Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/c934da-978a-46f9-87a7-4f219db78508/1/0wo4e0NLyvkMG87fW_CtcmIltKE.roa
File: 0wo4e0NLyvkMG87fW_CtcmIltKE.roa (raw, json)
Hash identifier: bAyywtpkzuj+dm+ykmQunnzne43Q1OAYTsQMwkAUfXg=
Subject key identifier: D3:0A:38:7B:43:4B:CA:F9:0C:1B:CE:DF:5B:F0:AD:72:62:25:B4:A1
Certificate issuer: /CN=303789258e609f3e558d77b3bfd08acf3515fa92
Certificate serial: 015517FA
Authority key identifier: 30:37:89:25:8E:60:9F:3E:55:8D:77:B3:BF:D0:8A:CF:35:15:FA:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MDeJJY5gnz5VjXezv9CKzzUV-pI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/c934da-978a-46f9-87a7-4f219db78508/1/0wo4e0NLyvkMG87fW_CtcmIltKE.roa
Signing time: Sat 01 Jan 2022 13:02:12 +0000
ROA not before: Sat 01 Jan 2022 13:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59431
IP address blocks: 185.86.36.0/24 maxlen: 24
185.86.36.0/22 maxlen: 24
185.86.38.0/24 maxlen: 24
185.86.37.0/24 maxlen: 24
185.86.39.0/24 maxlen: 24
164.138.17.0/24 maxlen: 24
164.138.16.0/24 maxlen: 24
164.138.16.0/21 maxlen: 24
164.138.21.0/24 maxlen: 24
164.138.20.0/24 maxlen: 24
164.138.22.0/24 maxlen: 24
164.138.23.0/24 maxlen: 24
164.138.19.0/24 maxlen: 24
164.138.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22353914 (0x15517fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=303789258e609f3e558d77b3bfd08acf3515fa92
Validity
Not Before: Jan 1 13:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d30a387b434bcaf90c1bcedf5bf0ad726225b4a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:26:94:b6:4b:2d:c9:80:0a:69:f5:d6:00:15:
ca:ff:02:97:eb:51:36:13:b6:88:2d:01:3e:04:de:
f9:5f:a5:b1:d0:86:ed:64:4e:47:82:cf:83:db:c5:
64:ce:04:b6:67:b8:2f:13:b3:a5:7f:c5:13:b1:ae:
e2:eb:95:e6:cf:a3:27:b5:14:4e:ba:b0:b0:1e:57:
84:91:81:90:d8:e6:e9:cc:f1:55:0b:32:21:c1:5d:
6c:02:aa:a7:90:fa:70:ee:36:6e:33:ab:6f:fd:50:
4b:ff:d5:8e:2c:7b:9a:59:07:d1:d7:cb:79:0f:f9:
e9:c3:91:ed:c8:17:71:84:30:4e:5a:d6:d8:ac:50:
41:8e:27:f9:0a:51:be:04:a0:14:dd:c9:f4:47:70:
2c:84:f7:a4:8c:81:d2:9c:67:1c:2b:40:bb:cb:74:
a6:9f:c5:08:f8:e8:30:d9:70:ca:c2:bb:6d:b6:19:
ba:25:94:8a:3f:57:69:c1:0e:b6:7d:73:f8:a8:f2:
0e:ad:02:c3:93:3c:ca:9b:56:48:2c:9b:d5:53:6c:
a1:61:16:8f:73:5f:35:3e:0a:61:11:e7:36:fb:f8:
6f:34:24:07:ff:4c:43:db:a3:2a:9e:1b:bc:93:a2:
82:06:ef:2b:60:21:33:6e:5a:f6:c7:af:1b:65:2c:
55:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:0A:38:7B:43:4B:CA:F9:0C:1B:CE:DF:5B:F0:AD:72:62:25:B4:A1
X509v3 Authority Key Identifier:
keyid:30:37:89:25:8E:60:9F:3E:55:8D:77:B3:BF:D0:8A:CF:35:15:FA:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MDeJJY5gnz5VjXezv9CKzzUV-pI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/c934da-978a-46f9-87a7-4f219db78508/1/0wo4e0NLyvkMG87fW_CtcmIltKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/c934da-978a-46f9-87a7-4f219db78508/1/MDeJJY5gnz5VjXezv9CKzzUV-pI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.16.0/21
185.86.36.0/22
Signature Algorithm: sha256WithRSAEncryption
15:26:06:90:23:8c:59:e0:0e:79:1a:73:59:cb:e0:9d:7b:ff:
66:de:f7:a4:0a:57:3d:42:c7:32:1c:61:ff:7d:cd:55:db:53:
a8:59:f8:76:68:67:1a:af:61:11:25:cd:e3:c5:47:77:73:a6:
ce:7b:9a:65:67:34:f4:d0:7d:b7:39:24:9c:03:15:56:3d:2c:
31:e1:5a:d9:f9:48:13:8c:fc:30:91:c6:11:fc:f8:aa:c2:36:
f1:59:2f:97:44:e7:85:d5:82:df:52:48:73:7a:27:14:42:d1:
7e:7c:ba:9a:56:c4:c3:ac:a4:48:87:fc:ec:f5:7a:f3:ea:ac:
a0:92:07:0b:98:62:ac:d8:36:2e:98:5b:71:17:c4:69:bd:ea:
d1:b9:f3:5a:5f:f7:da:52:27:74:44:fc:92:ac:83:94:78:2f:
bc:7c:02:e3:15:86:f1:69:9f:2b:55:8f:5e:9c:86:8f:2f:ff:
cb:d5:8f:28:94:a3:7e:62:23:9b:cf:5e:4b:5a:fa:37:41:75:
f8:10:ad:83:28:60:c6:07:9d:be:87:0c:e4:c3:ba:39:49:d5:
f5:77:ed:47:6c:9b:e6:65:33:e2:7b:84:8d:e2:e3:18:a8:03:
09:cf:f6:b6:20:3c:35:89:60:17:38:a5:c3:8c:05:e3:ec:c6:
5f:f2:2a:e3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAVUX+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDM3ODkyNThlNjA5ZjNlNTU4ZDc3YjNiZmQwOGFjZjM1MTVmYTkyMB4XDTIyMDEw
MTEzMDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDMwYTM4N2I0MzRi
Y2FmOTBjMWJjZWRmNWJmMGFkNzI2MjI1YjRhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4mlLZLLcmACmn11gAVyv8Cl+tRNhO2iC0BPgTe+V+lsdCG
7WROR4LPg9vFZM4Etme4LxOzpX/FE7Gu4uuV5s+jJ7UUTrqwsB5XhJGBkNjm6czx
VQsyIcFdbAKqp5D6cO42bjOrb/1QS//Vjix7mlkH0dfLeQ/56cOR7cgXcYQwTlrW
2KxQQY4n+QpRvgSgFN3J9EdwLIT3pIyB0pxnHCtAu8t0pp/FCPjoMNlwysK7bbYZ
uiWUij9XacEOtn1z+KjyDq0Cw5M8yptWSCyb1VNsoWEWj3NfNT4KYRHnNvv4bzQk
B/9MQ9ujKp4bvJOiggbvK2AhM25a9sevG2UsVQ8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTTCjh7Q0vK+Qwbzt9b8K1yYiW0oTAfBgNVHSMEGDAWgBQwN4kljmCfPlWN
d7O/0IrPNRX6kjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01EZUpKWTVnbno1VmpYZXp2OUNLenpVVi1wSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvYzkzNGRhLTk3OGEtNDZmOS04N2E3LTRmMjE5ZGI3ODUwOC8x
LzB3bzRlME5MeXZrTUc4N2ZXX0N0Y21JbHRLRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
YzkzNGRhLTk3OGEtNDZmOS04N2E3LTRmMjE5ZGI3ODUwOC8xL01EZUpKWTVnbno1
VmpYZXp2OUNLenpVVi1wSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA6SKEAMEArlWJDANBgkqhkiG9w0B
AQsFAAOCAQEAFSYGkCOMWeAOeRpzWcvgnXv/Zt73pApXPULHMhxh/33NVdtTqFn4
dmhnGq9hESXN48VHd3OmznuaZWc09NB9tzkknAMVVj0sMeFa2flIE4z8MJHGEfz4
qsI28Vkvl0TnhdWC31JIc3onFELRfny6mlbEw6ykSIf87PV68+qsoJIHC5hirNg2
LphbcRfEab3q0bnzWl/32lIndET8kqyDlHgvvHwC4xWG8WmfK1WPXpyGjy//y9WP
KJSjfmIjm89eS1r6N0F1+BCtgyhgxgedvocM5MO6OUnV9XftR2yb5mUz4nuEjeLj
GKgDCc/2tiA8NYlgFzilw4wF4+zGX/Iq4w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:11 2023 by rpki-client on console-fra.rpki-client.org