Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/OXA2MqV7_LoHxFCeXD2A3K3SGcQ.roa
File: OXA2MqV7_LoHxFCeXD2A3K3SGcQ.roa (raw, json)
Hash identifier: kx01zWAgVs0tWpSRCh4n/FqyHEFoAn/3DwPaiWExxeM=
Subject key identifier: 39:70:36:32:A5:7B:FC:BA:07:C4:50:9E:5C:3D:80:DC:AD:D2:19:C4
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 01828301FD867818FC2285E0010ECB70976C
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/OXA2MqV7_LoHxFCeXD2A3K3SGcQ.roa
Signing time: Tue 09 Aug 2022 14:28:41 +0000
ROA not before: Tue 09 Aug 2022 14:28:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212939
IP address blocks: 195.238.247.0/24 maxlen: 24
103.215.222.0/23 maxlen: 23
185.221.239.0/24 maxlen: 24
195.238.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:83:01:fd:86:78:18:fc:22:85:e0:01:0e:cb:70:97:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Aug 9 14:28:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39703632a57bfcba07c4509e5c3d80dcadd219c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0e:16:29:8e:69:7c:39:b7:d3:b0:70:c6:a6:
97:6b:57:c8:da:6f:c2:3d:36:7d:41:80:24:e6:9b:
ac:4c:0b:ff:84:5b:73:56:59:93:80:0b:10:6d:59:
36:9c:68:60:a4:3d:2b:a4:bc:3e:f6:27:20:b2:4d:
0e:74:c9:a9:7c:10:d8:6c:7e:95:d1:44:db:36:1f:
6a:79:6f:1f:80:a6:3d:90:f7:01:68:d5:8f:06:03:
85:c3:43:08:80:af:5a:0f:20:4d:95:85:9e:57:5c:
c8:52:d4:db:57:93:8e:ba:c9:91:85:a2:af:87:e3:
b7:54:45:76:53:5a:a0:aa:cc:bb:a0:db:c5:d2:52:
52:05:7c:6d:4c:d1:b3:23:27:bc:02:8b:7b:e6:a8:
11:e6:23:c6:0c:1d:a3:82:b2:6a:e0:c6:a5:9a:c1:
a7:d5:13:c2:fd:98:bd:8f:4f:bf:a1:74:95:56:0b:
4c:7f:d4:44:5e:61:0a:a8:fb:4e:13:92:1b:f2:ff:
fc:18:b4:4d:84:a6:84:bf:0e:9c:83:81:7c:3d:da:
26:1f:d3:77:d7:8f:d1:66:53:c9:7b:fd:8d:1d:58:
fc:86:26:b9:2b:bd:b1:e1:b0:4d:61:ed:b0:20:dc:
1a:32:bc:53:81:4e:29:b6:6c:e7:64:e3:26:52:4b:
7f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:70:36:32:A5:7B:FC:BA:07:C4:50:9E:5C:3D:80:DC:AD:D2:19:C4
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/OXA2MqV7_LoHxFCeXD2A3K3SGcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.222.0/23
185.221.239.0/24
195.238.231.0/24
195.238.247.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:fa:eb:f2:bd:b5:c1:d0:4f:4a:37:5b:7d:e6:c0:87:7f:02:
90:d2:ca:27:dd:45:07:10:5e:87:16:f6:68:8d:d5:10:80:f2:
d9:ce:07:17:ba:08:9a:b7:8d:1f:b4:ac:36:b3:64:14:12:b0:
9b:f0:8f:96:32:cb:9c:d7:3a:27:c5:9b:ad:f9:66:97:f6:11:
b9:f2:f7:a7:1f:c7:2d:8b:b0:69:2a:b7:01:84:a2:37:b3:b6:
9f:7f:97:67:d3:ed:f8:23:22:ce:90:ff:73:9f:95:b4:6f:bf:
a0:b6:69:75:9b:41:3f:a9:25:ee:76:44:8f:c4:31:7e:33:42:
96:3d:f3:ad:02:3f:81:21:85:62:1c:a5:7f:68:3c:f9:a0:d2:
7e:4b:5f:4d:6d:31:5c:e4:94:3c:01:e9:c0:7b:54:a9:82:ee:
b0:a4:c2:bc:e1:43:3c:02:52:76:4b:41:1e:d1:95:c4:0d:2d:
38:fd:bb:86:57:2b:53:38:a9:6c:2a:76:9a:6b:1e:11:29:a9:
b1:a3:fb:71:b8:9a:28:5b:0e:d9:3a:4f:d6:a0:2b:00:ee:4b:
db:7b:26:83:0a:99:9d:76:75:48:3f:a2:1a:0c:52:62:24:d5:
2d:43:87:d9:f3:f8:ca:d3:c9:4d:6d:61:73:79:84:77:01:41:
7c:f3:af:14
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYKDAf2GeBj8IoXgAQ7LcJdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjIwODA5MTQyODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTcwMzYzMmE1N2JmY2JhMDdjNDUwOWU1YzNkODBkY2FkZDIxOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A4WKY5pfDm307BwxqaXa1fI2m/C
PTZ9QYAk5pusTAv/hFtzVlmTgAsQbVk2nGhgpD0rpLw+9icgsk0OdMmpfBDYbH6V
0UTbNh9qeW8fgKY9kPcBaNWPBgOFw0MIgK9aDyBNlYWeV1zIUtTbV5OOusmRhaKv
h+O3VEV2U1qgqsy7oNvF0lJSBXxtTNGzIye8Aot75qgR5iPGDB2jgrJq4MalmsGn
1RPC/Zi9j0+/oXSVVgtMf9REXmEKqPtOE5Ib8v/8GLRNhKaEvw6cg4F8PdomH9N3
14/RZlPJe/2NHVj8hia5K72x4bBNYe2wINwaMrxTgU4ptmznZOMmUkt/OwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDlwNjKle/y6B8RQnlw9gNyt0hnEMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvT1hBMk1xVjdfTG9IeEZDZVhEMkEzSzNTR2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBZ9feAwQA
ud3vAwQAw+7nAwQAw+73MA0GCSqGSIb3DQEBCwUAA4IBAQCa+uvyvbXB0E9KN1t9
5sCHfwKQ0son3UUHEF6HFvZojdUQgPLZzgcXugiat40ftKw2s2QUErCb8I+WMsuc
1zonxZut+WaX9hG58venH8cti7BpKrcBhKI3s7aff5dn0+34IyLOkP9zn5W0b7+g
tml1m0E/qSXudkSPxDF+M0KWPfOtAj+BIYViHKV/aDz5oNJ+S19NbTFc5JQ8AenA
e1Spgu6wpMK84UM8AlJ2S0Ee0ZXEDS04/buGVytTOKlsKnaaax4RKamxo/txuJoo
Ww7ZOk/WoCsA7kvbeyaDCpmddnVIP6IaDFJiJNUtQ4fZ8/jK08lNbWFzeYR3AUF8
868U
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:59 2023 by rpki-client on console.sobornost.net