Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/ofPemyXZ50rhzxKQS-LUHeQId80.roa
File: ofPemyXZ50rhzxKQS-LUHeQId80.roa (raw, json)
Hash identifier: ixv3VnN7ZRtIK1zUToT4JgIJ2KIsdipyhRfV6wmGKwk=
Subject key identifier: A1:F3:DE:9B:25:D9:E7:4A:E1:CF:12:90:4B:E2:D4:1D:E4:08:77:CD
Certificate issuer: /CN=39732dcd0c35426144f9f026754179dfaebe8958
Certificate serial: 0609FD8C
Authority key identifier: 39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/ofPemyXZ50rhzxKQS-LUHeQId80.roa
Signing time: Sat 01 Jan 2022 07:02:34 +0000
ROA not before: Sat 01 Jan 2022 07:02:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201240
IP address blocks: 192.166.240.0/24 maxlen: 24
2a07:eec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101318028 (0x609fd8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39732dcd0c35426144f9f026754179dfaebe8958
Validity
Not Before: Jan 1 07:02:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1f3de9b25d9e74ae1cf12904be2d41de40877cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:53:2a:f0:5c:c7:c6:54:e0:aa:c7:7e:48:71:
58:fb:f8:41:12:8c:88:99:08:2f:0c:b0:cf:e4:e3:
8e:61:8f:ef:a7:11:c4:ec:69:2e:12:8d:d2:6a:f4:
32:31:c1:38:81:90:cb:de:4c:86:72:1f:15:4b:cc:
71:99:50:65:79:9b:11:c7:96:7f:58:18:d7:d6:d0:
e8:b2:86:a3:c6:c7:25:78:72:5b:5c:48:21:0d:63:
b4:e5:05:f3:14:51:cc:60:99:64:97:42:6c:65:ea:
6c:dc:31:06:80:f3:b9:94:e4:a8:2d:13:cb:f2:01:
d0:b9:e3:2e:c1:19:02:e1:fe:18:11:3e:ab:7a:48:
d3:7a:73:7d:ab:ed:b3:72:f8:94:45:63:c7:b7:85:
f1:29:d9:ed:aa:75:16:ed:86:31:57:e5:ac:8f:7f:
db:35:4a:b2:1e:a8:a9:0d:e4:f3:7e:59:9a:35:85:
ba:85:27:83:ef:b6:ec:48:55:c9:55:5c:50:28:50:
ab:1f:90:54:14:24:8e:fb:c6:09:2a:9c:5e:80:83:
50:70:c5:60:81:02:9b:83:7d:f5:ce:1b:00:98:d5:
8b:bb:63:52:a1:38:e8:78:d7:82:e7:21:f2:fc:d9:
ae:82:1d:6f:96:6e:ed:6c:82:43:98:c5:82:6c:cc:
55:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F3:DE:9B:25:D9:E7:4A:E1:CF:12:90:4B:E2:D4:1D:E4:08:77:CD
X509v3 Authority Key Identifier:
keyid:39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/ofPemyXZ50rhzxKQS-LUHeQId80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/OXMtzQw1QmFE-fAmdUF5366-iVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.240.0/24
IPv6:
2a07:eec0::/29
Signature Algorithm: sha256WithRSAEncryption
1b:25:2b:48:41:89:f2:1a:82:e4:89:92:6b:be:54:37:13:99:
cb:c9:cb:9b:32:33:df:c7:bd:61:4d:4c:67:95:46:cb:0c:f5:
b8:12:2b:b2:9f:de:08:0a:07:83:34:e6:bd:d0:e8:47:ef:9f:
65:07:76:bd:bf:c5:f1:ac:1b:f2:fe:8d:55:1c:23:9b:13:fa:
8a:83:19:03:9f:f6:3b:d2:94:f1:eb:a0:a2:ce:40:20:dc:ed:
38:c5:9e:bf:d0:c6:2c:bc:b0:18:41:78:54:6c:5e:63:fd:73:
3d:7d:bf:30:77:30:2f:2e:03:24:3c:19:16:6d:a4:c2:68:7c:
d7:fa:2e:27:6a:b7:4b:42:9f:8d:12:63:6e:d8:d9:f1:be:6d:
67:ee:c4:42:35:38:ba:a3:e6:fd:20:ab:66:c8:f0:d7:5f:9b:
86:81:6d:03:e2:80:c3:a4:43:2f:3c:52:2f:ad:7e:8e:47:36:
35:e4:14:35:4f:67:fc:0f:e7:38:8f:29:9f:1d:9e:39:d4:05:
91:94:09:0f:e6:09:03:4c:24:cd:2b:e4:47:4f:ee:80:00:68:
cb:ed:1b:71:91:4d:93:52:fc:48:ea:02:33:62:76:8f:85:de:
72:f7:b3:41:9f:f0:f4:60:e9:65:f8:10:86:63:9e:58:bc:29:
8b:0e:07:e4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBgn9jDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTczMmRjZDBjMzU0MjYxNDRmOWYwMjY3NTQxNzlkZmFlYmU4OTU4MB4XDTIyMDEw
MTA3MDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFmM2RlOWIyNWQ5
ZTc0YWUxY2YxMjkwNGJlMmQ0MWRlNDA4NzdjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9TKvBcx8ZU4KrHfkhxWPv4QRKMiJkILwywz+TjjmGP76cR
xOxpLhKN0mr0MjHBOIGQy95MhnIfFUvMcZlQZXmbEceWf1gY19bQ6LKGo8bHJXhy
W1xIIQ1jtOUF8xRRzGCZZJdCbGXqbNwxBoDzuZTkqC0Ty/IB0LnjLsEZAuH+GBE+
q3pI03pzfavts3L4lEVjx7eF8SnZ7ap1Fu2GMVflrI9/2zVKsh6oqQ3k835ZmjWF
uoUng++27EhVyVVcUChQqx+QVBQkjvvGCSqcXoCDUHDFYIECm4N99c4bAJjVi7tj
UqE46HjXguch8vzZroIdb5Zu7WyCQ5jFgmzMVdkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSh896bJdnnSuHPEpBL4tQd5Ah3zTAfBgNVHSMEGDAWgBQ5cy3NDDVCYUT5
8CZ1QXnfrr6JWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09YTXR6UXcxUW1GRS1mQW1kVUY1MzY2LWlWZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvMjM3MTA2LWQwOGQtNGFhMC1hYzgyLWY2MGFmMmE4MjA2MC8x
L29mUGVteVhaNTByaHp4S1FTLUxVSGVRSWQ4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
MjM3MTA2LWQwOGQtNGFhMC1hYzgyLWY2MGFmMmE4MjA2MC8xL09YTXR6UXcxUW1G
RS1mQW1kVUY1MzY2LWlWZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMCm8DANBAIAAjAHAwUDKgfuwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGyUrSEGJ8hqC5ImSa75UNxOZy8nLmzIz38e9YU1M
Z5VGywz1uBIrsp/eCAoHgzTmvdDoR++fZQd2vb/F8awb8v6NVRwjmxP6ioMZA5/2
O9KU8eugos5AINztOMWev9DGLLywGEF4VGxeY/1zPX2/MHcwLy4DJDwZFm2kwmh8
1/ouJ2q3S0KfjRJjbtjZ8b5tZ+7EQjU4uqPm/SCrZsjw11+bhoFtA+KAw6RDLzxS
L61+jkc2NeQUNU9n/A/nOI8pnx2eOdQFkZQJD+YJA0wkzSvkR0/ugABoy+0bcZFN
k1L8SOoCM2J2j4XecvezQZ/w9GDpZfgQhmOeWLwpiw4H5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:42 2024 by rpki-client on console-fra.rpki-client.org