Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/OEKoOhrrePUsIxJ2DG7qboodhJM.roa
File: OEKoOhrrePUsIxJ2DG7qboodhJM.roa (raw, json)
Hash identifier: C/OnQ6P2dsds0AdxuueQd3AIl0v8mJMJnCC/bIxvh0w=
Subject key identifier: 38:42:A8:3A:1A:EB:78:F5:2C:23:12:76:0C:6E:EA:6E:8A:1D:84:93
Certificate issuer: /CN=cbf23be1115f022aa269d9cea439bb8b492307e2
Certificate serial: 1791F8B7
Authority key identifier: CB:F2:3B:E1:11:5F:02:2A:A2:69:D9:CE:A4:39:BB:8B:49:23:07:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_I74RFfAiqiadnOpDm7i0kjB-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/OEKoOhrrePUsIxJ2DG7qboodhJM.roa
Signing time: Sat 01 Jan 2022 02:59:05 +0000
ROA not before: Sat 01 Jan 2022 02:59:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3549
IP address blocks: 185.64.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 395442359 (0x1791f8b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf23be1115f022aa269d9cea439bb8b492307e2
Validity
Not Before: Jan 1 02:59:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3842a83a1aeb78f52c2312760c6eea6e8a1d8493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:38:60:63:f0:f6:d4:5a:ae:b0:c6:60:27:3d:
74:eb:fd:1c:ab:b9:3a:6f:93:20:90:19:b4:c4:04:
9e:dc:62:be:1d:07:18:20:4f:26:f0:ca:b1:2f:77:
5b:9f:4d:07:af:f0:31:d1:a2:ca:42:b2:7f:18:98:
23:00:4e:13:95:4f:cc:eb:5e:61:1a:b0:e5:25:05:
f4:af:05:db:9b:56:08:42:a5:85:0f:d6:4f:07:b4:
c0:40:5e:1f:9f:32:ae:8a:04:13:72:b4:6b:46:6b:
c2:15:5c:91:48:cf:91:fe:ee:6d:e8:fa:7b:71:1c:
71:de:f7:12:5d:76:8e:f2:d0:3f:26:9f:7e:b1:9f:
05:67:9d:98:a6:30:ba:24:4e:54:db:19:bb:8b:64:
80:60:87:d8:87:b5:06:e8:e6:97:a9:90:e0:06:9a:
31:c9:28:36:3e:81:4d:7b:c6:26:3d:3d:39:4b:67:
ca:fa:d6:c7:21:af:a1:b0:c0:a4:23:28:08:8c:e3:
c0:30:7d:78:8e:eb:61:f4:05:1a:b3:5b:f9:e5:9f:
21:bd:cf:ad:ec:a7:64:4c:fa:87:92:c7:a2:8f:5d:
a7:56:3d:0c:5c:bb:6f:bb:a3:01:f5:e0:22:53:d9:
bf:02:46:8b:b0:67:72:fc:73:b4:df:cd:25:b6:03:
2c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:42:A8:3A:1A:EB:78:F5:2C:23:12:76:0C:6E:EA:6E:8A:1D:84:93
X509v3 Authority Key Identifier:
keyid:CB:F2:3B:E1:11:5F:02:2A:A2:69:D9:CE:A4:39:BB:8B:49:23:07:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_I74RFfAiqiadnOpDm7i0kjB-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/OEKoOhrrePUsIxJ2DG7qboodhJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/y_I74RFfAiqiadnOpDm7i0kjB-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.252.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:72:e2:4f:b0:40:00:18:4c:4e:98:19:0a:c9:bf:ba:76:16:
f8:36:1c:af:18:df:cb:86:ca:6a:e3:89:dd:8b:31:75:10:65:
c4:04:d2:70:1f:cb:e3:79:84:dd:70:4c:f9:5e:d6:67:28:f1:
a5:be:f3:fc:f6:75:2b:e1:b0:9b:0b:4e:7d:c2:37:c9:f8:6d:
99:40:76:74:d2:28:0f:c7:50:e6:aa:7e:ef:ed:26:fc:2b:4e:
92:cc:26:76:83:a3:e1:b5:e3:ad:19:64:22:5d:46:ec:ab:5f:
3f:49:b6:62:2b:7c:01:ea:c4:ca:ef:b1:15:d9:cf:da:be:e5:
79:ac:2a:1a:2e:ca:46:23:58:6a:9a:91:f1:4b:a3:dc:39:23:
3c:a4:59:74:2e:05:89:40:ba:65:f2:d5:8d:be:97:3c:10:20:
2c:5f:34:47:d8:5c:6a:e9:17:fd:f1:6f:6c:59:e6:30:28:bf:
2c:cf:e1:64:87:28:28:7f:61:66:1e:89:f8:38:d7:ff:c4:05:
fa:68:fc:9a:69:e2:0b:2e:ef:b0:ab:87:9f:9e:37:87:14:97:
f6:11:de:5f:b8:fa:f9:e6:95:e6:6a:9f:a2:87:0c:57:fd:8e:
e1:ef:c3:92:a9:fc:06:e6:cc:f2:4f:9c:2b:e6:ef:a0:e4:32:
d4:79:1b:46
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF5H4tzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YmYyM2JlMTExNWYwMjJhYTI2OWQ5Y2VhNDM5YmI4YjQ5MjMwN2UyMB4XDTIyMDEw
MTAyNTkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg0MmE4M2ExYWVi
NzhmNTJjMjMxMjc2MGM2ZWVhNmU4YTFkODQ5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOw4YGPw9tRarrDGYCc9dOv9HKu5Om+TIJAZtMQEntxivh0H
GCBPJvDKsS93W59NB6/wMdGiykKyfxiYIwBOE5VPzOteYRqw5SUF9K8F25tWCEKl
hQ/WTwe0wEBeH58yrooEE3K0a0ZrwhVckUjPkf7ubej6e3Eccd73El12jvLQPyaf
frGfBWedmKYwuiROVNsZu4tkgGCH2Ie1Bujml6mQ4AaaMckoNj6BTXvGJj09OUtn
yvrWxyGvobDApCMoCIzjwDB9eI7rYfQFGrNb+eWfIb3PreynZEz6h5LHoo9dp1Y9
DFy7b7ujAfXgIlPZvwJGi7BncvxztN/NJbYDLEUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4Qqg6Gut49SwjEnYMbupuih2EkzAfBgNVHSMEGDAWgBTL8jvhEV8CKqJp
2c6kObuLSSMH4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lfSTc0UkZmQWlxaWFkbk9wRG03aTBrakItSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvNTYzMTNmLWVjNGUtNGMxYy1iMzg4LWJlMzI1MmFjNDk4MC8x
L09FS29PaHJyZVBVc0l4SjJERzdxYm9vZGhKTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
NTYzMTNmLWVjNGUtNGMxYy1iMzg4LWJlMzI1MmFjNDk4MC8xL3lfSTc0UkZmQWlx
aWFkbk9wRG03aTBrakItSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlA/DANBgkqhkiG9w0BAQsFAAOC
AQEApHLiT7BAABhMTpgZCsm/unYW+DYcrxjfy4bKauOJ3YsxdRBlxATScB/L43mE
3XBM+V7WZyjxpb7z/PZ1K+GwmwtOfcI3yfhtmUB2dNIoD8dQ5qp+7+0m/CtOkswm
doOj4bXjrRlkIl1G7KtfP0m2Yit8AerEyu+xFdnP2r7leawqGi7KRiNYapqR8Uuj
3DkjPKRZdC4FiUC6ZfLVjb6XPBAgLF80R9hcaukX/fFvbFnmMCi/LM/hZIcoKH9h
Zh6J+DjX/8QF+mj8mmniCy7vsKuHn543hxSX9hHeX7j6+eaV5mqfoocMV/2O4e/D
kqn8BubM8k+cK+bvoOQy1HkbRg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-ams.rpki-client.org