Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2Oizx1iZsMhrYzPOz1pDnylbbVQ.roa
File: 2Oizx1iZsMhrYzPOz1pDnylbbVQ.roa (raw, json)
Hash identifier: b8/cTd4un3AeRmi4AwV20PnibmEJqIQPjnX/RBysyAc=
Subject key identifier: D8:E8:B3:C7:58:99:B0:C8:6B:63:33:CE:CF:5A:43:9F:29:5B:6D:54
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505640EA34AC8D88350E2912372C0060F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2Oizx1iZsMhrYzPOz1pDnylbbVQ.roa
Signing time: Mon 12 Dec 2022 08:12:01 +0000
ROA not before: Mon 12 Dec 2022 08:12:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12396
IP address blocks: 212.109.175.0/24 maxlen: 24
195.191.18.0/23 maxlen: 24
195.49.192.0/21 maxlen: 21
194.247.168.0/23 maxlen: 23
91.219.124.0/22 maxlen: 22
195.8.34.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:64:0e:a3:4a:c8:d8:83:50:e2:91:23:72:c0:06:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 08:12:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8e8b3c75899b0c86b6333cecf5a439f295b6d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5d:39:fb:97:e8:04:c4:5a:0c:27:56:17:fe:
b3:cc:f8:68:35:86:d8:fe:26:48:a0:b5:6a:e4:e7:
27:8f:45:9f:e7:51:80:87:ba:2d:70:7b:07:57:5c:
83:ea:db:9a:1c:47:14:74:9a:f2:e0:c3:b8:a9:92:
4c:d7:e8:38:4d:11:6f:f2:28:53:ed:5e:8a:40:d1:
81:1e:36:e0:c8:54:2f:fd:90:48:c0:42:3f:f1:e3:
47:dc:81:91:d8:76:f3:8d:a6:9e:51:8f:97:fd:8b:
b2:2e:3f:5e:c1:d3:de:5e:df:66:10:50:a9:a2:1a:
08:0b:35:cd:8c:bb:f3:5b:aa:57:3a:a6:8e:dc:b2:
38:69:92:10:77:3c:82:8e:39:28:24:b7:6f:e3:0d:
b8:9f:cc:f9:51:7d:4c:80:17:87:ce:5e:4c:68:6c:
b9:bc:b0:a3:a7:93:b4:da:40:80:e6:e6:ae:7d:cb:
37:54:d9:ea:f9:1e:01:d1:5e:2f:8c:24:d2:60:cb:
f6:f8:a0:80:69:38:3d:bb:80:34:5d:42:07:95:c5:
c3:5b:71:2c:af:f7:14:86:3c:a4:2c:12:22:ce:de:
2b:77:a8:1c:c3:e5:0f:60:e0:58:1a:1a:64:fa:24:
37:7e:f8:9f:cc:60:d1:71:6c:72:3d:96:b6:a1:2a:
57:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E8:B3:C7:58:99:B0:C8:6B:63:33:CE:CF:5A:43:9F:29:5B:6D:54
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2Oizx1iZsMhrYzPOz1pDnylbbVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.124.0/22
194.247.168.0/23
195.8.34.0/23
195.49.192.0/21
195.191.18.0/23
212.109.175.0/24
Signature Algorithm: sha256WithRSAEncryption
38:0a:a9:23:5e:f0:47:80:44:1b:28:10:c4:a0:14:db:cb:fb:
cf:c1:12:5d:74:5b:96:a8:a2:73:ad:f6:2b:34:c0:5c:af:96:
9c:24:1a:ff:d3:f8:6d:51:c9:1f:e7:c9:28:34:bf:02:42:40:
71:1e:e3:43:21:0e:90:c1:06:dc:40:29:20:6b:cb:88:53:fa:
5a:31:eb:aa:f1:a1:ca:1d:3b:19:f3:5a:6c:e0:31:7f:93:e7:
cc:81:c8:65:62:be:dc:f1:40:45:17:ad:e9:e1:01:22:58:2a:
56:fb:1d:55:67:57:9c:70:4b:e2:ed:b8:30:71:cb:30:f1:5d:
ba:9c:50:a6:b9:72:64:ae:6b:42:1e:62:72:e5:9e:53:0c:03:
c4:68:af:a1:5f:d5:ea:98:01:43:e6:2a:18:17:23:cc:dd:d8:
05:de:c1:71:a2:32:2a:67:d5:cf:8a:a7:4b:29:8c:25:6f:b8:
8c:55:e9:fa:a2:30:94:4b:f6:cd:31:26:b3:b0:19:71:f8:52:
0d:19:63:7c:62:df:b6:09:a2:a6:17:a5:02:6d:cd:aa:41:a8:
59:2b:09:a0:9c:d1:ed:a5:9b:ab:67:7a:aa:74:e1:95:b6:df:
fa:2d:55:aa:dd:53:5d:f5:fb:8b:f7:d3:bc:d4:54:bc:25:3b:
f4:3c:89:61
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUFZA6jSsjYg1DikSNywAYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDgxMjAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU4YjNjNzU4OTliMGM4NmI2MzMzY2VjZjVhNDM5ZjI5NWI2ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk105+5foBMRaDCdWF/6zzPhoNYbY
/iZIoLVq5Ocnj0Wf51GAh7otcHsHV1yD6tuaHEcUdJry4MO4qZJM1+g4TRFv8ihT
7V6KQNGBHjbgyFQv/ZBIwEI/8eNH3IGR2HbzjaaeUY+X/YuyLj9ewdPeXt9mEFCp
ohoICzXNjLvzW6pXOqaO3LI4aZIQdzyCjjkoJLdv4w24n8z5UX1MgBeHzl5MaGy5
vLCjp5O02kCA5uaufcs3VNnq+R4B0V4vjCTSYMv2+KCAaTg9u4A0XUIHlcXDW3Es
r/cUhjykLBIizt4rd6gcw+UPYOBYGhpk+iQ3fvifzGDRcWxyPZa2oSpXjQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNjos8dYmbDIa2Mzzs9aQ58pW21UMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMk9pengxaVpzTWhyWXpQT3oxcERueWxiYlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCW9t8AwQB
wveoAwQBwwgiAwQDwzHAAwQBw78SAwQA1G2vMA0GCSqGSIb3DQEBCwUAA4IBAQA4
CqkjXvBHgEQbKBDEoBTby/vPwRJddFuWqKJzrfYrNMBcr5acJBr/0/htUckf58ko
NL8CQkBxHuNDIQ6QwQbcQCkga8uIU/paMeuq8aHKHTsZ81ps4DF/k+fMgchlYr7c
8UBFF63p4QEiWCpW+x1VZ1eccEvi7bgwccsw8V26nFCmuXJkrmtCHmJy5Z5TDAPE
aK+hX9XqmAFD5ioYFyPM3dgF3sFxojIqZ9XPiqdLKYwlb7iMVen6ojCUS/bNMSaz
sBlx+FINGWN8Yt+2CaKmF6UCbc2qQahZKwmgnNHtpZurZ3qqdOGVtt/6LVWq3VNd
9fuL99O81FS8JTv0PIlh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:24 2024 by rpki-client on console-fra.rpki-client.org