Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ogsfepvdFE7gCmhvg4BPVSXu91o.roa
File: ogsfepvdFE7gCmhvg4BPVSXu91o.roa (raw, json)
Hash identifier: tSWW5u+PPJtPcxNASPEkfQPceB2+EKpA6/Vw+s5HVYo=
Subject key identifier: A2:0B:1F:7A:9B:DD:14:4E:E0:0A:68:6F:83:80:4F:55:25:EE:F7:5A
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0719878C
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ogsfepvdFE7gCmhvg4BPVSXu91o.roa
Signing time: Thu 02 Jun 2022 05:41:25 +0000
ROA not before: Thu 02 Jun 2022 05:41:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 94.26.89.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119113612 (0x719878c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 2 05:41:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a20b1f7a9bdd144ee00a686f83804f5525eef75a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:65:08:02:30:11:a6:1f:d3:83:e0:4f:94:5b:
37:ef:62:f7:c6:1a:6e:f8:58:58:ff:67:ab:bc:38:
bc:ca:d6:22:ac:f6:0a:bf:e2:39:f2:4a:14:01:1a:
36:bc:77:40:31:94:b3:d6:a1:e1:67:9b:18:c7:d3:
f8:7d:c0:8e:37:05:a0:fb:f9:17:1a:d3:10:31:3c:
ea:08:17:bd:9d:a0:63:f0:94:f5:f4:33:78:ea:6c:
e5:f4:e7:b2:94:28:59:48:e7:02:0b:b8:ad:7a:fb:
d1:8d:0e:07:eb:c2:82:c7:f0:f5:df:c3:36:9f:f9:
37:8b:a9:a7:e5:b7:d8:88:53:11:c7:85:12:96:7a:
45:7f:57:6e:f0:a9:9d:c7:67:80:64:17:21:ab:fc:
e9:2e:e4:c9:36:95:71:c4:2d:85:35:8c:b0:b7:70:
41:df:62:23:4a:7d:e7:ce:41:90:57:c8:74:e4:90:
71:e1:33:e3:8f:fd:fd:b6:a5:f6:e3:aa:91:cc:71:
b8:ae:af:38:13:d4:93:47:46:71:ff:5f:10:96:c5:
68:20:9d:2b:d7:db:ad:f6:a3:4c:f5:a6:75:52:9f:
ef:ae:59:4b:d3:63:cb:41:90:48:51:a2:ad:06:c1:
3a:d2:67:14:56:8a:90:12:08:bb:62:fd:3a:a1:39:
9b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0B:1F:7A:9B:DD:14:4E:E0:0A:68:6F:83:80:4F:55:25:EE:F7:5A
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ogsfepvdFE7gCmhvg4BPVSXu91o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/23
78.159.156.0/24
91.92.34.0/24
93.152.206.0-93.152.208.255
93.152.216.0/24
93.152.222.0/24
93.152.230.0/24
94.26.89.0/24
94.190.195.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:9a:40:ab:8b:47:e5:f7:65:a9:1f:9c:9d:8a:d9:40:bc:b3:
4c:a1:6a:37:f2:f4:29:15:d4:d1:e7:df:c6:14:ec:bb:80:16:
35:48:ef:3e:ac:fa:46:ee:ee:c3:83:77:93:f8:49:fa:cc:87:
d1:fd:f4:c2:2e:bb:b6:67:28:96:12:e1:5c:7c:1b:f9:03:f6:
89:dc:61:0f:86:6d:f4:cf:d1:b4:33:61:b4:a0:b0:f5:05:a3:
66:7b:b8:82:11:02:41:0f:f8:77:e2:bb:df:cc:af:3c:31:94:
85:f3:49:7f:c3:f5:a8:47:2f:bb:0d:74:19:b9:91:0d:72:62:
02:6d:84:30:da:05:b3:77:67:7b:8c:8d:8e:c4:0c:d0:89:1c:
5b:ab:c1:41:d6:7f:d5:55:e9:bf:6c:c6:91:f4:ff:f7:f3:78:
f4:48:4f:4a:9c:43:32:79:fe:6f:85:67:53:e3:e5:d8:66:b7:
61:e2:f0:8b:cc:d9:00:05:37:fd:09:7d:55:49:ce:6a:0b:d3:
cf:29:f1:d0:24:8b:22:ce:d3:f6:6f:06:7a:05:38:b7:fa:47:
e0:e6:06:e5:a5:5b:97:ed:a6:71:6a:6b:9a:5b:a7:57:ce:cb:
83:15:66:dc:0f:05:dd:5c:1c:39:3c:3f:c0:f8:8a:30:b4:e8:
12:89:e8:a5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIEBxmHjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDYw
MjA1NDEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTIwYjFmN2E5YmRk
MTQ0ZWUwMGE2ODZmODM4MDRmNTUyNWVlZjc1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKplCAIwEaYf04PgT5RbN+9i98YabvhYWP9nq7w4vMrWIqz2
Cr/iOfJKFAEaNrx3QDGUs9ah4WebGMfT+H3AjjcFoPv5FxrTEDE86ggXvZ2gY/CU
9fQzeOps5fTnspQoWUjnAgu4rXr70Y0OB+vCgsfw9d/DNp/5N4upp+W32IhTEceF
EpZ6RX9XbvCpncdngGQXIav86S7kyTaVccQthTWMsLdwQd9iI0p9585BkFfIdOSQ
ceEz44/9/bal9uOqkcxxuK6vOBPUk0dGcf9fEJbFaCCdK9fbrfajTPWmdVKf765Z
S9Njy0GQSFGirQbBOtJnFFaKkBIIu2L9OqE5m2kCAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBSiCx96m90UTuAKaG+DgE9VJe73WjAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L29nc2ZlcHZkRkU3Z0NtaHZnNEJQVlNYdTkxby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPgMEAS2N6gMEAE6fnAMEAFtcIjAMAwQB
XZjOAwQAXZjQAwQAXZjYAwQAXZjeAwQAXZjmAwQAXhpZAwQAXr7DMA0GCSqGSIb3
DQEBCwUAA4IBAQCtmkCri0fl92WpH5yditlAvLNMoWo38vQpFdTR59/GFOy7gBY1
SO8+rPpG7u7Dg3eT+En6zIfR/fTCLru2ZyiWEuFcfBv5A/aJ3GEPhm30z9G0M2G0
oLD1BaNme7iCEQJBD/h34rvfzK88MZSF80l/w/WoRy+7DXQZuZENcmICbYQw2gWz
d2d7jI2OxAzQiRxbq8FB1n/VVem/bMaR9P/383j0SE9KnEMyef5vhWdT4+XYZrdh
4vCLzNkABTf9CX1VSc5qC9PPKfHQJIsiztP2bwZ6BTi3+kfg5gblpVuX7aZxamua
W6dXzsuDFWbcDwXdXBw5PD/A+IowtOgSieil
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org