Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Omj5xMK-hqTrW7m-bsYreqz5fY8.roa
File: Omj5xMK-hqTrW7m-bsYreqz5fY8.roa (raw, json)
Hash identifier: xXAX7gEu/MOGxwc8S8LoESImYpg8P4NovRTcBcJLVRY=
Subject key identifier: 3A:68:F9:C4:C2:BE:86:A4:EB:5B:B9:BE:6E:C6:2B:7A:AC:F9:7D:8F
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 3686C39B
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Omj5xMK-hqTrW7m-bsYreqz5fY8.roa
Signing time: Wed 04 May 2022 05:54:16 +0000
ROA not before: Wed 04 May 2022 05:54:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6739
IP address blocks: 2.154.192.0/18 maxlen: 18
2.154.0.0/16 maxlen: 16
2.152.0.0/16 maxlen: 16
2a02:a800::/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 914801563 (0x3686c39b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: May 4 05:54:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a68f9c4c2be86a4eb5bb9be6ec62b7aacf97d8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:89:b1:b5:3d:ab:0b:05:58:c7:e5:55:26:55:
82:e0:e7:d6:8c:b2:61:c9:51:52:80:ed:e4:e1:ec:
2d:45:40:95:83:c0:1c:35:52:14:8a:ec:bc:0e:f1:
c6:67:4a:fe:55:6c:97:18:e2:d4:57:8e:59:bf:8e:
ac:79:56:b1:d5:58:f0:db:68:3f:77:dd:f2:40:62:
92:37:60:91:b2:11:88:87:0f:10:60:9a:9c:6d:14:
64:9f:68:0d:f0:46:44:a4:38:21:fa:cd:58:30:0e:
09:fe:96:02:f2:52:05:0c:33:c2:2c:c8:d9:2f:65:
70:cc:de:8a:5a:ab:82:f1:ac:01:71:dc:45:a1:8d:
57:7d:c8:a9:20:24:65:08:3b:9a:95:b5:d6:59:7f:
a5:98:84:22:69:8b:d8:0c:df:b2:56:cc:2c:dc:e2:
52:76:4f:9f:ff:8b:d7:86:32:b0:df:ea:07:a6:c6:
f2:4d:be:1e:06:d1:b3:91:24:0e:03:ff:81:0b:64:
44:9f:58:12:29:12:eb:b8:1e:27:a1:11:45:c4:cf:
9b:15:f5:a9:8f:0f:0f:ee:aa:3d:68:29:15:1e:a7:
65:a5:39:ae:f8:1b:fa:f1:c1:91:ea:d1:1c:d7:7a:
bc:b7:5f:5c:4c:9f:8d:5d:f8:b1:30:f7:1e:48:b3:
39:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:68:F9:C4:C2:BE:86:A4:EB:5B:B9:BE:6E:C6:2B:7A:AC:F9:7D:8F
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Omj5xMK-hqTrW7m-bsYreqz5fY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/16
2.154.0.0/16
IPv6:
2a02:a800::/26
Signature Algorithm: sha256WithRSAEncryption
59:9c:c3:e3:46:79:3d:25:4d:03:be:d3:c8:34:d4:e1:33:d4:
4d:d8:a5:3a:ff:40:6c:8b:50:77:bf:66:8e:8a:b1:f2:96:68:
16:6d:b6:c2:7b:7a:f8:03:23:04:1c:86:3c:38:b6:ea:e5:7f:
8b:27:13:d7:3f:dd:4e:78:51:9f:f0:21:cf:88:14:b0:ca:a3:
ea:e0:e5:ee:b8:27:f8:5b:be:87:cb:8e:21:ed:23:eb:88:61:
73:db:44:f7:a3:f4:00:09:80:a4:cb:51:26:41:f6:8e:33:4f:
4e:d9:46:a7:2c:c0:c4:5f:c3:f2:ca:e3:ee:34:2f:f0:84:04:
f6:a4:86:8c:3a:ac:cc:6c:d5:37:29:43:b7:1e:93:04:0e:cf:
77:91:0f:d8:c2:16:e9:dc:d4:49:27:99:ce:87:fc:f6:e8:dd:
c3:44:bd:1b:a1:c5:68:d7:29:0a:82:f4:5b:c5:60:a3:f5:8a:
43:05:07:6e:e7:b7:d6:4a:65:3a:a4:28:71:58:46:74:c4:35:
7c:23:10:04:d6:95:9f:79:24:ab:2c:9a:6c:cf:8d:f2:58:88:
fb:8e:e1:cd:94:0e:cb:f6:c5:08:dd:65:64:cd:3b:34:e2:2e:
22:66:04:3b:cc:eb:5c:0e:a4:73:21:f0:47:8f:1e:1c:be:a0:
91:9e:06:60
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIENobDmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDM0ZjE2ODYxMDI4NzZjNjIxNmJjZWEyOGE1ZTUwMmVjMGQ3YjZiMB4XDTIyMDUw
NDA1NTQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E2OGY5YzRjMmJl
ODZhNGViNWJiOWJlNmVjNjJiN2FhY2Y5N2Q4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2JsbU9qwsFWMflVSZVguDn1oyyYclRUoDt5OHsLUVAlYPA
HDVSFIrsvA7xxmdK/lVslxji1FeOWb+OrHlWsdVY8NtoP3fd8kBikjdgkbIRiIcP
EGCanG0UZJ9oDfBGRKQ4IfrNWDAOCf6WAvJSBQwzwizI2S9lcMzeilqrgvGsAXHc
RaGNV33IqSAkZQg7mpW11ll/pZiEImmL2AzfslbMLNziUnZPn/+L14YysN/qB6bG
8k2+HgbRs5EkDgP/gQtkRJ9YEikS67geJ6ERRcTPmxX1qY8PD+6qPWgpFR6nZaU5
rvgb+vHBkerRHNd6vLdfXEyfjV34sTD3HkizOZUCAwEAAaOCAhwwggIYMB0GA1Ud
DgQWBBQ6aPnEwr6GpOtbub5uxit6rPl9jzAfBgNVHSMEGDAWgBTUNPFoYQKHbGIW
vOoopeUC7A17azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFEVHhhR0VDaDJ4aUZyenFLS1hsQXV3TmUycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8x
L09tajV4TUstaHFUclc3bS1ic1lyZXF6NWZZOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8xLzFEVHhhR0VDaDJ4
aUZyenFLS1hsQXV3TmUycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAy
BggrBgEFBQcBBwEB/wQjMCEwEAQCAAEwCgMDAAKYAwMAApowDQQCAAIwBwMFBioC
qAAwDQYJKoZIhvcNAQELBQADggEBAFmcw+NGeT0lTQO+08g01OEz1E3YpTr/QGyL
UHe/Zo6KsfKWaBZttsJ7evgDIwQchjw4turlf4snE9c/3U54UZ/wIc+IFLDKo+rg
5e64J/hbvofLjiHtI+uIYXPbRPej9AAJgKTLUSZB9o4zT07ZRqcswMRfw/LK4+40
L/CEBPakhow6rMxs1TcpQ7cekwQOz3eRD9jCFunc1Eknmc6H/Pbo3cNEvRuhxWjX
KQqC9FvFYKP1ikMFB27nt9ZKZTqkKHFYRnTENXwjEATWlZ95JKssmmzPjfJYiPuO
4c2UDsv2xQjdZWTNOzTiLiJmBDvM61wOpHMh8EePHhy+oJGeBmA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:48 2023 by rpki-client on console-ams.rpki-client.org