Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/OyghE1BVsHDDbhInRC-01OhnDhY.roa
File: OyghE1BVsHDDbhInRC-01OhnDhY.roa (raw, json)
Hash identifier: o6DnANgxhhZOGudxkirVIFdtsxarbm8P2uMMXYPlor8=
Subject key identifier: 3B:28:21:13:50:55:B0:70:C3:6E:12:27:44:2F:B4:D4:E8:67:0E:16
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0183155DF8EE3F1C5557268995C28157C901
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/OyghE1BVsHDDbhInRC-01OhnDhY.roa
Signing time: Wed 07 Sep 2022 00:33:43 +0000
ROA not before: Wed 07 Sep 2022 00:33:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 185.213.22.0/24 maxlen: 24
185.126.236.0/24 maxlen: 24
185.126.237.0/24 maxlen: 24
2a11:840:2::/48 maxlen: 48
2a11:840:5::/48 maxlen: 48
2a11:840:3::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:1::/48 maxlen: 48
2a11:840:9::/48 maxlen: 48
2a11:840:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:15:5d:f8:ee:3f:1c:55:57:26:89:95:c2:81:57:c9:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 7 00:33:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b2821135055b070c36e1227442fb4d4e8670e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:17:af:4d:5d:40:7d:da:30:75:66:96:12:44:
e9:42:75:dc:3c:21:34:df:5c:97:19:89:81:e3:5e:
f1:c8:86:d8:1c:cf:48:44:91:50:ab:47:0c:19:9d:
64:c0:bf:ed:ea:26:bd:5a:20:d7:74:a3:df:78:22:
9f:81:33:a1:6b:14:21:fa:e2:10:97:ac:2f:5b:7b:
00:1f:1d:73:f9:10:21:34:72:67:14:d3:17:07:8b:
71:84:da:74:a0:9f:d3:31:d6:87:fa:aa:09:ad:1e:
f5:29:e7:e5:da:74:17:3b:d8:76:3a:36:b0:de:8b:
d7:5c:c0:40:49:ad:b1:35:92:87:20:be:39:0c:9b:
7e:b6:8c:82:c9:d5:82:3b:09:66:1f:77:8b:5b:6e:
9a:ed:90:67:1e:54:17:2a:e6:09:92:88:bf:30:4f:
c0:41:0f:59:d2:52:7b:40:ab:cf:51:bc:5a:ff:af:
59:78:b1:0d:f0:30:ff:67:8b:0b:dc:4b:19:41:a2:
86:79:cb:2d:30:59:53:5d:21:e2:8c:ba:5f:8f:03:
47:f0:fe:03:59:50:f5:f3:ba:7f:0f:95:d1:70:c5:
f9:7b:a3:59:28:7d:41:02:5b:26:77:c4:e2:ec:d6:
d1:3f:d0:ee:40:75:8a:5d:46:34:1e:24:78:d2:d6:
81:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:28:21:13:50:55:B0:70:C3:6E:12:27:44:2F:B4:D4:E8:67:0E:16
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/OyghE1BVsHDDbhInRC-01OhnDhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.236.0/23
185.213.22.0/24
IPv6:
2a11:840:1::-2a11:840:6:ffff:ffff:ffff:ffff:ffff
2a11:840:9::/48
Signature Algorithm: sha256WithRSAEncryption
26:47:aa:55:48:9a:fc:31:e5:82:56:cd:44:ac:90:79:20:12:
12:c0:a8:25:4e:5c:7e:93:47:83:f0:6f:b2:a3:b4:58:6e:9b:
66:a8:4c:fc:dc:6a:5b:95:f9:7c:2e:3e:f9:6f:16:a0:01:31:
9c:16:c4:6d:11:3e:c9:ce:c5:d8:a5:cc:0c:cf:86:ac:e6:69:
b3:30:8e:46:81:75:79:0b:c3:a1:2b:0b:f5:a1:24:bf:27:99:
d1:cc:fa:17:7c:23:69:74:89:ea:a9:87:aa:50:f3:0e:d8:08:
95:cd:14:77:57:45:f9:d9:8c:f6:89:aa:2c:85:af:9a:20:17:
a9:cb:01:2e:5e:52:84:8b:95:4e:4b:7c:c1:d1:b6:31:88:82:
48:94:64:16:e9:dc:62:38:01:d9:69:e3:68:85:81:3b:a1:1c:
8c:16:d3:e2:af:1b:d2:e8:bf:9e:14:22:60:87:cd:a9:24:6a:
a6:3e:5f:ba:c2:ca:cf:59:a2:5a:01:68:38:f7:7a:c2:bb:1f:
f2:03:c0:55:05:b3:fe:e3:66:5c:c5:f9:ad:82:f9:1e:b3:de:
4b:dc:68:69:df:7b:a7:ff:2a:4d:1b:5e:ea:25:4d:85:b2:d2:
34:89:17:10:7d:d4:bd:50:40:76:4d:b6:b2:77:b0:a0:42:dd:
e2:cf:11:d3
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYMVXfjuPxxVVyaJlcKBV8kBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjIwOTA3MDAzMzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI4MjExMzUwNTViMDcwYzM2ZTEyMjc0NDJmYjRkNGU4NjcwZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhevTV1AfdowdWaWEkTpQnXcPCE0
31yXGYmB417xyIbYHM9IRJFQq0cMGZ1kwL/t6ia9WiDXdKPfeCKfgTOhaxQh+uIQ
l6wvW3sAHx1z+RAhNHJnFNMXB4txhNp0oJ/TMdaH+qoJrR71Kefl2nQXO9h2Ojaw
3ovXXMBASa2xNZKHIL45DJt+toyCydWCOwlmH3eLW26a7ZBnHlQXKuYJkoi/ME/A
QQ9Z0lJ7QKvPUbxa/69ZeLEN8DD/Z4sL3EsZQaKGecstMFlTXSHijLpfjwNH8P4D
WVD187p/D5XRcMX5e6NZKH1BAlsmd8Ti7NbRP9DuQHWKXUY0HiR40taBCQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDsoIRNQVbBww24SJ0QvtNToZw4WMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvT3lnaEUxQlZzSEREYmhJblJDLTAxT2huRGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQBuX7sAwQA
udUWMCMEAgACMB0wEgMHACoRCEAAAQMHACoRCEAABgMHACoRCEAACTANBgkqhkiG
9w0BAQsFAAOCAQEAJkeqVUia/DHlglbNRKyQeSASEsCoJU5cfpNHg/BvsqO0WG6b
ZqhM/NxqW5X5fC4++W8WoAExnBbEbRE+yc7F2KXMDM+GrOZpszCORoF1eQvDoSsL
9aEkvyeZ0cz6F3wjaXSJ6qmHqlDzDtgIlc0Ud1dF+dmM9omqLIWvmiAXqcsBLl5S
hIuVTkt8wdG2MYiCSJRkFuncYjgB2WnjaIWBO6EcjBbT4q8b0ui/nhQiYIfNqSRq
pj5fusLKz1miWgFoOPd6wrsf8gPAVQWz/uNmXMX5rYL5HrPeS9xoad97p/8qTRte
6iVNhbLSNIkXEH3UvVBAdk22snewoELd4s8R0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org