Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/ovl9NrlDXu0pzbcRDqI08SDLOkY.roa
File: ovl9NrlDXu0pzbcRDqI08SDLOkY.roa (raw, json)
Hash identifier: /EIEAp9/eWFAn5uhKfiWkWf/nNRsfMJGsA1+EQZaQRQ=
Subject key identifier: A2:F9:7D:36:B9:43:5E:ED:29:CD:B7:11:0E:A2:34:F1:20:CB:3A:46
Certificate issuer: /CN=bdfa363346c12f83c60d7b5cfdefecd3e7ff0e2a
Certificate serial: 0DD61DAA
Authority key identifier: BD:FA:36:33:46:C1:2F:83:C6:0D:7B:5C:FD:EF:EC:D3:E7:FF:0E:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfo2M0bBL4PGDXtc_e_s0-f_Dio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/ovl9NrlDXu0pzbcRDqI08SDLOkY.roa
Signing time: Sat 01 Jan 2022 12:55:20 +0000
ROA not before: Sat 01 Jan 2022 12:55:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59842
IP address blocks: 185.36.12.0/22 maxlen: 22
91.220.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 232136106 (0xdd61daa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfa363346c12f83c60d7b5cfdefecd3e7ff0e2a
Validity
Not Before: Jan 1 12:55:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2f97d36b9435eed29cdb7110ea234f120cb3a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:39:c4:f8:7f:c4:f1:2b:29:62:54:d8:e9:ef:
47:29:cd:28:a9:ae:c8:ee:17:34:bc:61:92:22:df:
09:96:4a:dd:73:d4:2d:69:4e:cd:b4:63:37:77:88:
04:ca:4a:f0:f9:f9:24:d2:ec:78:0a:83:a4:3e:06:
57:5c:6e:48:5f:2e:76:56:aa:1c:56:41:36:1e:04:
94:13:dc:c1:57:44:6c:e3:ff:d9:6e:6c:99:11:ab:
3e:29:7f:9d:82:b0:49:bc:e8:43:72:1e:e3:19:37:
be:d6:6d:21:9c:65:6c:d9:57:79:f5:d3:29:4b:c2:
7a:be:a8:de:bc:08:96:29:c3:da:a9:af:c0:c0:e0:
c8:51:e3:bc:11:d6:8f:7d:33:8a:65:3f:f4:d1:b0:
57:f1:ea:eb:61:41:fa:57:38:ba:fa:e2:b9:54:7e:
49:59:9e:ae:c3:07:f4:78:d0:29:b7:cf:a6:e3:ac:
ba:63:b7:fd:e2:d0:0d:7b:2e:a9:bd:40:d6:1e:fb:
44:49:b8:b6:3d:7a:0b:c0:bc:62:e9:fc:2f:cf:47:
a5:55:77:1d:81:57:08:7f:3b:32:b1:3a:79:35:85:
d8:79:43:d4:17:1a:fc:be:13:d7:6c:93:4b:03:0d:
f2:7e:c4:84:52:dd:b4:92:b0:3a:64:01:18:6d:f2:
5a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F9:7D:36:B9:43:5E:ED:29:CD:B7:11:0E:A2:34:F1:20:CB:3A:46
X509v3 Authority Key Identifier:
keyid:BD:FA:36:33:46:C1:2F:83:C6:0D:7B:5C:FD:EF:EC:D3:E7:FF:0E:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfo2M0bBL4PGDXtc_e_s0-f_Dio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/ovl9NrlDXu0pzbcRDqI08SDLOkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/vfo2M0bBL4PGDXtc_e_s0-f_Dio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.245.0/24
185.36.12.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:b3:9f:c2:d9:e5:62:4c:a6:b3:54:c4:f2:72:c9:5c:13:67:
45:be:6f:1d:c8:fe:63:52:95:f0:f0:6e:9e:30:4d:83:29:85:
82:6c:2b:28:ac:29:57:78:04:05:4d:41:29:e8:bf:85:0b:84:
63:47:b6:83:d8:25:01:ad:f1:4a:f4:f9:5e:ff:fd:d6:a9:c8:
f2:58:dc:c2:c6:63:06:8f:58:3b:4a:a4:cf:5a:e7:54:c1:58:
5b:4b:30:3a:52:86:58:54:ed:cb:62:ac:ee:2a:7a:5c:55:cf:
ab:6f:df:e3:c5:b0:a1:0f:91:8a:61:ab:c5:9f:95:fe:f7:3f:
fc:d1:6c:18:f9:3a:b4:aa:1c:de:6f:0f:35:ea:de:53:f0:8d:
c9:ab:cb:a7:dc:53:14:12:23:7d:e6:f5:51:58:0d:56:5d:ca:
da:6d:3d:09:6a:cf:34:01:15:f2:9c:c7:e6:89:a2:42:59:8d:
1d:c8:95:3d:13:d2:e8:67:56:a5:6d:a1:78:04:5e:b4:75:c0:
e3:b6:bd:30:33:9c:0b:de:2d:7a:6a:f9:fd:4e:75:48:1b:fe:
81:9f:70:ba:af:84:3b:d5:19:41:3a:4d:5a:67:99:21:24:d7:
2d:ad:e2:90:f2:45:e2:b2:9b:8b:58:3d:45:f6:3b:54:bc:57:
c0:5e:de:05
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDdYdqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGZhMzYzMzQ2YzEyZjgzYzYwZDdiNWNmZGVmZWNkM2U3ZmYwZTJhMB4XDTIyMDEw
MTEyNTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJmOTdkMzZiOTQz
NWVlZDI5Y2RiNzExMGVhMjM0ZjEyMGNiM2E0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALU5xPh/xPErKWJU2OnvRynNKKmuyO4XNLxhkiLfCZZK3XPU
LWlOzbRjN3eIBMpK8Pn5JNLseAqDpD4GV1xuSF8udlaqHFZBNh4ElBPcwVdEbOP/
2W5smRGrPil/nYKwSbzoQ3Ie4xk3vtZtIZxlbNlXefXTKUvCer6o3rwIlinD2qmv
wMDgyFHjvBHWj30zimU/9NGwV/Hq62FB+lc4uvriuVR+SVmersMH9HjQKbfPpuOs
umO3/eLQDXsuqb1A1h77REm4tj16C8C8Yun8L89HpVV3HYFXCH87MrE6eTWF2HlD
1Bca/L4T12yTSwMN8n7EhFLdtJKwOmQBGG3yWrcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSi+X02uUNe7SnNtxEOojTxIMs6RjAfBgNVHSMEGDAWgBS9+jYzRsEvg8YN
e1z97+zT5/8OKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZmbzJNMGJCTDRQR0RYdGNfZV9zMC1mX0Rpby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvZGRmMDZlLWRiOGItNDU4OS1hNjU2LTE3MTYxNDY2NDRlNi8x
L292bDlOcmxEWHUwcHpiY1JEcUkwOFNETE9rWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
ZGRmMDZlLWRiOGItNDU4OS1hNjU2LTE3MTYxNDY2NDRlNi8xL3ZmbzJNMGJCTDRQ
R0RYdGNfZV9zMC1mX0Rpby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvc9QMEArkkDDANBgkqhkiG9w0B
AQsFAAOCAQEAPbOfwtnlYkyms1TE8nLJXBNnRb5vHcj+Y1KV8PBunjBNgymFgmwr
KKwpV3gEBU1BKei/hQuEY0e2g9glAa3xSvT5Xv/91qnI8ljcwsZjBo9YO0qkz1rn
VMFYW0swOlKGWFTty2Ks7ip6XFXPq2/f48WwoQ+RimGrxZ+V/vc//NFsGPk6tKoc
3m8PNereU/CNyavLp9xTFBIjfeb1UVgNVl3K2m09CWrPNAEV8pzH5omiQlmNHciV
PRPS6GdWpW2heARetHXA47a9MDOcC94temr5/U51SBv+gZ9wuq+EO9UZQTpNWmeZ
ISTXLa3ikPJF4rKbi1g9RfY7VLxXwF7eBQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:21:07 2025 by rpki-client