Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/okhOGhroVmKkQBj4j1OYP1lofV0.roa
File: okhOGhroVmKkQBj4j1OYP1lofV0.roa (raw, json)
Hash identifier: 1xjtfkvAr1PaT9eb2ZBdX53YsFU6PjmUhkEFmrTKf6o=
Subject key identifier: A2:48:4E:1A:1A:E8:56:62:A4:40:18:F8:8F:53:98:3F:59:68:7D:5D
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 0472111D
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/okhOGhroVmKkQBj4j1OYP1lofV0.roa
Signing time: Sat 01 Jan 2022 08:57:34 +0000
ROA not before: Sat 01 Jan 2022 08:57:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28753
IP address blocks: 37.1.192.0/21 maxlen: 21
5.61.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74584349 (0x472111d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 1 08:57:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2484e1a1ae85662a44018f88f53983f59687d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:25:f7:c7:08:46:24:4f:03:f6:75:7c:83:5c:
6d:44:ca:73:18:fb:1d:35:9d:ae:ea:ee:cf:48:88:
90:c7:c5:a0:84:79:97:dd:c1:1a:b6:ec:9e:b6:83:
9c:7a:7f:4d:db:6f:d6:ca:fe:da:d7:61:93:b7:fb:
a6:93:59:52:89:74:a9:38:5e:ed:34:40:cb:46:f0:
6b:f2:60:cf:42:b6:cb:a2:f7:c2:6a:f1:4e:5c:3d:
32:4e:84:4a:b3:0b:92:e7:15:0b:68:c5:2b:64:b2:
9a:73:50:e2:61:54:b7:d5:73:e2:93:a2:a5:bd:4a:
0d:e0:7f:87:c4:82:ab:3b:cb:b1:c6:0d:40:a4:e3:
25:ac:82:6f:c7:a9:fb:38:a0:cf:25:38:9e:9e:64:
51:62:66:d3:7b:62:47:46:6b:ca:79:5f:ab:ba:31:
00:90:29:fc:6f:7c:2e:87:05:72:78:d6:c9:37:71:
0a:30:f5:ca:4f:78:b9:f1:01:59:94:eb:22:b2:76:
39:31:36:1b:ac:11:b4:f5:40:ac:8e:1e:e3:d2:15:
40:c4:d9:0b:26:9e:7b:89:c2:9e:8b:1f:f5:b4:f8:
12:dc:cf:49:39:0f:cc:79:f4:6e:0b:8a:e0:86:69:
29:07:ea:96:71:12:6a:b0:6e:c5:62:3b:36:29:7d:
40:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:48:4E:1A:1A:E8:56:62:A4:40:18:F8:8F:53:98:3F:59:68:7D:5D
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/okhOGhroVmKkQBj4j1OYP1lofV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.32.0/20
37.1.192.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:d6:bd:d2:10:ad:84:99:88:04:d2:74:08:cc:49:8c:c5:a7:
b4:cf:e0:d5:17:b0:aa:ae:f5:61:51:33:92:bb:6a:55:b6:1b:
26:42:36:df:45:be:b1:67:71:95:0d:df:e3:13:48:9c:1e:39:
ee:f9:5f:7b:45:e8:b8:68:bc:ec:44:83:22:59:a4:6d:83:b0:
e8:19:21:df:fe:3c:b2:48:7a:e7:2b:e6:bf:56:96:d2:8a:db:
5f:e9:e7:1d:a2:89:6c:82:8b:c3:e7:bc:c1:8e:1c:3d:44:c1:
81:65:ad:7b:95:f1:0c:31:a5:c1:13:4e:85:2d:18:01:c5:eb:
36:01:64:6a:ee:57:75:53:b8:fc:6e:eb:f7:14:03:f2:07:a1:
4e:e3:21:c9:76:a8:90:61:39:05:20:d4:19:a9:61:02:89:c9:
d1:56:92:35:7f:98:ea:b5:b1:72:f9:3f:a9:13:fb:b9:0a:20:
da:15:b1:40:79:fc:d3:60:7c:1c:7d:a5:83:80:b8:d3:96:42:
16:14:ae:14:db:2a:ec:e3:b9:e6:f4:0d:8f:2b:f1:40:3b:46:
54:42:58:b5:0f:ad:c0:56:01:01:b0:b2:e5:3c:7b:37:f2:92:
f0:bb:55:ad:3a:18:e0:e4:8d:35:7d:33:76:7a:d6:bf:bf:b1:
b3:09:5a:7d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBHIRHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZWY1Y2IyZjU5MGQwNDE2NTRmNGRmZGI2MGEyOGY5YTE1NDRmNDQ0MB4XDTIyMDEw
MTA4NTczNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI0ODRlMWExYWU4
NTY2MmE0NDAxOGY4OGY1Mzk4M2Y1OTY4N2Q1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO0l98cIRiRPA/Z1fINcbUTKcxj7HTWdruruz0iIkMfFoIR5
l93BGrbsnraDnHp/Tdtv1sr+2tdhk7f7ppNZUol0qThe7TRAy0bwa/Jgz0K2y6L3
wmrxTlw9Mk6ESrMLkucVC2jFK2SymnNQ4mFUt9Vz4pOipb1KDeB/h8SCqzvLscYN
QKTjJayCb8ep+zigzyU4np5kUWJm03tiR0Zrynlfq7oxAJAp/G98LocFcnjWyTdx
CjD1yk94ufEBWZTrIrJ2OTE2G6wRtPVArI4e49IVQMTZCyaee4nCnosf9bT4EtzP
STkPzHn0bguK4IZpKQfqlnESarBuxWI7Nil9QHMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSiSE4aGuhWYqRAGPiPU5g/WWh9XTAfBgNVHSMEGDAWgBQO9csvWQ0EFlT0
39tgoo+aFUT0RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0R2WExMMWtOQkJaVTlOX2JZS0tQbWhWRTlFUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvMjI2ZjA0LWY3ZGItNDkxYS1iYWZiLWVlNDM1ZDNjZDU4NS8x
L29raE9HaHJvVm1La1FCajRqMU9ZUDFsb2ZWMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
MjI2ZjA0LWY3ZGItNDkxYS1iYWZiLWVlNDM1ZDNjZDU4NS8xL0R2WExMMWtOQkJa
VTlOX2JZS0tQbWhWRTlFUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBAU9IAMEAyUBwDANBgkqhkiG9w0B
AQsFAAOCAQEAS9a90hCthJmIBNJ0CMxJjMWntM/g1Rewqq71YVEzkrtqVbYbJkI2
30W+sWdxlQ3f4xNInB457vlfe0XouGi87ESDIlmkbYOw6Bkh3/48skh65yvmv1aW
0orbX+nnHaKJbIKLw+e8wY4cPUTBgWWte5XxDDGlwRNOhS0YAcXrNgFkau5XdVO4
/G7r9xQD8gehTuMhyXaokGE5BSDUGalhAonJ0VaSNX+Y6rWxcvk/qRP7uQog2hWx
QHn802B8HH2lg4C405ZCFhSuFNsq7OO55vQNjyvxQDtGVEJYtQ+twFYBAbCy5Tx7
N/KS8LtVrToY4OSNNX0zdnrWv7+xswlafQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:35 2023 by rpki-client on console-ams.rpki-client.org