Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/Ogsfae2hdxWof9_SX40ki2RUC40.roa
File: Ogsfae2hdxWof9_SX40ki2RUC40.roa (raw, json)
Hash identifier: mdNGU3/h0MKxSF4r0EoG1qv6Y1LracjEv/UPLvplRWc=
Subject key identifier: 3A:0B:1F:69:ED:A1:77:15:A8:7F:DF:D2:5F:8D:24:8B:64:54:0B:8D
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 0184752447998021C6DB11A3C32AAF404DE7
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/Ogsfae2hdxWof9_SX40ki2RUC40.roa
Signing time: Mon 14 Nov 2022 07:57:02 +0000
ROA not before: Mon 14 Nov 2022 07:57:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39686
IP address blocks: 144.178.192.0/19 maxlen: 24
144.178.224.0/20 maxlen: 24
185.184.204.0/22 maxlen: 24
144.178.96.0/21 maxlen: 24
45.11.164.0/22 maxlen: 24
144.178.120.0/21 maxlen: 24
93.95.248.0/21 maxlen: 24
144.178.240.0/21 maxlen: 24
89.20.160.0/19 maxlen: 24
144.178.64.0/19 maxlen: 24
2a01:9bc0::/29 maxlen: 48
2a02:fe8::/32 maxlen: 48
2a02:fe9::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:24:47:99:80:21:c6:db:11:a3:c3:2a:af:40:4d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Nov 14 07:57:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a0b1f69eda17715a87fdfd25f8d248b64540b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e4:25:b2:79:40:f4:fc:da:18:c2:38:65:1f:
5c:cc:79:22:03:86:2d:2b:c4:c0:04:25:fb:d2:33:
fb:d5:9a:6f:09:a1:82:dc:a1:56:53:1c:1f:56:cf:
6a:a4:d4:3e:4f:06:7f:02:f9:03:e6:46:b0:07:42:
00:53:8a:94:26:cd:a9:3a:47:ea:65:5c:be:a3:96:
15:eb:8b:ef:57:17:47:02:c8:e8:78:cd:1e:27:b4:
43:39:01:a7:5a:30:99:d3:4e:7b:4a:18:fa:c4:e4:
0e:06:27:5c:9d:56:21:3f:fd:79:8d:9c:5e:03:e2:
71:ac:e8:13:40:ea:f0:97:0e:b4:de:0e:8c:e5:6b:
40:67:70:dd:12:8f:2e:01:73:87:86:81:8a:96:03:
1d:52:f1:57:00:9b:9d:f3:79:58:97:bb:40:d6:b3:
5c:f2:15:f4:09:bf:5c:42:d4:58:bd:60:7e:1e:98:
18:ee:4f:88:89:28:50:1b:94:0c:0b:6f:fc:99:15:
c1:11:0e:79:19:50:5d:67:65:9f:c6:7e:10:d8:60:
3f:b5:6b:27:0b:6e:d2:ee:fe:af:01:6e:2d:fd:6a:
54:1b:3e:25:19:00:d6:e6:bb:e7:5b:aa:55:98:cf:
62:77:51:ce:2c:ff:5d:8d:67:fd:62:a3:f0:dd:50:
1c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0B:1F:69:ED:A1:77:15:A8:7F:DF:D2:5F:8D:24:8B:64:54:0B:8D
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/Ogsfae2hdxWof9_SX40ki2RUC40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.164.0/22
89.20.160.0/19
93.95.248.0/21
144.178.64.0-144.178.103.255
144.178.120.0/21
144.178.192.0-144.178.247.255
185.184.204.0/22
IPv6:
2a01:9bc0::/29
2a02:fe8::/31
Signature Algorithm: sha256WithRSAEncryption
2f:ac:96:11:2a:50:bc:06:32:29:f9:c9:d0:3c:4f:57:f1:d4:
d1:0b:6e:c5:89:a9:48:35:28:3d:54:33:4b:ce:e5:08:19:14:
d5:ab:f6:d6:3c:c8:40:a4:38:10:da:6d:ef:71:39:73:0f:52:
fd:95:f2:6f:ed:d6:f4:54:a7:73:3d:e0:5d:3e:98:76:17:14:
72:de:e0:19:97:36:79:49:51:94:73:48:f3:96:64:86:8f:18:
43:6e:3b:d2:39:97:ad:89:22:6a:81:a5:79:94:9e:45:cc:a6:
ea:45:d2:bb:6f:31:61:87:03:21:24:9d:fc:1e:1d:63:86:e6:
52:c3:5c:5a:37:cc:14:15:01:27:21:d4:a5:b3:01:88:21:fe:
60:0c:89:42:8b:27:e6:10:2d:0a:8c:9e:8f:d5:32:46:7a:c9:
76:8e:60:53:b3:4a:8e:5c:f5:08:26:f2:18:a8:cb:f6:5c:be:
7e:fe:a5:b7:06:32:78:17:25:85:60:e2:25:d8:f5:56:6c:16:
fb:73:53:38:e6:83:ba:f0:a7:81:6d:26:47:92:ff:3b:17:06:
8f:13:b0:2f:c7:11:66:d2:a9:b6:5c:0b:68:aa:17:20:d9:55:
b0:ac:1d:27:c1:1a:c9:93:0c:be:32:9b:b5:7a:a5:8d:0f:23:
82:99:dc:ef
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYR1JEeZgCHG2xGjwyqvQE3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjU4MGUxOGFkNmZmOGRjOTQyYmU4ODNjMTZkZThiNzMx
Zjk2MDUwHhcNMjIxMTE0MDc1NzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBiMWY2OWVkYTE3NzE1YTg3ZmRmZDI1ZjhkMjQ4YjY0NTQwYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OQlsnlA9PzaGMI4ZR9czHkiA4Yt
K8TABCX70jP71ZpvCaGC3KFWUxwfVs9qpNQ+TwZ/AvkD5kawB0IAU4qUJs2pOkfq
ZVy+o5YV64vvVxdHAsjoeM0eJ7RDOQGnWjCZ0057Shj6xOQOBidcnVYhP/15jZxe
A+JxrOgTQOrwlw603g6M5WtAZ3DdEo8uAXOHhoGKlgMdUvFXAJud83lYl7tA1rNc
8hX0Cb9cQtRYvWB+HpgY7k+IiShQG5QMC2/8mRXBEQ55GVBdZ2Wfxn4Q2GA/tWsn
C27S7v6vAW4t/WpUGz4lGQDW5rvnW6pVmM9id1HOLP9djWf9YqPw3VAcbwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFDoLH2ntoXcVqH/f0l+NJItkVAuNMB8GA1UdIwQY
MBaAFKhlgOGK1v+NyUK+iDwW3otzH5YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEt
MjM2ZTkyZmM2YTU5LzEvT2dzZmFlMmhkeFdvZjlfU1g0MGtpMlJVQzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEtMjM2ZTkyZmM2YTU5
LzEvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBABAIAATA6AwQCLQukAwQF
WRSgAwQDXV/4MAwDBAaQskADBAOQsmADBAOQsngwDAMEBpCywAMEA5Cy8AMEArm4
zDAUBAIAAjAOAwUDKgGbwAMFASoCD+gwDQYJKoZIhvcNAQELBQADggEBAC+slhEq
ULwGMin5ydA8T1fx1NELbsWJqUg1KD1UM0vO5QgZFNWr9tY8yECkOBDabe9xOXMP
Uv2V8m/t1vRUp3M94F0+mHYXFHLe4BmXNnlJUZRzSPOWZIaPGENuO9I5l62JImqB
pXmUnkXMpupF0rtvMWGHAyEknfweHWOG5lLDXFo3zBQVASch1KWzAYgh/mAMiUKL
J+YQLQqMno/VMkZ6yXaOYFOzSo5c9Qgm8hioy/Zcvn7+pbcGMngXJYVg4iXY9VZs
FvtzUzjmg7rwp4FtJkeS/zsXBo8TsC/HEWbSqbZcC2iqFyDZVbCsHSfBGsmTDL4y
m7V6pY0PI4KZ3O8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:23 2025 by rpki-client