Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/OkmtWm-xGolNWqTq950vrlxO_vI.roa
File: OkmtWm-xGolNWqTq950vrlxO_vI.roa (raw, json)
Hash identifier: T5rvxr3MLEjfN88OjwtuVrEp8CYCOqwqprf47yS/oQ0=
Subject key identifier: 3A:49:AD:5A:6F:B1:1A:89:4D:5A:A4:EA:F7:9D:2F:AE:5C:4E:FE:F2
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 3882DF02
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/OkmtWm-xGolNWqTq950vrlxO_vI.roa
Signing time: Tue 10 May 2022 00:53:35 +0000
ROA not before: Tue 10 May 2022 00:53:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59432
IP address blocks: 31.222.200.0/22 maxlen: 24
185.11.140.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948100866 (0x3882df02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: May 10 00:53:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a49ad5a6fb11a894d5aa4eaf79d2fae5c4efef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6b:3b:f9:ee:d8:ca:1f:c5:68:97:e9:c2:e0:
21:85:08:c6:c3:8f:db:3c:da:21:ee:dc:0d:f9:bf:
c1:5f:10:c2:ef:75:6a:bb:ae:eb:5a:03:b8:4c:bf:
23:4e:3e:9b:43:d3:f3:4b:d2:f3:3f:e1:e9:01:9f:
e0:23:36:4a:75:5b:7d:c9:e3:07:b0:c9:32:71:31:
90:7c:6b:45:7a:62:f9:0d:bd:6d:e5:b3:97:07:6f:
6d:c9:4b:34:a3:40:ed:d8:7c:5e:a6:ca:d4:4f:f6:
7c:9e:82:3f:1e:ff:bc:75:8f:a0:ab:86:95:a1:03:
d9:f1:c5:05:32:f6:81:93:90:6d:96:e6:02:07:34:
f7:88:a8:72:7e:03:07:5c:29:c4:66:53:22:37:e5:
02:a5:18:bc:f8:88:95:f4:ee:93:5a:b7:2c:41:f9:
70:8c:89:20:fd:6f:f8:4e:2a:7a:b6:b7:72:c1:d9:
97:e4:f1:cd:18:fd:86:35:9a:29:1b:20:bc:7c:fe:
6b:67:17:a5:6b:55:3e:2c:80:c6:a4:46:ca:92:11:
98:56:3f:fb:2f:9d:20:1e:00:27:05:46:f5:a8:f0:
4e:0a:1e:ec:f6:a6:59:1a:9a:f4:e5:f8:9e:f2:18:
6d:61:8e:36:30:ce:12:05:64:78:45:75:3d:20:c4:
80:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:49:AD:5A:6F:B1:1A:89:4D:5A:A4:EA:F7:9D:2F:AE:5C:4E:FE:F2
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/OkmtWm-xGolNWqTq950vrlxO_vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.200.0/22
185.11.140.0/23
Signature Algorithm: sha256WithRSAEncryption
65:59:04:07:d7:fa:e3:4f:05:dc:54:36:13:f8:ce:06:38:18:
dd:12:b0:7a:3f:fb:33:db:33:14:5b:8b:11:d5:6b:d7:72:30:
74:bb:f3:ba:96:63:e3:ef:dd:22:c6:e5:6c:61:92:1d:e2:8b:
6f:58:15:c6:fe:b6:d7:2c:16:8b:b1:50:7b:54:f6:4c:3f:8f:
f0:a1:d7:4c:04:e4:a8:e5:bf:3d:c7:9b:8b:03:35:b1:d0:88:
c7:29:89:a5:f9:42:9d:42:f9:74:f5:62:80:28:85:6d:11:2f:
cc:7f:a6:32:12:ba:4b:25:dc:4a:1e:ff:d6:3f:96:fa:01:c8:
75:9f:34:ac:34:75:b0:ca:60:e6:dc:d8:ea:97:58:99:9a:e7:
ba:44:1c:6c:c1:25:35:18:64:5c:43:4c:fe:97:6a:cc:8d:ac:
e3:9f:f6:e4:56:c5:a2:0e:43:20:a9:74:ab:9b:57:d9:cc:cf:
89:5d:68:91:14:e0:d4:fe:88:12:d7:c3:b9:77:f7:2e:bc:63:
98:db:f6:03:50:76:ba:75:2b:ea:1e:4b:32:af:f2:57:b5:4c:
89:14:59:5c:6b:73:ad:d9:c1:e4:de:50:96:7b:b6:32:60:f7:
f3:4f:5f:de:2c:20:e3:48:00:74:38:de:91:44:76:69:3a:13:
2f:58:ac:31
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOILfAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGIzZWVkMWM3YWNhNjM2ZDYyNDU4NTJiODAyZTBlNzM3NTRkZjYzMB4XDTIyMDUx
MDAwNTMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E0OWFkNWE2ZmIx
MWE4OTRkNWFhNGVhZjc5ZDJmYWU1YzRlZmVmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBrO/nu2MofxWiX6cLgIYUIxsOP2zzaIe7cDfm/wV8Qwu91
aruu61oDuEy/I04+m0PT80vS8z/h6QGf4CM2SnVbfcnjB7DJMnExkHxrRXpi+Q29
beWzlwdvbclLNKNA7dh8XqbK1E/2fJ6CPx7/vHWPoKuGlaED2fHFBTL2gZOQbZbm
Agc094iocn4DB1wpxGZTIjflAqUYvPiIlfTuk1q3LEH5cIyJIP1v+E4qera3csHZ
l+TxzRj9hjWaKRsgvHz+a2cXpWtVPiyAxqRGypIRmFY/+y+dIB4AJwVG9ajwTgoe
7PamWRqa9OX4nvIYbWGONjDOEgVkeEV1PSDEgI0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ6Sa1ab7EaiU1apOr3nS+uXE7+8jAfBgNVHSMEGDAWgBTos+7Rx6ymNtYk
WFK4AuDnN1TfYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZMUHUwY2VzcGpiV0pGaFN1QUxnNXpkVTMyTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvMTc3MzI5LTI4Y2QtNDg2NC05ZTE2LTk0NjQwNGVjMWFhNC8x
L09rbXRXbS14R29sTldxVHE5NTB2cmx4T192SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
MTc3MzI5LTI4Y2QtNDg2NC05ZTE2LTk0NjQwNGVjMWFhNC8xLzZMUHUwY2VzcGpi
V0pGaFN1QUxnNXpkVTMyTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAh/eyAMEAbkLjDANBgkqhkiG9w0B
AQsFAAOCAQEAZVkEB9f6408F3FQ2E/jOBjgY3RKwej/7M9szFFuLEdVr13IwdLvz
upZj4+/dIsblbGGSHeKLb1gVxv621ywWi7FQe1T2TD+P8KHXTATkqOW/PcebiwM1
sdCIxymJpflCnUL5dPVigCiFbREvzH+mMhK6SyXcSh7/1j+W+gHIdZ80rDR1sMpg
5tzY6pdYmZrnukQcbMElNRhkXENM/pdqzI2s45/25FbFog5DIKl0q5tX2czPiV1o
kRTg1P6IEtfDuXf3LrxjmNv2A1B2unUr6h5LMq/yV7VMiRRZXGtzrdnB5N5Qlnu2
MmD3809f3iwg40gAdDjekUR2aToTL1isMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:30 2024 by rpki-client on console-ams.rpki-client.org