Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a07342-1742-41a1-8bc7-01a28a76ccf4/1/a0j-3OMT2iyZU9QMKlaVslVPfz8.roa
File: a0j-3OMT2iyZU9QMKlaVslVPfz8.roa (raw, json)
Hash identifier: u3RrNrLxWx/cxcgBLI4WNR3HczsyImqIlLTRtCHygM4=
Subject key identifier: 6B:48:FE:DC:E3:13:DA:2C:99:53:D4:0C:2A:56:95:B2:55:4F:7F:3F
Certificate issuer: /CN=07090fba663b072bb54cc7d49e88a0380374cb6e
Certificate serial: 0184E7A01BA12099FFC826227F3C42ACAD60
Authority key identifier: 07:09:0F:BA:66:3B:07:2B:B5:4C:C7:D4:9E:88:A0:38:03:74:CB:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BwkPumY7Byu1TMfUnoigOAN0y24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a07342-1742-41a1-8bc7-01a28a76ccf4/1/a0j-3OMT2iyZU9QMKlaVslVPfz8.roa
Signing time: Tue 06 Dec 2022 13:29:00 +0000
ROA not before: Tue 06 Dec 2022 13:29:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197161
IP address blocks: 94.154.14.0/24 maxlen: 24
195.42.149.0/24 maxlen: 24
195.42.148.0/23 maxlen: 23
185.65.80.0/22 maxlen: 24
195.42.148.0/24 maxlen: 24
2a03:1a60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:a0:1b:a1:20:99:ff:c8:26:22:7f:3c:42:ac:ad:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07090fba663b072bb54cc7d49e88a0380374cb6e
Validity
Not Before: Dec 6 13:29:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b48fedce313da2c9953d40c2a5695b2554f7f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:62:df:b4:a5:57:42:5c:4f:df:be:7f:13:84:
7e:02:7e:a6:5f:1d:a1:65:0b:c5:9d:b4:67:26:8d:
89:9c:a8:2d:d4:5e:52:62:fb:db:88:24:ef:80:4f:
c2:7f:8e:60:78:fc:39:77:b7:7b:6f:fa:9e:1d:f5:
e2:f3:ce:9f:96:07:a7:6c:d2:bc:68:63:ff:70:43:
2c:dd:f5:26:ea:36:df:3c:27:b3:68:e7:a4:db:86:
4a:c9:53:41:33:1b:aa:17:21:00:37:80:88:63:2f:
a1:a8:0a:d8:32:7a:e1:1b:d1:07:a9:b0:65:42:b7:
48:9a:cb:b3:77:21:8a:9a:fb:69:73:88:4a:d3:bf:
20:00:ff:8c:74:11:aa:42:58:7b:31:f5:f6:68:84:
1e:0e:e3:6a:60:95:4f:27:18:95:32:8d:19:69:40:
e8:19:bb:51:4c:45:ab:51:82:c2:d6:a5:88:47:ef:
10:c4:8a:52:e0:66:64:ed:2b:8e:7a:83:8f:a5:08:
6b:f3:c1:2f:31:24:9e:d3:b8:7b:47:eb:f9:17:64:
6b:39:8c:f4:50:aa:46:af:29:6d:be:35:cb:99:76:
92:c7:f3:ae:f9:e8:39:d5:6a:68:43:2c:59:f2:2a:
3a:bf:3a:e7:8a:27:38:cd:35:84:96:13:db:dc:4a:
2b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:48:FE:DC:E3:13:DA:2C:99:53:D4:0C:2A:56:95:B2:55:4F:7F:3F
X509v3 Authority Key Identifier:
keyid:07:09:0F:BA:66:3B:07:2B:B5:4C:C7:D4:9E:88:A0:38:03:74:CB:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BwkPumY7Byu1TMfUnoigOAN0y24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a07342-1742-41a1-8bc7-01a28a76ccf4/1/a0j-3OMT2iyZU9QMKlaVslVPfz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a07342-1742-41a1-8bc7-01a28a76ccf4/1/BwkPumY7Byu1TMfUnoigOAN0y24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.14.0/24
185.65.80.0/22
195.42.148.0/23
IPv6:
2a03:1a60::/32
Signature Algorithm: sha256WithRSAEncryption
2b:81:b3:c5:3e:d3:df:68:1f:44:bc:2e:e9:33:f8:d6:79:0d:
da:51:23:1a:2f:d8:a6:69:6f:71:cc:03:ed:23:31:5c:67:94:
88:97:27:2f:73:21:e7:3f:a8:f5:bf:9b:fc:11:ae:37:06:2b:
67:35:99:13:fa:7b:78:7c:e7:d6:fb:8e:65:13:f4:97:79:21:
0d:a5:43:3a:0b:f4:f6:60:06:3b:a8:7d:98:a0:27:1d:94:97:
09:be:f6:10:5f:91:a0:b9:99:74:be:1e:0e:c8:25:39:a5:f6:
39:16:63:5b:21:10:cb:0b:a2:a2:ca:c2:0e:c1:35:8b:f5:25:
aa:ec:74:a8:55:99:e2:77:3d:20:fd:af:2b:38:82:27:5f:9d:
2b:f8:82:a9:3b:48:1e:3b:3f:70:d1:e2:dc:a1:75:ed:4e:6a:
c6:ab:ed:6a:ef:31:0f:b8:cf:b6:65:e8:b6:e4:63:10:55:8b:
f2:fb:18:af:05:69:34:db:87:87:3e:bc:39:aa:dd:c5:a1:c1:
dd:88:81:23:5f:fc:ed:c1:d3:87:b4:3c:db:3c:28:e9:22:cc:
e5:67:12:90:13:ea:8b:2d:60:5f:b6:2e:3c:2a:cd:a7:2c:53:
b3:be:d4:0a:c5:c8:ae:28:fe:0c:38:39:70:ba:b0:bc:42:71:
d4:c6:2e:98
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYTnoBuhIJn/yCYifzxCrK1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MDkwZmJhNjYzYjA3MmJiNTRjYzdkNDllODhhMDM4MDM3
NGNiNmUwHhcNMjIxMjA2MTMyOTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQ4ZmVkY2UzMTNkYTJjOTk1M2Q0MGMyYTU2OTViMjU1NGY3ZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWLftKVXQlxP375/E4R+An6mXx2h
ZQvFnbRnJo2JnKgt1F5SYvvbiCTvgE/Cf45gePw5d7d7b/qeHfXi886flgenbNK8
aGP/cEMs3fUm6jbfPCezaOek24ZKyVNBMxuqFyEAN4CIYy+hqArYMnrhG9EHqbBl
QrdImsuzdyGKmvtpc4hK078gAP+MdBGqQlh7MfX2aIQeDuNqYJVPJxiVMo0ZaUDo
GbtRTEWrUYLC1qWIR+8QxIpS4GZk7SuOeoOPpQhr88EvMSSe07h7R+v5F2RrOYz0
UKpGryltvjXLmXaSx/Ou+eg51WpoQyxZ8io6vzrniic4zTWElhPb3Eor9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGtI/tzjE9osmVPUDCpWlbJVT38/MB8GA1UdIwQY
MBaAFAcJD7pmOwcrtUzH1J6IoDgDdMtuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQndrUHVtWTdCeXUxVE1mVW5vaWdPQU4weTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hMDczNDItMTc0Mi00MWExLThiYzct
MDFhMjhhNzZjY2Y0LzEvYTBqLTNPTVQyaXlaVTlRTUtsYVZzbFZQZno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hMDczNDItMTc0Mi00MWExLThiYzctMDFhMjhhNzZjY2Y0
LzEvQndrUHVtWTdCeXUxVE1mVW5vaWdPQU4weTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXpoOAwQC
uUFQAwQBwyqUMA0EAgACMAcDBQAqAxpgMA0GCSqGSIb3DQEBCwUAA4IBAQArgbPF
PtPfaB9EvC7pM/jWeQ3aUSMaL9imaW9xzAPtIzFcZ5SIlycvcyHnP6j1v5v8Ea43
BitnNZkT+nt4fOfW+45lE/SXeSENpUM6C/T2YAY7qH2YoCcdlJcJvvYQX5GguZl0
vh4OyCU5pfY5FmNbIRDLC6KiysIOwTWL9SWq7HSoVZnidz0g/a8rOIInX50r+IKp
O0geOz9w0eLcoXXtTmrGq+1q7zEPuM+2Zei25GMQVYvy+xivBWk024eHPrw5qt3F
ocHdiIEjX/ztwdOHtDzbPCjpIszlZxKQE+qLLWBfti48Ks2nLFOzvtQKxciuKP4M
ODlwurC8QnHUxi6Y
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:29 2023 by rpki-client on console-fra.rpki-client.org