Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/1-OZOLt3NH2gbLkK4PYqjlH2xrI4.roa
File: 1-OZOLt3NH2gbLkK4PYqjlH2xrI4.roa (raw, json)
Hash identifier: 0bkOlJX5zWrmoJvBvq5k/suYVLJ3U9BvvKUDcDuTNV8=
Subject key identifier: F8:E6:4E:2E:DD:CD:1F:68:1B:2E:42:B8:3D:8A:A3:94:7D:B1:AC:8E
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 04E6692F
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/1-OZOLt3NH2gbLkK4PYqjlH2xrI4.roa
Signing time: Sat 01 Jan 2022 15:04:25 +0000
ROA not before: Sat 01 Jan 2022 15:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205575
IP address blocks: 185.234.159.0/24 maxlen: 24
185.234.156.0/22 maxlen: 22
185.234.156.0/24 maxlen: 24
185.234.158.0/24 maxlen: 24
185.234.157.0/24 maxlen: 24
185.137.105.0/24 maxlen: 24
185.137.104.0/24 maxlen: 24
185.137.104.0/22 maxlen: 22
185.137.106.0/24 maxlen: 24
185.137.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82209071 (0x4e6692f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 1 15:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8e64e2eddcd1f681b2e42b83d8aa3947db1ac8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:30:21:0c:29:8e:7b:98:13:86:15:90:40:52:
9b:ca:de:20:ca:b6:a0:88:8c:e1:07:13:5c:19:a8:
5a:5f:bc:20:4a:b7:39:bb:44:02:3f:d0:17:11:07:
00:a8:ef:fd:48:d7:40:4f:de:a8:ab:1c:1e:fe:02:
0f:82:29:54:75:49:01:07:5c:b3:4e:29:f3:c6:3e:
9c:00:ad:e9:67:52:61:21:0f:7a:6a:87:b2:43:90:
6a:75:99:32:1a:e4:27:11:70:05:42:24:7c:df:4e:
9e:f3:69:94:de:5c:58:6b:53:18:c2:2c:4c:27:ad:
57:e5:b2:16:58:ae:6d:08:88:39:0f:17:70:b0:a5:
86:c5:9c:c6:32:0c:99:b0:f7:2a:27:0d:46:1f:55:
9a:9c:c3:97:c7:c9:5c:a3:f2:2b:4f:70:b0:4a:3c:
b2:7b:13:cf:ca:a1:1e:5b:62:05:ea:d5:61:d9:70:
4c:a1:80:a0:9d:5d:ac:6f:6d:06:c7:f6:36:4c:44:
8e:de:44:97:2b:4c:4f:45:8c:55:e4:22:6c:fb:22:
27:75:0e:dc:d2:78:03:62:82:91:25:e3:02:c5:e6:
74:ce:ec:54:89:fa:67:b5:48:db:94:a5:e7:ee:7f:
eb:42:87:0e:3a:de:b8:55:2f:12:44:20:04:ad:b0:
1b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E6:4E:2E:DD:CD:1F:68:1B:2E:42:B8:3D:8A:A3:94:7D:B1:AC:8E
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/1-OZOLt3NH2gbLkK4PYqjlH2xrI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.104.0/22
185.234.156.0/22
Signature Algorithm: sha256WithRSAEncryption
08:0e:7d:33:0e:2a:27:3c:ab:b6:43:1e:ef:78:e2:a5:09:20:
c4:4b:b1:31:ba:10:44:e2:67:df:a9:fe:62:85:42:a3:a1:f8:
f6:48:61:dd:77:3a:dc:5e:7f:09:33:94:9d:88:b1:e7:51:b4:
38:c5:ae:b4:cb:a6:05:ed:ee:ba:3e:5c:d3:59:de:0b:c1:5a:
0e:0c:42:09:6a:9a:15:6a:00:64:f5:ad:75:bf:3b:d7:01:e6:
d4:54:d3:fd:d2:75:d5:24:96:74:bb:25:b5:28:5e:c6:ee:a9:
f7:7b:4b:6b:09:82:63:d6:37:c9:96:8b:9c:ec:65:5f:5c:02:
a1:b3:96:6e:42:4f:11:c0:db:df:d4:05:65:55:cf:fa:29:7c:
b4:16:4f:8c:f7:9c:7f:2f:fa:7b:87:05:cb:08:bd:db:4d:e1:
10:f3:f8:87:72:37:d8:4e:0d:c5:5d:3d:e7:ae:92:2d:e2:d8:
4f:16:42:96:8c:93:8f:82:68:d9:fb:0d:28:1d:40:ed:c5:58:
19:1f:94:69:7d:03:c2:2a:bf:c3:3d:f6:51:6d:11:20:a1:b9:
27:fe:38:63:71:fe:f2:f7:be:47:9f:34:1f:83:be:e2:53:41:
68:c8:69:5f:69:f3:aa:a6:60:55:48:02:2c:83:5c:ae:69:02:
9e:13:47:3b
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEBOZpLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTczNmNhZmRkYjZlYmI4ZDdjNzY5NDNmNGEyNzFlMDM4NTEwYWE5MB4XDTIyMDEw
MTE1MDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjhlNjRlMmVkZGNk
MWY2ODFiMmU0MmI4M2Q4YWEzOTQ3ZGIxYWM4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0wIQwpjnuYE4YVkEBSm8reIMq2oIiM4QcTXBmoWl+8IEq3
ObtEAj/QFxEHAKjv/UjXQE/eqKscHv4CD4IpVHVJAQdcs04p88Y+nACt6WdSYSEP
emqHskOQanWZMhrkJxFwBUIkfN9OnvNplN5cWGtTGMIsTCetV+WyFliubQiIOQ8X
cLClhsWcxjIMmbD3KicNRh9VmpzDl8fJXKPyK09wsEo8snsTz8qhHltiBerVYdlw
TKGAoJ1drG9tBsf2NkxEjt5ElytMT0WMVeQibPsiJ3UO3NJ4A2KCkSXjAsXmdM7s
VIn6Z7VI25Sl5+5/60KHDjreuFUvEkQgBK2wG4UCAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT45k4u3c0faBsuQrg9iqOUfbGsjjAfBgNVHSMEGDAWgBSuc2yv3bbruNfH
aUP0onHgOFEKqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JuTnNyOTIyNjdqWHgybEQ5S0p4NERoUkNxay5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvODZlMzJiLWYwNjctNDUwZi1iNjdjLTNhYTE1MGE5MmFiNy8x
LzEtT1pPTHQzTkgyZ2JMa0s0UFlxamxIMnhySTQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1
Lzg2ZTMyYi1mMDY3LTQ1MGYtYjY3Yy0zYWExNTBhOTJhYjcvMS9ybk5zcjkyMjY3
alh4MmxEOUtKeDREaFJDcWsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAK5iWgDBAK56pwwDQYJKoZIhvcN
AQELBQADggEBAAgOfTMOKic8q7ZDHu944qUJIMRLsTG6EETiZ9+p/mKFQqOh+PZI
Yd13OtxefwkzlJ2IsedRtDjFrrTLpgXt7ro+XNNZ3gvBWg4MQglqmhVqAGT1rXW/
O9cB5tRU0/3SddUklnS7JbUoXsbuqfd7S2sJgmPWN8mWi5zsZV9cAqGzlm5CTxHA
29/UBWVVz/opfLQWT4z3nH8v+nuHBcsIvdtN4RDz+IdyN9hODcVdPeeuki3i2E8W
QpaMk4+CaNn7DSgdQO3FWBkflGl9A8Iqv8M99lFtESChuSf+OGNx/vL3vkefNB+D
vuJTQWjIaV9p86qmYFVIAiyDXK5pAp4TRzs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:29 2024 by rpki-client on console-ams.rpki-client.org