Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/ozybYYUFlqKiGnUReJt_w6_oHac.roa
File: ozybYYUFlqKiGnUReJt_w6_oHac.roa (raw, json)
Hash identifier: b3kzuaJ7iEuPSYuwioDdx0fYuIS1gDI1QRiduls9hbk=
Subject key identifier: A3:3C:9B:61:85:05:96:A2:A2:1A:75:11:78:9B:7F:C3:AF:E8:1D:A7
Certificate issuer: /CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Certificate serial: 018457FAC788D698E8D1C72B34074E835C23
Authority key identifier: BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/ozybYYUFlqKiGnUReJt_w6_oHac.roa
Signing time: Tue 08 Nov 2022 16:02:43 +0000
ROA not before: Tue 08 Nov 2022 16:02:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34219
IP address blocks: 178.255.16.0/22 maxlen: 22
178.255.22.0/24 maxlen: 24
178.255.20.0/23 maxlen: 23
93.94.4.0/23 maxlen: 23
185.2.56.0/22 maxlen: 22
2a03:1e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:57:fa:c7:88:d6:98:e8:d1:c7:2b:34:07:4e:83:5c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Validity
Not Before: Nov 8 16:02:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a33c9b61850596a2a21a7511789b7fc3afe81da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:23:43:78:8a:bd:f8:3a:8a:34:48:fc:a0:a0:
92:e0:5a:49:36:e2:f5:e0:48:10:d9:ef:bb:8c:cb:
bb:e4:2c:c1:0a:84:97:98:8d:d8:9e:09:dd:24:0a:
9d:fc:24:9b:e0:1e:e6:4a:f9:21:e9:b9:d0:3a:22:
0a:2c:27:e1:cf:63:59:ce:bc:c8:ad:0d:52:2c:31:
74:31:73:a8:36:ac:e7:98:c2:66:fc:1d:46:9e:10:
bc:7d:f3:51:52:51:42:50:c0:9e:bd:7b:3f:9e:26:
1d:d2:96:6e:6d:47:09:25:b0:23:79:47:0c:2c:ba:
8a:70:09:0a:40:e2:68:e4:7c:92:d9:de:9b:50:45:
c8:d2:33:79:b3:ab:5c:ce:df:5e:a2:43:03:70:77:
49:74:a6:70:f0:a0:18:f6:16:0e:11:4d:53:24:b0:
58:ef:7d:9e:ab:21:de:e1:65:bc:7e:1e:52:fa:db:
c9:f5:b6:1a:3d:76:89:1f:85:61:17:15:88:ed:95:
51:a9:5b:ac:cd:fe:39:4c:43:c9:88:19:93:74:8f:
d4:a8:63:9d:03:60:3c:41:30:cb:bc:77:a2:e8:f0:
a5:64:a4:ec:43:6c:87:85:0d:e0:ce:86:14:0d:99:
d6:80:6e:48:7f:88:9a:25:35:0a:5e:aa:d2:c3:da:
15:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3C:9B:61:85:05:96:A2:A2:1A:75:11:78:9B:7F:C3:AF:E8:1D:A7
X509v3 Authority Key Identifier:
keyid:BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/ozybYYUFlqKiGnUReJt_w6_oHac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.4.0/23
178.255.16.0-178.255.22.255
185.2.56.0/22
IPv6:
2a03:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
2b:c9:15:de:7e:af:83:ba:36:a7:f0:85:cf:cf:e0:2a:4b:9f:
f7:a2:f9:23:48:ef:f2:b9:d5:44:33:c1:f0:f6:b1:9b:de:15:
a6:b1:c7:82:13:b4:82:d7:28:1e:94:4b:36:68:5e:e5:ed:6d:
7c:96:72:21:e4:1a:8b:83:c6:9d:6e:22:ab:4b:f2:87:d3:fc:
10:a1:37:a5:4d:53:ee:5e:83:32:fe:b5:2c:ac:0b:db:d2:ae:
b9:2e:30:07:5f:91:df:55:74:2b:04:66:fe:36:74:d6:34:9e:
f4:8d:45:53:c6:15:54:ac:46:96:ad:6f:5a:e5:75:be:89:7c:
a6:78:f6:aa:7e:8c:86:38:ff:d8:8a:56:3d:3d:c1:67:96:fd:
94:2d:56:41:a4:b5:77:b5:a6:b0:a6:38:7e:5a:39:8e:7d:2e:
da:15:fe:3e:82:cd:aa:64:90:f6:fc:f7:62:01:af:62:49:fd:
44:e8:c5:be:87:19:c6:b5:a2:89:ca:ec:e5:60:c4:02:82:75:
b2:51:2d:c6:aa:6b:c8:21:fd:8e:25:b6:45:1f:e5:9f:d5:f3:
c9:3f:d7:a2:2f:a6:39:29:c8:3d:b2:3c:9c:6a:f9:51:35:cd:
7c:fd:89:be:1d:ce:53:7f:1d:05:8e:18:c1:64:ad:1d:28:c0:
d7:bb:9d:e5
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYRX+seI1pjo0ccrNAdOg1wjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjQ5MzQ1N2IyZjAyZTY5Yjg1ZjcxOGRjYzE2YTlhOWVm
MGZjZDEwHhcNMjIxMTA4MTYwMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNjOWI2MTg1MDU5NmEyYTIxYTc1MTE3ODliN2ZjM2FmZTgxZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyNDeIq9+DqKNEj8oKCS4FpJNuL1
4EgQ2e+7jMu75CzBCoSXmI3YngndJAqd/CSb4B7mSvkh6bnQOiIKLCfhz2NZzrzI
rQ1SLDF0MXOoNqznmMJm/B1GnhC8ffNRUlFCUMCevXs/niYd0pZubUcJJbAjeUcM
LLqKcAkKQOJo5HyS2d6bUEXI0jN5s6tczt9eokMDcHdJdKZw8KAY9hYOEU1TJLBY
732eqyHe4WW8fh5S+tvJ9bYaPXaJH4VhFxWI7ZVRqVuszf45TEPJiBmTdI/UqGOd
A2A8QTDLvHei6PClZKTsQ2yHhQ3gzoYUDZnWgG5If4iaJTUKXqrSw9oVwQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKM8m2GFBZaiohp1EXibf8Ov6B2nMB8GA1UdIwQY
MBaAFL+0k0V7LwLmm4X3GNzBapqe8PzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMt
MWY2NDA5ODQ4MTUwLzEvb3p5YllZVUZscUtpR25VUmVKdF93Nl9vSGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMtMWY2NDA5ODQ4MTUw
LzEvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQBXV4EMAwD
BASy/xADBACy/xYDBAK5AjgwDQQCAAIwBwMFACoDHgAwDQYJKoZIhvcNAQELBQAD
ggEBACvJFd5+r4O6Nqfwhc/P4CpLn/ei+SNI7/K51UQzwfD2sZveFaaxx4ITtILX
KB6USzZoXuXtbXyWciHkGouDxp1uIqtL8ofT/BChN6VNU+5egzL+tSysC9vSrrku
MAdfkd9VdCsEZv42dNY0nvSNRVPGFVSsRpatb1rldb6JfKZ49qp+jIY4/9iKVj09
wWeW/ZQtVkGktXe1prCmOH5aOY59LtoV/j6CzapkkPb892IBr2JJ/UToxb6HGca1
oonK7OVgxAKCdbJRLcaqa8gh/Y4ltkUf5Z/V88k/16IvpjkpyD2yPJxq+VE1zXz9
ib4dzlN/HQWOGMFkrR0owNe7neU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:57 2024 by rpki-client on console-ams.rpki-client.org