Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/OjcjdFT1NwRdWxtlljWctYgFFg4.roa
File: OjcjdFT1NwRdWxtlljWctYgFFg4.roa (raw, json)
Hash identifier: a7brXRS7uEp4YRXi3RFwY2BeJKPJqOxyC6ehh2Op+Yg=
Subject key identifier: 3A:37:23:74:54:F5:37:04:5D:5B:1B:65:96:35:9C:B5:88:05:16:0E
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0423628A
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/OjcjdFT1NwRdWxtlljWctYgFFg4.roa
Signing time: Wed 09 Feb 2022 09:09:11 +0000
ROA not before: Wed 09 Feb 2022 09:09:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207743
IP address blocks: 178.157.72.0/22 maxlen: 24
178.157.102.0/23 maxlen: 23
188.74.240.0/22 maxlen: 24
188.74.129.0/24 maxlen: 24
188.74.132.0/22 maxlen: 24
188.119.156.0/23 maxlen: 24
5.157.130.0/23 maxlen: 23
5.157.129.0/24 maxlen: 24
188.74.168.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69427850 (0x423628a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Feb 9 09:09:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a37237454f537045d5b1b6596359cb58805160e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d8:9e:71:0b:d9:42:2c:61:fc:b3:b0:dd:91:
cb:8a:8d:07:a8:08:6a:64:25:ce:59:cd:8b:e5:9e:
3d:4b:43:e8:89:66:9a:77:c6:07:39:4a:c4:9a:17:
04:55:16:6f:58:42:d4:58:30:16:07:6e:6e:0e:4e:
2f:ac:2b:65:31:eb:82:7f:7a:74:3e:05:a5:7b:d4:
51:95:22:4f:5d:7c:a9:2f:7b:f0:99:5f:34:32:1e:
6f:bc:47:e3:a1:10:f0:6a:f8:89:6b:a0:cd:17:91:
43:b9:47:49:8b:1d:32:0b:dc:c8:e4:32:b4:5f:72:
35:cc:39:9b:69:11:cf:fe:15:a9:31:13:b2:e6:a3:
70:78:d2:5d:5c:ac:f8:bb:9a:51:0f:af:5b:dd:1c:
83:11:60:e6:2d:54:81:6b:9d:24:91:08:c4:a6:0a:
a5:7d:c0:32:ae:52:28:99:2a:d0:b8:8d:90:cd:ed:
a3:81:2c:40:70:a1:ef:54:0a:37:32:49:57:91:05:
ae:6e:bc:9b:d9:97:51:c8:95:93:a1:f6:ba:7d:af:
cd:ed:b6:21:9a:c4:d7:6f:54:46:98:f0:d4:75:2b:
bb:2a:2d:4a:06:8e:10:79:54:75:c4:e4:8a:be:4d:
a1:b1:32:9f:fb:69:1a:9b:50:a2:33:ba:db:90:4f:
e7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:37:23:74:54:F5:37:04:5D:5B:1B:65:96:35:9C:B5:88:05:16:0E
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/OjcjdFT1NwRdWxtlljWctYgFFg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.129.0-5.157.131.255
178.157.72.0/22
178.157.102.0/23
188.74.129.0/24
188.74.132.0/22
188.74.168.0/23
188.74.240.0/22
188.119.156.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:a4:12:74:88:02:1c:f8:63:ec:f6:ce:e5:cc:55:df:38:78:
1f:41:d1:40:fb:99:81:70:ff:42:0d:18:b3:41:95:42:65:cf:
e1:e5:7d:99:d3:0b:c7:b2:e8:d0:64:1e:22:cf:16:2b:11:af:
06:10:30:9f:25:7c:6e:2e:73:4a:7d:87:18:77:a9:2c:23:c1:
d3:7f:66:ac:ae:56:7d:88:2e:84:18:95:99:c2:05:ed:27:94:
67:88:01:bc:f0:5e:b3:36:00:ff:10:c7:15:d0:c0:9f:bb:ad:
8d:98:9b:dc:3c:d2:02:ad:a6:9c:c5:67:02:09:f9:c2:80:8c:
b5:56:68:72:09:d3:2e:2c:61:28:88:55:49:a2:82:9a:4e:d3:
2a:80:05:bc:09:4a:dd:a7:88:69:b7:2d:43:b5:b5:3a:1f:0b:
a0:95:87:0d:fc:0f:4a:7d:fc:85:fd:e0:1e:f2:32:06:65:9f:
ea:e4:09:82:05:b8:fd:ff:a8:13:c8:03:cb:37:9b:fd:76:39:
c2:39:d7:09:95:a6:6a:b4:cd:5e:46:27:ed:a8:26:1c:6a:56:
16:00:99:5e:0a:04:15:81:0d:90:98:67:4f:eb:b4:1b:49:92:
41:7b:eb:e8:0e:70:2b:6d:b4:96:d1:91:17:7d:ff:29:46:19:
8a:43:9a:32
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEBCNiijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YjIzM2Q3NTUwOGI0ZTg1Y2NjZjQ0MzQ5YTdjYjcwMzE5OGQxZDI2MB4XDTIyMDIw
OTA5MDkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2EzNzIzNzQ1NGY1
MzcwNDVkNWIxYjY1OTYzNTljYjU4ODA1MTYwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJTYnnEL2UIsYfyzsN2Ry4qNB6gIamQlzlnNi+WePUtD6Ilm
mnfGBzlKxJoXBFUWb1hC1FgwFgdubg5OL6wrZTHrgn96dD4FpXvUUZUiT118qS97
8JlfNDIeb7xH46EQ8Gr4iWugzReRQ7lHSYsdMgvcyOQytF9yNcw5m2kRz/4VqTET
suajcHjSXVys+LuaUQ+vW90cgxFg5i1UgWudJJEIxKYKpX3AMq5SKJkq0LiNkM3t
o4EsQHCh71QKNzJJV5EFrm68m9mXUciVk6H2un2vze22IZrE129URpjw1HUruyot
SgaOEHlUdcTkir5NobEyn/tpGptQojO625BP53MCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBQ6NyN0VPU3BF1bG2WWNZy1iAUWDjAfBgNVHSMEGDAWgBRrIz11UItOhczP
RDSafLcDGY0dJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2F5TTlkVkNMVG9YTXowUTBtbnkzQXhtTkhTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvOWQ5MTkyLTI3M2MtNGNhOS1iMmJhLWZhOWNiNTFjZDBmMS8x
L09qY2pkRlQxTndSZFd4dGxsaldjdFlnRkZnNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
OWQ5MTkyLTI3M2MtNGNhOS1iMmJhLWZhOWNiNTFjZDBmMS8xL2F5TTlkVkNMVG9Y
TXowUTBtbnkzQXhtTkhTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwODAMAwQABZ2BAwQCBZ2AAwQCsp1IAwQB
sp1mAwQAvEqBAwQCvEqEAwQBvEqoAwQCvErwAwQBvHecMA0GCSqGSIb3DQEBCwUA
A4IBAQAvpBJ0iAIc+GPs9s7lzFXfOHgfQdFA+5mBcP9CDRizQZVCZc/h5X2Z0wvH
sujQZB4izxYrEa8GEDCfJXxuLnNKfYcYd6ksI8HTf2asrlZ9iC6EGJWZwgXtJ5Rn
iAG88F6zNgD/EMcV0MCfu62NmJvcPNICraacxWcCCfnCgIy1VmhyCdMuLGEoiFVJ
ooKaTtMqgAW8CUrdp4hpty1DtbU6HwuglYcN/A9KffyF/eAe8jIGZZ/q5AmCBbj9
/6gTyAPLN5v9djnCOdcJlaZqtM1eRiftqCYcalYWAJleCgQVgQ2QmGdP67QbSZJB
e+voDnArbbSW0ZEXff8pRhmKQ5oy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org