Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/b6a1cd-65a0-49d3-9c5f-f06fc48c8e4c/1/os7VTJMiL8sKFmYyrth_eqLMj7k.roa
File: os7VTJMiL8sKFmYyrth_eqLMj7k.roa (raw, json)
Hash identifier: 2X4wowUfBlhNs7og0u2QKUvPzN5WRx0EEb3zp3ufswo=
Subject key identifier: A2:CE:D5:4C:93:22:2F:CB:0A:16:66:32:AE:D8:7F:7A:A2:CC:8F:B9
Certificate issuer: /CN=6a211643187ef9258a1325cdfc1d1bf7383be85b
Certificate serial: 35C59ED5
Authority key identifier: 6A:21:16:43:18:7E:F9:25:8A:13:25:CD:FC:1D:1B:F7:38:3B:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aiEWQxh--SWKEyXN_B0b9zg76Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/b6a1cd-65a0-49d3-9c5f-f06fc48c8e4c/1/os7VTJMiL8sKFmYyrth_eqLMj7k.roa
Signing time: Tue 03 May 2022 07:50:27 +0000
ROA not before: Tue 03 May 2022 07:50:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15471
IP address blocks: 194.153.232.0/24 maxlen: 24
88.158.0.0/16 maxlen: 24
2a03:fa80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 902143701 (0x35c59ed5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a211643187ef9258a1325cdfc1d1bf7383be85b
Validity
Not Before: May 3 07:50:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2ced54c93222fcb0a166632aed87f7aa2cc8fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:03:57:3d:93:9d:9e:0b:aa:08:31:37:78:c0:
32:10:42:1f:08:26:95:ae:9b:80:51:2b:ea:65:33:
a6:99:48:70:8e:0d:ba:f9:25:7d:19:32:1c:cc:96:
1b:67:f4:f8:ca:5b:57:db:b4:73:e7:89:5b:ab:e2:
45:9f:b4:0c:af:30:71:97:95:cd:87:ce:20:ea:61:
9c:a5:32:2c:f5:c6:29:e0:37:92:5f:91:36:d5:2f:
1b:c7:a9:28:d9:07:81:1f:9a:35:bc:92:e6:73:3a:
47:aa:3d:51:11:b2:e9:5e:09:3f:bd:bd:fd:2d:70:
af:9e:af:e8:5e:9f:b2:72:bb:cf:24:71:2f:9c:80:
25:f7:a5:54:3b:59:f0:0a:ea:3d:f0:9c:2a:7c:fd:
cf:5b:3a:67:20:ce:43:0e:c6:c9:43:df:bf:97:27:
f2:bc:e7:63:e7:32:6a:92:3c:55:f8:e3:37:90:14:
5b:b9:8b:3b:37:7c:52:b3:58:30:dc:cf:64:e7:c7:
75:17:c7:a6:b2:f8:38:c1:f4:78:4c:58:e0:a0:70:
5e:de:a0:35:6c:18:eb:42:a7:94:fe:44:9f:9f:0c:
d1:2d:fc:4f:a0:2c:c0:e0:cc:93:4d:03:1a:03:aa:
e8:d4:60:78:ee:2c:89:83:b0:96:5d:c1:7a:da:3b:
8a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:CE:D5:4C:93:22:2F:CB:0A:16:66:32:AE:D8:7F:7A:A2:CC:8F:B9
X509v3 Authority Key Identifier:
keyid:6A:21:16:43:18:7E:F9:25:8A:13:25:CD:FC:1D:1B:F7:38:3B:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aiEWQxh--SWKEyXN_B0b9zg76Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b6a1cd-65a0-49d3-9c5f-f06fc48c8e4c/1/os7VTJMiL8sKFmYyrth_eqLMj7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b6a1cd-65a0-49d3-9c5f-f06fc48c8e4c/1/aiEWQxh--SWKEyXN_B0b9zg76Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.158.0.0/16
194.153.232.0/24
IPv6:
2a03:fa80::/32
Signature Algorithm: sha256WithRSAEncryption
3d:2d:91:2a:79:93:52:af:8d:99:47:18:5d:52:94:a8:e8:ec:
c9:4e:65:a2:ef:8a:1c:f4:9a:a9:bf:5f:a2:45:b9:bf:af:18:
a9:0c:dc:7c:01:13:1b:92:fb:39:99:df:3f:5f:68:56:1f:f9:
a2:e1:9b:a6:1d:67:58:9b:af:9c:28:62:23:7f:c3:3f:62:49:
6e:b4:f9:bc:32:10:c5:08:4b:3b:7e:fb:1d:e0:11:33:6e:e9:
c9:f9:57:a1:05:e9:c7:9a:23:a1:d1:6b:63:a0:61:e2:87:a3:
72:56:f4:13:8d:17:27:29:31:81:97:c7:d2:8d:3c:09:45:3e:
99:40:79:c1:a1:56:80:57:8f:d7:93:cb:66:81:cc:a0:e8:03:
d1:36:41:20:ac:b3:9f:a2:94:a1:07:d1:09:b9:47:b8:cc:81:
f6:c8:fa:33:b4:77:a3:c0:49:e3:86:25:c1:a3:ce:f2:1a:da:
11:b6:56:ea:da:bd:66:99:50:79:e2:fc:db:c6:7d:cf:9d:df:
05:2e:0d:65:e1:38:60:17:cc:aa:46:80:f5:37:05:e3:14:d3:
38:c0:88:08:01:45:5c:09:2e:6e:86:40:28:48:34:a9:2a:be:
b9:30:c3:6b:ff:a5:14:8a:15:7b:dd:fe:35:18:52:b8:04:17:
71:ca:07:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIENcWe1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YTIxMTY0MzE4N2VmOTI1OGExMzI1Y2RmYzFkMWJmNzM4M2JlODViMB4XDTIyMDUw
MzA3NTAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJjZWQ1NGM5MzIy
MmZjYjBhMTY2NjMyYWVkODdmN2FhMmNjOGZiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkDVz2TnZ4LqggxN3jAMhBCHwgmla6bgFEr6mUzpplIcI4N
uvklfRkyHMyWG2f0+MpbV9u0c+eJW6viRZ+0DK8wcZeVzYfOIOphnKUyLPXGKeA3
kl+RNtUvG8epKNkHgR+aNbyS5nM6R6o9URGy6V4JP729/S1wr56v6F6fsnK7zyRx
L5yAJfelVDtZ8ArqPfCcKnz9z1s6ZyDOQw7GyUPfv5cn8rznY+cyapI8VfjjN5AU
W7mLOzd8UrNYMNzPZOfHdRfHprL4OMH0eExY4KBwXt6gNWwY60KnlP5En58M0S38
T6AswODMk00DGgOq6NRgeO4siYOwll3Beto7iosCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSiztVMkyIvywoWZjKu2H96osyPuTAfBgNVHSMEGDAWgBRqIRZDGH75JYoT
Jc38HRv3ODvoWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FpRVdReGgtLVNXS0V5WE5fQjBiOXpnNzZGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvYjZhMWNkLTY1YTAtNDlkMy05YzVmLWYwNmZjNDhjOGU0Yy8x
L29zN1ZUSk1pTDhzS0ZtWXlydGhfZXFMTWo3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
YjZhMWNkLTY1YTAtNDlkMy05YzVmLWYwNmZjNDhjOGU0Yy8xL2FpRVdReGgtLVNX
S0V5WE5fQjBiOXpnNzZGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMDAFieAwQAwpnoMA0EAgACMAcDBQAq
A/qAMA0GCSqGSIb3DQEBCwUAA4IBAQA9LZEqeZNSr42ZRxhdUpSo6OzJTmWi74oc
9Jqpv1+iRbm/rxipDNx8ARMbkvs5md8/X2hWH/mi4ZumHWdYm6+cKGIjf8M/Yklu
tPm8MhDFCEs7fvsd4BEzbunJ+VehBenHmiOh0WtjoGHih6NyVvQTjRcnKTGBl8fS
jTwJRT6ZQHnBoVaAV4/Xk8tmgcyg6APRNkEgrLOfopShB9EJuUe4zIH2yPoztHej
wEnjhiXBo87yGtoRtlbq2r1mmVB54vzbxn3Pnd8FLg1l4ThgF8yqRoD1NwXjFNM4
wIgIAUVcCS5uhkAoSDSpKr65MMNr/6UUihV73f41GFK4BBdxygd+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:27 2023 by rpki-client on console-ams.rpki-client.org