Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/1oOZNvZ4K7w4Wk4ftJjY2gyqq7o.roa
File: 1oOZNvZ4K7w4Wk4ftJjY2gyqq7o.roa (raw, json)
Hash identifier: gJIRUnQFcmi9s9bqj8iOWn/v86UO1o76DjwKi/bEVow=
Subject key identifier: D6:83:99:36:F6:78:2B:BC:38:5A:4E:1F:B4:98:D8:DA:0C:AA:AB:BA
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 018476459DA149195D611698904AE4B99AB4
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/1oOZNvZ4K7w4Wk4ftJjY2gyqq7o.roa
Signing time: Mon 14 Nov 2022 13:13:04 +0000
ROA not before: Mon 14 Nov 2022 13:13:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62257
IP address blocks: 194.147.150.0/24 maxlen: 24
194.147.170.0/24 maxlen: 24
194.36.175.0/24 maxlen: 24
194.180.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:45:9d:a1:49:19:5d:61:16:98:90:4a:e4:b9:9a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Nov 14 13:13:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6839936f6782bbc385a4e1fb498d8da0caaabba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:19:64:38:9c:8e:a2:e0:cf:2c:24:7c:1d:44:
1f:6b:d9:dd:f4:de:f3:d8:c2:ba:fe:54:55:a0:3a:
26:ce:b2:ae:93:fa:1c:f1:bd:5b:e9:1e:17:ba:69:
76:08:a4:ae:48:2c:ba:b2:d9:9b:7c:0c:43:8e:dd:
90:74:70:4a:69:67:af:57:44:52:b4:c6:fa:fe:da:
75:67:0a:be:08:29:db:ed:be:47:92:fe:23:10:0f:
31:8e:6d:11:6a:6f:cf:43:6b:a9:5c:dc:ef:6e:2d:
0e:43:73:9e:b1:b3:8e:1b:6d:ab:22:8b:93:c4:b8:
fd:3f:8e:e3:8e:9c:98:ee:5b:83:6a:37:95:38:8b:
14:bf:62:5b:4d:8c:e0:53:65:a5:2e:d9:1d:89:7b:
30:e0:73:19:37:4f:9f:79:94:60:d4:64:37:a5:12:
24:0e:39:13:d3:61:c1:33:ea:80:f9:b5:60:6e:a4:
ef:9a:3d:6d:1d:a6:cc:af:0f:bf:9f:0c:98:63:1f:
e9:11:6b:71:eb:11:12:3d:16:15:c4:4f:05:55:33:
a5:cb:c1:21:e6:6e:f9:42:17:fc:74:14:2c:dc:32:
9f:71:31:cf:b2:9d:ba:ad:bf:a1:4c:c7:0c:6d:08:
58:b6:19:17:4d:d2:a6:16:c9:80:78:70:83:81:43:
6b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:83:99:36:F6:78:2B:BC:38:5A:4E:1F:B4:98:D8:DA:0C:AA:AB:BA
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/1oOZNvZ4K7w4Wk4ftJjY2gyqq7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.175.0/24
194.147.150.0/24
194.147.170.0/24
194.180.208.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:13:d2:b3:82:f8:41:59:b6:85:83:0e:d7:c6:19:e1:74:19:
24:b0:7e:63:bc:25:3c:68:2d:bc:ea:46:82:bb:a6:e8:7b:38:
a4:68:04:85:47:9a:a6:40:00:d1:ef:88:e9:59:bd:28:b2:5d:
a9:93:dc:c5:94:69:ef:76:62:3c:cf:d6:73:75:4e:ca:96:f8:
f8:0d:f8:79:3b:b5:82:24:62:d0:20:d0:d3:42:13:8e:25:c1:
e8:7c:6a:0b:72:5e:2f:3f:82:8d:98:71:be:b8:d2:67:d9:c1:
83:f0:0a:14:b1:99:42:b1:44:00:34:3f:f8:0f:07:66:1a:60:
65:09:30:29:64:19:7f:ea:15:fe:52:47:48:2d:27:6f:02:37:
cd:25:f6:be:86:b2:7f:8e:ea:ce:e7:a7:1f:41:e7:3a:aa:8a:
82:7c:31:62:95:5b:8f:62:e0:15:90:1f:20:48:fb:31:7e:fa:
75:79:fc:0b:27:2b:fd:58:81:70:7d:cd:4b:81:7e:70:be:29:
28:2b:2f:91:85:97:b1:6b:fb:76:04:78:90:2d:f6:20:48:78:
85:b2:26:4a:28:55:53:9f:36:95:a0:00:14:f0:3f:93:e2:18:
fc:47:2e:e0:24:f3:69:1a:46:ec:6c:04:55:af:98:c7:57:51:
57:98:72:f7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYR2RZ2hSRldYRaYkErkuZq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjIxMTE0MTMxMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjgzOTkzNmY2NzgyYmJjMzg1YTRlMWZiNDk4ZDhkYTBjYWFhYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhlkOJyOouDPLCR8HUQfa9nd9N7z
2MK6/lRVoDomzrKuk/oc8b1b6R4Xuml2CKSuSCy6stmbfAxDjt2QdHBKaWevV0RS
tMb6/tp1Zwq+CCnb7b5Hkv4jEA8xjm0Ram/PQ2upXNzvbi0OQ3OesbOOG22rIouT
xLj9P47jjpyY7luDajeVOIsUv2JbTYzgU2WlLtkdiXsw4HMZN0+feZRg1GQ3pRIk
DjkT02HBM+qA+bVgbqTvmj1tHabMrw+/nwyYYx/pEWtx6xESPRYVxE8FVTOly8Eh
5m75Qhf8dBQs3DKfcTHPsp26rb+hTMcMbQhYthkXTdKmFsmAeHCDgUNrtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNaDmTb2eCu8OFpOH7SY2NoMqqu6MB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvMW9PWk52WjRLN3c0V2s0ZnRKalkyZ3lxcTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwiSvAwQA
wpOWAwQAwpOqAwQAwrTQMA0GCSqGSIb3DQEBCwUAA4IBAQAtE9KzgvhBWbaFgw7X
xhnhdBkksH5jvCU8aC286kaCu6boezikaASFR5qmQADR74jpWb0osl2pk9zFlGnv
dmI8z9ZzdU7Klvj4Dfh5O7WCJGLQINDTQhOOJcHofGoLcl4vP4KNmHG+uNJn2cGD
8AoUsZlCsUQAND/4DwdmGmBlCTApZBl/6hX+UkdILSdvAjfNJfa+hrJ/jurO56cf
Qec6qoqCfDFilVuPYuAVkB8gSPsxfvp1efwLJyv9WIFwfc1LgX5wvikoKy+RhZex
a/t2BHiQLfYgSHiFsiZKKFVTnzaVoAAU8D+T4hj8Ry7gJPNpGkbsbARVr5jHV1FX
mHL3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:14 2023 by rpki-client on console-ams.rpki-client.org