Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/oX3ieMn32T7j3oRGcC-02PJsplI.roa
File: oX3ieMn32T7j3oRGcC-02PJsplI.roa (raw, json)
Hash identifier: ksV3cE9S5D3xIG6U3wSpmtHu7dEqQobBmQzf7f40iHE=
Subject key identifier: A1:7D:E2:78:C9:F7:D9:3E:E3:DE:84:46:70:2F:B4:D8:F2:6C:A6:52
Certificate issuer: /CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Certificate serial: 14D5A2C2
Authority key identifier: 2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/oX3ieMn32T7j3oRGcC-02PJsplI.roa
Signing time: Sat 01 Jan 2022 00:56:34 +0000
ROA not before: Sat 01 Jan 2022 00:56:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2134
IP address blocks: 62.164.0.0/17 maxlen: 24
193.127.0.0/16 maxlen: 24
195.234.166.0/24 maxlen: 24
193.201.108.0/24 maxlen: 24
2a00:dc80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 349545154 (0x14d5a2c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Validity
Not Before: Jan 1 00:56:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a17de278c9f7d93ee3de8446702fb4d8f26ca652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:12:05:84:fc:f5:2b:c3:18:2f:b9:b5:85:57:
f4:26:c7:ed:c9:a9:1b:05:7c:bf:9e:ef:9b:5f:e6:
c6:6b:49:58:7d:83:ef:1a:a7:12:90:35:f5:22:c4:
63:6f:5b:d1:a0:1b:4e:f3:52:97:0b:2b:1b:d2:55:
2d:2e:09:ac:00:b3:b6:c0:b3:b1:e0:9c:75:10:11:
94:ff:fa:3a:6c:56:6a:8a:12:62:3d:e3:25:5c:05:
0b:d6:ad:51:a2:60:4e:af:a5:03:1c:c1:f0:39:66:
a4:a4:83:1a:07:ca:01:9f:52:da:09:ad:e1:59:c1:
33:5d:c5:4d:a9:26:a1:44:d1:39:c2:1a:c6:7b:30:
c2:f3:e6:ca:7a:d4:13:72:2e:79:f5:3c:bc:1a:1f:
f0:4a:22:24:fa:4e:e9:e9:e5:62:25:08:98:dd:9c:
ff:2b:dc:18:89:4b:c7:a6:01:6d:0a:a2:2c:8e:e5:
33:f8:02:e5:7f:31:53:9f:05:29:6a:60:9b:d7:2b:
4e:7c:b6:eb:f7:7b:c1:72:19:50:f5:40:7d:b0:55:
e8:d8:7e:e3:01:32:5d:62:0e:be:55:4f:63:64:ea:
d6:dc:fb:7c:b2:cd:f0:dd:8d:23:7e:2d:54:3f:c2:
72:ba:68:29:45:42:44:ff:97:62:28:d8:67:09:bd:
62:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7D:E2:78:C9:F7:D9:3E:E3:DE:84:46:70:2F:B4:D8:F2:6C:A6:52
X509v3 Authority Key Identifier:
keyid:2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/oX3ieMn32T7j3oRGcC-02PJsplI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.0.0/17
193.127.0.0/16
193.201.108.0/24
195.234.166.0/24
IPv6:
2a00:dc80::/32
Signature Algorithm: sha256WithRSAEncryption
38:30:9b:6f:2c:b1:22:4f:72:c2:b5:1c:fd:04:46:99:37:ad:
dd:e1:44:8b:20:77:c1:5a:2e:f2:c7:50:27:c3:52:05:8d:0e:
e9:3b:67:1c:c4:f7:dc:50:d7:10:65:31:17:be:36:5d:39:ac:
79:f0:f0:a5:c6:62:64:c8:ac:92:b8:e7:71:df:e7:e1:07:0c:
4a:17:4b:75:01:62:97:54:9e:2a:05:1d:b6:24:5b:8e:d9:38:
b3:87:e1:bf:51:3c:f2:08:52:04:78:b7:bd:d4:4b:29:13:e2:
8c:c4:3f:42:fd:bf:6f:26:bc:08:a9:5f:eb:8e:78:da:ae:d8:
04:b3:cf:81:70:5e:8c:f3:7e:97:64:d8:33:74:66:f1:56:e3:
0f:ff:4f:06:85:68:f7:b1:66:c8:de:d2:e7:3c:02:cb:44:42:
f2:cb:18:23:5b:aa:a8:39:64:7e:f3:1b:d6:03:84:3b:05:55:
73:50:f5:cf:31:c5:a6:fd:f4:2b:22:68:87:5a:12:5d:a0:13:
ee:48:1a:2b:75:c5:2e:23:06:42:9c:7d:9b:7c:11:72:76:de:
d5:f7:f5:94:28:61:23:3f:6f:34:c2:66:6f:9b:20:0e:4f:7d:
36:33:47:d0:86:0a:d5:a4:11:27:d3:d8:df:4e:e7:d0:b6:c8:
3c:f7:b3:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEFNWiwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YzNiMGFlNWI3Zjc4MTEyMmM3MDlhMjY1MGFkZjk3MjkxODdlMWUxMB4XDTIyMDEw
MTAwNTYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE3ZGUyNzhjOWY3
ZDkzZWUzZGU4NDQ2NzAyZmI0ZDhmMjZjYTY1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4SBYT89SvDGC+5tYVX9CbH7cmpGwV8v57vm1/mxmtJWH2D
7xqnEpA19SLEY29b0aAbTvNSlwsrG9JVLS4JrACztsCzseCcdRARlP/6OmxWaooS
Yj3jJVwFC9atUaJgTq+lAxzB8DlmpKSDGgfKAZ9S2gmt4VnBM13FTakmoUTROcIa
xnswwvPmynrUE3IuefU8vBof8EoiJPpO6enlYiUImN2c/yvcGIlLx6YBbQqiLI7l
M/gC5X8xU58FKWpgm9crTny26/d7wXIZUPVAfbBV6Nh+4wEyXWIOvlVPY2Tq1tz7
fLLN8N2NI34tVD/CcrpoKUVCRP+XYijYZwm9YpcCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBShfeJ4yffZPuPehEZwL7TY8mymUjAfBgNVHSMEGDAWgBQsOwrlt/eBEixw
miZQrflykYfh4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xEc0s1YmYzZ1JJc2NKb21VSzM1Y3BHSDRlRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvNTNlMjZiLWU3ZWUtNDczZS1hNTRhLWZmY2NhM2UxZjE3Zi8x
L29YM2llTW4zMlQ3ajNvUkdjQy0wMlBKc3BsSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
NTNlMjZiLWU3ZWUtNDczZS1hNTRhLWZmY2NhM2UxZjE3Zi8xL0xEc0s1YmYzZ1JJ
c2NKb21VSzM1Y3BHSDRlRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wHQQCAAEwFwMEBz6kAAMDAMF/AwQAwclsAwQAw+qm
MA0EAgACMAcDBQAqANyAMA0GCSqGSIb3DQEBCwUAA4IBAQA4MJtvLLEiT3LCtRz9
BEaZN63d4USLIHfBWi7yx1Anw1IFjQ7pO2ccxPfcUNcQZTEXvjZdOax58PClxmJk
yKySuOdx3+fhBwxKF0t1AWKXVJ4qBR22JFuO2Tizh+G/UTzyCFIEeLe91EspE+KM
xD9C/b9vJrwIqV/rjnjartgEs8+BcF6M836XZNgzdGbxVuMP/08GhWj3sWbI3tLn
PALLRELyyxgjW6qoOWR+8xvWA4Q7BVVzUPXPMcWm/fQrImiHWhJdoBPuSBordcUu
IwZCnH2bfBFydt7V9/WUKGEjP280wmZvmyAOT302M0fQhgrVpBEn09jfTufQtsg8
97O5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org