Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/o3iRe6D8Y4kv4k0UQF-zO07HTKs.roa
File: o3iRe6D8Y4kv4k0UQF-zO07HTKs.roa (raw, json)
Hash identifier: KGVBAbuR8CDP81HmEuHikMJneqBCc7Kya57PCBHd6Rw=
Subject key identifier: A3:78:91:7B:A0:FC:63:89:2F:E2:4D:14:40:5F:B3:3B:4E:C7:4C:AB
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 0182AF2DA04EEC1CFEFD687CC38246798D69
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/o3iRe6D8Y4kv4k0UQF-zO07HTKs.roa
Signing time: Thu 18 Aug 2022 04:19:39 +0000
ROA not before: Thu 18 Aug 2022 04:19:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.246.37.0/24 maxlen: 24
194.246.36.0/23 maxlen: 24
194.246.36.0/24 maxlen: 24
194.247.44.0/23 maxlen: 24
45.149.164.0/22 maxlen: 22
45.149.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:af:2d:a0:4e:ec:1c:fe:fd:68:7c:c3:82:46:79:8d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Aug 18 04:19:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a378917ba0fc63892fe24d14405fb33b4ec74cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d9:19:bd:02:78:3c:0a:cd:8a:d1:61:ad:63:
80:02:48:e9:55:7c:9c:36:97:3c:e3:a3:6a:25:20:
98:23:fd:af:d4:eb:89:ee:99:1e:c3:d2:c1:c6:fe:
e7:8d:aa:10:7f:d1:fa:2e:f1:8d:3a:a0:d0:4b:ed:
23:45:12:a9:39:28:05:fc:92:42:5a:00:ab:75:2a:
51:43:47:ce:8b:80:6d:c4:3d:12:80:b5:50:d1:51:
4c:1f:12:7c:07:68:b0:45:73:ed:88:bc:05:7a:03:
26:61:31:35:45:44:07:6e:32:c4:56:2b:50:da:83:
77:a6:80:20:2f:af:e7:14:21:cd:ad:cd:d5:a6:fb:
78:a7:0d:b4:c3:7b:b0:4f:32:38:8f:1f:9e:72:48:
cb:8a:64:42:75:10:8b:eb:2f:c7:3f:e1:67:05:6d:
97:64:08:0c:49:b6:b0:94:59:fc:fe:33:7e:50:7f:
0f:a8:16:3f:bc:36:b8:76:a5:e9:6e:b9:38:da:72:
5c:39:4c:56:6b:8f:97:d7:45:a1:5d:66:9a:ea:90:
3a:49:37:89:66:71:b2:6e:82:4f:2f:98:ab:bc:6c:
87:ee:c4:df:e3:7c:97:a9:a7:68:35:58:85:7d:23:
e6:9d:01:95:79:71:40:76:8b:9f:f7:43:bc:61:7a:
f2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:78:91:7B:A0:FC:63:89:2F:E2:4D:14:40:5F:B3:3B:4E:C7:4C:AB
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/o3iRe6D8Y4kv4k0UQF-zO07HTKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.164.0/22
194.246.36.0/23
194.247.44.0/23
Signature Algorithm: sha256WithRSAEncryption
11:59:6c:91:93:b3:ba:ed:29:a4:1e:a4:02:55:e4:31:8e:55:
68:9d:a0:6f:67:23:9d:9b:fc:c4:20:92:03:61:70:67:f0:2c:
82:cb:51:a8:ca:f7:b1:d4:8f:96:2e:75:32:7b:c5:d6:5b:07:
05:c7:f7:37:a5:ef:ec:63:a8:83:8b:0d:f7:b2:42:bf:0a:b0:
6b:18:32:a9:6a:20:30:cb:53:8b:0a:06:24:6f:e9:bd:9c:b8:
f2:5a:61:9f:2e:08:e6:e1:57:26:65:90:5c:ff:bd:bd:80:27:
31:f0:4c:6d:9e:1a:2d:e4:94:83:25:6c:98:68:bc:74:c2:3b:
54:19:2e:8b:65:4d:94:b1:34:d9:dd:4c:05:e7:33:d0:7a:b1:
00:b8:df:2f:d1:34:9b:6e:f1:d9:3a:ad:e1:f6:d4:4e:44:c4:
57:c7:7a:70:d6:e5:2a:80:1d:70:65:03:ca:91:ce:4b:93:99:
31:eb:90:8d:bf:ba:e9:7b:33:c7:e3:31:3a:75:72:54:77:36:
bd:1f:a1:71:93:a1:3f:3b:43:71:79:f0:9c:ff:68:de:84:aa:
07:c0:58:36:d2:04:76:50:a5:21:79:81:45:c3:75:30:93:cd:
3a:ca:fb:d0:f7:7d:3e:e6:07:fb:b0:a3:7d:b4:4a:85:25:83:
1f:96:1d:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKvLaBO7Bz+/Wh8w4JGeY1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjIwODE4MDQxOTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc4OTE3YmEwZmM2Mzg5MmZlMjRkMTQ0MDVmYjMzYjRlYzc0Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNkZvQJ4PArNitFhrWOAAkjpVXyc
Npc846NqJSCYI/2v1OuJ7pkew9LBxv7njaoQf9H6LvGNOqDQS+0jRRKpOSgF/JJC
WgCrdSpRQ0fOi4BtxD0SgLVQ0VFMHxJ8B2iwRXPtiLwFegMmYTE1RUQHbjLEVitQ
2oN3poAgL6/nFCHNrc3Vpvt4pw20w3uwTzI4jx+eckjLimRCdRCL6y/HP+FnBW2X
ZAgMSbawlFn8/jN+UH8PqBY/vDa4dqXpbrk42nJcOUxWa4+X10WhXWaa6pA6STeJ
ZnGyboJPL5irvGyH7sTf43yXqadoNViFfSPmnQGVeXFAdouf90O8YXry5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKN4kXug/GOJL+JNFEBfsztOx0yrMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvbzNpUmU2RDhZNGt2NGswVVFGLXpPMDdIVEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZWkAwQB
wvYkAwQBwvcsMA0GCSqGSIb3DQEBCwUAA4IBAQARWWyRk7O67SmkHqQCVeQxjlVo
naBvZyOdm/zEIJIDYXBn8CyCy1Goyvex1I+WLnUye8XWWwcFx/c3pe/sY6iDiw33
skK/CrBrGDKpaiAwy1OLCgYkb+m9nLjyWmGfLgjm4VcmZZBc/729gCcx8Extnhot
5JSDJWyYaLx0wjtUGS6LZU2UsTTZ3UwF5zPQerEAuN8v0TSbbvHZOq3h9tRORMRX
x3pw1uUqgB1wZQPKkc5Lk5kx65CNv7rpezPH4zE6dXJUdza9H6Fxk6E/O0NxefCc
/2jehKoHwFg20gR2UKUheYFFw3Uwk806yvvQ930+5gf7sKN9tEqFJYMflh2s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:51 2024 by rpki-client on console-fra.rpki-client.org