Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ONZOTsm-BpcfQYtxtp23asU0SEM.roa
File: ONZOTsm-BpcfQYtxtp23asU0SEM.roa (raw, json)
Hash identifier: oGXS3q/ETQgVtHq9uECpRAwtn7NvI20vSoO5jY68XZo=
Subject key identifier: 38:D6:4E:4E:C9:BE:06:97:1F:41:8B:71:B6:9D:B7:6A:C5:34:48:43
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018535AF974F999873EAD1F7C146F01CE8F2
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ONZOTsm-BpcfQYtxtp23asU0SEM.roa
Signing time: Wed 21 Dec 2022 17:16:18 +0000
ROA not before: Wed 21 Dec 2022 17:16:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 89.40.166.0/24 maxlen: 24
89.47.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:af:97:4f:99:98:73:ea:d1:f7:c1:46:f0:1c:e8:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Dec 21 17:16:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38d64e4ec9be06971f418b71b69db76ac5344843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:87:c2:5d:11:9b:15:ef:47:26:26:ba:d3:b9:
36:0c:11:98:7d:b1:93:3b:e6:f8:85:f0:21:5d:68:
c4:03:bd:27:81:16:f0:b3:b4:76:15:51:30:be:a2:
70:4d:e5:22:95:85:28:48:09:24:bc:e3:43:69:f9:
0b:52:1b:00:37:10:af:9d:ae:c3:c1:84:87:b8:42:
4d:7a:ee:9d:d9:16:c2:41:7c:37:46:25:28:66:a1:
f5:d4:06:0b:c9:65:f6:57:94:96:3f:db:ff:f5:1c:
a1:41:f3:28:fa:de:fd:82:36:b1:8b:a2:21:40:51:
de:9f:5b:b9:9d:75:1b:9f:f7:90:1d:b6:2a:83:ef:
26:0e:25:39:18:3b:c4:39:fb:69:4a:74:21:1f:de:
d4:ca:37:33:fc:cb:9d:67:97:0a:c8:4d:9e:ca:3d:
38:e3:76:51:93:34:0b:9f:66:15:89:b9:4b:16:00:
5c:bd:e0:48:b8:e8:19:de:79:b4:26:60:39:44:2e:
f5:57:b4:c7:9c:13:bc:c3:80:2f:11:fc:7a:24:f1:
a5:7d:5f:2e:0a:68:ea:06:8d:ad:71:a0:ef:c9:53:
2e:40:1e:f6:fc:8f:94:a6:59:53:9f:01:8e:5d:09:
ec:1b:37:db:69:d4:89:1a:ae:6e:fe:94:36:d8:70:
e7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D6:4E:4E:C9:BE:06:97:1F:41:8B:71:B6:9D:B7:6A:C5:34:48:43
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ONZOTsm-BpcfQYtxtp23asU0SEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.166.0/24
89.47.249.0/24
94.177.113.0/24
Signature Algorithm: sha256WithRSAEncryption
26:3e:ec:35:81:bc:3f:d3:d3:17:27:36:2f:ef:d7:63:ff:33:
cf:c2:fb:9d:42:32:c7:1b:66:2d:3b:de:1e:55:43:0b:9d:0e:
ef:6e:69:ed:d4:25:dd:ae:d8:42:a4:18:e4:24:9b:ac:03:e7:
63:c7:00:b2:e4:76:9f:2c:b6:8e:0b:3c:58:c7:14:64:41:21:
a3:5b:a1:df:a4:5e:2c:91:8a:fd:f7:7b:ae:2d:78:71:3b:06:
cc:1a:19:9c:36:1b:95:38:37:71:8b:0c:5b:3a:0b:e5:32:83:
c2:6e:78:0c:20:83:9b:5b:6c:4d:65:c1:49:64:c9:8a:b1:5f:
2d:3a:1f:dd:04:0d:ea:69:de:61:3d:36:b8:50:eb:71:32:ac:
70:05:eb:15:04:73:01:2c:6f:aa:0a:76:9f:35:58:72:05:fa:
60:6d:19:63:9d:7d:0b:54:51:9d:5d:67:e6:50:4b:51:0d:4c:
09:df:ce:f1:00:8b:54:27:90:ef:6e:40:ac:eb:4e:a2:e1:4d:
cf:1e:35:52:e1:31:60:66:07:fc:b1:41:c3:dc:cc:0a:90:34:
64:2a:3d:65:18:14:3e:12:e8:07:97:5d:ba:b7:c3:9a:62:da:
7e:92:fe:b5:90:99:d1:cf:af:d0:c1:37:b8:53:f8:53:e7:7c:
94:3e:5d:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYU1r5dPmZhz6tH3wUbwHOjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjIxMjIxMTcxNjE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQ2NGU0ZWM5YmUwNjk3MWY0MThiNzFiNjlkYjc2YWM1MzQ0ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIfCXRGbFe9HJia607k2DBGYfbGT
O+b4hfAhXWjEA70ngRbws7R2FVEwvqJwTeUilYUoSAkkvONDafkLUhsANxCvna7D
wYSHuEJNeu6d2RbCQXw3RiUoZqH11AYLyWX2V5SWP9v/9RyhQfMo+t79gjaxi6Ih
QFHen1u5nXUbn/eQHbYqg+8mDiU5GDvEOftpSnQhH97Uyjcz/MudZ5cKyE2eyj04
43ZRkzQLn2YViblLFgBcveBIuOgZ3nm0JmA5RC71V7THnBO8w4AvEfx6JPGlfV8u
CmjqBo2tcaDvyVMuQB72/I+UpllTnwGOXQnsGzfbadSJGq5u/pQ22HDnyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDjWTk7JvgaXH0GLcbadt2rFNEhDMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvT05aT1RzbS1CcGNmUVl0eHRwMjNhc1UwU0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSimAwQA
WS/5AwQAXrFxMA0GCSqGSIb3DQEBCwUAA4IBAQAmPuw1gbw/09MXJzYv79dj/zPP
wvudQjLHG2YtO94eVUMLnQ7vbmnt1CXdrthCpBjkJJusA+djxwCy5HafLLaOCzxY
xxRkQSGjW6HfpF4skYr993uuLXhxOwbMGhmcNhuVODdxiwxbOgvlMoPCbngMIIOb
W2xNZcFJZMmKsV8tOh/dBA3qad5hPTa4UOtxMqxwBesVBHMBLG+qCnafNVhyBfpg
bRljnX0LVFGdXWfmUEtRDUwJ387xAItUJ5DvbkCs606i4U3PHjVS4TFgZgf8sUHD
3MwKkDRkKj1lGBQ+EugHl126t8OaYtp+kv61kJnRz6/QwTe4U/hT53yUPl2A
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-fra.rpki-client.org