Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/0Ouh6-IqkWNR1U4qxrOjuxBj_yY.roa
File: 0Ouh6-IqkWNR1U4qxrOjuxBj_yY.roa (raw, json)
Hash identifier: HhRrEVZrjDpi/JPInJfpx1t91OdRcgEeE8HazvtVYXM=
Subject key identifier: D0:EB:A1:EB:E2:2A:91:63:51:D5:4E:2A:C6:B3:A3:BB:10:63:FF:26
Certificate issuer: /CN=ec65d31440bf75d25c606f7915c236ca614464a2
Certificate serial: 09081E7C
Authority key identifier: EC:65:D3:14:40:BF:75:D2:5C:60:6F:79:15:C2:36:CA:61:44:64:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GXTFEC_ddJcYG95FcI2ymFEZKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/0Ouh6-IqkWNR1U4qxrOjuxBj_yY.roa
Signing time: Sat 01 Jan 2022 16:05:14 +0000
ROA not before: Sat 01 Jan 2022 16:05:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42673
IP address blocks: 91.150.160.0/19 maxlen: 32
91.246.64.0/21 maxlen: 32
91.189.216.0/21 maxlen: 32
91.246.72.0/22 maxlen: 32
195.248.246.0/23 maxlen: 32
185.80.32.0/22 maxlen: 32
2a05:7100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151527036 (0x9081e7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec65d31440bf75d25c606f7915c236ca614464a2
Validity
Not Before: Jan 1 16:05:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0eba1ebe22a916351d54e2ac6b3a3bb1063ff26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b7:1d:a5:89:4a:4c:78:cb:7c:76:3f:84:50:
1a:a6:2b:c9:26:e6:24:39:32:08:ea:ea:11:7d:b2:
be:6a:3e:b0:62:5e:23:79:56:8e:fc:01:e6:c3:07:
7d:95:75:ee:43:be:12:6e:1f:db:87:2d:c1:af:e6:
68:cc:82:6a:79:cd:7e:62:0a:f9:d8:2f:db:5d:2f:
d7:8c:69:75:c0:33:2b:a7:80:0b:c2:91:a9:cc:4e:
5b:57:25:63:79:2d:31:0e:99:1d:b1:6e:4f:16:95:
b7:fe:41:74:0d:4d:f0:15:d6:36:8a:81:34:9d:f6:
1d:ea:77:4c:56:0e:f3:55:43:d9:5c:a0:7c:0d:7e:
42:79:ce:72:74:67:80:fa:25:66:b5:9e:39:bc:54:
70:1a:f6:14:c1:0b:29:04:28:aa:4e:49:f9:e3:90:
e7:84:32:cc:9a:b3:4d:fe:a7:b1:55:d2:b3:87:a3:
c0:d4:45:08:4b:3d:bd:5a:f2:43:5c:03:cf:8d:a0:
cc:67:d2:80:e5:83:7f:a4:b0:69:99:e4:3a:1d:1e:
31:4b:36:bb:3b:5e:09:70:7c:25:8b:fa:7d:4e:8d:
03:77:a1:75:88:db:c6:30:2d:26:c8:eb:83:9d:e1:
f2:eb:5a:17:d1:fe:38:77:c8:22:47:ee:af:3e:77:
d5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:EB:A1:EB:E2:2A:91:63:51:D5:4E:2A:C6:B3:A3:BB:10:63:FF:26
X509v3 Authority Key Identifier:
keyid:EC:65:D3:14:40:BF:75:D2:5C:60:6F:79:15:C2:36:CA:61:44:64:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GXTFEC_ddJcYG95FcI2ymFEZKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/0Ouh6-IqkWNR1U4qxrOjuxBj_yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/7GXTFEC_ddJcYG95FcI2ymFEZKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.150.160.0/19
91.189.216.0/21
91.246.64.0-91.246.75.255
185.80.32.0/22
195.248.246.0/23
IPv6:
2a05:7100::/29
Signature Algorithm: sha256WithRSAEncryption
17:5b:4b:b6:54:81:1d:48:ce:d1:16:8f:19:cb:d6:cd:7c:01:
54:af:c2:5e:b1:43:16:de:33:90:ec:e6:a2:52:b9:6c:a4:e5:
91:c8:bf:29:1b:e9:a7:67:df:df:76:5e:5a:45:49:ad:ab:dc:
d3:e7:32:69:de:e1:67:56:2d:82:18:c5:fd:a2:a7:35:e7:db:
fa:5f:b7:d5:74:e8:41:0b:30:6d:c2:c0:68:d8:3a:13:c3:2f:
99:49:7b:38:bc:b3:4c:07:be:37:92:e2:e1:d7:1a:17:d1:1b:
cd:76:45:ed:da:f5:94:6f:b9:90:ed:95:4f:33:10:20:6e:f1:
0e:ac:a3:79:b3:f4:8c:33:e8:52:01:35:c3:b0:19:1d:e4:ea:
8d:16:79:2c:52:82:88:1a:a8:ba:c1:a7:97:d7:62:6b:45:85:
5f:d8:22:d7:52:eb:f3:b7:11:00:81:eb:4c:2f:77:ef:f9:b8:
44:52:dc:43:de:b1:dd:db:dc:21:45:35:8a:f5:ac:e9:2f:fa:
8b:15:5b:ba:96:54:16:ef:b7:d4:47:f2:ec:01:a6:39:d0:ee:
0a:af:85:d1:7d:eb:43:c5:cb:93:ee:aa:05:d2:94:8c:8e:e5:
4a:92:b4:ba:9d:b7:f2:ce:9c:72:cf:6e:bc:02:27:a6:62:a9:
79:f6:71:6e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIECQgefDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzY1ZDMxNDQwYmY3NWQyNWM2MDZmNzkxNWMyMzZjYTYxNDQ2NGEyMB4XDTIyMDEw
MTE2MDUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBlYmExZWJlMjJh
OTE2MzUxZDU0ZTJhYzZiM2EzYmIxMDYzZmYyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKy3HaWJSkx4y3x2P4RQGqYrySbmJDkyCOrqEX2yvmo+sGJe
I3lWjvwB5sMHfZV17kO+Em4f24ctwa/maMyCannNfmIK+dgv210v14xpdcAzK6eA
C8KRqcxOW1clY3ktMQ6ZHbFuTxaVt/5BdA1N8BXWNoqBNJ32Hep3TFYO81VD2Vyg
fA1+QnnOcnRngPolZrWeObxUcBr2FMELKQQoqk5J+eOQ54QyzJqzTf6nsVXSs4ej
wNRFCEs9vVryQ1wDz42gzGfSgOWDf6SwaZnkOh0eMUs2uzteCXB8JYv6fU6NA3eh
dYjbxjAtJsjrg53h8utaF9H+OHfIIkfurz531VUCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBTQ66Hr4iqRY1HVTirGs6O7EGP/JjAfBgNVHSMEGDAWgBTsZdMUQL910lxg
b3kVwjbKYURkojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdHWFRGRUNfZGRKY1lHOTVGY0kyeW1GRVpLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvMmE2ZGY1LTgyMzYtNDEyZC1hZDc5LWUyOTU4OWU4OTY0YS8x
LzBPdWg2LUlxa1dOUjFVNHF4ck9qdXhCal95WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
MmE2ZGY1LTgyMzYtNDEyZC1hZDc5LWUyOTU4OWU4OTY0YS8xLzdHWFRGRUNfZGRK
Y1lHOTVGY0kyeW1GRVpLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEBVuWoAMEA1u92DAMAwQGW/ZAAwQC
W/ZIAwQCuVAgAwQBw/j2MA0EAgACMAcDBQMqBXEAMA0GCSqGSIb3DQEBCwUAA4IB
AQAXW0u2VIEdSM7RFo8Zy9bNfAFUr8JesUMW3jOQ7OaiUrlspOWRyL8pG+mnZ9/f
dl5aRUmtq9zT5zJp3uFnVi2CGMX9oqc159v6X7fVdOhBCzBtwsBo2DoTwy+ZSXs4
vLNMB743kuLh1xoX0RvNdkXt2vWUb7mQ7ZVPMxAgbvEOrKN5s/SMM+hSATXDsBkd
5OqNFnksUoKIGqi6waeX12JrRYVf2CLXUuvztxEAgetML3fv+bhEUtxD3rHd29wh
RTWK9azpL/qLFVu6llQW77fUR/LsAaY50O4Kr4XRfetDxcuT7qoF0pSMjuVKkrS6
nbfyzpxyz268AiemYql59nFu
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:22 2023 by rpki-client on console-ams.rpki-client.org