Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/OdQfJKi989l5ORhH2wII4pXafTA.roa
File: OdQfJKi989l5ORhH2wII4pXafTA.roa (raw, json)
Hash identifier: sS3M4efeAfPMSPMSK94gNg4J48jJzEu5zipopyCidpU=
Subject key identifier: 39:D4:1F:24:A8:BD:F3:D9:79:39:18:47:DB:02:08:E2:95:DA:7D:30
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 787493
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/OdQfJKi989l5ORhH2wII4pXafTA.roa
Signing time: Thu 24 Mar 2022 08:03:50 +0000
ROA not before: Thu 24 Mar 2022 08:03:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196705
IP address blocks: 188.191.20.0/24 maxlen: 24
188.191.21.0/24 maxlen: 24
188.191.22.0/24 maxlen: 24
188.191.23.0/24 maxlen: 24
188.191.20.0/22 maxlen: 22
188.191.28.0/24 maxlen: 24
188.191.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7894163 (0x787493)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Mar 24 08:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39d41f24a8bdf3d979391847db0208e295da7d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:73:29:57:b5:71:42:e0:56:9c:d2:ae:85:d4:
7a:aa:86:82:db:0c:b5:4f:23:35:32:d4:27:f7:81:
8d:a7:fb:8f:b1:cd:7e:db:cf:57:c7:fe:44:d6:93:
2b:0d:c7:56:c7:9c:8d:da:20:02:a9:4c:e3:8b:1f:
0f:36:c4:49:f7:7c:17:b5:d4:54:12:a8:6f:5e:65:
af:0e:fd:b5:af:84:cd:27:cb:dd:6d:44:26:08:ec:
b3:bf:34:08:59:8d:62:f7:4f:5e:bb:0b:3f:72:3f:
b0:e8:0a:72:30:c5:8b:c0:90:1a:68:d1:0c:59:e7:
b9:08:69:bf:4e:74:ce:ff:6c:67:c0:2f:d9:90:fd:
46:82:3c:a8:a2:8f:e9:02:18:92:9b:a8:b4:7d:c3:
f6:44:90:1d:66:dd:78:34:7d:ac:15:95:fa:b3:51:
b2:41:a3:25:f7:16:4b:7e:89:d8:da:e2:b9:c6:9b:
20:53:a4:e1:09:f6:da:03:2a:b7:6f:f5:83:cc:c5:
18:29:81:8f:94:a9:be:3c:43:77:e5:ef:89:48:35:
df:75:63:9f:87:c5:1e:08:e2:9e:31:1e:2e:0c:52:
d8:79:7e:c8:bc:55:e1:17:c4:f9:25:cd:1a:31:44:
2a:93:e3:d9:fb:78:c8:cb:1c:1a:ac:38:61:f2:b7:
a5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D4:1F:24:A8:BD:F3:D9:79:39:18:47:DB:02:08:E2:95:DA:7D:30
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/OdQfJKi989l5ORhH2wII4pXafTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.20.0/22
188.191.28.0/22
Signature Algorithm: sha256WithRSAEncryption
04:c9:00:69:ff:44:8f:5a:39:5c:af:a5:54:2b:c6:7e:ed:6f:
3b:f4:ba:c3:c6:2e:38:05:0f:96:bb:70:23:67:83:57:6b:f5:
07:ab:fd:9b:0f:45:4b:99:71:79:2f:40:23:ba:4a:22:1e:83:
0b:ae:5b:ce:20:4d:a0:84:d3:00:6c:3d:53:3a:ba:aa:65:23:
4d:32:40:e4:1d:96:6c:07:2d:eb:aa:87:d0:58:ae:24:17:30:
29:95:19:79:3e:c0:4b:f8:7e:b5:e0:3e:85:0a:77:6e:75:4b:
71:f3:a9:5c:29:d3:53:fe:7c:c9:41:b2:d6:5d:56:42:18:09:
e1:0f:80:42:69:9e:1a:f6:6f:ef:8f:28:4e:cc:6f:6b:af:b5:
c4:fe:44:98:dc:23:d5:80:98:25:2f:a1:bf:c2:f8:72:2d:92:
2c:46:31:82:60:07:c2:c4:80:fd:c7:f6:f3:38:ff:a1:ca:18:
02:ca:97:70:3f:ef:dd:5f:3c:55:90:83:fa:c4:7e:ee:46:f3:
15:6c:a4:64:6d:db:9f:f1:2c:f2:6c:0c:3b:c1:a9:74:5a:fc:
cb:38:ee:4c:ab:4b:5c:6b:9f:51:72:38:01:63:38:90:93:f5:
a6:20:e9:84:55:5b:e9:62:c0:e4:6d:c0:f5:de:d1:2d:99:87:
08:1a:e0:df
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDeHSTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNm
MWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVhZGZhMDAwHhcNMjIwMzI0
MDgwMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzOWQ0MWYyNGE4YmRm
M2Q5NzkzOTE4NDdkYjAyMDhlMjk1ZGE3ZDMwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3HMpV7VxQuBWnNKuhdR6qoaC2wy1TyM1MtQn94GNp/uPsc1+
289Xx/5E1pMrDcdWx5yN2iACqUzjix8PNsRJ93wXtdRUEqhvXmWvDv21r4TNJ8vd
bUQmCOyzvzQIWY1i909euws/cj+w6ApyMMWLwJAaaNEMWee5CGm/TnTO/2xnwC/Z
kP1Ggjyooo/pAhiSm6i0fcP2RJAdZt14NH2sFZX6s1GyQaMl9xZLfonY2uK5xpsg
U6ThCfbaAyq3b/WDzMUYKYGPlKm+PEN35e+JSDXfdWOfh8UeCOKeMR4uDFLYeX7I
vFXhF8T5Jc0aMUQqk+PZ+3jIyxwarDhh8relywIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFDnUHySovfPZeTkYR9sCCOKV2n0wMB8GA1UdIwQYMBaAFM8d9mZ9o45XolsZ
RfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
engzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJjLzEv
T2RRZkpLaTk4OWw1T1JoSDJ3SUk0cFhhZlRBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
NTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJjLzEvengzMlpuMmpqbGVp
V3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCvL8UAwQCvL8cMA0GCSqGSIb3DQEB
CwUAA4IBAQAEyQBp/0SPWjlcr6VUK8Z+7W879LrDxi44BQ+Wu3AjZ4NXa/UHq/2b
D0VLmXF5L0AjukoiHoMLrlvOIE2ghNMAbD1TOrqqZSNNMkDkHZZsBy3rqofQWK4k
FzAplRl5PsBL+H614D6FCndudUtx86lcKdNT/nzJQbLWXVZCGAnhD4BCaZ4a9m/v
jyhOzG9rr7XE/kSY3CPVgJglL6G/wvhyLZIsRjGCYAfCxID9x/bzOP+hyhgCypdw
P+/dXzxVkIP6xH7uRvMVbKRkbduf8SzybAw7wal0WvzLOO5Mq0tca59RcjgBYziQ
k/WmIOmEVVvpYsDkbcD13tEtmYcIGuDf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org