Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/d0c3e5-99c5-4f12-9da2-c59e94bff743/1/OSysdSQHcGkWug--6FHH6LUXq7Q.roa
File: OSysdSQHcGkWug--6FHH6LUXq7Q.roa (raw, json)
Hash identifier: e6IJYMNuhjCShmpgG06GNHIZpgTDmJeZrTAj9+uBlEk=
Subject key identifier: 39:2C:AC:75:24:07:70:69:16:BA:0F:BE:E8:51:C7:E8:B5:17:AB:B4
Certificate issuer: /CN=3e1fd138f102d7dcb1583b4494102f0fe587e45d
Certificate serial: 371DCFCB
Authority key identifier: 3E:1F:D1:38:F1:02:D7:DC:B1:58:3B:44:94:10:2F:0F:E5:87:E4:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph_ROPEC19yxWDtElBAvD-WH5F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/d0c3e5-99c5-4f12-9da2-c59e94bff743/1/OSysdSQHcGkWug--6FHH6LUXq7Q.roa
Signing time: Sat 01 Jan 2022 08:56:35 +0000
ROA not before: Sat 01 Jan 2022 08:56:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12703
IP address blocks: 212.20.224.0/19 maxlen: 24
195.248.70.0/24 maxlen: 24
185.64.88.0/22 maxlen: 24
195.47.244.0/24 maxlen: 24
87.246.64.0/18 maxlen: 24
5.172.152.0/21 maxlen: 24
5.153.64.0/19 maxlen: 24
193.29.223.0/24 maxlen: 24
46.249.192.0/19 maxlen: 24
84.19.224.0/19 maxlen: 24
217.30.112.0/20 maxlen: 24
2a02:16e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924700619 (0x371dcfcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1fd138f102d7dcb1583b4494102f0fe587e45d
Validity
Not Before: Jan 1 08:56:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=392cac752407706916ba0fbee851c7e8b517abb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:98:e0:f1:3c:56:3f:13:84:4c:29:ad:7a:c6:
60:a3:d9:18:44:23:12:c0:82:15:08:f1:55:59:4d:
77:e3:1b:08:6a:34:fa:4a:a7:b4:4f:e1:4d:4e:d7:
22:45:ec:33:27:de:86:b8:13:9b:7b:e0:ea:6f:07:
59:38:0b:1c:1d:fb:8d:89:97:e6:68:41:1b:8e:e3:
38:59:97:a4:d1:0a:5f:55:18:bc:4f:1e:14:18:4d:
6e:81:ab:4c:31:c7:e9:8e:a4:6e:19:6b:63:70:24:
73:3a:9d:04:47:ef:67:ae:e4:1c:f0:34:48:0e:10:
54:ab:a7:c8:cf:22:16:ce:cc:eb:8c:54:bb:eb:9d:
9b:b3:f8:3f:db:cb:18:b9:ec:c1:38:4b:52:e9:e9:
40:bd:f2:14:f8:15:86:5a:6c:e0:ed:71:8a:2e:1d:
68:a6:f9:37:f0:9f:60:ac:74:5a:8c:c2:6e:86:89:
7c:f9:d3:28:8e:67:17:f0:43:48:dc:5c:80:c8:e8:
a4:bb:9b:cd:08:71:5d:1e:e8:4d:5a:f0:14:6c:3b:
6e:1c:5f:dc:4f:76:c1:d3:b5:17:97:2e:41:ba:37:
38:28:79:75:71:f5:ba:13:25:4f:95:47:17:3d:d6:
0a:0d:c5:6d:2e:8e:ff:eb:79:73:5f:34:35:fa:cb:
39:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2C:AC:75:24:07:70:69:16:BA:0F:BE:E8:51:C7:E8:B5:17:AB:B4
X509v3 Authority Key Identifier:
keyid:3E:1F:D1:38:F1:02:D7:DC:B1:58:3B:44:94:10:2F:0F:E5:87:E4:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph_ROPEC19yxWDtElBAvD-WH5F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d0c3e5-99c5-4f12-9da2-c59e94bff743/1/OSysdSQHcGkWug--6FHH6LUXq7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d0c3e5-99c5-4f12-9da2-c59e94bff743/1/Ph_ROPEC19yxWDtElBAvD-WH5F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.64.0/19
5.172.152.0/21
46.249.192.0/19
84.19.224.0/19
87.246.64.0/18
185.64.88.0/22
193.29.223.0/24
195.47.244.0/24
195.248.70.0/24
212.20.224.0/19
217.30.112.0/20
IPv6:
2a02:16e0::/32
Signature Algorithm: sha256WithRSAEncryption
54:82:8b:e2:4e:28:f1:1f:b1:fc:e7:d1:b7:06:08:3e:be:ef:
d4:9a:81:a1:44:ee:0f:d4:ea:e8:ce:59:c4:5c:72:6f:f2:58:
b8:76:57:d1:dc:5a:8e:90:e5:4f:4d:1c:30:58:09:11:9c:3a:
ca:33:18:3f:e8:ab:8d:83:26:5c:a7:49:de:f6:fb:98:ea:0a:
ad:5f:1b:7b:bd:01:f4:27:62:59:7d:38:57:8c:fe:80:3a:96:
7d:12:da:bc:49:f3:1e:62:93:e3:9e:14:0e:eb:31:2b:f8:42:
5f:1e:ac:bc:a0:33:2b:0b:c8:ca:b0:10:eb:05:af:3c:40:cc:
f1:e7:b6:2e:43:ae:8d:89:90:31:d0:b8:61:8e:59:13:b3:0e:
b4:a3:5e:47:fa:e0:29:99:37:d9:e2:2b:8f:87:b4:64:1f:83:
4b:be:2d:6d:48:c2:e9:e3:d4:f4:53:e2:35:64:3a:01:ca:e6:
bc:52:23:5f:55:c2:7b:8f:e2:bf:17:f6:b3:55:53:6b:67:0c:
e1:0d:db:16:e0:2a:b2:24:cb:18:89:58:73:70:bf:3b:cc:49:
7f:fa:c3:d3:0d:fa:45:c0:08:58:65:2b:41:ec:4c:54:d1:f3:
28:89:5d:1b:f3:2b:a3:cf:1b:e4:71:bc:3a:5c:99:61:54:99:
f8:6c:a1:18
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIENx3PyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTFmZDEzOGYxMDJkN2RjYjE1ODNiNDQ5NDEwMmYwZmU1ODdlNDVkMB4XDTIyMDEw
MTA4NTYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzkyY2FjNzUyNDA3
NzA2OTE2YmEwZmJlZTg1MWM3ZThiNTE3YWJiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJeY4PE8Vj8ThEwprXrGYKPZGEQjEsCCFQjxVVlNd+MbCGo0
+kqntE/hTU7XIkXsMyfehrgTm3vg6m8HWTgLHB37jYmX5mhBG47jOFmXpNEKX1UY
vE8eFBhNboGrTDHH6Y6kbhlrY3AkczqdBEfvZ67kHPA0SA4QVKunyM8iFs7M64xU
u+udm7P4P9vLGLnswThLUunpQL3yFPgVhlps4O1xii4daKb5N/CfYKx0WozCboaJ
fPnTKI5nF/BDSNxcgMjopLubzQhxXR7oTVrwFGw7bhxf3E92wdO1F5cuQbo3OCh5
dXH1uhMlT5VHFz3WCg3FbS6O/+t5c180NfrLObsCAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBQ5LKx1JAdwaRa6D77oUcfotRertDAfBgNVHSMEGDAWgBQ+H9E48QLX3LFY
O0SUEC8P5YfkXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BoX1JPUEVDMTl5eFdEdEVsQkF2RC1XSDVGMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvZDBjM2U1LTk5YzUtNGYxMi05ZGEyLWM1OWU5NGJmZjc0My8x
L09TeXNkU1FIY0drV3VnLS02RkhINkxVWHE3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
ZDBjM2U1LTk5YzUtNGYxMi05ZGEyLWM1OWU5NGJmZjc0My8xL1BoX1JPUEVDMTl5
eFdEdEVsQkF2RC1XSDVGMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEBQWZQAMEAwWsmAMEBS75wAMEBVQT
4AMEBlf2QAMEArlAWAMEAMEd3wMEAMMv9AMEAMP4RgMEBdQU4AMEBNkecDANBAIA
AjAHAwUAKgIW4DANBgkqhkiG9w0BAQsFAAOCAQEAVIKL4k4o8R+x/OfRtwYIPr7v
1JqBoUTuD9Tq6M5ZxFxyb/JYuHZX0dxajpDlT00cMFgJEZw6yjMYP+irjYMmXKdJ
3vb7mOoKrV8be70B9CdiWX04V4z+gDqWfRLavEnzHmKT454UDusxK/hCXx6svKAz
KwvIyrAQ6wWvPEDM8ee2LkOujYmQMdC4YY5ZE7MOtKNeR/rgKZk32eIrj4e0ZB+D
S74tbUjC6ePU9FPiNWQ6AcrmvFIjX1XCe4/ivxf2s1VTa2cM4Q3bFuAqsiTLGIlY
c3C/O8xJf/rD0w36RcAIWGUrQexMVNHzKIldG/Mro88b5HG8OlyZYVSZ+GyhGA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:08 2023 by rpki-client on console-ams.rpki-client.org