:eb:07:eb:03:7d:79:cf:e9:
bd:20:93:95:30:27:30:d3:4c:1b:bd:08:86:2e:95:
0e:e6:89:07:35:b5:27:d0:44:a8:75:63:ec:ca:ad:
95:c1:42:c0:b9:f6:36:e1:5d:ed:02:b2:dd:8b:0d:
d9:7b:39:3d:46:f8:76:38:75:e0:97:0a:68:69:0d:
43:b6:cd:6c:bb:fc:37:e2:40:5d:a6:0e:45:60:e9:
f1:bd:68:62:b1:95:8b:4d:0f:38:92:e4:9d:72:fc:
86:d0:36:02:4a:14:a3:f7:23:72:4f:b6:21:b0:53:
39:66:d3:11:d0:56:8d:51:7c:29:cf:e6:93:00:b8:
bb:72:af:bd:b5:25:b6:ca:76:0b:9d:35:cb:33:b2:
1c:0f:66:88:c6:4f:49:f5:73:11:03:8e:1f:f4:96:
7c:b4:d1:0c:f0:96:a9:54:7e:ec:5c:e5:30:ae:72:
e0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F7:AA:D4:C1:A6:18:10:28:04:0B:AB:FC:2F:A3:49:D1:C7:3D:3B
X509v3 Authority Key Identifier:
keyid:19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/ofeq1MGmGBAoBAur_C-jSdHHPTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.16.0/22
IPv6:
2a10:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
a4:69:14:a2:6e:68:dd:15:40:fa:bd:fc:3d:3f:d5:54:cc:f2:
ae:59:12:b9:65:83:a5:f8:9f:6f:34:38:7e:9b:1e:36:84:6f:
d9:9c:8d:c0:fc:22:d1:9a:da:91:72:fc:a0:47:d6:91:f4:94:
65:01:32:ff:e3:88:ca:e2:34:fc:ea:28:b4:7b:78:95:3c:06:
cd:c1:35:65:bd:d9:77:de:12:a1:47:5e:cb:c3:24:1c:a1:73:
89:34:31:cc:bd:b2:99:7d:8f:47:81:28:63:53:d2:fd:99:50:
10:33:a6:85:8e:20:f7:c5:37:cf:77:f2:2d:c9:9c:b1:3e:c1:
2d:67:2b:67:b9:f9:8d:c6:16:b3:c3:f8:e0:b7:ca:5d:a4:b0:
98:8f:ed:9b:3f:3b:52:fe:94:85:a3:d1:28:24:b3:5b:f9:27:
79:70:a4:94:d4:d3:98:5a:e1:34:83:2b:f1:92:d7:e6:e3:ad:
40:8c:6f:0b:0a:cf:93:81:f2:6e:80:2c:7b:0f:f4:c1:99:3d:
b5:7d:0e:7b:fe:af:b8:ae:af:05:d0:23:2a:b7:51:95:87:80:
54:e6:7b:a2:e6:27:1e:ae:de:69:4e:3a:91:dc:f1:f0:a6:4c:
7f:a9:c5:d4:7d:ef:30:07:b3:8a:45:0e:ba:1e:2f:a6:b7:21:
b6:48:09:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTOohlp1XfDSr5Io8TctnGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTNjYjQ4NTY4MjFkMTRjZDJlMGI3NjdjMjkzMWEyMmMx
NTRlN2MwHhcNMjIxMjAxMTcwMDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWY3YWFkNGMxYTYxODEwMjgwNDBiYWJmYzJmYTM0OWQxYzczZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6qCkhGmOxXoKDYqn7RFf0q37pMh
ExTOw2gJyBZEh0ayFUFLK5IZ0MvUC1Sk/4TWqqGtyGHR7n40l1JfhpmfqALZjcQ8
9eKXGg4DFvCUoy3E6wfrA315z+m9IJOVMCcw00wbvQiGLpUO5okHNbUn0ESodWPs
yq2VwULAufY24V3tArLdiw3Zezk9Rvh2OHXglwpoaQ1Dts1su/w34kBdpg5FYOnx
vWhisZWLTQ84kuSdcvyG0DYCShSj9yNyT7YhsFM5ZtMR0FaNUXwpz+aTALi7cq+9
tSW2ynYLnTXLM7IcD2aIxk9J9XMRA44f9JZ8tNEM8JapVH7sXOUwrnLgqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKH3qtTBphgQKAQLq/wvo0nRxz07MB8GA1UdIwQY
MBaAFBkTy0hWgh0UzS4LdnwpMaIsFU58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTkt
MDc3OWRmMWRkNjRkLzEvb2ZlcTFNR21HQkFvQkF1cl9DLWpTZEhIUFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTktMDc3OWRmMWRkNjRk
LzEvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYAQMA0E
AgACMAcDBQMqEKXAMA0GCSqGSIb3DQEBCwUAA4IBAQCkaRSibmjdFUD6vfw9P9VU
zPKuWRK5ZYOl+J9vNDh+mx42hG/ZnI3A/CLRmtqRcvygR9aR9JRlATL/44jK4jT8
6ii0e3iVPAbNwTVlvdl33hKhR17LwyQcoXOJNDHMvbKZfY9HgShjU9L9mVAQM6aF
jiD3xTfPd/ItyZyxPsEtZytnufmNxhazw/jgt8pdpLCYj+2bPztS/pSFo9EoJLNb
+Sd5cKSU1NOYWuE0gyvxktfm461AjG8LCs+TgfJugCx7D/TBmT21fQ57/q+4rq8F
0CMqt1GVh4BU5nui5icert5pTjqR3PHwpkx/qcXUfe8wB7OKRQ66Hi+mtyG2SAmU
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:39 2023 by rpki-client on console-ams.rpki-client.org