Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/o-gO2n1C4Zu6IfZXSWKmNDa3Ozk.roa
File: o-gO2n1C4Zu6IfZXSWKmNDa3Ozk.roa (raw, json)
Hash identifier: rQhtpV2iFVJIodXHm5WjAquHk2COGu18cFrFk/g7zwY=
Subject key identifier: A3:E8:0E:DA:7D:42:E1:9B:BA:21:F6:57:49:62:A6:34:36:B7:3B:39
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0183385707616F888B80113818B6B99ACBDE
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/o-gO2n1C4Zu6IfZXSWKmNDa3Ozk.roa
Signing time: Tue 13 Sep 2022 19:32:51 +0000
ROA not before: Tue 13 Sep 2022 19:32:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26548
IP address blocks: 85.239.35.0/24 maxlen: 24
85.239.48.0/22 maxlen: 24
85.239.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:38:57:07:61:6f:88:8b:80:11:38:18:b6:b9:9a:cb:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Sep 13 19:32:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3e80eda7d42e19bba21f6574962a63436b73b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5b:03:0e:6b:98:48:7a:f0:28:25:a4:a8:a6:
cf:3f:f1:11:9c:a3:9b:79:cb:da:d9:a1:e5:9e:57:
2f:4e:62:25:2e:6c:db:c8:17:15:2c:c0:b5:43:aa:
e9:aa:d6:5d:4e:7d:9f:67:4a:91:10:21:b1:21:69:
c4:6a:ae:f3:cf:4e:c5:12:72:9b:75:7c:41:18:d2:
41:43:f4:8d:96:94:e4:3a:24:f2:d3:e8:7c:65:9c:
5f:54:51:ab:3d:f4:ae:5a:58:55:5e:41:1a:88:ef:
ad:62:d1:0f:f1:e3:a9:80:83:ca:0f:7d:2c:75:3c:
5c:95:d2:39:9e:54:33:b7:85:1f:c9:1b:7e:d5:4f:
f7:eb:91:9b:15:d5:c0:bf:7b:3a:af:0d:d0:7d:26:
21:e4:1e:fa:2b:a1:07:41:16:4a:16:e7:9f:ac:83:
c7:26:cf:a3:f9:f0:3c:1c:30:86:a9:2f:4f:35:8c:
45:ad:95:8f:ea:d7:e2:e3:d2:92:0c:ef:4d:00:0f:
cc:5b:9c:b1:b6:2e:46:29:35:e8:55:ce:50:5f:6f:
f1:e5:53:a3:34:07:0a:83:95:c9:50:56:b5:97:66:
0c:c4:5b:b4:1f:3c:d1:36:90:93:10:6e:5d:b5:51:
cd:c8:ce:af:c5:58:36:ed:53:34:e9:74:28:d8:27:
c8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E8:0E:DA:7D:42:E1:9B:BA:21:F6:57:49:62:A6:34:36:B7:3B:39
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/o-gO2n1C4Zu6IfZXSWKmNDa3Ozk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.35.0/24
85.239.48.0/22
85.239.56.0/22
Signature Algorithm: sha256WithRSAEncryption
65:6b:3d:a0:14:c6:cb:eb:31:64:a3:24:9a:78:99:f5:2a:0a:
12:82:f0:47:a2:3e:06:3d:3b:82:39:68:c8:e5:bc:c9:27:9a:
74:db:d7:7e:5e:c3:4a:27:57:4b:74:18:a1:dc:68:cd:cb:c8:
31:14:bb:03:b7:77:e0:08:14:68:48:e5:d0:ae:51:3a:c3:2f:
21:69:14:e6:9a:40:98:8f:b6:94:06:54:e6:21:63:94:9c:38:
e1:81:04:9a:8f:e8:0c:2f:38:42:1c:a8:89:70:af:c0:d8:d6:
79:34:6f:f3:63:88:96:b5:9a:88:c0:d1:03:b6:59:9d:eb:fb:
4c:df:eb:bc:74:a2:1f:69:b8:d9:4f:bc:70:e2:47:0b:b0:75:
94:8d:52:07:87:3a:99:32:43:65:ca:40:54:b9:ce:7d:3a:ea:
f8:35:59:c0:68:ca:d3:c0:d2:4b:a3:c7:a4:86:79:1e:ec:e3:
45:76:18:7e:2a:30:c8:02:9a:13:fe:d5:f0:4c:3c:58:ba:0f:
70:3e:e5:71:13:1f:7f:95:3e:87:fd:72:12:8c:60:5c:00:35:
f7:86:b7:81:e1:99:48:89:15:84:d1:19:cc:3e:12:a3:cc:6d:
a5:b5:fa:e7:78:1c:c2:de:61:9b:d8:ed:e1:2f:9d:db:23:c3:
4c:05:9d:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYM4Vwdhb4iLgBE4GLa5msveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjIwOTEzMTkzMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2U4MGVkYTdkNDJlMTliYmEyMWY2NTc0OTYyYTYzNDM2YjczYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVsDDmuYSHrwKCWkqKbPP/ERnKOb
ecva2aHlnlcvTmIlLmzbyBcVLMC1Q6rpqtZdTn2fZ0qRECGxIWnEaq7zz07FEnKb
dXxBGNJBQ/SNlpTkOiTy0+h8ZZxfVFGrPfSuWlhVXkEaiO+tYtEP8eOpgIPKD30s
dTxcldI5nlQzt4UfyRt+1U/365GbFdXAv3s6rw3QfSYh5B76K6EHQRZKFuefrIPH
Js+j+fA8HDCGqS9PNYxFrZWP6tfi49KSDO9NAA/MW5yxti5GKTXoVc5QX2/x5VOj
NAcKg5XJUFa1l2YMxFu0HzzRNpCTEG5dtVHNyM6vxVg27VM06XQo2CfIpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKPoDtp9QuGbuiH2V0lipjQ2tzs5MB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvby1nTzJuMUM0WnU2SWZaWFNXS21ORGEzT3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVe8jAwQC
Ve8wAwQCVe84MA0GCSqGSIb3DQEBCwUAA4IBAQBlaz2gFMbL6zFkoySaeJn1KgoS
gvBHoj4GPTuCOWjI5bzJJ5p029d+XsNKJ1dLdBih3GjNy8gxFLsDt3fgCBRoSOXQ
rlE6wy8haRTmmkCYj7aUBlTmIWOUnDjhgQSaj+gMLzhCHKiJcK/A2NZ5NG/zY4iW
tZqIwNEDtlmd6/tM3+u8dKIfabjZT7xw4kcLsHWUjVIHhzqZMkNlykBUuc59Our4
NVnAaMrTwNJLo8ekhnke7ONFdhh+KjDIApoT/tXwTDxYug9wPuVxEx9/lT6H/XIS
jGBcADX3hreB4ZlIiRWE0RnMPhKjzG2ltfrneBzC3mGb2O3hL53bI8NMBZ1W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:28 2024 by rpki-client on console-ams.rpki-client.org