Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/OTHU-45WbW8urzHwXX2KS9n0hkY.roa
File: OTHU-45WbW8urzHwXX2KS9n0hkY.roa (raw, json)
Hash identifier: Nlki2T+0k3dzi/6JOtvCC0nXImM0O1Qzilicc77rHCc=
Subject key identifier: 39:31:D4:FB:8E:56:6D:6F:2E:AF:31:F0:5D:7D:8A:4B:D9:F4:86:46
Certificate issuer: /CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Certificate serial: 09F311A8
Authority key identifier: 32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/OTHU-45WbW8urzHwXX2KS9n0hkY.roa
Signing time: Sat 01 Jan 2022 05:02:10 +0000
ROA not before: Sat 01 Jan 2022 05:02:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201622
IP address blocks: 188.126.96.0/19 maxlen: 19
188.126.96.0/20 maxlen: 20
188.126.112.0/21 maxlen: 21
188.126.120.0/21 maxlen: 21
2a09:f400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166924712 (0x9f311a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Validity
Not Before: Jan 1 05:02:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3931d4fb8e566d6f2eaf31f05d7d8a4bd9f48646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bc:81:58:75:db:f4:28:f4:b3:84:68:e8:b3:
8e:3d:b1:19:88:f7:88:79:ad:23:1f:86:88:43:c5:
ad:d7:a8:13:a8:76:0e:40:63:fb:eb:5d:6d:a7:36:
a3:30:80:89:ac:2f:6a:4b:7e:ed:c0:ff:5b:68:32:
aa:fc:7f:27:f6:b0:c5:76:bf:c7:d6:8b:3e:9f:88:
db:34:f8:c2:44:76:57:d3:96:f8:f8:91:ba:7f:91:
c7:2d:15:f9:d3:3e:1b:f8:d0:1a:53:ae:9d:71:f4:
52:9d:1f:2d:f3:7e:f9:a4:b8:65:7e:2a:cf:a6:c4:
ce:8b:3c:54:24:51:77:0f:61:49:6d:89:3e:b9:07:
8b:4c:f3:83:e4:d4:8f:5f:24:ed:8f:95:29:e2:07:
56:f0:a7:f7:1a:32:3d:4a:1e:2c:21:de:fa:82:d0:
7f:9a:40:bf:f4:07:bc:3f:ad:0c:99:94:64:e8:bc:
5e:01:d4:9b:e5:67:e3:0f:ee:89:ee:af:8c:79:d0:
b9:81:c5:39:3f:b6:5f:00:94:5e:b4:5a:81:45:92:
31:d3:b4:06:67:11:89:d3:cb:07:1a:10:5d:62:51:
a1:03:0b:88:12:6a:64:57:33:8e:8f:96:c8:e0:7f:
68:52:d7:0c:03:a1:45:73:66:db:75:f9:a5:78:25:
20:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:31:D4:FB:8E:56:6D:6F:2E:AF:31:F0:5D:7D:8A:4B:D9:F4:86:46
X509v3 Authority Key Identifier:
keyid:32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/OTHU-45WbW8urzHwXX2KS9n0hkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.126.96.0/19
IPv6:
2a09:f400::/29
Signature Algorithm: sha256WithRSAEncryption
04:2f:57:2a:3e:6b:e7:ba:fa:54:2f:f7:81:dd:e6:fc:8a:67:
fd:11:2c:45:bd:6e:0a:d0:ec:08:97:60:fd:ce:0d:72:49:76:
58:d2:e8:ec:96:f8:f5:35:6a:bf:fd:4d:de:67:f9:30:a5:46:
f5:bd:ec:83:f5:9e:3d:55:24:6b:97:a7:37:ac:02:e8:73:8b:
43:47:7e:4c:13:7a:8e:e3:d2:9c:0d:d4:78:a0:b5:86:ae:18:
b2:38:5b:b8:87:4d:07:72:c5:e3:7e:e7:ba:53:12:d1:19:7e:
12:bc:9f:55:a7:a7:0a:7f:fb:c2:d2:2f:00:9f:55:e0:07:57:
2e:b1:20:33:f6:64:34:bd:2d:c8:6f:4c:53:c6:55:26:91:86:
30:bf:4c:99:b6:9b:f3:37:fe:51:64:a0:10:b2:4f:ff:80:89:
84:22:fe:84:af:3a:21:89:53:42:4d:9f:a8:12:94:e7:c1:da:
f9:d7:6d:97:c9:fa:89:d5:cd:57:fb:b1:3e:4c:c7:88:69:75:
5c:48:e2:8c:42:6d:4d:8b:85:98:2c:d7:b3:8d:9a:2f:1c:a0:
0c:5c:d6:8f:30:af:3d:42:10:11:cc:0a:e4:12:a2:f3:de:6d:
30:97:6d:24:fd:d6:d9:bd:99:35:7b:c6:0b:6a:66:13:75:2d:
26:34:39:1c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECfMRqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjNhYjViYTk4YmVmNWQwZDliZDBjZWEwMzFhMWZlMTM3NzdhNDg2MB4XDTIyMDEw
MTA1MDIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzkzMWQ0ZmI4ZTU2
NmQ2ZjJlYWYzMWYwNWQ3ZDhhNGJkOWY0ODY0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKa8gVh12/Qo9LOEaOizjj2xGYj3iHmtIx+GiEPFrdeoE6h2
DkBj++tdbac2ozCAiawvakt+7cD/W2gyqvx/J/awxXa/x9aLPp+I2zT4wkR2V9OW
+PiRun+Rxy0V+dM+G/jQGlOunXH0Up0fLfN++aS4ZX4qz6bEzos8VCRRdw9hSW2J
PrkHi0zzg+TUj18k7Y+VKeIHVvCn9xoyPUoeLCHe+oLQf5pAv/QHvD+tDJmUZOi8
XgHUm+Vn4w/uie6vjHnQuYHFOT+2XwCUXrRagUWSMdO0BmcRidPLBxoQXWJRoQML
iBJqZFczjo+WyOB/aFLXDAOhRXNm23X5pXglII0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ5MdT7jlZtby6vMfBdfYpL2fSGRjAfBgNVHSMEGDAWgBQyOrW6mL710Nm9
DOoDGh/hN3ekhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01qcTF1cGktOWREWnZRenFBeG9mNFRkM3BJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvYjAxMjkwLWQ3NmQtNDJkOC1hMjM0LWY5NTEyNDk5ZTA1Yy8x
L09USFUtNDVXYlc4dXJ6SHdYWDJLUzluMGhrWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
YjAxMjkwLWQ3NmQtNDJkOC1hMjM0LWY5NTEyNDk5ZTA1Yy8xL01qcTF1cGktOWRE
WnZRenFBeG9mNFRkM3BJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBbx+YDANBAIAAjAHAwUDKgn0ADAN
BgkqhkiG9w0BAQsFAAOCAQEABC9XKj5r57r6VC/3gd3m/Ipn/REsRb1uCtDsCJdg
/c4Nckl2WNLo7Jb49TVqv/1N3mf5MKVG9b3sg/WePVUka5enN6wC6HOLQ0d+TBN6
juPSnA3UeKC1hq4YsjhbuIdNB3LF437nulMS0Rl+EryfVaenCn/7wtIvAJ9V4AdX
LrEgM/ZkNL0tyG9MU8ZVJpGGML9Mmbab8zf+UWSgELJP/4CJhCL+hK86IYlTQk2f
qBKU58Ha+ddtl8n6idXNV/uxPkzHiGl1XEjijEJtTYuFmCzXs42aLxygDFzWjzCv
PUIQEcwK5BKi895tMJdtJP3W2b2ZNXvGC2pmE3UtJjQ5HA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:19 2023 by rpki-client on console-fra.rpki-client.org