Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/Op_X5K5oMguEiqI0uHp1-MZnOdk.roa
File: Op_X5K5oMguEiqI0uHp1-MZnOdk.roa (raw, json)
Hash identifier: ZFwAzHdxTXjk6LR1JQmVw00Ml7AIer6HqoRwoOpMdV0=
Subject key identifier: 3A:9F:D7:E4:AE:68:32:0B:84:8A:A2:34:B8:7A:75:F8:C6:67:39:D9
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 1326AA
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/Op_X5K5oMguEiqI0uHp1-MZnOdk.roa
Signing time: Mon 04 Jul 2022 21:13:25 +0000
ROA not before: Mon 04 Jul 2022 21:13:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8784
IP address blocks: 178.22.152.0/21 maxlen: 21
212.37.192.0/19 maxlen: 19
194.117.208.0/20 maxlen: 20
195.46.192.0/19 maxlen: 19
213.139.96.0/19 maxlen: 19
195.46.195.0/24 maxlen: 24
195.46.193.0/24 maxlen: 24
195.46.198.0/24 maxlen: 24
213.139.112.0/24 maxlen: 24
213.139.111.0/24 maxlen: 24
195.46.204.0/24 maxlen: 24
195.46.210.0/24 maxlen: 24
195.46.209.0/24 maxlen: 24
195.46.213.0/24 maxlen: 24
213.139.117.0/24 maxlen: 24
195.46.216.0/24 maxlen: 24
195.46.219.0/24 maxlen: 24
195.46.223.0/24 maxlen: 24
194.153.214.0/24 maxlen: 24
2a02:d50::/32 maxlen: 32
2001:4b90::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1255082 (0x1326aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Jul 4 21:13:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a9fd7e4ae68320b848aa234b87a75f8c66739d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:90:47:27:b3:77:91:43:b1:8c:ef:5d:9b:4f:
ca:fc:d6:8f:50:1c:10:ad:5a:67:da:2f:63:a6:ce:
51:73:3b:be:7a:15:83:34:95:4a:26:fd:ec:d9:46:
99:e4:c8:6e:56:37:31:a1:a7:2d:5a:b9:f9:d5:19:
b0:02:dc:fc:e6:9b:d5:73:98:4f:5a:d2:9b:3f:65:
e4:f3:7a:6c:1f:66:78:5f:42:ab:68:89:bd:f0:e9:
90:03:a8:aa:10:0f:b7:a3:3e:e4:dd:16:12:4b:3c:
c4:3a:2d:2a:58:51:5d:36:e7:30:6f:aa:b6:45:b5:
c4:a4:e8:12:1a:d3:3b:50:bb:0d:d6:35:a0:93:a1:
90:c8:e6:cf:fa:fc:1c:4b:78:d3:b2:90:cc:18:59:
26:ac:1f:c5:f2:40:71:05:5f:aa:6a:97:08:b1:29:
58:3a:8f:e6:bf:de:ff:e5:ff:7f:b8:b9:9a:cf:54:
0b:9d:aa:02:dc:4a:2b:9f:89:0b:7e:80:1c:6e:60:
90:48:ba:0f:61:c1:e4:61:24:c5:a5:7c:56:e8:06:
d0:75:21:d7:cb:dd:9d:4c:04:93:cb:5b:0c:1a:53:
ab:6d:14:9e:9c:de:56:07:38:5e:be:ca:6b:75:6d:
e4:4d:e8:25:77:18:0e:15:da:16:9d:5c:2f:49:db:
33:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9F:D7:E4:AE:68:32:0B:84:8A:A2:34:B8:7A:75:F8:C6:67:39:D9
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/Op_X5K5oMguEiqI0uHp1-MZnOdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.152.0/21
194.117.208.0/20
194.153.214.0/24
195.46.192.0/19
212.37.192.0/19
213.139.96.0/19
IPv6:
2001:4b90::/32
2a02:d50::/32
Signature Algorithm: sha256WithRSAEncryption
7e:ac:08:cf:23:a5:1b:6d:d0:2e:21:86:09:8c:86:4a:13:0d:
69:ad:ae:7a:e2:dc:fc:b0:13:98:9c:52:3f:bf:8c:a2:73:21:
11:7e:5d:24:89:5e:7b:f9:ca:70:be:75:55:d9:ff:8b:fb:d0:
49:d8:6b:9f:5e:6b:38:27:41:9c:8b:5f:67:42:2b:bf:aa:93:
48:03:5d:14:ac:f2:53:10:99:af:65:7d:6d:2f:2e:cf:a3:61:
75:e1:e4:91:56:4f:10:e5:f1:fd:62:ac:38:6a:ec:a4:3c:4f:
89:16:bf:d6:70:7d:dd:c5:01:d1:fe:c5:b2:31:9e:94:b6:16:
0e:eb:8d:24:ed:1e:fc:0d:2d:68:99:23:75:e4:d2:99:c9:66:
b4:b0:06:7e:af:2e:bb:b9:ec:d3:03:bf:0b:35:19:37:af:be:
57:c5:71:a4:6d:18:ee:fa:99:25:f8:6d:12:b9:6d:d6:78:18:
3b:79:26:07:5d:fe:d7:c0:57:d3:19:91:ed:2e:6f:bf:0e:d5:
27:f0:80:60:47:75:42:45:0d:16:a8:26:85:08:43:10:cb:f8:
e0:6c:bc:e7:5c:49:d8:1b:e5:cc:6c:ce:6d:b8:38:74:38:b9:
d2:58:05:75:82:94:1e:8d:3c:41:c6:b6:cb:6a:7b:76:58:40:
1c:9a:18:a3
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIDEyaqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg2
MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4NzM4OWUwHhcNMjIwNzA0
MjExMzI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYTlmZDdlNGFlNjgz
MjBiODQ4YWEyMzRiODdhNzVmOGM2NjczOWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl5BHJ7N3kUOxjO9dm0/K/NaPUBwQrVpn2i9jps5Rczu+ehWD
NJVKJv3s2UaZ5MhuVjcxoactWrn51RmwAtz85pvVc5hPWtKbP2Xk83psH2Z4X0Kr
aIm98OmQA6iqEA+3oz7k3RYSSzzEOi0qWFFdNucwb6q2RbXEpOgSGtM7ULsN1jWg
k6GQyObP+vwcS3jTspDMGFkmrB/F8kBxBV+qapcIsSlYOo/mv97/5f9/uLmaz1QL
naoC3Eorn4kLfoAcbmCQSLoPYcHkYSTFpXxW6AbQdSHXy92dTASTy1sMGlOrbRSe
nN5WBzhevsprdW3kTegldxgOFdoWnVwvSdsz1QIDAQABo4ICPTCCAjkwHQYDVR0O
BBYEFDqf1+SuaDILhIqiNLh6dfjGZznZMB8GA1UdIwQYMBaAFIYk8/Zh8kvl/vZB
3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
aGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5LzEv
T3BfWDVLNW9NZ3VFaXFJMHVIcDEtTVpuT2RrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8y
ZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5LzEvaGlUejltSHlTLVgt
OWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFMG
CCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDshaYAwQEwnXQAwQAwpnWAwQFwy7A
AwQF1CXAAwQF1YtgMBQEAgACMA4DBQAgAUuQAwUAKgINUDANBgkqhkiG9w0BAQsF
AAOCAQEAfqwIzyOlG23QLiGGCYyGShMNaa2ueuLc/LATmJxSP7+MonMhEX5dJIle
e/nKcL51Vdn/i/vQSdhrn15rOCdBnItfZ0Irv6qTSANdFKzyUxCZr2V9bS8uz6Nh
deHkkVZPEOXx/WKsOGrspDxPiRa/1nB93cUB0f7FsjGelLYWDuuNJO0e/A0taJkj
deTSmclmtLAGfq8uu7ns0wO/CzUZN6++V8VxpG0Y7vqZJfhtErlt1ngYO3kmB13+
18BX0xmR7S5vvw7VJ/CAYEd1QkUNFqgmhQhDEMv44Gy851xJ2BvlzGzObbg4dDi5
0lgFdYKUHo08Qca2y2p7dlhAHJoYow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:31 2024 by rpki-client on console-ams.rpki-client.org