Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/OgIUhQBgH9gWPYzYARIPaFPIz8w.roa
File: OgIUhQBgH9gWPYzYARIPaFPIz8w.roa (raw, json)
Hash identifier: nVOTGhF8twUITbR5AW9SL05Phbq4IN+XZJ+c+B/ql6w=
Subject key identifier: 3A:02:14:85:00:60:1F:D8:16:3D:8C:D8:01:12:0F:68:53:C8:CF:CC
Certificate issuer: /CN=90620638ca1d835650e08ddcf363f10789b53057
Certificate serial: 22AAD6EF
Authority key identifier: 90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/OgIUhQBgH9gWPYzYARIPaFPIz8w.roa
Signing time: Sat 01 Jan 2022 12:03:05 +0000
ROA not before: Sat 01 Jan 2022 12:03:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.55.220.0/22 maxlen: 22
87.237.216.0/21 maxlen: 21
206.195.32.0/19 maxlen: 19
2a04:5780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 581621487 (0x22aad6ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90620638ca1d835650e08ddcf363f10789b53057
Validity
Not Before: Jan 1 12:03:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a02148500601fd8163d8cd801120f6853c8cfcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:97:86:f9:2f:19:5c:11:44:39:f5:49:be:81:
1c:7c:44:1d:28:3a:2a:09:e5:05:4c:0a:75:e4:e7:
9a:e0:fd:d9:2b:c2:f3:31:1d:0f:ac:f4:d3:ca:d8:
15:4d:12:e6:1f:b1:6e:e4:bd:16:bd:81:27:92:c6:
f7:39:19:b6:40:c1:4a:49:e6:27:78:2a:d1:23:36:
12:0a:6d:6a:2e:22:b8:61:91:a0:d3:35:02:a3:58:
72:af:5f:92:89:0c:6f:12:49:e8:d4:b6:99:d6:c9:
29:b0:e1:54:35:bc:8f:1c:97:04:7f:d8:da:b1:96:
6c:1e:8c:90:e0:6d:90:70:31:47:7c:1f:8f:bd:c2:
ce:31:9d:74:a3:4c:9c:61:ff:3f:2d:dd:dc:20:3a:
e4:c2:5e:ec:23:ed:b6:f3:dc:0e:46:77:94:83:cf:
7f:37:ca:f0:33:bf:60:d2:2f:2f:a9:f2:29:87:76:
05:53:56:d9:d8:e0:8a:ff:ee:b4:24:bd:5a:6b:b6:
7e:49:c3:fe:ea:16:86:10:57:fa:dc:25:3a:92:a4:
e6:c5:cd:0b:1b:f6:1c:d2:68:90:c4:a4:66:15:e0:
8d:91:a5:ef:65:16:0c:71:d8:38:fe:f0:84:c0:4f:
99:be:97:63:0a:79:c6:de:1b:21:4a:b9:fe:2c:0c:
75:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:02:14:85:00:60:1F:D8:16:3D:8C:D8:01:12:0F:68:53:C8:CF:CC
X509v3 Authority Key Identifier:
keyid:90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/OgIUhQBgH9gWPYzYARIPaFPIz8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.216.0/21
185.55.220.0/22
206.195.32.0/19
IPv6:
2a04:5780::/29
Signature Algorithm: sha256WithRSAEncryption
2e:b1:2a:83:60:b0:bf:b1:b6:9b:b2:3a:be:c7:3a:b7:4d:8c:
2d:95:70:c7:9a:69:c3:e2:3c:00:51:55:3a:39:03:97:4f:5a:
ae:68:8e:64:b4:8f:80:87:53:c1:70:22:73:bc:d0:9b:0c:03:
a5:15:2e:8b:66:0b:46:c4:b1:26:25:14:90:dd:23:3c:7b:ee:
b1:51:18:0e:4a:81:80:ff:3e:25:36:6e:25:28:69:f1:ab:7d:
87:dd:3b:ed:34:9c:15:75:e0:50:33:b8:91:a6:1f:e6:5d:e9:
c1:e4:ba:60:f9:80:e3:bb:a8:eb:44:0f:f7:de:13:c7:9f:5f:
28:49:13:38:db:7a:69:b3:12:f5:8c:be:fe:25:8f:79:76:7a:
8d:f1:0e:6b:c4:0d:dd:d7:75:91:71:8c:05:9d:ef:ac:f5:a5:
c4:4e:c3:ca:3d:26:a7:40:3b:7a:d2:57:03:78:9e:e4:62:ca:
84:79:7b:78:c0:14:8e:89:5a:00:72:1b:65:33:dd:5a:36:cd:
d9:62:6d:4c:80:c0:28:a1:23:b3:6b:c0:85:2f:bd:f3:80:48:
8d:51:ac:12:97:7d:dc:5b:32:7d:96:09:4c:13:70:53:e3:ea:
37:a7:fa:4b:49:82:d4:ca:40:62:37:d3:48:d6:c9:0d:bc:bc:
b0:da:19:de
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEIqrW7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDYyMDYzOGNhMWQ4MzU2NTBlMDhkZGNmMzYzZjEwNzg5YjUzMDU3MB4XDTIyMDEw
MTEyMDMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2EwMjE0ODUwMDYw
MWZkODE2M2Q4Y2Q4MDExMjBmNjg1M2M4Y2ZjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOXhvkvGVwRRDn1Sb6BHHxEHSg6KgnlBUwKdeTnmuD92SvC
8zEdD6z008rYFU0S5h+xbuS9Fr2BJ5LG9zkZtkDBSknmJ3gq0SM2Egptai4iuGGR
oNM1AqNYcq9fkokMbxJJ6NS2mdbJKbDhVDW8jxyXBH/Y2rGWbB6MkOBtkHAxR3wf
j73CzjGddKNMnGH/Py3d3CA65MJe7CPttvPcDkZ3lIPPfzfK8DO/YNIvL6nyKYd2
BVNW2djgiv/utCS9Wmu2fknD/uoWhhBX+twlOpKk5sXNCxv2HNJokMSkZhXgjZGl
72UWDHHYOP7whMBPmb6XYwp5xt4bIUq5/iwMdVUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQ6AhSFAGAf2BY9jNgBEg9oU8jPzDAfBgNVHSMEGDAWgBSQYgY4yh2DVlDg
jdzzY/EHibUwVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tHSUdPTW9kZzFaUTRJM2M4MlB4QjRtMU1GYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvNDFhZjJkLWYzZGUtNDVkNS05NDFjLWM0M2FjNDI5ZTUzZi8x
L09nSVVoUUJnSDlnV1BZellBUklQYUZQSXo4dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
NDFhZjJkLWYzZGUtNDVkNS05NDFjLWM0M2FjNDI5ZTUzZi8xL2tHSUdPTW9kZzFa
UTRJM2M4MlB4QjRtMU1GYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1ft2AMEArk33AMEBc7DIDANBAIA
AjAHAwUDKgRXgDANBgkqhkiG9w0BAQsFAAOCAQEALrEqg2Cwv7G2m7I6vsc6t02M
LZVwx5ppw+I8AFFVOjkDl09armiOZLSPgIdTwXAic7zQmwwDpRUui2YLRsSxJiUU
kN0jPHvusVEYDkqBgP8+JTZuJShp8at9h9077TScFXXgUDO4kaYf5l3pweS6YPmA
47uo60QP994Tx59fKEkTONt6abMS9Yy+/iWPeXZ6jfEOa8QN3dd1kXGMBZ3vrPWl
xE7Dyj0mp0A7etJXA3ie5GLKhHl7eMAUjolaAHIbZTPdWjbN2WJtTIDAKKEjs2vA
hS+984BIjVGsEpd93FsyfZYJTBNwU+PqN6f6S0mC1MpAYjfTSNbJDby8sNoZ3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:45 2024 by rpki-client on console-fra.rpki-client.org