Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/oMpkYA7ARykb-rKMaZUYHqpoiFI.roa
File: oMpkYA7ARykb-rKMaZUYHqpoiFI.roa (raw, json)
Hash identifier: 0nZmbz+wmMH0M8atALBWJaRO4faKhP2o3mp4Mdez+hc=
Subject key identifier: A0:CA:64:60:0E:C0:47:29:1B:FA:B2:8C:69:95:18:1E:AA:68:88:52
Certificate issuer: /CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Certificate serial: 1B08EE9A
Authority key identifier: FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/oMpkYA7ARykb-rKMaZUYHqpoiFI.roa
Signing time: Sat 01 Jan 2022 09:53:22 +0000
ROA not before: Sat 01 Jan 2022 09:53:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12322
IP address blocks: 83.152.0.0/13 maxlen: 15
88.120.0.0/13 maxlen: 13
213.36.0.0/16 maxlen: 18
91.160.0.0/12 maxlen: 12
82.142.0.0/18 maxlen: 18
83.214.0.0/16 maxlen: 16
194.149.160.0/19 maxlen: 19
212.62.128.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 453570202 (0x1b08ee9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Validity
Not Before: Jan 1 09:53:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0ca64600ec047291bfab28c6995181eaa688852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3d:31:7c:e7:10:84:23:82:f2:8f:f6:a8:2f:
fe:71:5e:76:d3:e8:ef:ab:4e:a4:08:ea:a5:48:95:
72:a4:79:6e:71:c8:13:5f:b1:5a:3c:7f:4a:55:ed:
8e:ef:35:ec:69:8c:bc:3a:f4:d7:e1:57:33:47:fb:
eb:60:b2:fc:74:39:69:d5:17:80:b5:c7:69:dd:91:
5f:bf:d2:5a:c9:2f:dd:4d:20:74:bd:db:ef:4e:21:
bc:00:df:2d:d3:a4:c3:f2:2e:9c:3f:e6:57:e2:15:
65:fe:cb:7a:b4:9e:e0:0a:1e:f8:9e:77:a2:ab:2b:
14:08:d3:aa:e5:87:0c:ca:aa:e5:a0:4b:64:ea:06:
8e:c7:67:41:92:5d:f5:66:52:28:c9:f5:6d:12:47:
1c:95:e0:2c:33:3a:7c:5d:8e:77:31:0e:43:ad:8f:
c1:92:17:d6:12:dd:96:b9:75:93:64:d2:09:25:a0:
58:55:5d:b0:a3:ff:bc:45:6c:c5:bd:c1:5b:a1:c3:
61:a2:42:b5:50:c3:1a:ab:03:f5:4f:83:a3:02:4c:
0e:43:8b:32:6a:2e:22:da:08:5d:0b:25:bc:52:d6:
c2:7c:5c:45:a1:bd:1f:4c:13:47:e7:53:2b:e9:50:
b3:e4:61:ac:6e:e7:a0:57:13:de:34:1d:d8:82:39:
b6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CA:64:60:0E:C0:47:29:1B:FA:B2:8C:69:95:18:1E:AA:68:88:52
X509v3 Authority Key Identifier:
keyid:FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/oMpkYA7ARykb-rKMaZUYHqpoiFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.142.0.0/18
83.152.0.0/13
83.214.0.0/16
88.120.0.0/13
91.160.0.0/12
194.149.160.0/19
212.62.128.0/18
213.36.0.0/16
Signature Algorithm: sha256WithRSAEncryption
84:f5:8f:16:06:7a:66:66:e7:bc:85:24:f5:fb:5a:75:10:88:
9d:0b:bd:66:ed:01:a4:2a:d9:14:f0:02:13:ec:56:af:53:f4:
fb:7d:d5:0c:09:96:1e:87:55:64:47:ab:f8:c1:cf:47:3f:9e:
35:32:bf:1f:1a:9d:2e:13:2f:87:b9:9c:3e:1f:d2:51:44:ca:
bb:71:5c:b7:a3:df:9d:e4:6d:fe:49:35:cc:25:33:e8:4f:8c:
f7:f3:28:76:a6:e7:02:22:50:0d:f8:b0:03:35:66:3b:17:ae:
23:fc:b2:5a:a9:aa:0a:5e:76:a9:ce:1d:d5:07:64:5f:0f:49:
4d:8a:3f:8f:46:42:46:45:6a:48:d0:8e:a3:6c:07:0e:9e:a6:
a8:42:e0:dd:11:cb:04:22:6e:03:f9:7b:f6:05:ba:e7:27:8f:
48:7a:fb:82:d3:e3:9f:d4:4b:cb:07:60:cf:77:21:2a:8c:f3:
a1:c8:b8:29:80:05:f4:4b:77:66:40:22:de:8b:7b:8e:3b:0d:
86:9c:65:d1:90:1b:a4:71:2c:9e:b1:79:c7:9c:53:b3:9d:30:
fb:a3:fe:cf:6e:f7:ae:e2:c6:22:8a:9c:d6:9b:6e:45:ae:7a:
6e:26:17:27:44:89:68:30:5b:7a:2d:9e:e1:d3:d5:28:6d:70:
78:b8:1a:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEGwjumjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWUxNmI0OTNkMmExMjg5N2NhZjQ3NTdiYjE4YTAyZWVjMmNkZTE3MB4XDTIyMDEw
MTA5NTMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBjYTY0NjAwZWMw
NDcyOTFiZmFiMjhjNjk5NTE4MWVhYTY4ODg1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKE9MXznEIQjgvKP9qgv/nFedtPo76tOpAjqpUiVcqR5bnHI
E1+xWjx/SlXtju817GmMvDr01+FXM0f762Cy/HQ5adUXgLXHad2RX7/SWskv3U0g
dL3b704hvADfLdOkw/IunD/mV+IVZf7LerSe4Aoe+J53oqsrFAjTquWHDMqq5aBL
ZOoGjsdnQZJd9WZSKMn1bRJHHJXgLDM6fF2OdzEOQ62PwZIX1hLdlrl1k2TSCSWg
WFVdsKP/vEVsxb3BW6HDYaJCtVDDGqsD9U+DowJMDkOLMmouItoIXQslvFLWwnxc
RaG9H0wTR+dTK+lQs+RhrG7noFcT3jQd2II5tk8CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSgymRgDsBHKRv6soxplRgeqmiIUjAfBgNVHSMEGDAWgBT64WtJPSoSiXyv
R1e7GKAu7CzeFzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtdUZyU1QwcUVvbDhyMGRYdXhpZ0x1d3MzaGMuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UzLzI5M2QzNi05ZGEyLTQ0MDUtOGRlMy00YWZkODI1NGFlNDMv
MS9vTXBrWUE3QVJ5a2ItcktNYVpVWUhxcG9pRkkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uz
LzI5M2QzNi05ZGEyLTQ0MDUtOGRlMy00YWZkODI1NGFlNDMvMS8xLXVGclNUMHFF
b2w4cjBkWHV4aWdMdXdzM2hjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArAwQGUo4AAwMDU5gDAwBT1gMDA1h4
AwMEW6ADBAXClaADBAbUPoADAwDVJDANBgkqhkiG9w0BAQsFAAOCAQEAhPWPFgZ6
ZmbnvIUk9ftadRCInQu9Zu0BpCrZFPACE+xWr1P0+33VDAmWHodVZEer+MHPRz+e
NTK/HxqdLhMvh7mcPh/SUUTKu3Fct6PfneRt/kk1zCUz6E+M9/ModqbnAiJQDfiw
AzVmOxeuI/yyWqmqCl52qc4d1QdkXw9JTYo/j0ZCRkVqSNCOo2wHDp6mqELg3RHL
BCJuA/l79gW65yePSHr7gtPjn9RLywdgz3chKozzoci4KYAF9Et3ZkAi3ot7jjsN
hpxl0ZAbpHEsnrF5x5xTs50w+6P+z273ruLGIoqc1ptuRa56biYXJ0SJaDBbei2e
4dPVKG1weLgasQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:14 2024 by rpki-client on console-ams.rpki-client.org