Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ob7KB3kayfl501XEXXyeUtL56g4.roa
File: ob7KB3kayfl501XEXXyeUtL56g4.roa (raw, json)
Hash identifier: g1yh6ovtT6S46WOrvOMX0qvY8wn8ZeDEQJsCe+ObbRQ=
Subject key identifier: A1:BE:CA:07:79:1A:C9:F9:79:D3:55:C4:5D:7C:9E:52:D2:F9:EA:0E
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01846210DBF811BD62D3BFE056DF9B5FF895
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ob7KB3kayfl501XEXXyeUtL56g4.roa
Signing time: Thu 10 Nov 2022 15:03:02 +0000
ROA not before: Thu 10 Nov 2022 15:03:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47975
IP address blocks: 89.249.192.0/20 maxlen: 24
185.21.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:62:10:db:f8:11:bd:62:d3:bf:e0:56:df:9b:5f:f8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Nov 10 15:03:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1beca07791ac9f979d355c45d7c9e52d2f9ea0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:02:fc:2b:53:b8:05:8d:4f:15:8e:2f:f4:46:
2d:16:65:da:ba:94:53:5c:8f:d9:9c:98:e6:68:e4:
54:20:eb:5a:05:72:89:db:1e:56:c6:4e:5c:77:d4:
56:89:68:cb:86:ec:2b:22:a9:6b:0a:f1:33:90:aa:
d5:c1:60:19:29:66:ab:0c:93:49:4c:eb:9d:c7:85:
0e:72:9b:94:15:34:a4:13:96:4f:e0:cc:66:aa:6d:
0b:2b:2b:24:30:02:c4:6b:50:4f:80:08:90:6d:bc:
3c:5e:90:04:b9:e5:13:23:17:28:90:02:85:92:1a:
90:81:c0:bb:86:de:0f:38:01:12:70:0e:00:8c:f8:
86:d6:d0:cc:0a:e4:69:09:be:fa:a3:98:81:d1:9e:
73:6d:95:b3:1d:0d:42:24:ea:b2:75:38:63:b2:21:
e7:6e:6f:15:16:70:15:90:88:13:0c:8e:91:9f:be:
37:70:a9:c6:b9:21:f5:44:33:0a:b3:f0:a7:80:99:
96:d7:bd:02:b5:42:92:69:d2:0c:e7:e1:5c:d5:6a:
40:48:38:c6:1f:d5:e1:1e:53:7e:0f:aa:49:f9:53:
76:65:ae:71:a7:52:c6:d7:36:21:8b:ec:55:da:5b:
93:e7:fa:bc:ba:90:99:1c:ac:94:41:91:b2:a5:20:
6b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BE:CA:07:79:1A:C9:F9:79:D3:55:C4:5D:7C:9E:52:D2:F9:EA:0E
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ob7KB3kayfl501XEXXyeUtL56g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/20
185.21.252.0/22
Signature Algorithm: sha256WithRSAEncryption
91:45:af:af:4e:69:57:36:c8:cf:2f:4c:2f:8f:4d:c0:47:e8:
41:cb:4b:d3:d8:70:0f:0b:7f:16:c1:d7:3e:f2:0b:55:64:fb:
c4:1c:a3:e3:6a:b7:67:57:42:6a:a6:05:a9:a0:da:fe:5a:32:
6d:ae:84:7e:c4:00:8c:7d:1d:f2:81:8c:20:e5:5b:26:76:1c:
1b:aa:3b:92:9c:e6:40:6e:cb:66:1a:5c:ac:c2:45:74:6e:b5:
06:61:48:e3:16:ba:25:b1:40:6f:bc:30:9d:b5:78:93:65:e3:
74:77:17:d8:22:5f:8f:d3:cc:15:9c:ff:d4:3a:d1:fc:46:4d:
3c:78:0b:50:3b:41:e5:1d:07:92:c7:db:27:f5:98:45:89:3c:
d8:1b:e5:f1:46:d4:e5:f8:28:2f:b2:68:b5:0c:04:fa:41:dd:
c0:4e:8d:c7:f0:cb:75:69:e7:59:22:cc:81:fc:a9:3d:a0:eb:
43:4e:6b:85:4b:46:e7:e0:b8:aa:54:e5:03:2d:ac:8c:a0:59:
9c:6f:86:ee:b0:55:f1:68:a0:ff:ec:1d:04:ed:05:29:e0:1b:
40:3a:11:4c:9d:76:cb:da:2c:bf:6a:bd:40:28:97:7c:a1:28:
10:eb:07:d5:cb:c2:ae:e9:b4:1f:7d:79:0b:9a:6b:0b:6b:38:
f7:d1:4b:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRiENv4Eb1i07/gVt+bX/iVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjIxMTEwMTUwMzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJlY2EwNzc5MWFjOWY5NzlkMzU1YzQ1ZDdjOWU1MmQyZjllYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAL8K1O4BY1PFY4v9EYtFmXaupRT
XI/ZnJjmaORUIOtaBXKJ2x5Wxk5cd9RWiWjLhuwrIqlrCvEzkKrVwWAZKWarDJNJ
TOudx4UOcpuUFTSkE5ZP4Mxmqm0LKyskMALEa1BPgAiQbbw8XpAEueUTIxcokAKF
khqQgcC7ht4POAEScA4AjPiG1tDMCuRpCb76o5iB0Z5zbZWzHQ1CJOqydThjsiHn
bm8VFnAVkIgTDI6Rn743cKnGuSH1RDMKs/CngJmW170CtUKSadIM5+Fc1WpASDjG
H9XhHlN+D6pJ+VN2Za5xp1LG1zYhi+xV2luT5/q8upCZHKyUQZGypSBr9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKG+ygd5Gsn5edNVxF18nlLS+eoOMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvb2I3S0Iza2F5Zmw1MDFYRVhYeWVVdEw1Nmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWfnAAwQC
uRX8MA0GCSqGSIb3DQEBCwUAA4IBAQCRRa+vTmlXNsjPL0wvj03AR+hBy0vT2HAP
C38Wwdc+8gtVZPvEHKPjardnV0JqpgWpoNr+WjJtroR+xACMfR3ygYwg5Vsmdhwb
qjuSnOZAbstmGlyswkV0brUGYUjjFrolsUBvvDCdtXiTZeN0dxfYIl+P08wVnP/U
OtH8Rk08eAtQO0HlHQeSx9sn9ZhFiTzYG+XxRtTl+Cgvsmi1DAT6Qd3ATo3H8Mt1
aedZIsyB/Kk9oOtDTmuFS0bn4LiqVOUDLayMoFmcb4busFXxaKD/7B0E7QUp4BtA
OhFMnXbL2iy/ar1AKJd8oSgQ6wfVy8Ku6bQffXkLmmsLazj30UvX
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:05 2025 by rpki-client