Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/OBg7gvRWWfMc23xGu4Y51_Ral8Y.roa
File: OBg7gvRWWfMc23xGu4Y51_Ral8Y.roa (raw, json)
Hash identifier: knFEPSOyx3iutI0dGaJo4KHtgIxmJTC1y68KLqvK71M=
Subject key identifier: 38:18:3B:82:F4:56:59:F3:1C:DB:7C:46:BB:86:39:D7:F4:5A:97:C6
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 374F387F
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/OBg7gvRWWfMc23xGu4Y51_Ral8Y.roa
Signing time: Sat 01 Jan 2022 15:06:58 +0000
ROA not before: Sat 01 Jan 2022 15:06:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 37.148.216.0/21 maxlen: 24
195.191.102.0/23 maxlen: 24
37.148.220.0/23 maxlen: 24
31.222.200.0/21 maxlen: 24
185.11.140.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927938687 (0x374f387f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: Jan 1 15:06:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38183b82f45659f31cdb7c46bb8639d7f45a97c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:12:c3:e1:09:ad:13:69:bf:c8:84:f1:53:a0:
7c:29:67:58:95:b6:79:86:ca:63:2f:45:99:6f:aa:
e1:64:7c:61:e5:12:ae:a7:e5:cd:d3:95:c4:25:77:
53:e9:49:fe:72:77:28:4a:a6:19:49:ec:d6:ed:7c:
6d:40:e4:9c:a9:14:7b:ec:ce:74:b3:96:a7:f6:d4:
12:90:fb:2d:4d:e9:b8:cb:5a:7f:b0:f3:f4:98:d5:
77:9d:18:55:fe:d5:a5:8f:46:a0:b1:d3:f0:50:52:
81:dc:25:39:2f:dd:92:5e:cf:c7:6a:79:e7:52:78:
92:aa:30:1d:8c:93:7f:f0:4a:d0:15:8e:07:59:3d:
3c:90:f0:6a:25:e3:ca:8b:ea:36:cf:d4:85:db:31:
06:18:55:d4:b7:bf:53:2d:bc:90:78:0d:f8:49:9d:
12:e1:fa:53:b5:6b:eb:a2:c5:e8:d4:0a:96:8f:bc:
0f:54:37:89:91:0c:50:8d:0b:f1:65:e4:87:58:a6:
bb:5b:f4:d2:67:23:8b:40:8d:40:c2:72:2b:c7:01:
1b:42:50:15:11:ad:23:5a:e5:c1:35:7e:64:68:4c:
03:77:1b:1e:93:78:08:59:f0:f5:4f:03:ce:1a:3d:
48:bb:2e:1d:15:03:d8:b3:52:83:c8:2a:c8:18:9f:
39:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:18:3B:82:F4:56:59:F3:1C:DB:7C:46:BB:86:39:D7:F4:5A:97:C6
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/OBg7gvRWWfMc23xGu4Y51_Ral8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.200.0/21
37.148.216.0/21
185.11.140.0/22
195.191.102.0/23
Signature Algorithm: sha256WithRSAEncryption
92:a0:e9:52:22:32:0d:52:09:74:b3:5b:a3:2e:3a:5b:8a:af:
74:76:49:fb:97:8d:3e:90:bb:d2:6f:c5:bb:80:f7:83:bf:00:
99:e2:e9:65:6b:25:6c:19:9c:05:80:f9:95:5a:2a:cd:1c:20:
65:8e:57:6a:90:95:82:a5:c2:86:36:95:8c:dc:48:f0:0b:91:
b3:3d:3e:dd:b1:b3:fe:25:fb:ee:d8:7b:94:ba:d0:a2:88:38:
b5:2d:4f:98:0f:6f:48:14:e3:af:d6:7f:9d:de:22:b8:97:de:
94:71:ae:2c:f2:48:29:95:be:c9:ea:82:31:f9:ff:4e:c0:0c:
50:f6:06:13:e6:32:8c:7e:52:cf:5a:3c:de:1b:38:5c:17:ac:
10:6e:eb:85:1f:85:88:18:f2:59:20:3d:54:13:45:5e:1b:d6:
04:87:f9:96:3a:7c:d3:7c:24:af:89:15:98:83:2e:2e:f6:fc:
e2:68:f1:fe:23:8e:de:f1:ad:42:cf:de:79:b9:9b:da:b9:34:
c4:3c:4c:1d:45:77:da:85:61:5c:ab:a7:90:f6:89:c5:e4:0c:
b6:01:45:14:28:e0:64:14:b8:06:26:ad:32:74:90:79:11:4b:
d0:05:00:d1:61:3e:18:91:2e:12:5c:83:e9:df:7a:7d:86:37:
b1:bf:c5:66
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEN084fzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGIzZWVkMWM3YWNhNjM2ZDYyNDU4NTJiODAyZTBlNzM3NTRkZjYzMB4XDTIyMDEw
MTE1MDY1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzgxODNiODJmNDU2
NTlmMzFjZGI3YzQ2YmI4NjM5ZDdmNDVhOTdjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0Sw+EJrRNpv8iE8VOgfClnWJW2eYbKYy9FmW+q4WR8YeUS
rqflzdOVxCV3U+lJ/nJ3KEqmGUns1u18bUDknKkUe+zOdLOWp/bUEpD7LU3puMta
f7Dz9JjVd50YVf7VpY9GoLHT8FBSgdwlOS/dkl7Px2p551J4kqowHYyTf/BK0BWO
B1k9PJDwaiXjyovqNs/UhdsxBhhV1Le/Uy28kHgN+EmdEuH6U7Vr66LF6NQKlo+8
D1Q3iZEMUI0L8WXkh1imu1v00mcji0CNQMJyK8cBG0JQFRGtI1rlwTV+ZGhMA3cb
HpN4CFnw9U8Dzho9SLsuHRUD2LNSg8gqyBifOXUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ4GDuC9FZZ8xzbfEa7hjnX9FqXxjAfBgNVHSMEGDAWgBTos+7Rx6ymNtYk
WFK4AuDnN1TfYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZMUHUwY2VzcGpiV0pGaFN1QUxnNXpkVTMyTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvMTc3MzI5LTI4Y2QtNDg2NC05ZTE2LTk0NjQwNGVjMWFhNC8x
L09CZzdndlJXV2ZNYzIzeEd1NFk1MV9SYWw4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
MTc3MzI5LTI4Y2QtNDg2NC05ZTE2LTk0NjQwNGVjMWFhNC8xLzZMUHUwY2VzcGpi
V0pGaFN1QUxnNXpkVTMyTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAx/eyAMEAyWU2AMEArkLjAMEAcO/
ZjANBgkqhkiG9w0BAQsFAAOCAQEAkqDpUiIyDVIJdLNboy46W4qvdHZJ+5eNPpC7
0m/Fu4D3g78AmeLpZWslbBmcBYD5lVoqzRwgZY5XapCVgqXChjaVjNxI8AuRsz0+
3bGz/iX77th7lLrQoog4tS1PmA9vSBTjr9Z/nd4iuJfelHGuLPJIKZW+yeqCMfn/
TsAMUPYGE+YyjH5Sz1o83hs4XBesEG7rhR+FiBjyWSA9VBNFXhvWBIf5ljp803wk
r4kVmIMuLvb84mjx/iOO3vGtQs/eebmb2rk0xDxMHUV32oVhXKunkPaJxeQMtgFF
FCjgZBS4BiatMnSQeRFL0AUA0WE+GJEuElyD6d96fYY3sb/FZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:30 2024 by rpki-client on console-ams.rpki-client.org