Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/O6HzQWCHIq32Fpt6pdXrQEdA_VI.roa
File: O6HzQWCHIq32Fpt6pdXrQEdA_VI.roa (raw, json)
Hash identifier: DHvZiRaAtiC8RewZd+t4VNqpjELeT7XMHOI0FtlX8Ak=
Subject key identifier: 3B:A1:F3:41:60:87:22:AD:F6:16:9B:7A:A5:D5:EB:40:47:40:FD:52
Certificate issuer: /CN=a10c73530bb684fd569dfc432704675704183429
Certificate serial: 1610961A
Authority key identifier: A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/O6HzQWCHIq32Fpt6pdXrQEdA_VI.roa
Signing time: Sat 01 Jan 2022 11:58:41 +0000
ROA not before: Sat 01 Jan 2022 11:58:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47492
IP address blocks: 81.161.227.0/24 maxlen: 24
185.94.232.0/22 maxlen: 24
185.94.232.0/23 maxlen: 24
185.94.232.0/24 maxlen: 24
185.94.233.0/24 maxlen: 24
185.94.234.0/23 maxlen: 24
185.94.234.0/24 maxlen: 24
81.161.224.0/24 maxlen: 24
185.94.235.0/24 maxlen: 24
81.161.225.0/24 maxlen: 24
2a03:e841::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 370185754 (0x1610961a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a10c73530bb684fd569dfc432704675704183429
Validity
Not Before: Jan 1 11:58:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ba1f341608722adf6169b7aa5d5eb404740fd52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2f:cc:37:13:bb:6f:ba:8b:d3:e0:38:d8:a1:
5e:b0:d8:37:51:4f:1c:a7:cd:8e:99:8f:5c:6f:f3:
c3:89:7f:e1:93:3e:9b:13:97:83:b5:aa:7d:e6:2e:
88:5c:8d:b6:01:d0:0c:a2:d1:cb:bc:c2:6d:af:54:
83:5d:a5:2f:22:ab:e7:9b:1e:54:83:6e:a8:1d:e3:
b0:be:05:78:8b:6c:5a:6a:d8:e7:32:7a:12:3e:9a:
cd:2f:36:ac:27:60:f0:2c:70:c9:fc:c2:38:78:d2:
e0:86:76:f8:b7:af:3b:db:46:1f:9a:09:88:33:51:
c2:be:a7:be:b2:9f:61:3d:72:9e:29:53:10:ce:c4:
14:ab:87:d0:b0:92:ca:5a:5f:58:11:a0:3f:e4:5e:
41:64:28:13:a1:dd:3e:12:9c:ac:68:0f:0e:bb:9f:
e6:73:d5:c9:85:1f:41:15:5e:2d:ab:fb:e1:ac:1d:
ef:95:67:e0:6b:fc:86:3d:4b:e4:8c:1a:6f:90:bc:
7e:d4:53:ca:51:df:76:7c:16:2a:ba:97:ab:dd:5c:
9c:89:e7:b1:65:2a:6b:f9:2c:3a:f9:86:c6:d0:16:
53:be:70:61:b5:f1:11:cf:a9:0c:3d:df:8b:83:d0:
47:8f:f8:f9:b9:4b:ca:07:f0:9f:89:55:5f:6e:ff:
77:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A1:F3:41:60:87:22:AD:F6:16:9B:7A:A5:D5:EB:40:47:40:FD:52
X509v3 Authority Key Identifier:
keyid:A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/O6HzQWCHIq32Fpt6pdXrQEdA_VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.224.0/23
81.161.227.0/24
185.94.232.0/22
IPv6:
2a03:e841::/32
Signature Algorithm: sha256WithRSAEncryption
95:71:2d:b5:19:4c:be:e9:98:72:ec:df:76:32:e3:6f:dc:9a:
f6:31:c9:73:fc:51:91:ee:36:1b:a6:42:a9:83:89:9d:2a:85:
d5:47:c5:80:90:4e:42:a1:dd:d6:56:86:d4:df:55:42:19:ee:
29:fb:3e:c8:2b:8a:6f:73:fe:5e:ce:93:e9:cc:cc:41:e8:b4:
b5:bf:14:36:34:cb:7c:2c:8c:bd:32:12:66:46:6b:26:bf:50:
e4:83:03:6a:f7:86:b0:7f:73:d0:1f:89:41:2d:f9:1a:3c:2f:
0f:ec:32:78:16:ad:96:4d:b2:9a:38:d8:da:2e:97:1b:f1:ce:
8f:1c:52:cc:b6:39:a5:0c:c6:3c:e4:9d:df:3c:01:7a:1c:02:
53:a3:d2:12:9a:d3:dd:b9:0a:79:e4:75:1e:ec:2b:25:70:54:
0c:50:1b:e5:b6:ed:52:17:a2:75:48:ba:e0:34:72:d9:42:b8:
3c:9e:36:c0:27:f2:12:e7:fb:4f:77:02:96:77:aa:ab:0c:63:
14:3c:71:0d:31:27:aa:2c:a9:61:49:f6:f9:92:ac:cf:e3:9f:
da:b3:21:40:45:f4:48:07:52:4f:92:7c:62:cd:07:fb:cc:58:
19:6c:35:ee:df:34:8a:1f:a1:9b:d5:9f:b3:09:cd:f3:f5:db:
29:d3:18:d2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFhCWGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MTBjNzM1MzBiYjY4NGZkNTY5ZGZjNDMyNzA0Njc1NzA0MTgzNDI5MB4XDTIyMDEw
MTExNTg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JhMWYzNDE2MDg3
MjJhZGY2MTY5YjdhYTVkNWViNDA0NzQwZmQ1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkvzDcTu2+6i9PgONihXrDYN1FPHKfNjpmPXG/zw4l/4ZM+
mxOXg7WqfeYuiFyNtgHQDKLRy7zCba9Ug12lLyKr55seVINuqB3jsL4FeItsWmrY
5zJ6Ej6azS82rCdg8CxwyfzCOHjS4IZ2+LevO9tGH5oJiDNRwr6nvrKfYT1ynilT
EM7EFKuH0LCSylpfWBGgP+ReQWQoE6HdPhKcrGgPDruf5nPVyYUfQRVeLav74awd
75Vn4Gv8hj1L5Iwab5C8ftRTylHfdnwWKrqXq91cnInnsWUqa/ksOvmGxtAWU75w
YbXxEc+pDD3fi4PQR4/4+blLygfwn4lVX27/d/ECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQ7ofNBYIcirfYWm3ql1etAR0D9UjAfBgNVHSMEGDAWgBShDHNTC7aE/Vad
/EMnBGdXBBg0KTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29ReHpVd3UyaFAxV25meERKd1JuVndRWU5Day5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvZWQxN2M4LWFiZDQtNDE0Zi1iYzMwLTdkMDgyOTFhNzY2Mi8x
L082SHpRV0NISXEzMkZwdDZwZFhyUUVkQV9WSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
ZWQxN2M4LWFiZDQtNDE0Zi1iYzMwLTdkMDgyOTFhNzY2Mi8xL29ReHpVd3UyaFAx
V25meERKd1JuVndRWU5Day5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAVGh4AMEAFGh4wMEArle6DANBAIA
AjAHAwUAKgPoQTANBgkqhkiG9w0BAQsFAAOCAQEAlXEttRlMvumYcuzfdjLjb9ya
9jHJc/xRke42G6ZCqYOJnSqF1UfFgJBOQqHd1laG1N9VQhnuKfs+yCuKb3P+Xs6T
6czMQei0tb8UNjTLfCyMvTISZkZrJr9Q5IMDaveGsH9z0B+JQS35GjwvD+wyeBat
lk2ymjjY2i6XG/HOjxxSzLY5pQzGPOSd3zwBehwCU6PSEprT3bkKeeR1HuwrJXBU
DFAb5bbtUheidUi64DRy2UK4PJ42wCfyEuf7T3cClneqqwxjFDxxDTEnqiypYUn2
+ZKsz+Of2rMhQEX0SAdST5J8Ys0H+8xYGWw17t80ih+hm9WfswnN8/XbKdMY0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:54 2024 by rpki-client on console-fra.rpki-client.org