Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/O2i2PuREfjAeacDOBQkWVXxfqnU.roa
File: O2i2PuREfjAeacDOBQkWVXxfqnU.roa (raw, json)
Hash identifier: YDyx6NVb2kBaUaC0kcNGzh5PQLnctNIB+gC1FgvTWBI=
Subject key identifier: 3B:68:B6:3E:E4:44:7E:30:1E:69:C0:CE:05:09:16:55:7C:5F:AA:75
Certificate issuer: /CN=bfd09a87743817c56f8088007a5746eb69ff2e30
Certificate serial: 17216580
Authority key identifier: BF:D0:9A:87:74:38:17:C5:6F:80:88:00:7A:57:46:EB:69:FF:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/O2i2PuREfjAeacDOBQkWVXxfqnU.roa
Signing time: Wed 09 Mar 2022 19:46:16 +0000
ROA not before: Wed 09 Mar 2022 19:46:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201102
IP address blocks: 195.184.75.0/24 maxlen: 24
185.194.4.0/22 maxlen: 22
185.82.224.0/22 maxlen: 22
2a05:9540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 388064640 (0x17216580)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd09a87743817c56f8088007a5746eb69ff2e30
Validity
Not Before: Mar 9 19:46:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b68b63ee4447e301e69c0ce050916557c5faa75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a2:31:64:6d:64:0d:8c:ae:c8:6a:35:ee:ad:
f2:af:75:a1:8b:ae:2a:19:91:66:e9:a0:6d:70:03:
38:0d:a7:5c:49:2b:c3:31:df:a5:93:81:55:29:72:
d5:13:24:2b:67:60:ac:a2:05:1b:86:80:9a:5c:07:
de:da:40:93:dc:b4:d1:a9:22:9e:02:c1:4d:26:1c:
0d:42:5c:ee:85:d3:d7:03:d5:8c:11:dd:45:73:55:
dd:9c:a8:b6:50:84:1e:88:36:ed:1d:d0:32:b3:60:
e5:e9:68:13:c8:7f:ca:a0:b2:a3:4a:64:e9:6d:22:
44:48:13:33:d0:c1:75:84:12:4d:fa:de:af:0a:6f:
dc:03:3f:c9:92:37:43:19:29:8d:cd:7e:a3:cf:37:
75:01:be:5e:ba:67:87:a6:3f:04:23:88:2b:87:18:
25:03:30:98:ca:41:cc:dc:e4:3a:3c:5b:0d:3f:74:
08:af:89:a0:4c:15:4d:f0:bd:4e:60:8d:ea:5b:3f:
14:90:ce:2f:4a:a5:b6:ba:39:b3:d0:13:c7:2a:9a:
02:87:c7:a9:3c:f4:5f:13:72:1e:71:66:66:1a:d8:
e2:6c:35:3f:83:ab:b7:32:48:66:1e:25:ed:aa:83:
26:e3:d8:fc:cd:04:0a:ab:35:bf:9a:bd:3c:0d:b8:
84:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:68:B6:3E:E4:44:7E:30:1E:69:C0:CE:05:09:16:55:7C:5F:AA:75
X509v3 Authority Key Identifier:
keyid:BF:D0:9A:87:74:38:17:C5:6F:80:88:00:7A:57:46:EB:69:FF:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/O2i2PuREfjAeacDOBQkWVXxfqnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/v9Cah3Q4F8VvgIgAeldG62n_LjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.224.0/22
185.194.4.0/22
195.184.75.0/24
IPv6:
2a05:9540::/29
Signature Algorithm: sha256WithRSAEncryption
86:25:5f:f1:27:88:9e:6f:e3:b7:cd:4a:3b:48:f5:00:97:b2:
fd:04:83:01:7c:0c:b3:a7:f6:c2:d9:fa:b8:86:35:71:77:f9:
75:8c:84:76:4b:6d:78:5e:24:ad:84:70:47:0b:4a:5b:e2:d9:
6c:21:73:21:6e:35:98:07:b3:ec:84:bd:5b:59:e3:21:99:8e:
b1:95:3b:a4:01:14:74:59:99:14:21:f4:41:97:6f:d2:72:83:
8e:a3:72:3c:ed:70:56:5e:5a:d3:05:09:76:c1:4f:6d:7a:f8:
a1:76:e5:03:0a:9d:7f:ba:35:f9:1d:0b:3f:13:db:3d:e0:de:
55:eb:81:dd:d1:7f:d3:cc:85:6c:d7:10:18:6f:67:7c:2e:35:
f3:70:d3:ee:d2:0a:ce:90:b5:2f:13:a1:d7:27:64:13:13:b7:
2e:1e:d4:2f:0a:bf:f3:a3:4d:6f:5e:5a:b4:23:08:9f:35:72:
25:0c:e1:fe:09:e8:f3:00:83:92:f7:01:5b:8c:b9:2b:87:c3:
ec:14:9e:6b:39:f1:10:b2:7e:b6:e3:87:13:1f:b1:2e:e9:34:
c6:e1:3d:54:6c:3c:7b:14:35:fc:91:f4:19:28:32:1e:31:c9:
07:ca:60:b5:ab:17:77:c1:29:81:22:d2:04:cd:cb:1e:19:28:
3a:1d:fd:b5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFyFlgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmQwOWE4Nzc0MzgxN2M1NmY4MDg4MDA3YTU3NDZlYjY5ZmYyZTMwMB4XDTIyMDMw
OTE5NDYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2I2OGI2M2VlNDQ0
N2UzMDFlNjljMGNlMDUwOTE2NTU3YzVmYWE3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOiMWRtZA2MrshqNe6t8q91oYuuKhmRZumgbXADOA2nXEkr
wzHfpZOBVSly1RMkK2dgrKIFG4aAmlwH3tpAk9y00akingLBTSYcDUJc7oXT1wPV
jBHdRXNV3ZyotlCEHog27R3QMrNg5eloE8h/yqCyo0pk6W0iREgTM9DBdYQSTfre
rwpv3AM/yZI3Qxkpjc1+o883dQG+Xrpnh6Y/BCOIK4cYJQMwmMpBzNzkOjxbDT90
CK+JoEwVTfC9TmCN6ls/FJDOL0qltro5s9ATxyqaAofHqTz0XxNyHnFmZhrY4mw1
P4OrtzJIZh4l7aqDJuPY/M0ECqs1v5q9PA24hLMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQ7aLY+5ER+MB5pwM4FCRZVfF+qdTAfBgNVHSMEGDAWgBS/0JqHdDgXxW+A
iAB6V0braf8uMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y5Q2FoM1E0RjhWdmdJZ0FlbGRHNjJuX0xqQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvMDkyNTcwLTUxMmEtNDRmYS1hNGZlLWRiY2E4YzMxZWJjOC8x
L08yaTJQdVJFZmpBZWFjRE9CUWtXVlh4ZnFuVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
MDkyNTcwLTUxMmEtNDRmYS1hNGZlLWRiY2E4YzMxZWJjOC8xL3Y5Q2FoM1E0RjhW
dmdJZ0FlbGRHNjJuX0xqQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArlS4AMEArnCBAMEAMO4SzANBAIA
AjAHAwUDKgWVQDANBgkqhkiG9w0BAQsFAAOCAQEAhiVf8SeInm/jt81KO0j1AJey
/QSDAXwMs6f2wtn6uIY1cXf5dYyEdktteF4krYRwRwtKW+LZbCFzIW41mAez7IS9
W1njIZmOsZU7pAEUdFmZFCH0QZdv0nKDjqNyPO1wVl5a0wUJdsFPbXr4oXblAwqd
f7o1+R0LPxPbPeDeVeuB3dF/08yFbNcQGG9nfC4183DT7tIKzpC1LxOh1ydkExO3
Lh7ULwq/86NNb15atCMInzVyJQzh/gno8wCDkvcBW4y5K4fD7BSeaznxELJ+tuOH
Ex+xLuk0xuE9VGw8exQ1/JH0GSgyHjHJB8pgtasXd8EpgSLSBM3LHhkoOh39tQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:55 2024 by rpki-client on console-fra.rpki-client.org