Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/oVaUziH-5q1WbQrMpOLqn_8pMb8.roa
File: oVaUziH-5q1WbQrMpOLqn_8pMb8.roa (raw, json)
Hash identifier: gU0cNJUa0wysoT6ulrqo9j9s4IYzxnbrEVYIMyLhj54=
Subject key identifier: A1:56:94:CE:21:FE:E6:AD:56:6D:0A:CC:A4:E2:EA:9F:FF:29:31:BF
Certificate issuer: /CN=51ee1a67725eb4a764a587bc37079debbe81fb64
Certificate serial: 05302912
Authority key identifier: 51:EE:1A:67:72:5E:B4:A7:64:A5:87:BC:37:07:9D:EB:BE:81:FB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ue4aZ3JetKdkpYe8Nwed676B-2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/oVaUziH-5q1WbQrMpOLqn_8pMb8.roa
Signing time: Sat 01 Jan 2022 13:55:26 +0000
ROA not before: Sat 01 Jan 2022 13:55:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51469
IP address blocks: 217.170.242.0/23 maxlen: 23
217.170.246.0/23 maxlen: 23
217.170.244.0/23 maxlen: 23
217.170.248.0/23 maxlen: 23
217.170.252.0/23 maxlen: 23
217.170.250.0/23 maxlen: 23
31.171.216.0/23 maxlen: 23
217.170.254.0/23 maxlen: 23
185.16.232.0/23 maxlen: 23
31.171.218.0/23 maxlen: 23
31.171.222.0/23 maxlen: 23
185.16.234.0/23 maxlen: 23
31.171.220.0/23 maxlen: 23
217.170.240.0/23 maxlen: 23
2a00:6380::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87042322 (0x5302912)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51ee1a67725eb4a764a587bc37079debbe81fb64
Validity
Not Before: Jan 1 13:55:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a15694ce21fee6ad566d0acca4e2ea9fff2931bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:06:fe:b9:5e:9d:92:01:bf:8c:a9:1a:a1:50:
31:b2:ad:e6:ec:3d:3a:62:90:43:54:42:73:27:26:
32:6c:0c:63:02:e3:3a:ba:85:e3:fa:bb:90:6b:17:
00:51:83:80:48:5b:fb:c8:0f:99:f4:8b:ab:7e:91:
12:33:0d:18:5f:cd:34:71:fd:e0:8a:9a:7b:c4:74:
82:23:f0:9e:01:ce:69:4f:63:50:9b:92:2c:85:f4:
44:12:8c:0f:3c:6c:00:81:9f:23:15:ab:f0:7b:69:
a8:b7:64:7e:8b:58:1b:ab:ad:3c:24:e7:dd:f4:62:
9b:c5:ac:a0:2b:a0:bd:de:b6:54:90:e9:a5:89:00:
76:0c:0c:11:b9:92:64:b8:e9:f8:f0:67:ac:05:44:
25:4c:36:9d:6b:01:84:03:e3:13:df:39:df:e1:f8:
eb:1f:92:9c:01:b0:5f:dc:5b:3b:21:47:27:c4:b9:
2b:22:9f:1a:23:c5:cf:f3:b7:7a:76:e8:65:44:d5:
d3:98:24:a4:a8:e1:a5:15:c6:88:07:4a:48:f7:ea:
07:19:93:5e:94:1c:3b:7b:45:c5:ef:af:15:76:31:
41:f9:a7:22:ed:ef:72:ba:50:80:07:4a:76:95:20:
48:74:20:c9:7e:07:26:b7:ba:f4:f8:8b:d9:3e:b2:
bc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:56:94:CE:21:FE:E6:AD:56:6D:0A:CC:A4:E2:EA:9F:FF:29:31:BF
X509v3 Authority Key Identifier:
keyid:51:EE:1A:67:72:5E:B4:A7:64:A5:87:BC:37:07:9D:EB:BE:81:FB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ue4aZ3JetKdkpYe8Nwed676B-2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/oVaUziH-5q1WbQrMpOLqn_8pMb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/Ue4aZ3JetKdkpYe8Nwed676B-2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.216.0/21
185.16.232.0/22
217.170.240.0/20
IPv6:
2a00:6380::/32
Signature Algorithm: sha256WithRSAEncryption
6e:45:8a:d1:1c:68:74:84:dc:14:00:ab:3c:85:bc:5b:e1:0a:
a0:72:01:f1:85:a7:4c:c4:ae:59:4f:db:ee:b9:ee:67:53:ea:
e6:25:e0:08:e8:f6:8c:ee:f6:84:d5:72:5d:9c:4f:08:c2:32:
7c:16:f2:6a:f6:1e:29:95:d3:8b:a0:06:3f:21:d4:f2:38:91:
6c:8b:69:48:2c:1c:0e:00:02:a9:64:27:ad:fe:40:36:e7:43:
3a:19:f3:5d:dc:91:6c:62:b1:41:75:c9:80:83:65:b1:ca:52:
19:ec:60:33:39:6d:9a:09:de:6c:7f:6c:e1:98:0a:2d:bc:34:
91:2e:f3:c2:9c:f7:dd:6a:33:cb:6a:e7:ba:99:28:b0:d7:6d:
5b:18:b6:d5:eb:33:70:ba:1f:6f:62:83:dc:cb:e7:8f:6b:8d:
a6:a2:81:d1:97:75:ff:7a:42:a7:49:34:48:54:a2:48:54:ab:
3e:4d:c9:e8:f9:62:0f:96:59:8c:d1:34:35:dd:fa:28:e3:db:
2a:41:56:70:f7:10:f4:a6:58:f0:f1:02:c8:ce:ff:b7:f4:55:
32:4c:5f:b5:85:c0:7e:29:f2:b2:b5:71:66:78:29:c7:5f:cf:
79:04:91:8b:a0:43:ed:19:0f:66:45:02:68:54:be:44:46:f7:
3a:ea:9b:a6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBTApEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MWVlMWE2NzcyNWViNGE3NjRhNTg3YmMzNzA3OWRlYmJlODFmYjY0MB4XDTIyMDEw
MTEzNTUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE1Njk0Y2UyMWZl
ZTZhZDU2NmQwYWNjYTRlMmVhOWZmZjI5MzFiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOEG/rlenZIBv4ypGqFQMbKt5uw9OmKQQ1RCcycmMmwMYwLj
OrqF4/q7kGsXAFGDgEhb+8gPmfSLq36REjMNGF/NNHH94Iqae8R0giPwngHOaU9j
UJuSLIX0RBKMDzxsAIGfIxWr8HtpqLdkfotYG6utPCTn3fRim8WsoCugvd62VJDp
pYkAdgwMEbmSZLjp+PBnrAVEJUw2nWsBhAPjE9853+H46x+SnAGwX9xbOyFHJ8S5
KyKfGiPFz/O3enboZUTV05gkpKjhpRXGiAdKSPfqBxmTXpQcO3tFxe+vFXYxQfmn
Iu3vcrpQgAdKdpUgSHQgyX4HJre69PiL2T6yvJECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBShVpTOIf7mrVZtCsyk4uqf/ykxvzAfBgNVHSMEGDAWgBRR7hpncl60p2Sl
h7w3B53rvoH7ZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VlNGFaM0pldEtka3BZZThOd2VkNjc2Qi0yUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvZTBmM2JiLWEwOTktNDc4NS04OTI5LTNkN2Y5MmMyM2E4Yi8x
L29WYVV6aUgtNXExV2JRck1wT0xxbl84cE1iOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ZTBmM2JiLWEwOTktNDc4NS04OTI5LTNkN2Y5MmMyM2E4Yi8xL1VlNGFaM0pldEtk
a3BZZThOd2VkNjc2Qi0yUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAx+r2AMEArkQ6AMEBNmq8DANBAIA
AjAHAwUAKgBjgDANBgkqhkiG9w0BAQsFAAOCAQEAbkWK0RxodITcFACrPIW8W+EK
oHIB8YWnTMSuWU/b7rnuZ1Pq5iXgCOj2jO72hNVyXZxPCMIyfBbyavYeKZXTi6AG
PyHU8jiRbItpSCwcDgACqWQnrf5ANudDOhnzXdyRbGKxQXXJgINlscpSGexgMzlt
mgnebH9s4ZgKLbw0kS7zwpz33Wozy2rnupkosNdtWxi21eszcLofb2KD3Mvnj2uN
pqKB0Zd1/3pCp0k0SFSiSFSrPk3J6PliD5ZZjNE0Nd36KOPbKkFWcPcQ9KZY8PEC
yM7/t/RVMkxftYXAfinysrVxZngpx1/PeQSRi6BD7RkPZkUCaFS+REb3Ouqbpg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:30 2024 by rpki-client on console-fra.rpki-client.org