Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/OPpScrJAkCN-f_P1Pts8rzhbgPQ.roa
File: OPpScrJAkCN-f_P1Pts8rzhbgPQ.roa (raw, json)
Hash identifier: WZzU8hwtOcq7apBI2un6VmltEvkzL/gB1GQOk67m4P0=
Subject key identifier: 38:FA:52:72:B2:40:90:23:7E:7F:F3:F5:3E:DB:3C:AF:38:5B:80:F4
Certificate issuer: /CN=22d54df89b8fd921dada3f0daa29efff5cce0a79
Certificate serial: 03DAD33F
Authority key identifier: 22:D5:4D:F8:9B:8F:D9:21:DA:DA:3F:0D:AA:29:EF:FF:5C:CE:0A:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/OPpScrJAkCN-f_P1Pts8rzhbgPQ.roa
Signing time: Tue 22 Feb 2022 14:22:17 +0000
ROA not before: Tue 22 Feb 2022 14:22:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51333
IP address blocks: 185.58.4.0/22 maxlen: 22
188.65.80.0/22 maxlen: 22
188.65.80.0/21 maxlen: 21
188.65.85.0/24 maxlen: 24
188.65.84.0/24 maxlen: 24
188.65.87.0/24 maxlen: 24
188.65.86.0/24 maxlen: 24
194.36.72.0/22 maxlen: 22
2a0c:bdc0::/29 maxlen: 29
2a02:6120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64672575 (0x3dad33f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22d54df89b8fd921dada3f0daa29efff5cce0a79
Validity
Not Before: Feb 22 14:22:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38fa5272b24090237e7ff3f53edb3caf385b80f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:25:aa:db:34:99:60:ff:b9:5b:f5:b4:a4:ca:
5e:32:88:ae:1b:46:d4:14:94:40:18:40:59:78:62:
5a:05:f7:44:f8:3e:f8:b2:50:a4:54:1b:72:89:6d:
d1:cd:b5:be:74:bb:53:76:16:39:13:7c:22:70:5f:
2b:28:b8:0f:79:9f:e5:b8:e9:dd:e9:18:52:f1:f8:
27:b0:f4:23:77:16:ec:29:f7:98:b6:4d:cb:cf:91:
54:51:44:ef:c2:8e:73:f3:e5:b4:18:84:7d:16:46:
ab:b2:03:4c:7c:66:0a:58:b1:3d:24:50:72:67:06:
78:ac:a1:a7:d1:d1:c2:54:13:e6:e9:65:bd:7f:3a:
9d:2c:cb:d4:ba:f0:a4:19:09:58:a4:f0:8e:15:e5:
cc:03:79:b3:00:e6:13:52:12:21:98:28:0f:e3:2d:
45:e3:17:97:8c:70:f9:4e:78:cf:d2:24:d8:21:5c:
48:92:aa:e8:40:2b:50:33:c8:fb:86:bb:a2:5b:01:
19:90:0c:46:e4:01:32:2f:5f:35:f4:6b:02:6c:99:
90:e3:6b:35:59:8c:d9:20:73:02:ae:9a:49:3d:a1:
23:2c:fe:a2:de:ec:27:ee:f1:bf:10:a0:2f:d6:54:
e5:58:ed:27:25:ca:e6:3e:b0:79:be:05:ca:a3:b7:
a2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FA:52:72:B2:40:90:23:7E:7F:F3:F5:3E:DB:3C:AF:38:5B:80:F4
X509v3 Authority Key Identifier:
keyid:22:D5:4D:F8:9B:8F:D9:21:DA:DA:3F:0D:AA:29:EF:FF:5C:CE:0A:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/OPpScrJAkCN-f_P1Pts8rzhbgPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/ItVN-JuP2SHa2j8Nqinv_1zOCnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.4.0/22
188.65.80.0/21
194.36.72.0/22
IPv6:
2a02:6120::/32
2a0c:bdc0::/29
Signature Algorithm: sha256WithRSAEncryption
20:49:56:7f:40:33:66:83:50:ef:17:7b:24:51:b0:a5:4d:8a:
af:9f:2d:9c:cc:22:ca:42:ef:9c:3e:34:a9:d9:bf:81:21:7d:
a9:bf:93:f9:76:9c:e2:f9:73:92:66:55:a8:7c:46:ce:f8:65:
69:11:bf:41:8b:c9:b1:85:01:c7:12:a8:13:32:6e:e9:9f:32:
31:65:1d:64:27:90:64:18:35:5e:63:73:49:35:82:d4:90:ce:
0c:c5:17:09:ab:7b:66:a6:70:da:40:52:df:47:a2:d0:fb:1a:
90:4c:56:7d:9a:a0:c8:40:75:50:bf:ac:e0:c5:be:4f:e0:7e:
d3:df:f4:a0:2a:22:2a:22:b3:9c:e6:d1:24:60:4c:d8:ce:de:
50:47:3e:57:3d:0a:d0:46:f8:11:d7:90:80:a2:00:de:ce:55:
8a:0b:4e:91:09:db:50:c8:b1:a0:bf:27:61:8b:7d:b4:4e:51:
06:f0:a7:d1:a0:7d:83:50:ae:8b:8c:ac:5f:61:7e:37:68:4e:
dd:13:69:69:f5:e1:7b:43:d8:3c:3b:9d:67:ff:05:5e:f1:fa:
bf:77:1b:44:71:5d:ae:0b:45:fa:9b:9a:c3:8b:bf:1f:c4:f5:
80:01:60:a5:5a:07:77:c3:10:31:93:e0:46:31:cb:24:d6:e3:
be:38:fb:e8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEA9rTPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmQ1NGRmODliOGZkOTIxZGFkYTNmMGRhYTI5ZWZmZjVjY2UwYTc5MB4XDTIyMDIy
MjE0MjIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhmYTUyNzJiMjQw
OTAyMzdlN2ZmM2Y1M2VkYjNjYWYzODViODBmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ4lqts0mWD/uVv1tKTKXjKIrhtG1BSUQBhAWXhiWgX3RPg+
+LJQpFQbcolt0c21vnS7U3YWORN8InBfKyi4D3mf5bjp3ekYUvH4J7D0I3cW7Cn3
mLZNy8+RVFFE78KOc/PltBiEfRZGq7IDTHxmClixPSRQcmcGeKyhp9HRwlQT5ull
vX86nSzL1LrwpBkJWKTwjhXlzAN5swDmE1ISIZgoD+MtReMXl4xw+U54z9Ik2CFc
SJKq6EArUDPI+4a7olsBGZAMRuQBMi9fNfRrAmyZkONrNVmM2SBzAq6aST2hIyz+
ot7sJ+7xvxCgL9ZU5VjtJyXK5j6web4FyqO3ossCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQ4+lJyskCQI35/8/U+2zyvOFuA9DAfBgNVHSMEGDAWgBQi1U34m4/ZIdra
Pw2qKe//XM4KeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l0Vk4tSnVQMlNIYTJqOE5xaW52XzF6T0Nuay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvYjVjZjBiLWVjMzEtNDcwNS04ZjY4LTZmMWZlY2U4N2M4OS8x
L09QcFNjckpBa0NOLWZfUDFQdHM4cnpoYmdQUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
YjVjZjBiLWVjMzEtNDcwNS04ZjY4LTZmMWZlY2U4N2M4OS8xL0l0Vk4tSnVQMlNI
YTJqOE5xaW52XzF6T0Nuay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEArk6BAMEA7xBUAMEAsIkSDAUBAIA
AjAOAwUAKgJhIAMFAyoMvcAwDQYJKoZIhvcNAQELBQADggEBACBJVn9AM2aDUO8X
eyRRsKVNiq+fLZzMIspC75w+NKnZv4Ehfam/k/l2nOL5c5JmVah8Rs74ZWkRv0GL
ybGFAccSqBMybumfMjFlHWQnkGQYNV5jc0k1gtSQzgzFFwmre2amcNpAUt9HotD7
GpBMVn2aoMhAdVC/rODFvk/gftPf9KAqIiois5zm0SRgTNjO3lBHPlc9CtBG+BHX
kICiAN7OVYoLTpEJ21DIsaC/J2GLfbROUQbwp9GgfYNQrouMrF9hfjdoTt0TaWn1
4XtD2Dw7nWf/BV7x+r93G0RxXa4LRfqbmsOLvx/E9YABYKVaB3fDEDGT4EYxyyTW
4744++g=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:41 2023 by rpki-client on console-ams.rpki-client.org