Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/oLs7Mck0gM35w9q0mvY9D1UAN5c.roa
File: oLs7Mck0gM35w9q0mvY9D1UAN5c.roa (raw, json)
Hash identifier: qhbD3H9mBhRhbi9zz4dLiqg5m6K5bgOJFmpTsHtkv6M=
Subject key identifier: A0:BB:3B:31:C9:34:80:CD:F9:C3:DA:B4:9A:F6:3D:0F:55:00:37:97
Certificate issuer: /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial: 0A7C8702
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/oLs7Mck0gM35w9q0mvY9D1UAN5c.roa
Signing time: Sat 01 Jan 2022 08:02:21 +0000
ROA not before: Sat 01 Jan 2022 08:02:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 10753
IP address blocks: 185.189.32.0/23 maxlen: 23
185.189.34.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175933186 (0xa7c8702)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Validity
Not Before: Jan 1 08:02:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0bb3b31c93480cdf9c3dab49af63d0f55003797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:28:19:91:9b:cb:7d:8e:f8:6a:6f:2a:5c:32:
6d:2a:cd:bf:8d:7e:d8:c3:bd:8a:cb:f9:60:ca:f4:
d3:86:aa:82:43:8b:27:bd:d7:47:d5:da:ad:fb:d9:
21:95:ea:97:b6:08:3e:fc:14:87:16:02:10:d8:05:
8c:55:a6:0a:32:b0:8e:f4:d7:9c:59:84:e7:9e:d8:
86:6d:c1:39:3a:b6:6a:58:d1:c5:9c:d8:27:5e:cd:
a8:98:1a:29:b0:82:ff:ef:43:d0:a7:8a:f0:a1:e0:
ba:66:07:7e:8e:b3:cd:73:f6:4d:53:1b:94:3f:84:
86:5b:10:cf:a1:f0:f4:d6:7b:9a:53:67:06:82:e7:
f9:b9:43:96:5d:66:67:5b:21:ed:10:6a:8c:59:43:
7b:77:ef:ab:bc:0d:1a:8d:6e:7c:f0:81:31:e0:42:
a3:c1:5e:63:b8:ea:b1:42:f7:66:77:39:ce:d5:c7:
15:d5:26:f0:a8:b7:71:23:99:98:38:fb:d3:be:98:
7d:ce:e9:9d:29:89:eb:f0:cc:fc:f3:8b:5b:ab:c7:
1f:51:31:de:9d:85:b7:a5:13:d2:d7:e2:7c:94:29:
31:5f:93:10:f4:4c:50:00:d3:be:68:09:44:48:8b:
4a:ee:fc:68:cb:59:ec:d3:76:4d:1b:9a:d0:0b:f0:
3a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BB:3B:31:C9:34:80:CD:F9:C3:DA:B4:9A:F6:3D:0F:55:00:37:97
X509v3 Authority Key Identifier:
keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/oLs7Mck0gM35w9q0mvY9D1UAN5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.32.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:64:ed:a8:bc:7e:73:02:10:62:e7:fe:6b:ed:45:92:a7:9c:
f0:3b:02:35:f3:28:66:7b:16:67:c3:8a:06:cd:9b:41:bf:f9:
b3:40:7b:d9:ae:a3:e5:ab:97:40:d6:c0:cb:54:7c:64:ca:ad:
cb:48:1e:ce:4c:fc:17:b4:3e:b8:35:02:8a:8a:35:2e:6f:0e:
02:bc:82:41:2c:d0:7f:95:c7:a5:3e:d0:69:9a:3d:1b:ca:bf:
59:70:bf:64:bb:1b:40:b4:99:b6:84:11:09:f0:53:d3:e7:10:
85:5a:60:7d:6c:e7:b2:54:ea:b0:cb:87:ca:72:3e:fb:1f:f6:
f6:a7:ec:68:5f:e1:00:d8:0e:57:49:5f:be:b5:6e:1a:d5:31:
78:d2:e4:61:d4:a4:d7:63:be:96:c7:0d:d6:86:74:2b:96:e5:
83:97:a7:d3:54:31:89:e7:45:52:a7:36:79:d5:8d:6d:cc:ad:
29:79:5f:aa:d0:1e:8b:49:cb:bc:c0:18:5e:0b:fd:f8:01:b8:
0b:dc:e0:d3:63:17:b1:10:45:d5:cd:13:31:67:8f:39:84:6e:
21:52:3b:8e:3c:14:4a:3c:3f:cd:3c:e5:61:60:e5:87:68:97:
c8:fc:72:24:68:aa:e3:d4:de:c8:b8:0e:5f:1a:c1:93:ab:77:
21:34:06:6d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECnyHAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmU3MjA0NjVjNWNkMGRhOWM2YTEzYjQ0ZmEwZDg2ZjY0OWU1MDU1MB4XDTIyMDEw
MTA4MDIyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBiYjNiMzFjOTM0
ODBjZGY5YzNkYWI0OWFmNjNkMGY1NTAwMzc5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMoGZGby32O+GpvKlwybSrNv41+2MO9isv5YMr004aqgkOL
J73XR9XarfvZIZXql7YIPvwUhxYCENgFjFWmCjKwjvTXnFmE557Yhm3BOTq2aljR
xZzYJ17NqJgaKbCC/+9D0KeK8KHgumYHfo6zzXP2TVMblD+EhlsQz6Hw9NZ7mlNn
BoLn+blDll1mZ1sh7RBqjFlDe3fvq7wNGo1ufPCBMeBCo8FeY7jqsUL3Znc5ztXH
FdUm8Ki3cSOZmDj7076Yfc7pnSmJ6/DM/POLW6vHH1Ex3p2Ft6UT0tfifJQpMV+T
EPRMUADTvmgJREiLSu78aMtZ7NN2TRua0AvwOksCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSguzsxyTSAzfnD2rSa9j0PVQA3lzAfBgNVHSMEGDAWgBSS5yBGXFzQ2pxq
E7RPoNhvZJ5QVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t1Y2dSbHhjME5xY2FoTzBUNkRZYjJTZVVGVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvZjhhOWViLTdmOGQtNGJmNy04M2Q5LTkwOTZlMTY3NGUyMi8x
L29MczdNY2swZ00zNXc5cTBtdlk5RDFVQU41Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
ZjhhOWViLTdmOGQtNGJmNy04M2Q5LTkwOTZlMTY3NGUyMi8xL2t1Y2dSbHhjME5x
Y2FoTzBUNkRZYjJTZVVGVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArm9IDANBgkqhkiG9w0BAQsFAAOC
AQEAjWTtqLx+cwIQYuf+a+1Fkqec8DsCNfMoZnsWZ8OKBs2bQb/5s0B72a6j5auX
QNbAy1R8ZMqty0gezkz8F7Q+uDUCioo1Lm8OAryCQSzQf5XHpT7QaZo9G8q/WXC/
ZLsbQLSZtoQRCfBT0+cQhVpgfWznslTqsMuHynI++x/29qfsaF/hANgOV0lfvrVu
GtUxeNLkYdSk12O+lscN1oZ0K5blg5en01QxiedFUqc2edWNbcytKXlfqtAei0nL
vMAYXgv9+AG4C9zg02MXsRBF1c0TMWePOYRuIVI7jjwUSjw/zTzlYWDlh2iXyPxy
JGiq49TeyLgOXxrBk6t3ITQGbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:20 2024 by rpki-client on console-fra.rpki-client.org