Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/OujSqMGUpMkSyskbCHXA5GK1sfw.roa
File: OujSqMGUpMkSyskbCHXA5GK1sfw.roa (raw, json)
Hash identifier: H0/FlwCbNOrtSpxhTCpARxzeFZpQ8X9ELaoheDSXNdE=
Subject key identifier: 3A:E8:D2:A8:C1:94:A4:C9:12:CA:C9:1B:08:75:C0:E4:62:B5:B1:FC
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0181D504C699D0621832D4A6FB14406871EE
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/OujSqMGUpMkSyskbCHXA5GK1sfw.roa
Signing time: Wed 06 Jul 2022 19:37:48 +0000
ROA not before: Wed 06 Jul 2022 19:37:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20915
IP address blocks: 217.25.12.0/24 maxlen: 24
87.254.25.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.0.0/19 maxlen: 19
87.254.10.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
87.254.12.0/24 maxlen: 24
87.254.13.0/24 maxlen: 24
217.25.0.0/20 maxlen: 20
87.254.19.0/24 maxlen: 24
2a00:eac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d5:04:c6:99:d0:62:18:32:d4:a6:fb:14:40:68:71:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jul 6 19:37:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ae8d2a8c194a4c912cac91b0875c0e462b5b1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3e:e0:af:2e:bc:59:28:f8:c3:57:0f:11:f5:
36:d1:e0:07:72:6d:58:ec:62:7a:c6:6a:c9:e4:5d:
69:29:32:ee:34:9c:2b:0d:a9:2e:2f:27:7f:46:cb:
02:02:67:0c:df:01:c6:df:ae:63:fd:d5:2f:f7:03:
a2:62:d5:00:32:ae:03:ca:17:72:cb:42:ba:a5:ad:
dc:f5:e8:d4:af:11:05:2f:8d:01:fa:a1:54:0e:4d:
e9:c5:47:14:b3:f6:23:1a:05:a8:13:b1:db:69:0f:
e0:a6:86:01:2e:fc:03:52:b1:1c:d2:70:38:4f:60:
99:9a:70:0d:c0:b5:7d:c4:74:f9:54:fb:ef:f6:27:
98:7d:a1:30:6a:5f:3d:39:05:8a:01:2d:28:ac:37:
3d:54:33:46:49:88:3c:e8:1b:17:14:7f:bc:b8:bf:
0a:50:89:03:46:39:c0:3b:4e:df:96:3d:fe:08:ec:
c1:f1:e0:0f:89:45:f5:df:3f:f2:10:b3:2c:84:3f:
6a:eb:a1:bf:41:00:c8:e7:b1:53:37:37:64:1c:7f:
0d:50:b5:66:13:90:db:49:02:8b:5e:c4:aa:69:d7:
e6:66:b9:f7:2d:a8:5e:cf:b1:90:5f:76:92:5d:b7:
59:b3:ea:b8:4e:c6:47:10:4a:fa:07:31:c4:02:80:
cb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E8:D2:A8:C1:94:A4:C9:12:CA:C9:1B:08:75:C0:E4:62:B5:B1:FC
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/OujSqMGUpMkSyskbCHXA5GK1sfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.0.0/19
217.25.0.0/20
IPv6:
2a00:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
39:6d:b7:ae:35:9b:80:59:9d:5d:07:84:64:48:5f:78:65:4c:
a4:b1:d9:f1:2f:32:16:03:7e:7d:65:df:f8:2b:0d:d9:54:f3:
07:91:e2:e6:19:68:dc:df:89:00:91:44:98:18:09:cc:bb:e8:
b6:cf:10:16:a7:ca:00:68:fe:76:5d:a7:0c:67:8a:78:d1:2c:
87:70:50:48:56:2c:3c:c7:aa:75:db:cf:65:56:bc:b4:de:69:
2b:e3:8a:bd:74:64:5d:11:02:65:f4:00:c0:91:4e:69:4b:f8:
a1:d2:e6:4c:36:23:f6:76:f0:7f:2c:0f:85:b5:42:c1:9b:49:
99:c6:1c:8c:a1:0e:7f:43:d9:38:90:d7:73:2e:40:73:da:3c:
25:01:65:b2:70:69:52:87:3d:65:f5:e8:b7:e9:cf:6b:ff:58:
63:28:0d:7b:c3:ad:b5:68:9f:b0:82:c0:cb:ae:a0:1c:1d:24:
26:63:57:5f:08:ef:ca:14:54:16:28:ed:da:1e:1f:1a:aa:4e:
a5:05:8c:67:83:04:2c:e7:93:58:98:e4:1f:8a:8a:95:10:cd:
c7:02:9e:ae:15:17:40:41:ef:8b:d1:84:bf:56:12:94:57:de:
e9:b7:69:c1:95:07:db:b8:e4:70:08:4a:bd:ef:a2:64:60:7b:
83:9b:3f:be
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYHVBMaZ0GIYMtSm+xRAaHHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIwNzA2MTkzNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU4ZDJhOGMxOTRhNGM5MTJjYWM5MWIwODc1YzBlNDYyYjViMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz7gry68WSj4w1cPEfU20eAHcm1Y
7GJ6xmrJ5F1pKTLuNJwrDakuLyd/RssCAmcM3wHG365j/dUv9wOiYtUAMq4Dyhdy
y0K6pa3c9ejUrxEFL40B+qFUDk3pxUcUs/YjGgWoE7HbaQ/gpoYBLvwDUrEc0nA4
T2CZmnANwLV9xHT5VPvv9ieYfaEwal89OQWKAS0orDc9VDNGSYg86BsXFH+8uL8K
UIkDRjnAO07flj3+COzB8eAPiUX13z/yELMshD9q66G/QQDI57FTNzdkHH8NULVm
E5DbSQKLXsSqadfmZrn3Lahez7GQX3aSXbdZs+q4TsZHEEr6BzHEAoDLwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDro0qjBlKTJEsrJGwh1wORitbH8MB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvT3VqU3FNR1VwTWtTeXNrYkNIWEE1R0sxc2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFV/4AAwQE
2RkAMA0EAgACMAcDBQAqAOrAMA0GCSqGSIb3DQEBCwUAA4IBAQA5bbeuNZuAWZ1d
B4RkSF94ZUyksdnxLzIWA359Zd/4Kw3ZVPMHkeLmGWjc34kAkUSYGAnMu+i2zxAW
p8oAaP52XacMZ4p40SyHcFBIViw8x6p1289lVry03mkr44q9dGRdEQJl9ADAkU5p
S/ih0uZMNiP2dvB/LA+FtULBm0mZxhyMoQ5/Q9k4kNdzLkBz2jwlAWWycGlShz1l
9ei36c9r/1hjKA17w621aJ+wgsDLrqAcHSQmY1dfCO/KFFQWKO3aHh8aqk6lBYxn
gwQs55NYmOQfioqVEM3HAp6uFRdAQe+L0YS/VhKUV97pt2nBlQfbuORwCEq976Jk
YHuDmz++
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org