Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/oViw7fBjumBL1seqS7lrOOXJrVU.roa
File: oViw7fBjumBL1seqS7lrOOXJrVU.roa (raw, json)
Hash identifier: ydtM4L1Vq8kZttgocNsu7ItRuxSnz++Vr+TT3dPHCfU=
Subject key identifier: A1:58:B0:ED:F0:63:BA:60:4B:D6:C7:AA:4B:B9:6B:38:E5:C9:AD:55
Certificate issuer: /CN=43d518d7307788fca3891878490e4f32d9aaf6af
Certificate serial: 01C8DC15
Authority key identifier: 43:D5:18:D7:30:77:88:FC:A3:89:18:78:49:0E:4F:32:D9:AA:F6:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/oViw7fBjumBL1seqS7lrOOXJrVU.roa
Signing time: Thu 27 Jan 2022 10:31:41 +0000
ROA not before: Thu 27 Jan 2022 10:31:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20592
IP address blocks: 185.178.96.0/22 maxlen: 22
212.115.116.0/23 maxlen: 23
212.115.118.0/24 maxlen: 24
2a11:6f00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29940757 (0x1c8dc15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d518d7307788fca3891878490e4f32d9aaf6af
Validity
Not Before: Jan 27 10:31:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a158b0edf063ba604bd6c7aa4bb96b38e5c9ad55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:26:53:22:b9:71:3b:3b:b1:fb:a4:0f:bd:79:
3e:8d:5e:f5:e5:02:2d:68:a1:14:04:f6:e3:aa:98:
92:63:47:c8:06:09:83:e7:e3:ed:84:0b:f6:dd:3f:
1f:78:6a:bf:f7:89:b3:80:2a:d2:34:18:13:dd:c4:
4e:c8:1f:cf:a6:4a:f0:7b:cf:c9:f8:61:41:74:ec:
ae:e2:01:60:b4:8c:65:1b:2c:79:40:99:20:fc:bd:
a6:17:a4:2f:d5:f7:aa:2e:cf:51:7e:5c:6c:38:30:
84:62:d3:34:5e:58:6f:94:b0:d2:a9:67:f6:ce:5c:
32:84:b2:53:93:f6:d3:12:10:c7:30:11:e5:1a:b7:
b9:a3:7e:d8:3c:ae:66:45:d4:5e:59:7e:55:8b:3b:
c0:cd:64:c0:5f:f1:49:85:fb:7b:a7:e3:bf:9b:70:
85:a2:8d:6d:b6:be:79:3c:43:04:4f:29:7b:51:0f:
50:02:d2:44:7a:05:c3:50:72:82:8f:29:35:4b:e4:
ff:72:6f:87:ca:88:19:bb:c3:ad:cb:6c:55:51:4e:
6a:c3:36:e3:4b:78:c8:0f:dd:05:65:7d:cc:d2:1c:
ab:86:91:60:dd:67:f3:7a:62:42:4c:9b:eb:f9:2f:
4b:de:d2:83:54:68:96:0c:e4:53:13:bd:b3:e4:f4:
76:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:58:B0:ED:F0:63:BA:60:4B:D6:C7:AA:4B:B9:6B:38:E5:C9:AD:55
X509v3 Authority Key Identifier:
keyid:43:D5:18:D7:30:77:88:FC:A3:89:18:78:49:0E:4F:32:D9:AA:F6:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/oViw7fBjumBL1seqS7lrOOXJrVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.96.0/22
212.115.116.0-212.115.118.255
IPv6:
2a11:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
9b:3d:9d:c0:ea:3d:59:b0:cc:1d:67:ce:fc:ee:c5:dd:be:3d:
fa:f4:af:ec:a9:92:fb:4e:a7:52:b8:ea:d8:cf:80:70:cb:c5:
7a:b2:c8:7c:6d:ad:4f:c3:13:36:fa:7f:21:c6:22:51:93:d8:
15:03:60:74:0a:0e:ca:42:91:21:d2:37:0d:74:26:6c:fd:58:
0e:d8:85:71:d5:1f:13:eb:cd:50:19:82:15:e6:7e:bf:eb:6c:
1e:35:49:02:f9:ac:44:1a:de:7e:57:52:3a:5f:30:be:23:31:
3f:18:13:a5:26:69:e6:01:e2:86:f2:c9:45:8d:16:95:a3:c7:
93:9c:77:d0:ef:0d:dd:e6:fd:64:bb:a6:cd:b1:44:71:b2:4c:
b7:bc:c5:25:00:66:4d:93:85:34:c0:cb:f5:30:f4:f2:9f:88:
1f:eb:1d:e6:03:99:6d:f0:5b:2d:82:ca:4c:b6:1c:51:cf:82:
f2:0f:b1:5e:16:10:ed:2b:55:75:12:5b:3a:2a:36:21:55:e5:
2b:e0:d4:53:7c:4f:e2:6d:a6:7c:2a:22:28:ed:75:31:4e:bc:
90:05:e0:3b:a7:d6:e0:31:b2:cd:83:c8:b5:e7:43:85:ec:e3:
5f:e5:f0:86:31:b4:c8:8b:ca:6b:9e:d5:c7:49:3d:75:c4:40:
64:a6:61:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEAcjcFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2Q1MThkNzMwNzc4OGZjYTM4OTE4Nzg0OTBlNGYzMmQ5YWFmNmFmMB4XDTIyMDEy
NzEwMzE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE1OGIwZWRmMDYz
YmE2MDRiZDZjN2FhNGJiOTZiMzhlNWM5YWQ1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwmUyK5cTs7sfukD715Po1e9eUCLWihFAT246qYkmNHyAYJ
g+fj7YQL9t0/H3hqv/eJs4Aq0jQYE93ETsgfz6ZK8HvPyfhhQXTsruIBYLSMZRss
eUCZIPy9phekL9X3qi7PUX5cbDgwhGLTNF5Yb5Sw0qln9s5cMoSyU5P20xIQxzAR
5Rq3uaN+2DyuZkXUXll+VYs7wM1kwF/xSYX7e6fjv5twhaKNbba+eTxDBE8pe1EP
UALSRHoFw1Bygo8pNUvk/3Jvh8qIGbvDrctsVVFOasM240t4yA/dBWV9zNIcq4aR
YN1n83piQkyb6/kvS97Sg1RolgzkUxO9s+T0drcCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBShWLDt8GO6YEvWx6pLuWs45cmtVTAfBgNVHSMEGDAWgBRD1RjXMHeI/KOJ
GHhJDk8y2ar2rzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E5VVkxekIzaVB5amlSaDRTUTVQTXRtcTlxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvYWI3Y2FhLThiYzUtNGJjZS1hMTMwLWVkZGYzMjBkNTBlMi8x
L29WaXc3ZkJqdW1CTDFzZXFTN2xyT09YSnJWVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
YWI3Y2FhLThiYzUtNGJjZS1hMTMwLWVkZGYzMjBkNTBlMi8xL1E5VVkxekIzaVB5
amlSaDRTUTVQTXRtcTlxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFAMEArmyYDAMAwQC1HN0AwQA1HN2MA0E
AgACMAcDBQMqEW8AMA0GCSqGSIb3DQEBCwUAA4IBAQCbPZ3A6j1ZsMwdZ8787sXd
vj369K/sqZL7TqdSuOrYz4Bwy8V6ssh8ba1PwxM2+n8hxiJRk9gVA2B0Cg7KQpEh
0jcNdCZs/VgO2IVx1R8T681QGYIV5n6/62weNUkC+axEGt5+V1I6XzC+IzE/GBOl
JmnmAeKG8slFjRaVo8eTnHfQ7w3d5v1ku6bNsURxsky3vMUlAGZNk4U0wMv1MPTy
n4gf6x3mA5lt8FstgspMthxRz4LyD7FeFhDtK1V1Els6KjYhVeUr4NRTfE/ibaZ8
KiIo7XUxTryQBeA7p9bgMbLNg8i150OF7ONf5fCGMbTIi8prntXHST11xEBkpmHp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:02 2024 by rpki-client on console-fra.rpki-client.org