Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/OJQa11UVh3rO-HtZLmVikmqZr6Q.roa
File: OJQa11UVh3rO-HtZLmVikmqZr6Q.roa (raw, json)
Hash identifier: 9OwNeWZvp9rocGZvCrGAthYmd6MvKCqllHw3HuDOKeI=
Subject key identifier: 38:94:1A:D7:55:15:87:7A:CE:F8:7B:59:2E:65:62:92:6A:99:AF:A4
Certificate issuer: /CN=6b378df27bd9260c7eb15273e993e36b0985da10
Certificate serial: 0184ECBF248D88430157A2DA0306B465A5E9
Authority key identifier: 6B:37:8D:F2:7B:D9:26:0C:7E:B1:52:73:E9:93:E3:6B:09:85:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/azeN8nvZJgx-sVJz6ZPjawmF2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/OJQa11UVh3rO-HtZLmVikmqZr6Q.roa
Signing time: Wed 07 Dec 2022 13:21:00 +0000
ROA not before: Wed 07 Dec 2022 13:21:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56786
IP address blocks: 84.21.178.0/24 maxlen: 24
84.21.179.0/24 maxlen: 24
84.21.176.0/22 maxlen: 24
84.21.176.0/24 maxlen: 24
84.21.177.0/24 maxlen: 24
2a0d:f540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:bf:24:8d:88:43:01:57:a2:da:03:06:b4:65:a5:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b378df27bd9260c7eb15273e993e36b0985da10
Validity
Not Before: Dec 7 13:21:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38941ad75515877acef87b592e6562926a99afa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:74:2c:e6:9e:74:85:ad:ac:8a:01:4d:0b:ec:
69:4b:de:cd:c9:e1:be:8c:cc:82:3e:ab:d0:e5:14:
b6:aa:8d:fb:cd:78:e9:32:51:e9:30:da:69:2a:e2:
47:09:87:dd:c1:f9:c5:d3:59:c8:f5:8d:fd:31:f8:
c8:5b:e0:c8:3e:af:e9:d1:72:69:81:7f:06:60:46:
3f:d9:56:56:de:f9:32:5e:c7:cc:81:c4:09:56:f8:
cf:53:e5:1e:58:fe:ad:54:14:10:b9:09:b3:fa:31:
d3:c3:f2:ba:3f:ac:68:0e:7a:5c:0a:a4:5f:a7:5b:
5f:e0:ab:22:4c:f1:60:3a:d3:11:5e:d2:3e:08:aa:
8f:2b:ce:bd:65:f7:7e:e9:7a:f2:db:52:b7:1d:43:
ec:f8:4d:fd:d5:29:65:a6:7b:8e:d3:96:dc:2c:98:
4c:f1:17:9e:73:09:ab:a6:e7:1a:f8:49:20:92:87:
7d:d3:bd:93:1e:93:fa:02:35:a6:f4:5d:49:4f:84:
45:74:1a:8e:c0:49:c5:71:18:fc:2a:0e:75:10:f0:
e5:65:39:99:eb:47:cd:69:c1:5a:8c:44:49:53:5a:
32:11:61:62:0c:1d:29:ea:1d:19:d6:09:9f:8c:eb:
b6:16:9a:fe:14:97:e2:f6:62:db:84:38:de:b5:de:
1f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:94:1A:D7:55:15:87:7A:CE:F8:7B:59:2E:65:62:92:6A:99:AF:A4
X509v3 Authority Key Identifier:
keyid:6B:37:8D:F2:7B:D9:26:0C:7E:B1:52:73:E9:93:E3:6B:09:85:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/azeN8nvZJgx-sVJz6ZPjawmF2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/OJQa11UVh3rO-HtZLmVikmqZr6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/azeN8nvZJgx-sVJz6ZPjawmF2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.176.0/22
IPv6:
2a0d:f540::/29
Signature Algorithm: sha256WithRSAEncryption
af:fa:a7:fa:99:86:b0:49:78:ea:1e:45:cf:bf:f3:7e:7c:09:
30:f8:4a:7b:a2:08:a5:9c:53:26:73:42:50:c4:dc:63:04:f1:
98:cc:14:13:0c:89:e2:cb:0f:e9:9c:43:ba:6f:45:23:1d:32:
41:17:93:5e:5f:7c:c6:39:03:f5:14:55:21:21:c0:cd:ba:c4:
0c:ec:84:a3:52:ef:bd:94:ca:2b:88:0f:ca:80:06:b8:c9:e5:
83:e5:97:2d:80:f2:f3:3a:8a:78:f0:cb:75:ef:b0:3e:76:c3:
96:a9:ef:4a:c5:3c:ac:a6:59:b6:35:e7:b8:e3:64:0b:ec:f0:
d4:bb:d6:90:84:4c:d7:25:e4:c6:de:ac:df:fc:31:af:a4:ec:
50:f4:2b:72:77:9e:66:5c:49:31:df:4d:dd:23:94:f5:41:51:
4a:c0:7c:64:5d:43:9b:bc:9b:c7:f9:89:68:b5:01:72:3f:76:
e1:ea:42:bd:34:2e:09:f4:7c:de:80:c3:30:3b:79:f0:56:6d:
b5:87:25:b2:18:8c:7e:07:96:b2:4f:c9:7c:e6:15:a0:9e:c7:
af:e4:00:3e:58:27:47:3a:13:f6:d6:82:bc:6a:b3:d4:c4:41:
31:a7:79:01:56:c6:84:04:51:78:30:13:b7:ad:3b:e4:3b:97:
bd:76:f7:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTsvySNiEMBV6LaAwa0ZaXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMzc4ZGYyN2JkOTI2MGM3ZWIxNTI3M2U5OTNlMzZiMDk4
NWRhMTAwHhcNMjIxMjA3MTMyMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODk0MWFkNzU1MTU4NzdhY2VmODdiNTkyZTY1NjI5MjZhOTlhZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXQs5p50ha2sigFNC+xpS97NyeG+
jMyCPqvQ5RS2qo37zXjpMlHpMNppKuJHCYfdwfnF01nI9Y39MfjIW+DIPq/p0XJp
gX8GYEY/2VZW3vkyXsfMgcQJVvjPU+UeWP6tVBQQuQmz+jHTw/K6P6xoDnpcCqRf
p1tf4KsiTPFgOtMRXtI+CKqPK869Zfd+6Xry21K3HUPs+E391SllpnuO05bcLJhM
8Reecwmrpuca+Ekgkod9072THpP6AjWm9F1JT4RFdBqOwEnFcRj8Kg51EPDlZTmZ
60fNacFajERJU1oyEWFiDB0p6h0Z1gmfjOu2Fpr+FJfi9mLbhDjetd4f5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDiUGtdVFYd6zvh7WS5lYpJqma+kMB8GA1UdIwQY
MBaAFGs3jfJ72SYMfrFSc+mT42sJhdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXplTjhudlpKZ3gtc1ZKejZaUGphd21GMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80ODVlYmMtN2VlNC00MjcwLWJkYzgt
OTdmYTgwYzBkZjQxLzEvT0pRYTExVVZoM3JPLUh0WkxtVmlrbXFacjZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80ODVlYmMtN2VlNC00MjcwLWJkYzgtOTdmYTgwYzBkZjQx
LzEvYXplTjhudlpKZ3gtc1ZKejZaUGphd21GMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVBWwMA0E
AgACMAcDBQMqDfVAMA0GCSqGSIb3DQEBCwUAA4IBAQCv+qf6mYawSXjqHkXPv/N+
fAkw+Ep7ogilnFMmc0JQxNxjBPGYzBQTDIniyw/pnEO6b0UjHTJBF5NeX3zGOQP1
FFUhIcDNusQM7ISjUu+9lMoriA/KgAa4yeWD5ZctgPLzOop48Mt177A+dsOWqe9K
xTysplm2Nee442QL7PDUu9aQhEzXJeTG3qzf/DGvpOxQ9Ctyd55mXEkx303dI5T1
QVFKwHxkXUObvJvH+YlotQFyP3bh6kK9NC4J9HzegMMwO3nwVm21hyWyGIx+B5ay
T8l85hWgnsev5AA+WCdHOhP21oK8arPUxEExp3kBVsaEBFF4MBO3rTvkO5e9dvfn
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:37 2023 by rpki-client on console-ams.rpki-client.org