Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/OsrTQENd5R3vewJciOlNMPUta18.roa
File: OsrTQENd5R3vewJciOlNMPUta18.roa (raw, json)
Hash identifier: BN6JylDpy4nCiOWYXmdIFmY8MwVm8tzk7WKWzgybrjk=
Subject key identifier: 3A:CA:D3:40:43:5D:E5:1D:EF:7B:02:5C:88:E9:4D:30:F5:2D:6B:5F
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 073092D0
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/OsrTQENd5R3vewJciOlNMPUta18.roa
Signing time: Sat 01 Jan 2022 13:03:33 +0000
ROA not before: Sat 01 Jan 2022 13:03:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 45.84.112.0/22 maxlen: 24
91.221.92.0/23 maxlen: 24
91.221.106.0/23 maxlen: 24
185.48.132.0/22 maxlen: 24
185.74.52.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120623824 (0x73092d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Jan 1 13:03:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3acad340435de51def7b025c88e94d30f52d6b5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:67:1e:bd:69:4c:0a:0d:0e:cc:3f:82:0f:1a:
f0:d9:f7:d3:fa:29:0e:42:8a:bd:76:68:1e:8f:8f:
18:4b:cc:c9:43:c5:b9:db:0c:6a:64:1d:6c:e4:da:
ec:fc:cc:f7:44:14:2a:28:c4:ef:8a:9b:b3:ab:02:
47:02:89:61:5a:7b:78:ff:3b:01:31:54:8a:1b:7b:
ec:aa:7d:df:6f:bc:65:fe:37:03:c2:e2:37:d2:d5:
dd:a8:31:fb:c5:26:14:c9:16:a7:d7:a8:fd:a2:69:
65:9c:2c:b9:ea:f7:34:68:4c:50:95:48:c2:99:d1:
28:94:f0:71:2b:6b:a7:b0:6b:5d:3c:43:de:cd:15:
aa:af:25:a6:aa:92:db:85:6b:bb:5d:0d:ed:b6:d3:
2c:bc:4a:67:3b:6e:36:36:e4:91:47:65:f6:25:ff:
a1:e6:99:06:2d:80:4e:23:80:4b:e0:e8:65:2f:f0:
45:4e:c9:e9:2c:b7:e4:b0:94:ae:af:61:63:6b:6c:
bf:57:e9:ff:dd:08:39:9a:10:6b:17:8a:c1:6a:89:
df:2d:05:ee:c8:78:38:6e:a7:45:43:01:7f:93:4a:
a8:34:df:f9:b3:1f:97:bb:69:88:c7:62:67:d5:d9:
b0:42:a5:bf:db:15:ad:df:06:6b:24:38:0f:c4:a3:
f9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CA:D3:40:43:5D:E5:1D:EF:7B:02:5C:88:E9:4D:30:F5:2D:6B:5F
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/OsrTQENd5R3vewJciOlNMPUta18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.112.0/22
91.221.92.0/23
91.221.106.0/23
185.48.132.0/22
185.74.52.0/22
Signature Algorithm: sha256WithRSAEncryption
17:73:dd:ae:bf:42:c4:1b:c4:a2:09:77:9c:de:95:ba:c8:6f:
1c:a8:d6:00:84:46:bc:d5:f0:ac:7e:cd:3f:36:79:dd:88:02:
d5:8f:84:de:41:0b:cf:e8:e9:3e:d9:c2:72:7c:c3:20:a2:6c:
a4:ab:d4:c9:26:82:c7:17:bb:4c:76:51:56:62:e2:1e:e9:24:
ab:13:55:f1:81:c7:15:bd:0c:13:2a:d6:c1:70:67:73:72:de:
f0:3d:e6:be:c8:8c:6a:e4:f1:20:43:71:10:8f:1c:fc:52:bd:
21:a9:66:f9:e5:60:dd:6c:da:99:54:51:c3:a9:8a:db:96:65:
95:e8:89:f1:7b:52:2f:00:06:3e:3f:11:ad:b4:02:32:04:15:
62:2a:c3:96:00:25:7b:34:3d:6e:8a:92:aa:9a:f9:3a:d7:71:
73:47:73:00:c0:4e:ab:70:72:5f:7c:e4:94:67:42:d0:60:25:
b1:e6:9d:ab:58:7c:28:a1:bb:32:07:c5:89:d6:f3:cc:5c:b2:
03:a1:97:b2:44:a3:81:eb:8c:fe:69:c2:0b:52:30:dc:b2:71:
20:96:85:8e:32:e9:b7:f0:3c:79:b1:c4:d3:2f:60:36:e6:21:
f0:56:33:21:61:c7:c0:93:4f:66:3b:31:9b:71:d2:41:be:06:
85:da:b4:e7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBzCS0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTJmODkxOWU2YmMxZWY1NjYzNDg5MDE4ZmM4NzViZTM0YzBmMjRjMB4XDTIyMDEw
MTEzMDMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FjYWQzNDA0MzVk
ZTUxZGVmN2IwMjVjODhlOTRkMzBmNTJkNmI1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhnHr1pTAoNDsw/gg8a8Nn30/opDkKKvXZoHo+PGEvMyUPF
udsMamQdbOTa7PzM90QUKijE74qbs6sCRwKJYVp7eP87ATFUiht77Kp932+8Zf43
A8LiN9LV3agx+8UmFMkWp9eo/aJpZZwsuer3NGhMUJVIwpnRKJTwcStrp7BrXTxD
3s0Vqq8lpqqS24Vru10N7bbTLLxKZztuNjbkkUdl9iX/oeaZBi2ATiOAS+DoZS/w
RU7J6Sy35LCUrq9hY2tsv1fp/90IOZoQaxeKwWqJ3y0F7sh4OG6nRUMBf5NKqDTf
+bMfl7tpiMdiZ9XZsEKlv9sVrd8GayQ4D8Sj+R0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQ6ytNAQ13lHe97AlyI6U0w9S1rXzAfBgNVHSMEGDAWgBQ1L4kZ5rwe9WY0
iQGPyHW+NMDyTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05TLUpHZWE4SHZWbU5Ja0JqOGgxdmpUQThrdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvY2Y5NDNkLWM5MjEtNGVmNy05YWEwLWUzZmNiMjNlMzQzOC8x
L09zclRRRU5kNVIzdmV3SmNpT2xOTVBVdGExOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
Y2Y5NDNkLWM5MjEtNGVmNy05YWEwLWUzZmNiMjNlMzQzOC8xL05TLUpHZWE4SHZW
bU5Ja0JqOGgxdmpUQThrdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAi1UcAMEAVvdXAMEAVvdagMEArkw
hAMEArlKNDANBgkqhkiG9w0BAQsFAAOCAQEAF3Pdrr9CxBvEogl3nN6VushvHKjW
AIRGvNXwrH7NPzZ53YgC1Y+E3kELz+jpPtnCcnzDIKJspKvUySaCxxe7THZRVmLi
HukkqxNV8YHHFb0MEyrWwXBnc3Le8D3mvsiMauTxIENxEI8c/FK9Ialm+eVg3Wza
mVRRw6mK25ZlleiJ8XtSLwAGPj8RrbQCMgQVYirDlgAlezQ9boqSqpr5Otdxc0dz
AMBOq3ByX3zklGdC0GAlseadq1h8KKG7MgfFidbzzFyyA6GXskSjgeuM/mnCC1Iw
3LJxIJaFjjLpt/A8ebHE0y9gNuYh8FYzIWHHwJNPZjsxm3HSQb4Ghdq05w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:26 2024 by rpki-client on console-ams.rpki-client.org