Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/O7QwMI4ZP0qyYAzFoslc-1KDaXs.roa
File: O7QwMI4ZP0qyYAzFoslc-1KDaXs.roa (raw, json)
Hash identifier: XeAI5zq7wTC0QICErvFudptEcl8OQE3rjIjo5pOYBUY=
Subject key identifier: 3B:B4:30:30:8E:19:3F:4A:B2:60:0C:C5:A2:C9:5C:FB:52:83:69:7B
Certificate issuer: /CN=167ac5231a0d7bc5824590a0b2f621ede984770c
Certificate serial: 039F946E
Authority key identifier: 16:7A:C5:23:1A:0D:7B:C5:82:45:90:A0:B2:F6:21:ED:E9:84:77:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FnrFIxoNe8WCRZCgsvYh7emEdww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/O7QwMI4ZP0qyYAzFoslc-1KDaXs.roa
Signing time: Fri 01 Jul 2022 15:59:12 +0000
ROA not before: Fri 01 Jul 2022 15:59:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206289
IP address blocks: 91.217.191.0/24 maxlen: 25
185.189.251.0/24 maxlen: 24
185.189.250.0/23 maxlen: 23
185.189.248.0/24 maxlen: 24
185.189.248.0/22 maxlen: 22
185.189.248.0/23 maxlen: 23
185.189.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60789870 (0x39f946e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=167ac5231a0d7bc5824590a0b2f621ede984770c
Validity
Not Before: Jul 1 15:59:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bb430308e193f4ab2600cc5a2c95cfb5283697b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0d:07:42:56:8b:73:3d:2e:29:7c:f7:07:87:
ef:de:cf:ce:b1:fb:a3:16:3b:23:d2:02:97:7c:cb:
65:b3:a7:9e:c6:57:2d:d1:87:fd:b4:98:17:5e:c8:
e8:57:53:ff:cd:63:3d:2b:92:42:ec:bc:00:6c:da:
eb:d0:43:18:00:92:8a:a8:80:eb:a0:f2:97:96:83:
c5:17:6d:95:37:a6:04:68:ae:c3:eb:43:64:85:07:
f2:54:97:88:d3:03:55:3b:86:6b:23:13:f2:fe:2c:
83:31:a2:2e:3d:0c:d7:77:8b:97:2a:52:1d:5f:ab:
1e:03:2e:3f:e4:13:34:98:de:0e:ff:aa:b9:50:2e:
c4:aa:55:03:d9:e8:8d:52:5d:23:63:98:59:5f:fa:
7d:1d:cb:4a:7f:7d:46:fa:17:83:c1:bd:36:61:f7:
64:e8:26:ed:09:d0:c7:0e:6f:14:b7:54:72:52:e5:
6f:91:96:6e:79:ab:f9:b3:f3:b4:18:43:1d:eb:f4:
96:df:c7:b3:a9:89:58:58:cf:66:45:c8:0f:1a:d7:
1b:8c:f1:9e:4f:76:f2:65:f9:e6:4d:8a:ba:11:7c:
ff:af:19:27:62:34:9e:ef:e7:28:33:d9:7c:cf:95:
14:98:d9:8a:b4:3f:c3:e1:a6:a1:fa:56:42:28:dd:
34:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B4:30:30:8E:19:3F:4A:B2:60:0C:C5:A2:C9:5C:FB:52:83:69:7B
X509v3 Authority Key Identifier:
keyid:16:7A:C5:23:1A:0D:7B:C5:82:45:90:A0:B2:F6:21:ED:E9:84:77:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FnrFIxoNe8WCRZCgsvYh7emEdww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/O7QwMI4ZP0qyYAzFoslc-1KDaXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/FnrFIxoNe8WCRZCgsvYh7emEdww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.191.0/24
185.189.248.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:f3:c6:36:d4:57:17:e1:3e:92:e6:3a:b3:46:ab:d7:fd:1d:
80:55:11:e2:c7:f5:56:56:58:e2:27:7c:24:73:54:86:f4:24:
b3:83:16:06:72:e7:a6:d2:52:68:45:70:59:08:4d:3d:69:c7:
9e:9b:9a:8d:8e:dd:9f:56:8e:79:94:f4:f0:d0:fc:49:23:f4:
c2:4b:86:05:22:6e:30:e2:c5:d3:d8:6d:4e:0b:77:4d:4f:d3:
b4:92:27:b2:70:46:69:a2:1e:fd:df:f4:25:68:be:5a:ef:50:
b8:44:7b:f2:7b:d3:94:d8:ef:1e:31:fc:37:8e:ef:4d:be:b0:
3c:47:dc:45:f5:0b:0b:7f:ec:b1:91:7a:7d:f0:5f:91:36:ea:
1f:e9:60:fa:c1:31:89:34:60:53:7d:19:be:63:d0:d4:cd:26:
1c:0b:8e:94:5e:27:72:07:32:17:98:e0:e7:87:d1:6b:ed:76:
55:f7:af:63:0d:84:4a:b2:9c:d9:2a:50:7d:c9:13:6d:09:bb:
68:25:ea:9d:0b:a7:e7:e6:7a:47:b6:3f:b9:cb:ab:8c:1d:52:
05:0e:66:50:3c:dc:c6:75:e1:e1:b2:99:eb:53:3d:06:9a:61:
75:3f:91:d0:c4:c8:41:e1:53:5f:30:91:6d:d5:bc:28:97:84:
99:71:d2:81
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA5+UbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NjdhYzUyMzFhMGQ3YmM1ODI0NTkwYTBiMmY2MjFlZGU5ODQ3NzBjMB4XDTIyMDcw
MTE1NTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JiNDMwMzA4ZTE5
M2Y0YWIyNjAwY2M1YTJjOTVjZmI1MjgzNjk3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIANB0JWi3M9Lil89weH797PzrH7oxY7I9ICl3zLZbOnnsZX
LdGH/bSYF17I6FdT/81jPSuSQuy8AGza69BDGACSiqiA66Dyl5aDxRdtlTemBGiu
w+tDZIUH8lSXiNMDVTuGayMT8v4sgzGiLj0M13eLlypSHV+rHgMuP+QTNJjeDv+q
uVAuxKpVA9nojVJdI2OYWV/6fR3LSn99RvoXg8G9NmH3ZOgm7QnQxw5vFLdUclLl
b5GWbnmr+bPztBhDHev0lt/Hs6mJWFjPZkXIDxrXG4zxnk928mX55k2KuhF8/68Z
J2I0nu/nKDPZfM+VFJjZirQ/w+GmofpWQijdNFsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ7tDAwjhk/SrJgDMWiyVz7UoNpezAfBgNVHSMEGDAWgBQWesUjGg17xYJF
kKCy9iHt6YR3DDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZuckZJeG9OZThXQ1JaQ2dzdlloN2VtRWR3dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvNjE3MzhlLTM5NzctNDk1ZS1iYTFhLTgwMzVmMmRmYzFmNC8x
L083UXdNSTRaUDBxeVlBekZvc2xjLTFLRGFYcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
NjE3MzhlLTM5NzctNDk1ZS1iYTFhLTgwMzVmMmRmYzFmNC8xL0ZuckZJeG9OZThX
Q1JaQ2dzdlloN2VtRWR3dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvZvwMEArm9+DANBgkqhkiG9w0B
AQsFAAOCAQEAKvPGNtRXF+E+kuY6s0ar1/0dgFUR4sf1VlZY4id8JHNUhvQks4MW
BnLnptJSaEVwWQhNPWnHnpuajY7dn1aOeZT08ND8SSP0wkuGBSJuMOLF09htTgt3
TU/TtJInsnBGaaIe/d/0JWi+Wu9QuER78nvTlNjvHjH8N47vTb6wPEfcRfULC3/s
sZF6ffBfkTbqH+lg+sExiTRgU30ZvmPQ1M0mHAuOlF4ncgcyF5jg54fRa+12Vfev
Yw2ESrKc2SpQfckTbQm7aCXqnQun5+Z6R7Y/ucurjB1SBQ5mUDzcxnXh4bKZ61M9
BpphdT+R0MTIQeFTXzCRbdW8KJeEmXHSgQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-fra.rpki-client.org