Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/OCH1P1Mw_j8MflRmxVEgX1zdGUU.roa
File: OCH1P1Mw_j8MflRmxVEgX1zdGUU.roa (raw, json)
Hash identifier: qrOpIdlzUITceSlk6ozfE6QNPFJvk09fh/rR1HudhpA=
Subject key identifier: 38:21:F5:3F:53:30:FE:3F:0C:7E:54:66:C5:51:20:5F:5C:DD:19:45
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 03B44CDA
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/OCH1P1Mw_j8MflRmxVEgX1zdGUU.roa
Signing time: Mon 14 Mar 2022 14:10:25 +0000
ROA not before: Mon 14 Mar 2022 14:10:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 89.185.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62147802 (0x3b44cda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Mar 14 14:10:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3821f53f5330fe3f0c7e5466c551205f5cdd1945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1a:39:2b:70:6f:21:f9:4e:cb:0b:82:5a:51:
f4:af:05:8c:47:c3:7d:11:1a:50:0c:75:c6:da:14:
cb:b0:45:4d:e0:d0:59:f7:e2:c8:39:91:7d:a5:ad:
94:70:b4:2f:90:90:28:d3:5c:d9:e3:70:64:90:ee:
85:87:05:a9:40:99:ee:aa:60:d4:98:b5:64:5d:48:
28:3a:84:f2:21:da:0e:bb:d3:0d:86:77:7c:f4:c8:
16:ad:4f:00:db:66:0c:d1:32:15:9d:e8:32:fe:35:
21:b3:fd:27:48:9a:68:86:61:2e:ea:9f:2e:68:7c:
ca:a8:6a:d0:7c:a8:15:dc:f0:86:4d:c8:ce:66:fa:
23:b4:fd:54:e1:a0:38:1b:61:e3:43:8b:b9:95:11:
36:8b:52:14:90:37:fa:84:36:d9:d5:16:4c:c4:3c:
a5:20:53:fb:75:b9:e4:3c:ca:50:39:9f:61:2a:cb:
18:38:84:d5:29:6e:6f:3b:e2:62:75:90:48:f6:b6:
0b:5f:8f:f5:30:a1:40:e9:4f:1a:26:ff:55:18:5a:
69:f5:28:73:0f:32:91:15:92:a2:33:9b:2b:54:b6:
22:a6:d7:bf:0c:79:3f:81:e0:16:74:4c:a2:f1:2c:
ce:94:b9:6f:7b:19:d2:5b:ed:fe:55:55:65:53:a7:
62:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:21:F5:3F:53:30:FE:3F:0C:7E:54:66:C5:51:20:5F:5C:DD:19:45
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/OCH1P1Mw_j8MflRmxVEgX1zdGUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.85.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:36:12:d4:57:64:ad:9d:7b:b9:15:69:70:5b:41:5d:7c:d8:
84:6c:1b:e2:4a:08:e0:55:68:a6:e2:39:b4:ac:19:52:6c:6a:
eb:10:69:99:7b:b6:8d:1f:f2:e8:ff:26:d1:e2:58:ad:68:a3:
fd:7d:ac:a0:98:d2:9c:98:ae:d7:27:81:5d:e3:46:ba:25:0c:
05:d0:f3:50:f4:66:81:81:b9:b2:6b:f2:22:fc:fa:5b:d3:e4:
da:ca:ff:da:e6:95:22:b9:7b:08:43:46:58:37:13:e7:40:6e:
43:84:38:12:ae:9c:d6:2e:b3:94:f2:01:b1:5a:30:4d:ce:9a:
0f:50:cd:5e:c8:f0:8f:71:31:f1:8c:21:3e:2e:75:4b:9c:c8:
76:18:f3:86:1f:89:fa:78:5a:65:e0:3c:35:c1:7d:4d:78:f8:
6f:d0:e3:4c:c8:ef:a7:c3:49:ff:32:a4:a7:a9:2c:02:71:ae:
34:8c:91:f7:d4:2e:f1:6f:c3:3a:c5:6f:24:87:3f:ab:30:ae:
fd:4d:11:a9:06:91:72:56:ae:43:f2:b1:4f:f5:ff:29:7b:98:
71:ec:91:6f:2e:2f:2a:29:1f:d5:e5:c3:13:46:94:f9:5b:b2:
20:93:a7:83:8d:58:46:23:e6:37:28:e6:28:42:e0:23:e5:3e:
7d:d0:d9:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7RM2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjU3YzJkOWQ5M2FjN2NmOWIyZjE3Y2FhNzg1OWI2OTg1YjM5YjlkMB4XDTIyMDMx
NDE0MTAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzgyMWY1M2Y1MzMw
ZmUzZjBjN2U1NDY2YzU1MTIwNWY1Y2RkMTk0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQaOStwbyH5TssLglpR9K8FjEfDfREaUAx1xtoUy7BFTeDQ
WffiyDmRfaWtlHC0L5CQKNNc2eNwZJDuhYcFqUCZ7qpg1Ji1ZF1IKDqE8iHaDrvT
DYZ3fPTIFq1PANtmDNEyFZ3oMv41IbP9J0iaaIZhLuqfLmh8yqhq0HyoFdzwhk3I
zmb6I7T9VOGgOBth40OLuZURNotSFJA3+oQ22dUWTMQ8pSBT+3W55DzKUDmfYSrL
GDiE1SlubzviYnWQSPa2C1+P9TChQOlPGib/VRhaafUocw8ykRWSojObK1S2IqbX
vwx5P4HgFnRMovEszpS5b3sZ0lvt/lVVZVOnYscCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4IfU/UzD+Pwx+VGbFUSBfXN0ZRTAfBgNVHSMEGDAWgBTvV8LZ2TrHz5sv
F8qnhZtphbObnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzcxZkMyZGs2eDgtYkx4ZktwNFdiYVlXem01MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8x
L09DSDFQMU13X2o4TWZsUm14VkVnWDF6ZEdVVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8xLzcxZkMyZGs2eDgt
Ykx4ZktwNFdiYVlXem01MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFm5VTANBgkqhkiG9w0BAQsFAAOC
AQEATjYS1FdkrZ17uRVpcFtBXXzYhGwb4koI4FVopuI5tKwZUmxq6xBpmXu2jR/y
6P8m0eJYrWij/X2soJjSnJiu1yeBXeNGuiUMBdDzUPRmgYG5smvyIvz6W9Pk2sr/
2uaVIrl7CENGWDcT50BuQ4Q4Eq6c1i6zlPIBsVowTc6aD1DNXsjwj3Ex8YwhPi51
S5zIdhjzhh+J+nhaZeA8NcF9TXj4b9DjTMjvp8NJ/zKkp6ksAnGuNIyR99Qu8W/D
OsVvJIc/qzCu/U0RqQaRclauQ/KxT/X/KXuYceyRby4vKikf1eXDE0aU+VuyIJOn
g41YRiPmNyjmKELgI+U+fdDZrQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:05 2023 by rpki-client on console-ams.rpki-client.org