Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/oW7pjYOrwyvRT2stmV_QkZGH2Ck.roa
File: oW7pjYOrwyvRT2stmV_QkZGH2Ck.roa (raw, json)
Hash identifier: cxgku1HEbju0IBXiA5hEYq+u0Lnid/Xj4ZwN4YS3kQo=
Subject key identifier: A1:6E:E9:8D:83:AB:C3:2B:D1:4F:6B:2D:99:5F:D0:91:91:87:D8:29
Certificate issuer: /CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Certificate serial: 0AF4A0AA
Authority key identifier: 9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/oW7pjYOrwyvRT2stmV_QkZGH2Ck.roa
Signing time: Sat 01 Jan 2022 15:03:16 +0000
ROA not before: Sat 01 Jan 2022 15:03:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44712
IP address blocks: 185.91.204.0/22 maxlen: 22
151.249.104.0/21 maxlen: 21
2a01:a8c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183804074 (0xaf4a0aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Validity
Not Before: Jan 1 15:03:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a16ee98d83abc32bd14f6b2d995fd0919187d829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:63:b4:1f:38:11:cc:2b:b1:c5:ad:b3:af:e4:
06:45:8f:87:a3:42:8c:d7:eb:a1:fe:dd:a7:ee:a9:
0d:58:4a:cf:fd:fc:ce:e0:b1:6c:ef:b2:0e:3c:9e:
5a:45:c7:c0:79:2f:d4:03:ae:f6:86:7e:2b:de:e1:
62:dc:ff:e7:e9:21:90:fe:cc:ac:8a:bc:1c:b8:45:
11:53:02:dc:7b:d5:2c:6e:97:33:4e:cd:f3:73:31:
fc:a8:b3:05:12:72:37:33:d8:80:d3:7e:4a:66:72:
5e:f5:b3:09:de:b6:16:6b:3c:ca:93:17:a7:c8:2b:
53:1f:cf:bf:f7:d4:06:4c:d0:71:06:4c:40:f2:94:
17:bd:70:cd:b7:9e:1f:d5:e9:00:09:f5:c7:ac:bd:
89:ef:17:09:11:63:f1:48:d2:79:d4:73:4a:46:0e:
62:08:76:c0:07:2f:3f:82:a8:53:8b:e8:cc:f0:11:
90:42:1e:68:18:35:92:58:aa:fd:81:00:3a:39:a7:
4e:04:00:1d:ac:e2:89:f1:0f:c3:a5:37:66:87:43:
29:ff:40:f8:83:51:68:7a:0d:a0:66:b9:85:84:e6:
3f:f4:a5:ac:f3:92:3c:91:32:ca:6d:80:a3:75:03:
21:d1:cb:d7:14:38:9d:e1:9c:e9:f5:40:2b:c4:c5:
77:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6E:E9:8D:83:AB:C3:2B:D1:4F:6B:2D:99:5F:D0:91:91:87:D8:29
X509v3 Authority Key Identifier:
keyid:9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/oW7pjYOrwyvRT2stmV_QkZGH2Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.249.104.0/21
185.91.204.0/22
IPv6:
2a01:a8c0::/29
Signature Algorithm: sha256WithRSAEncryption
87:99:29:00:df:c5:3e:00:dd:e8:ee:55:04:d5:e2:80:58:59:
cc:ba:52:ea:51:59:e2:13:d7:af:a1:70:cb:2d:61:2c:c0:2e:
5f:63:8f:04:0c:ef:4e:1d:0d:f1:80:bf:8f:5e:b4:de:3e:d1:
01:39:ff:3c:9b:39:bd:76:30:7a:b7:57:6f:34:cc:b8:03:8d:
f3:60:e1:24:00:a9:c4:9f:47:6d:87:6a:b6:40:eb:5e:2d:6a:
96:13:06:10:92:6e:29:e9:c2:bb:fa:16:ae:3d:14:25:68:66:
e6:43:39:3a:74:fe:36:1b:14:1b:c9:4c:41:b3:48:78:cc:f1:
d0:6d:04:a0:07:08:e7:d3:41:30:e4:5d:68:7b:07:e7:0e:32:
02:32:9b:0f:4f:8a:68:ba:aa:b2:ad:e4:7b:e1:52:68:24:a9:
f1:11:dc:61:27:62:04:72:38:0b:c2:53:32:80:32:0f:41:6f:
ab:9c:61:67:89:7b:88:54:83:88:94:38:fc:66:ba:40:f9:4f:
c4:40:05:0a:06:19:96:d5:f0:c4:04:99:48:51:73:85:13:2a:
f1:7d:66:f2:d9:08:2c:0b:85:28:9e:59:35:2e:61:f1:b9:55:
fd:0a:7e:b0:24:50:37:ea:b5:b2:76:51:a4:33:b9:ce:84:da:
ec:27:9e:c5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECvSgqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZmFmMGJmOTNmYzQzODFmZmY3ZTdhYTg2YjQwNzZjMDMzMjQyZmZhMB4XDTIyMDEw
MTE1MDMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE2ZWU5OGQ4M2Fi
YzMyYmQxNGY2YjJkOTk1ZmQwOTE5MTg3ZDgyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpjtB84EcwrscWts6/kBkWPh6NCjNfrof7dp+6pDVhKz/38
zuCxbO+yDjyeWkXHwHkv1AOu9oZ+K97hYtz/5+khkP7MrIq8HLhFEVMC3HvVLG6X
M07N83Mx/KizBRJyNzPYgNN+SmZyXvWzCd62Fms8ypMXp8grUx/Pv/fUBkzQcQZM
QPKUF71wzbeeH9XpAAn1x6y9ie8XCRFj8UjSedRzSkYOYgh2wAcvP4KoU4vozPAR
kEIeaBg1kliq/YEAOjmnTgQAHaziifEPw6U3ZodDKf9A+INRaHoNoGa5hYTmP/Sl
rPOSPJEyym2Ao3UDIdHL1xQ4neGc6fVAK8TFd28CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBShbumNg6vDK9FPay2ZX9CRkYfYKTAfBgNVHSMEGDAWgBSfrwv5P8Q4H/9+
eqhrQHbAMyQv+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L242OEwtVF9FT0JfX2ZucW9hMEIyd0RNa0xfby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvYTRmZjMzLWIyOTAtNDMwNy1hZmM4LWY1MjBhN2Q3MWVmNS8x
L29XN3BqWU9yd3l2UlQyc3RtVl9Ra1pHSDJDay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
YTRmZjMzLWIyOTAtNDMwNy1hZmM4LWY1MjBhN2Q3MWVmNS8xL242OEwtVF9FT0Jf
X2ZucW9hMEIyd0RNa0xfby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA5f5aAMEArlbzDANBAIAAjAHAwUD
KgGowDANBgkqhkiG9w0BAQsFAAOCAQEAh5kpAN/FPgDd6O5VBNXigFhZzLpS6lFZ
4hPXr6Fwyy1hLMAuX2OPBAzvTh0N8YC/j1603j7RATn/PJs5vXYwerdXbzTMuAON
82DhJACpxJ9HbYdqtkDrXi1qlhMGEJJuKenCu/oWrj0UJWhm5kM5OnT+NhsUG8lM
QbNIeMzx0G0EoAcI59NBMORdaHsH5w4yAjKbD0+KaLqqsq3ke+FSaCSp8RHcYSdi
BHI4C8JTMoAyD0Fvq5xhZ4l7iFSDiJQ4/Ga6QPlPxEAFCgYZltXwxASZSFFzhRMq
8X1m8tkILAuFKJ5ZNS5h8blV/Qp+sCRQN+q1snZRpDO5zoTa7CeexQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:47 2024 by rpki-client on console-ams.rpki-client.org