Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/OhIwS9h-ft-9Rq92Gw1Ps4-8QHI.roa
File: OhIwS9h-ft-9Rq92Gw1Ps4-8QHI.roa (raw, json)
Hash identifier: OrUVwb7sfc0twMnGBMQA08QPoIA3YhsZktaebZ56Jv4=
Subject key identifier: 3A:12:30:4B:D8:7E:7E:DF:BD:46:AF:76:1B:0D:4F:B3:8F:BC:40:72
Certificate issuer: /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial: 0185305EA21B8F26CA0BFDCD6E54EF36865F
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/OhIwS9h-ft-9Rq92Gw1Ps4-8QHI.roa
Signing time: Tue 20 Dec 2022 16:29:46 +0000
ROA not before: Tue 20 Dec 2022 16:29:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9137
IP address blocks: 213.204.0.0/19 maxlen: 19
2a02:5640::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:5e:a2:1b:8f:26:ca:0b:fd:cd:6e:54:ef:36:86:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Validity
Not Before: Dec 20 16:29:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a12304bd87e7edfbd46af761b0d4fb38fbc4072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:cf:03:b5:8d:d5:61:f0:95:59:8a:64:26:a8:
5c:44:46:00:da:5f:8e:3f:76:64:1a:ec:6e:08:5c:
bb:0e:91:e9:6f:be:b6:ff:00:d5:06:a4:c3:22:ef:
20:51:49:69:30:d1:30:06:eb:7a:2e:1b:7d:26:f5:
32:cc:78:e7:cb:30:59:8d:9e:4e:6c:11:29:f3:f3:
be:21:f3:7b:2d:38:35:17:f0:87:3a:11:69:bb:c2:
cf:f2:3f:e9:58:88:fe:3e:fa:2b:9e:6e:1b:b9:6c:
f0:ca:cc:ef:66:4e:e2:11:80:b0:d1:54:f7:f3:e6:
97:5a:72:26:82:ab:9e:ee:0c:d0:cc:9c:8d:4b:84:
65:3e:01:42:8e:d9:ce:74:93:ed:f1:92:cf:c6:a5:
96:7f:6e:10:ea:58:0e:7b:b2:2f:7a:f9:cb:d9:e1:
12:1a:85:e6:86:6b:af:c6:81:10:19:9d:0b:ff:3a:
39:86:2b:c7:ff:92:27:87:15:35:1d:77:12:38:c4:
ad:6e:89:fb:f4:99:2d:4f:f9:82:3e:c8:9d:ba:c7:
47:6b:d9:92:09:3a:31:54:40:9d:8c:22:f8:ca:2d:
c9:5d:3f:ff:b2:7c:52:7c:bb:24:00:63:9f:b0:f3:
ad:22:49:a3:04:6d:ea:f0:86:62:83:8f:88:a4:0a:
d6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:12:30:4B:D8:7E:7E:DF:BD:46:AF:76:1B:0D:4F:B3:8F:BC:40:72
X509v3 Authority Key Identifier:
keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/OhIwS9h-ft-9Rq92Gw1Ps4-8QHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.204.0.0/19
IPv6:
2a02:5640::/29
Signature Algorithm: sha256WithRSAEncryption
3b:dd:d6:48:fa:fe:b7:06:0e:42:62:06:c7:96:5f:7c:c2:04:
7e:36:70:b6:d1:94:a0:77:85:35:22:5a:2d:69:ac:2e:5e:ff:
49:b5:65:fd:57:ac:16:d2:2c:e7:14:5c:12:8c:58:79:bd:88:
4d:ef:4e:22:2e:fd:39:d1:2b:4f:bf:43:bd:c4:d4:9c:41:cf:
4c:af:de:2c:6e:de:41:93:f7:bc:43:0b:d3:3e:27:3b:a9:f6:
8f:d1:89:43:f8:12:56:35:ca:65:46:9c:a4:57:35:34:ab:4d:
b1:de:5e:c5:a3:86:bb:64:be:c4:1c:5e:f7:e8:e7:cc:8d:a8:
a1:c2:62:c2:5f:2a:06:9d:b6:34:67:3a:e2:40:a1:a7:3a:b3:
63:50:a0:ea:7c:70:df:31:e6:d8:4e:db:cf:7c:8c:55:57:71:
a4:5a:8b:e6:a9:ba:35:82:ad:03:06:fd:93:d3:70:6f:ee:26:
70:92:91:75:60:7c:75:3e:44:70:7d:25:aa:03:bc:1a:6d:da:
9d:b5:d4:ea:03:6a:9b:39:63:63:a8:ac:d9:ae:29:94:8c:b5:
7c:24:ad:5b:43:c9:71:06:ac:6d:a5:49:53:61:c3:b4:46:8d:
b5:27:ec:c7:57:0e:fd:9b:24:2e:77:f9:80:ac:f8:4a:8c:09:
2c:ef:7e:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUwXqIbjybKC/3NblTvNoZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjIxMjIwMTYyOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTEyMzA0YmQ4N2U3ZWRmYmQ0NmFmNzYxYjBkNGZiMzhmYmM0MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM8DtY3VYfCVWYpkJqhcREYA2l+O
P3ZkGuxuCFy7DpHpb762/wDVBqTDIu8gUUlpMNEwBut6Lht9JvUyzHjnyzBZjZ5O
bBEp8/O+IfN7LTg1F/CHOhFpu8LP8j/pWIj+Pvornm4buWzwyszvZk7iEYCw0VT3
8+aXWnImgque7gzQzJyNS4RlPgFCjtnOdJPt8ZLPxqWWf24Q6lgOe7IvevnL2eES
GoXmhmuvxoEQGZ0L/zo5hivH/5InhxU1HXcSOMStbon79JktT/mCPsidusdHa9mS
CToxVECdjCL4yi3JXT//snxSfLskAGOfsPOtIkmjBG3q8IZig4+IpArWSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDoSMEvYfn7fvUavdhsNT7OPvEByMB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvT2hJd1M5aC1mdC05UnE5Mkd3MVBzNC04UUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1cwAMA0E
AgACMAcDBQMqAlZAMA0GCSqGSIb3DQEBCwUAA4IBAQA73dZI+v63Bg5CYgbHll98
wgR+NnC20ZSgd4U1IlotaawuXv9JtWX9V6wW0iznFFwSjFh5vYhN704iLv050StP
v0O9xNScQc9Mr94sbt5Bk/e8QwvTPic7qfaP0YlD+BJWNcplRpykVzU0q02x3l7F
o4a7ZL7EHF736OfMjaihwmLCXyoGnbY0ZzriQKGnOrNjUKDqfHDfMebYTtvPfIxV
V3GkWovmqbo1gq0DBv2T03Bv7iZwkpF1YHx1PkRwfSWqA7wabdqdtdTqA2qbOWNj
qKzZrimUjLV8JK1bQ8lxBqxtpUlTYcO0Ro21J+zHVw79myQud/mArPhKjAks736w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:38 2024 by rpki-client on console-ams.rpki-client.org