Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/7ccd2c-2c05-453a-b7be-08da420f28c8/1/o1lifhwPcM3OYahRV3yLXqnEuWY.roa
File: o1lifhwPcM3OYahRV3yLXqnEuWY.roa (raw, json)
Hash identifier: kTZeOa89QQJI27YVMjKdKeMpGyKkaS4MbWxgTeudZ+k=
Subject key identifier: A3:59:62:7E:1C:0F:70:CD:CE:61:A8:51:57:7C:8B:5E:A9:C4:B9:66
Certificate issuer: /CN=560805b7301871169bd09b886569d1f69dc19b57
Certificate serial: 3714E33D
Authority key identifier: 56:08:05:B7:30:18:71:16:9B:D0:9B:88:65:69:D1:F6:9D:C1:9B:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VggFtzAYcRab0JuIZWnR9p3Bm1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/7ccd2c-2c05-453a-b7be-08da420f28c8/1/o1lifhwPcM3OYahRV3yLXqnEuWY.roa
Signing time: Sat 01 Jan 2022 06:01:18 +0000
ROA not before: Sat 01 Jan 2022 06:01:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20681
IP address blocks: 185.16.140.0/22 maxlen: 24
193.178.175.0/24 maxlen: 24
193.219.31.0/24 maxlen: 24
46.19.248.0/21 maxlen: 24
2a01:8300::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924115773 (0x3714e33d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=560805b7301871169bd09b886569d1f69dc19b57
Validity
Not Before: Jan 1 06:01:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a359627e1c0f70cdce61a851577c8b5ea9c4b966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:48:90:60:c1:3f:ba:bd:6c:20:06:36:eb:15:
36:59:c7:d4:76:1f:4a:40:25:41:fc:f9:51:e7:84:
ac:29:13:d1:3c:92:9f:d6:00:cc:20:f7:51:82:70:
26:a8:35:a9:8d:b1:dc:45:63:68:94:dd:4f:c1:32:
ac:5c:ea:6b:08:cb:a5:50:7d:56:5b:58:fa:dc:6a:
76:77:ca:c3:2b:24:2c:cb:65:d9:81:25:56:10:e9:
d3:b6:b8:21:82:e9:50:67:a8:33:d8:24:df:ef:e5:
0a:16:6e:13:65:dd:05:2d:72:41:d3:9f:7b:bc:e4:
93:45:1c:84:42:b8:af:e8:13:4e:88:d9:6b:c0:e5:
ec:e5:2c:fe:22:d2:44:d8:6a:53:a4:c1:cd:1e:34:
5f:7c:af:44:94:bc:12:cd:4c:91:d0:25:be:f6:c2:
83:58:59:5b:26:62:2d:9e:43:86:8c:c0:49:1c:7e:
6c:14:4d:ce:53:9f:3c:48:cf:09:7e:80:98:1f:da:
b3:1e:f4:69:b8:2d:75:60:4c:5f:6b:64:a0:1e:5d:
17:dc:be:00:25:6d:2a:03:f9:ef:c7:da:66:9a:13:
2f:c4:71:66:a5:22:5b:c6:db:60:a4:36:76:4e:d3:
31:4f:76:e6:04:ff:98:64:ab:ed:62:01:0e:e7:c1:
71:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:59:62:7E:1C:0F:70:CD:CE:61:A8:51:57:7C:8B:5E:A9:C4:B9:66
X509v3 Authority Key Identifier:
keyid:56:08:05:B7:30:18:71:16:9B:D0:9B:88:65:69:D1:F6:9D:C1:9B:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VggFtzAYcRab0JuIZWnR9p3Bm1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/7ccd2c-2c05-453a-b7be-08da420f28c8/1/o1lifhwPcM3OYahRV3yLXqnEuWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/7ccd2c-2c05-453a-b7be-08da420f28c8/1/VggFtzAYcRab0JuIZWnR9p3Bm1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.248.0/21
185.16.140.0/22
193.178.175.0/24
193.219.31.0/24
IPv6:
2a01:8300::/32
Signature Algorithm: sha256WithRSAEncryption
83:5d:32:60:5d:40:02:8d:5f:89:6c:cb:f7:3c:b8:f3:d9:5b:
6f:85:5a:bd:e8:7b:a2:5d:09:73:7f:66:3d:b3:7a:5b:da:c9:
b5:49:06:86:c8:ed:ed:55:bf:b5:07:da:3e:a7:a0:3d:8e:5f:
d9:29:d3:82:ce:95:f6:5b:69:64:ff:55:60:28:4a:b9:d8:d9:
0a:90:a6:d7:2a:21:17:b1:df:cf:b0:80:fc:37:a5:67:18:f2:
fa:ac:ef:d5:ad:26:89:3c:0b:0a:db:dd:d5:05:c1:6d:d7:39:
f4:08:51:06:41:8b:79:30:85:fa:3c:c9:47:0f:98:30:c8:c8:
db:7e:c2:8c:a6:e0:fb:7e:cf:c8:52:9d:88:ff:fd:64:03:46:
71:26:07:ea:7f:0e:72:80:d2:88:99:d3:08:05:88:45:c2:f5:
3e:7d:e6:63:79:8e:3c:32:b3:7e:53:7a:8f:be:06:0b:d7:14:
ff:13:de:87:87:a0:a6:a4:9f:0a:af:a8:db:1b:ac:cc:28:98:
c8:ad:97:b3:46:3d:a3:91:d0:65:bf:93:27:67:e2:02:5b:41:
0c:0c:ca:a6:0a:80:c5:89:e5:6e:2b:13:36:ff:ca:50:15:2a:
26:af:35:9a:90:f8:2c:c7:3c:3e:7c:9b:c5:67:b9:b7:44:d4:
f7:a2:64:cd
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENxTjPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjA4MDViNzMwMTg3MTE2OWJkMDliODg2NTY5ZDFmNjlkYzE5YjU3MB4XDTIyMDEw
MTA2MDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM1OTYyN2UxYzBm
NzBjZGNlNjFhODUxNTc3YzhiNWVhOWM0Yjk2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNIkGDBP7q9bCAGNusVNlnH1HYfSkAlQfz5UeeErCkT0TyS
n9YAzCD3UYJwJqg1qY2x3EVjaJTdT8EyrFzqawjLpVB9VltY+txqdnfKwyskLMtl
2YElVhDp07a4IYLpUGeoM9gk3+/lChZuE2XdBS1yQdOfe7zkk0UchEK4r+gTTojZ
a8Dl7OUs/iLSRNhqU6TBzR40X3yvRJS8Es1MkdAlvvbCg1hZWyZiLZ5DhozASRx+
bBRNzlOfPEjPCX6AmB/asx70abgtdWBMX2tkoB5dF9y+ACVtKgP578faZpoTL8Rx
ZqUiW8bbYKQ2dk7TMU925gT/mGSr7WIBDufBcQUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSjWWJ+HA9wzc5hqFFXfIteqcS5ZjAfBgNVHSMEGDAWgBRWCAW3MBhxFpvQ
m4hladH2ncGbVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZnZ0Z0ekFZY1JhYjBKdUlaV25SOXAzQm0xYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvN2NjZDJjLTJjMDUtNDUzYS1iN2JlLTA4ZGE0MjBmMjhjOC8x
L28xbGlmaHdQY00zT1lhaFJWM3lMWHFuRXVXWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
N2NjZDJjLTJjMDUtNDUzYS1iN2JlLTA4ZGE0MjBmMjhjOC8xL1ZnZ0Z0ekFZY1Jh
YjBKdUlaV25SOXAzQm0xYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAy4T+AMEArkQjAMEAMGyrwMEAMHb
HzANBAIAAjAHAwUAKgGDADANBgkqhkiG9w0BAQsFAAOCAQEAg10yYF1AAo1fiWzL
9zy489lbb4Vaveh7ol0Jc39mPbN6W9rJtUkGhsjt7VW/tQfaPqegPY5f2SnTgs6V
9ltpZP9VYChKudjZCpCm1yohF7Hfz7CA/DelZxjy+qzv1a0miTwLCtvd1QXBbdc5
9AhRBkGLeTCF+jzJRw+YMMjI237CjKbg+37PyFKdiP/9ZANGcSYH6n8OcoDSiJnT
CAWIRcL1Pn3mY3mOPDKzflN6j74GC9cU/xPeh4egpqSfCq+o2xuszCiYyK2Xs0Y9
o5HQZb+TJ2fiAltBDAzKpgqAxYnlbisTNv/KUBUqJq81mpD4LMc8PnybxWe5t0TU
96JkzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:00 2024 by rpki-client on console-ams.rpki-client.org