Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/OLMIeMkpbq4oBntZOTkAnSFALoQ.roa
File: OLMIeMkpbq4oBntZOTkAnSFALoQ.roa (raw, json)
Hash identifier: cvMp+CzN0Ma0baikYi3W1dvUhdusuKCP8LfB+qWwfrA=
Subject key identifier: 38:B3:08:78:C9:29:6E:AE:28:06:7B:59:39:39:00:9D:21:40:2E:84
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018243C9F874C3304AF178809A18125B366D
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/OLMIeMkpbq4oBntZOTkAnSFALoQ.roa
Signing time: Thu 28 Jul 2022 07:51:25 +0000
ROA not before: Thu 28 Jul 2022 07:51:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23470
IP address blocks: 109.205.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:43:c9:f8:74:c3:30:4a:f1:78:80:9a:18:12:5b:36:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jul 28 07:51:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38b30878c9296eae28067b593939009d21402e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7d:56:58:49:b9:ae:fd:15:0f:96:dc:db:cc:
65:86:7c:1f:75:09:d8:9f:fc:cb:9f:f2:ec:e0:3d:
f1:ba:e1:59:45:e6:82:dd:38:44:73:a6:88:a1:44:
55:ec:d8:cc:93:e5:d9:e5:34:36:77:6c:de:37:f5:
81:3b:00:81:de:e2:2e:a7:f3:1a:45:23:57:a2:01:
7a:bf:d2:df:8d:bc:19:ea:f1:cc:91:2e:35:0d:c4:
75:89:f9:ea:32:d1:42:d4:a5:83:11:52:9f:85:73:
5d:99:5f:ac:27:97:8d:1a:83:a9:a5:d3:29:d7:86:
d4:7b:9b:cb:84:c8:49:ad:6c:e0:9a:bf:bd:2b:a2:
15:e1:58:17:6e:f2:bb:2f:1f:26:72:10:25:dd:6a:
e6:25:0a:e9:76:a2:f1:1d:f9:8c:60:3d:30:2a:2b:
e1:84:2a:40:c7:1b:2f:ed:aa:3b:a1:e1:49:9d:47:
e8:5e:02:01:5f:ab:12:59:af:1d:95:2c:6e:8e:f5:
e0:ed:45:05:af:03:b3:e3:c6:91:0a:6f:ee:2b:9c:
b6:4a:30:7a:6f:4c:bd:24:15:a6:7c:fb:5d:7c:d3:
b1:74:16:35:32:a2:d1:f1:1f:2c:00:62:fd:f9:90:
29:e4:27:8d:47:85:4a:3a:41:ef:ae:f4:9f:b1:8d:
d4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B3:08:78:C9:29:6E:AE:28:06:7B:59:39:39:00:9D:21:40:2E:84
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/OLMIeMkpbq4oBntZOTkAnSFALoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.213.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:0e:4f:03:5d:0f:0f:18:05:a2:d8:3e:65:20:f2:7b:fb:d2:
f7:97:8f:c2:d0:a6:02:0d:ab:4e:04:57:80:cc:ce:ff:76:81:
14:40:e3:66:b2:c4:5c:7f:e5:1c:88:be:ec:ab:22:dd:f2:57:
3a:0e:04:38:96:8b:ab:91:d6:35:2a:55:16:fb:e1:0d:42:7b:
79:18:bf:51:51:c9:7c:b4:a3:4e:9d:35:ff:4f:84:ad:8d:52:
71:dc:cd:cd:58:98:d0:85:37:75:c5:3a:7f:1d:e8:db:00:f0:
b8:a5:ed:62:8e:80:c8:f4:a2:d2:02:68:d7:c2:5e:a3:7a:29:
07:64:03:40:b5:08:ac:3b:84:bf:45:83:07:77:70:16:cd:b9:
e6:23:0a:01:ac:51:30:bb:f2:45:8b:98:b5:ad:5b:71:05:d0:
45:a6:23:99:3c:29:83:9f:10:ed:14:6d:ab:f3:36:3a:48:ab:
66:de:47:ad:d1:f4:67:d2:f5:12:a7:ff:b2:a3:8f:1c:b7:72:
0e:33:56:68:dc:8a:7f:e8:7a:eb:95:f4:eb:e4:14:60:ff:f5:
79:11:f3:8e:2b:95:ca:37:f9:40:10:65:f3:41:c1:d9:22:17:
a0:9b:04:f8:ec:03:e4:69:1b:5a:3c:b0:64:4a:ab:e7:e9:c9:
28:9a:f3:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJDyfh0wzBK8XiAmhgSWzZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwNzI4MDc1MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGIzMDg3OGM5Mjk2ZWFlMjgwNjdiNTkzOTM5MDA5ZDIxNDAyZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo31WWEm5rv0VD5bc28xlhnwfdQnY
n/zLn/Ls4D3xuuFZReaC3ThEc6aIoURV7NjMk+XZ5TQ2d2zeN/WBOwCB3uIup/Ma
RSNXogF6v9LfjbwZ6vHMkS41DcR1ifnqMtFC1KWDEVKfhXNdmV+sJ5eNGoOppdMp
14bUe5vLhMhJrWzgmr+9K6IV4VgXbvK7Lx8mchAl3WrmJQrpdqLxHfmMYD0wKivh
hCpAxxsv7ao7oeFJnUfoXgIBX6sSWa8dlSxujvXg7UUFrwOz48aRCm/uK5y2SjB6
b0y9JBWmfPtdfNOxdBY1MqLR8R8sAGL9+ZAp5CeNR4VKOkHvrvSfsY3UVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDizCHjJKW6uKAZ7WTk5AJ0hQC6EMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvT0xNSWVNa3BicTRvQm50Wk9Ua0FuU0ZBTG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc3VMA0G
CSqGSIb3DQEBCwUAA4IBAQCqDk8DXQ8PGAWi2D5lIPJ7+9L3l4/C0KYCDatOBFeA
zM7/doEUQONmssRcf+UciL7sqyLd8lc6DgQ4lourkdY1KlUW++ENQnt5GL9RUcl8
tKNOnTX/T4StjVJx3M3NWJjQhTd1xTp/HejbAPC4pe1ijoDI9KLSAmjXwl6jeikH
ZANAtQisO4S/RYMHd3AWzbnmIwoBrFEwu/JFi5i1rVtxBdBFpiOZPCmDnxDtFG2r
8zY6SKtm3ket0fRn0vUSp/+yo48ct3IOM1Zo3Ip/6HrrlfTr5BRg//V5EfOOK5XK
N/lAEGXzQcHZIhegmwT47APkaRtaPLBkSqvn6ckomvMe
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org