Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/oNdkAlLCODR2N2QDcWa6i5wJS9M.roa
File: oNdkAlLCODR2N2QDcWa6i5wJS9M.roa (raw, json)
Hash identifier: 7FBvGIdASFDkOOYmJAbWW1plNMKbdItXbZdFZ/U37rU=
Subject key identifier: A0:D7:64:02:52:C2:38:34:76:37:64:03:71:66:BA:8B:9C:09:4B:D3
Certificate issuer: /CN=0c2d7c238e89dcd52f6fb2296dfa4758c61c97be
Certificate serial: 09C7CE3D
Authority key identifier: 0C:2D:7C:23:8E:89:DC:D5:2F:6F:B2:29:6D:FA:47:58:C6:1C:97:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DC18I46J3NUvb7IpbfpHWMYcl74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/oNdkAlLCODR2N2QDcWa6i5wJS9M.roa
Signing time: Wed 13 Apr 2022 08:06:37 +0000
ROA not before: Wed 13 Apr 2022 08:06:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17819
IP address blocks: 185.93.57.0/24 maxlen: 24
185.93.59.0/24 maxlen: 24
2a03:8fa0:1000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164089405 (0x9c7ce3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c2d7c238e89dcd52f6fb2296dfa4758c61c97be
Validity
Not Before: Apr 13 08:06:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0d7640252c23834763764037166ba8b9c094bd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8b:61:06:e7:8e:f8:ac:a4:1c:5f:0d:ed:a0:
67:98:f9:df:ba:09:0b:bb:da:5e:52:63:39:7a:d6:
93:4f:ff:f6:ab:38:9c:e4:c7:f4:0b:82:05:30:bf:
f1:d1:92:73:89:92:0e:16:d3:84:fb:04:87:3d:e8:
4c:0e:39:da:85:57:6a:0c:42:12:67:e0:64:30:47:
47:5d:06:9e:1a:1d:e6:c5:3c:0a:07:f1:6f:f9:d6:
bc:b9:51:9b:ba:02:53:99:38:f5:ee:b0:de:92:0f:
5e:a6:9b:31:ee:e7:0a:45:31:48:b0:ea:6b:97:01:
56:25:16:0a:e5:8b:34:46:e8:e7:cd:23:81:dd:48:
fd:00:f7:8a:03:ff:d8:b6:d1:f9:41:9f:6d:6c:76:
a8:d4:6f:08:50:d9:85:f8:14:dd:d5:34:f8:02:0d:
ea:bf:a5:ef:07:ae:b3:99:91:88:93:dc:de:a9:bc:
49:54:7d:80:1d:0a:c2:26:34:a9:96:5a:44:4a:21:
9f:27:97:60:3e:8d:be:55:41:50:f6:c8:24:84:42:
ad:b3:0b:c3:ad:2d:cd:73:57:ee:31:95:ca:15:61:
a5:96:3c:b0:46:ab:1d:49:7e:ba:2a:fe:fa:e0:a1:
db:f9:ca:90:53:e0:9c:fc:20:b4:ba:1d:86:bc:15:
e3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D7:64:02:52:C2:38:34:76:37:64:03:71:66:BA:8B:9C:09:4B:D3
X509v3 Authority Key Identifier:
keyid:0C:2D:7C:23:8E:89:DC:D5:2F:6F:B2:29:6D:FA:47:58:C6:1C:97:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DC18I46J3NUvb7IpbfpHWMYcl74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/oNdkAlLCODR2N2QDcWa6i5wJS9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/DC18I46J3NUvb7IpbfpHWMYcl74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.57.0/24
185.93.59.0/24
IPv6:
2a03:8fa0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
7c:ee:c3:ea:fb:26:40:6a:ad:ec:f0:2b:17:9e:48:99:1c:a1:
e1:a0:f8:0a:93:2c:b7:2a:39:18:06:0c:83:9b:fc:1d:40:13:
f8:3c:1a:13:bc:8b:99:56:be:14:95:04:7c:30:4e:d7:af:e9:
a4:3b:6f:fd:85:34:36:4b:ac:f7:93:eb:de:a7:46:0d:a3:a3:
79:d9:19:0a:ef:cb:e7:11:e4:22:a1:fa:77:5b:59:6c:52:a9:
61:e4:11:bb:79:32:9e:83:b8:4b:a0:85:38:bf:5f:f5:ca:19:
93:9d:e7:94:f0:c1:a5:ba:39:3a:8e:8f:9d:68:a1:df:4a:47:
0a:da:ea:b4:7e:12:c3:b8:33:76:42:df:7d:9c:79:0d:75:fa:
93:ca:12:4a:18:38:82:46:86:9b:94:5e:7f:3a:cd:51:6c:f8:
a7:e3:d0:02:c2:dd:25:a7:e2:55:51:1a:db:f5:73:47:80:01:
37:a2:8b:57:89:88:44:bb:2c:48:c7:d8:90:59:71:9d:bb:eb:
70:03:15:fc:8e:4b:53:be:18:61:c5:e7:1d:71:90:96:00:db:
d9:bc:2d:b7:22:23:f0:e1:e3:25:e2:28:d5:86:a0:1b:c4:63:
72:6a:40:7f:84:b1:48:8e:b3:76:51:d4:c7:be:07:57:04:aa:
da:02:48:e3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIECcfOPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzJkN2MyMzhlODlkY2Q1MmY2ZmIyMjk2ZGZhNDc1OGM2MWM5N2JlMB4XDTIyMDQx
MzA4MDYzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBkNzY0MDI1MmMy
MzgzNDc2Mzc2NDAzNzE2NmJhOGI5YzA5NGJkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKLYQbnjvispBxfDe2gZ5j537oJC7vaXlJjOXrWk0//9qs4
nOTH9AuCBTC/8dGSc4mSDhbThPsEhz3oTA452oVXagxCEmfgZDBHR10Gnhod5sU8
Cgfxb/nWvLlRm7oCU5k49e6w3pIPXqabMe7nCkUxSLDqa5cBViUWCuWLNEbo580j
gd1I/QD3igP/2LbR+UGfbWx2qNRvCFDZhfgU3dU0+AIN6r+l7weus5mRiJPc3qm8
SVR9gB0KwiY0qZZaREohnyeXYD6NvlVBUPbIJIRCrbMLw60tzXNX7jGVyhVhpZY8
sEarHUl+uir++uCh2/nKkFPgnPwgtLodhrwV4xcCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBSg12QCUsI4NHY3ZANxZrqLnAlL0zAfBgNVHSMEGDAWgBQMLXwjjonc1S9v
silt+kdYxhyXvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RDMThJNDZKM05VdmI3SXBiZnBIV01ZY2w3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvNDY5MTZlLWU4NmMtNDRhOC04YWI5LTUzODQ5YmFmMWI0NS8x
L29OZGtBbExDT0RSMk4yUURjV2E2aTV3SlM5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
NDY5MTZlLWU4NmMtNDRhOC04YWI5LTUzODQ5YmFmMWI0NS8xL0RDMThJNDZKM05V
dmI3SXBiZnBIV01ZY2w3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwEgQCAAEwDAMEALldOQMEALldOzAOBAIAAjAIAwYE
KgOPoBAwDQYJKoZIhvcNAQELBQADggEBAHzuw+r7JkBqrezwKxeeSJkcoeGg+AqT
LLcqORgGDIOb/B1AE/g8GhO8i5lWvhSVBHwwTtev6aQ7b/2FNDZLrPeT696nRg2j
o3nZGQrvy+cR5CKh+ndbWWxSqWHkEbt5Mp6DuEughTi/X/XKGZOd55TwwaW6OTqO
j51ood9KRwra6rR+EsO4M3ZC332ceQ11+pPKEkoYOIJGhpuUXn86zVFs+Kfj0ALC
3SWn4lVRGtv1c0eAATeii1eJiES7LEjH2JBZcZ2763ADFfyOS1O+GGHF5x1xkJYA
29m8LbciI/Dh4yXiKNWGoBvEY3JqQH+EsUiOs3ZR1Me+B1cEqtoCSOM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:24 2023 by rpki-client on console-ams.rpki-client.org