Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/OjvIdCdWKFHb3i1W329fBrySf-M.roa
File: OjvIdCdWKFHb3i1W329fBrySf-M.roa (raw, json)
Hash identifier: BWzWb7/KKEWOKVhutyS37jY5QN/D5eKxDbMS7zoWgRA=
Subject key identifier: 3A:3B:C8:74:27:56:28:51:DB:DE:2D:56:DF:6F:5F:06:BC:92:7F:E3
Certificate issuer: /CN=702f4e00943700c0897de7adbcfced5d10bf2e01
Certificate serial: 37BE300F
Authority key identifier: 70:2F:4E:00:94:37:00:C0:89:7D:E7:AD:BC:FC:ED:5D:10:BF:2E:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cC9OAJQ3AMCJfeetvPztXRC_LgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/OjvIdCdWKFHb3i1W329fBrySf-M.roa
Signing time: Sat 01 Jan 2022 13:56:42 +0000
ROA not before: Sat 01 Jan 2022 13:56:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13045
IP address blocks: 185.93.136.0/22 maxlen: 22
89.182.0.0/15 maxlen: 16
212.59.32.0/19 maxlen: 19
193.254.18.0/24 maxlen: 24
81.14.128.0/17 maxlen: 17
2a02:560::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 935211023 (0x37be300f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=702f4e00943700c0897de7adbcfced5d10bf2e01
Validity
Not Before: Jan 1 13:56:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a3bc87427562851dbde2d56df6f5f06bc927fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8c:08:2f:00:40:0c:87:01:6c:ef:e1:01:19:
84:54:ca:5d:a5:d8:8a:7b:d3:27:c0:7a:fe:c9:72:
63:77:ac:73:a0:09:dc:fe:a3:ba:d1:d7:be:c2:44:
c5:e8:8b:d7:1b:f7:6d:04:90:b6:58:33:34:48:75:
12:b1:43:1d:90:f1:47:c3:d3:84:43:34:ee:93:38:
c0:47:a2:a1:3b:40:de:ed:fa:7e:23:72:ad:29:02:
af:1f:53:57:f4:68:43:00:4b:d9:71:40:bd:6b:bd:
d1:69:08:b9:d6:e9:6d:57:70:05:6b:dc:25:6b:01:
36:0b:94:37:69:88:3e:de:96:f8:1f:99:e5:de:16:
80:d5:f3:48:f2:82:5d:02:3c:4e:38:a9:03:bb:dd:
0c:f0:bd:64:27:1a:f8:57:c6:7d:61:31:63:94:1f:
40:1c:71:8f:b4:e0:b4:b1:57:8f:cf:ea:f1:42:84:
af:78:00:38:ca:15:17:66:8f:2e:34:d7:aa:5a:00:
78:17:b3:22:9d:58:c3:1d:92:66:39:53:78:91:c7:
c7:ff:2c:f1:47:65:ed:18:69:3d:e6:10:c4:6b:a0:
75:fa:06:21:98:24:d2:c7:2f:56:9b:8d:25:e6:1a:
38:1f:a9:79:83:86:a2:57:19:ca:c2:16:05:6c:0b:
e3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3B:C8:74:27:56:28:51:DB:DE:2D:56:DF:6F:5F:06:BC:92:7F:E3
X509v3 Authority Key Identifier:
keyid:70:2F:4E:00:94:37:00:C0:89:7D:E7:AD:BC:FC:ED:5D:10:BF:2E:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cC9OAJQ3AMCJfeetvPztXRC_LgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/OjvIdCdWKFHb3i1W329fBrySf-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/cC9OAJQ3AMCJfeetvPztXRC_LgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.14.128.0/17
89.182.0.0/15
185.93.136.0/22
193.254.18.0/24
212.59.32.0/19
IPv6:
2a02:560::/32
Signature Algorithm: sha256WithRSAEncryption
6c:7e:42:a0:0a:f9:f4:35:25:fa:f3:e8:3d:99:34:5f:f6:09:
3c:d4:ed:20:96:1b:97:af:54:aa:24:7a:bb:59:af:36:57:15:
c1:f2:ea:77:e8:6c:a5:9d:c0:27:9b:b1:65:7f:26:6b:23:4f:
18:4b:91:b3:0f:5a:47:b0:e0:96:af:98:76:5e:51:12:ef:a1:
23:e4:4f:ed:1d:b3:81:0e:fe:66:5b:d7:c9:17:b2:64:34:61:
c9:3d:e9:7e:5f:66:4b:56:95:40:0a:43:76:fb:1d:07:90:e7:
fb:0e:1e:f2:73:9e:6c:7d:cd:75:fc:8d:e2:64:e9:e4:ae:aa:
a4:8f:a9:63:ff:05:3b:10:cc:dc:a0:2d:b5:34:a5:90:86:38:
b3:a6:77:f1:d3:33:d6:8a:38:d3:f6:0f:fa:73:e9:5f:5a:2f:
3e:32:d0:ff:54:d8:d1:31:92:a0:c0:7e:5c:75:2b:f5:54:e6:
28:6f:4f:00:62:31:9f:a2:c7:7f:92:65:2c:09:85:3a:76:ca:
fa:82:68:a3:97:d7:5c:d5:0c:e7:56:53:55:d8:5e:ab:9a:0e:
03:26:aa:51:7c:0d:c1:77:b8:3e:37:94:3a:93:a4:e2:d7:bd:
4a:0e:10:6a:27:96:40:89:f1:95:62:11:b1:de:3c:4b:5c:70:
4e:43:9a:cd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEN74wDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDJmNGUwMDk0MzcwMGMwODk3ZGU3YWRiY2ZjZWQ1ZDEwYmYyZTAxMB4XDTIyMDEw
MTEzNTY0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2EzYmM4NzQyNzU2
Mjg1MWRiZGUyZDU2ZGY2ZjVmMDZiYzkyN2ZlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmMCC8AQAyHAWzv4QEZhFTKXaXYinvTJ8B6/slyY3esc6AJ
3P6jutHXvsJExeiL1xv3bQSQtlgzNEh1ErFDHZDxR8PThEM07pM4wEeioTtA3u36
fiNyrSkCrx9TV/RoQwBL2XFAvWu90WkIudbpbVdwBWvcJWsBNguUN2mIPt6W+B+Z
5d4WgNXzSPKCXQI8TjipA7vdDPC9ZCca+FfGfWExY5QfQBxxj7TgtLFXj8/q8UKE
r3gAOMoVF2aPLjTXqloAeBezIp1Ywx2SZjlTeJHHx/8s8Udl7RhpPeYQxGugdfoG
IZgk0scvVpuNJeYaOB+peYOGolcZysIWBWwL47UCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQ6O8h0J1YoUdveLVbfb18GvJJ/4zAfBgNVHSMEGDAWgBRwL04AlDcAwIl9
5628/O1dEL8uATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NDOU9BSlEzQU1DSmZlZXR2UHp0WFJDX0xnRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYmNiNmViLWUyNjItNGQ2OS04MGZiLTU5YjBmYzkxM2QzNi8x
L09qdklkQ2RXS0ZIYjNpMVczMjlmQnJ5U2YtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
YmNiNmViLWUyNjItNGQ2OS04MGZiLTU5YjBmYzkxM2QzNi8xL2NDOU9BSlEzQU1D
SmZlZXR2UHp0WFJDX0xnRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwIwQCAAEwHQMEB1EOgAMDAVm2AwQCuV2IAwQAwf4S
AwQF1DsgMA0EAgACMAcDBQAqAgVgMA0GCSqGSIb3DQEBCwUAA4IBAQBsfkKgCvn0
NSX68+g9mTRf9gk81O0glhuXr1SqJHq7Wa82VxXB8up36GylncAnm7FlfyZrI08Y
S5GzD1pHsOCWr5h2XlES76Ej5E/tHbOBDv5mW9fJF7JkNGHJPel+X2ZLVpVACkN2
+x0HkOf7Dh7yc55sfc11/I3iZOnkrqqkj6lj/wU7EMzcoC21NKWQhjizpnfx0zPW
ijjT9g/6c+lfWi8+MtD/VNjRMZKgwH5cdSv1VOYob08AYjGfosd/kmUsCYU6dsr6
gmijl9dc1QznVlNV2F6rmg4DJqpRfA3Bd7g+N5Q6k6Ti171KDhBqJ5ZAifGVYhGx
3jxLXHBOQ5rN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:22 2024 by rpki-client on console-ams.rpki-client.org