Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/OlWKKP7gRH3MG8gzJmGtWm1PgNs.roa
File: OlWKKP7gRH3MG8gzJmGtWm1PgNs.roa (raw, json)
Hash identifier: URp2jx2zpSakHZriETAWrbTxaVlXluwhHZlsAwcPI9Y=
Subject key identifier: 3A:55:8A:28:FE:E0:44:7D:CC:1B:C8:33:26:61:AD:5A:6D:4F:80:DB
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42752679
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/OlWKKP7gRH3MG8gzJmGtWm1PgNs.roa
Signing time: Sat 01 Jan 2022 14:03:17 +0000
ROA not before: Sat 01 Jan 2022 14:03:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50613
IP address blocks: 192.71.218.0/24 maxlen: 24
192.36.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1114973817 (0x42752679)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a558a28fee0447dcc1bc8332661ad5a6d4f80db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0c:0c:62:ec:dc:63:ed:4c:04:bf:c0:b0:42:
fb:d8:ed:3b:a0:18:8e:08:ba:6e:ab:e0:91:d9:ea:
e2:73:69:ca:70:e8:a4:49:1b:05:39:77:da:17:db:
a5:2b:94:fe:86:18:58:e6:f5:55:b8:9c:bd:ca:11:
16:7a:68:ed:89:d2:57:fd:49:6b:a9:da:cb:fd:fc:
f3:ba:a1:47:d2:f1:c9:ae:1e:ef:ad:49:41:3b:2c:
a0:9f:3f:f7:bc:35:fc:ca:b6:68:f0:28:3e:8e:e5:
39:b0:5d:79:6d:90:88:fc:ea:c2:60:0e:f0:78:d3:
6f:4f:ad:1e:b4:97:e3:48:53:39:a1:00:c7:6c:5d:
85:ff:cf:95:65:d8:25:58:34:e4:5f:7b:11:a6:85:
be:44:d8:10:47:14:a1:a6:1b:85:f6:a8:a4:ac:a4:
5c:13:a2:68:84:9c:88:b5:be:6c:fd:67:b1:92:33:
00:97:9e:8e:46:9c:c7:df:42:85:a0:9c:a1:e3:80:
1d:49:ff:37:ec:ff:c0:18:07:12:dd:91:ba:2a:87:
b7:72:ac:a7:48:d6:fe:c6:fc:21:c0:1a:dc:df:37:
dd:a2:3f:8f:5b:9c:fc:bc:4e:17:f3:5d:31:af:46:
40:2c:50:21:66:36:e3:4b:5b:1f:3c:90:d5:8f:d3:
97:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:55:8A:28:FE:E0:44:7D:CC:1B:C8:33:26:61:AD:5A:6D:4F:80:DB
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/OlWKKP7gRH3MG8gzJmGtWm1PgNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.57.0/24
192.71.218.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:2f:e9:bc:61:38:f2:82:94:ae:82:94:41:d3:f3:09:4c:85:
12:9e:a7:37:45:5d:18:fd:5e:07:e0:49:00:42:55:40:bf:70:
68:48:e1:97:5e:65:62:6b:f8:a1:a8:c0:c4:b0:da:c1:ac:68:
52:25:93:58:e2:4f:0a:06:c3:1e:c1:5f:aa:12:2e:a1:96:bd:
c9:c9:1d:5b:67:cb:c5:98:76:36:d8:92:00:82:08:91:29:be:
87:ca:72:ec:8f:e5:c8:b1:f9:cb:ea:24:0a:3f:7e:fa:6a:91:
a7:d4:7c:18:b1:de:11:ed:73:73:cd:32:5f:5d:d8:e7:f1:8b:
e5:0b:25:8e:c0:52:a5:18:1e:14:5b:79:71:e0:86:03:e6:fd:
b8:55:c6:1b:25:c7:70:00:21:a2:28:0f:a3:85:be:d6:9e:f3:
2b:47:9c:4e:7b:05:18:a3:3c:ba:e6:76:c6:92:8f:77:35:68:
19:d7:df:78:1d:cf:b5:80:fe:19:9d:4f:a6:dd:70:34:a3:5d:
ab:82:39:d2:7b:35:c4:f1:34:3e:65:45:ef:49:ff:3e:9d:02:
5a:19:77:41:2f:c4:c6:ac:f7:1a:a6:8a:40:2a:fc:77:b4:54:
c0:9a:11:cd:a2:04:dd:ae:3d:00:d1:2d:6f:05:1a:45:d3:35:
ef:71:67:c0
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEQnUmeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E1NThhMjhmZWUw
NDQ3ZGNjMWJjODMzMjY2MWFkNWE2ZDRmODBkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkMDGLs3GPtTAS/wLBC+9jtO6AYjgi6bqvgkdnq4nNpynDo
pEkbBTl32hfbpSuU/oYYWOb1VbicvcoRFnpo7YnSV/1Ja6nay/3887qhR9Lxya4e
761JQTssoJ8/97w1/Mq2aPAoPo7lObBdeW2QiPzqwmAO8HjTb0+tHrSX40hTOaEA
x2xdhf/PlWXYJVg05F97EaaFvkTYEEcUoaYbhfaopKykXBOiaISciLW+bP1nsZIz
AJeejkacx99ChaCcoeOAHUn/N+z/wBgHEt2RuiqHt3Ksp0jW/sb8IcAa3N833aI/
j1uc/LxOF/NdMa9GQCxQIWY240tbHzyQ1Y/TlzcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ6VYoo/uBEfcwbyDMmYa1abU+A2zAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L09sV0tLUDdnUkgzTUc4Z3pKbUd0V20xUGdOcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMAkOQMEAMBH2jANBgkqhkiG9w0B
AQsFAAOCAQEAqS/pvGE48oKUroKUQdPzCUyFEp6nN0VdGP1eB+BJAEJVQL9waEjh
l15lYmv4oajAxLDawaxoUiWTWOJPCgbDHsFfqhIuoZa9yckdW2fLxZh2NtiSAIII
kSm+h8py7I/lyLH5y+okCj9++mqRp9R8GLHeEe1zc80yX13Y5/GL5QsljsBSpRge
FFt5ceCGA+b9uFXGGyXHcAAhoigPo4W+1p7zK0ecTnsFGKM8uuZ2xpKPdzVoGdff
eB3PtYD+GZ1Ppt1wNKNdq4I50ns1xPE0PmVF70n/Pp0CWhl3QS/Exqz3GqaKQCr8
d7RUwJoRzaIE3a49ANEtbwUaRdM173FnwA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org