Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/OM-nIVZcQ8LIXrvTHXChlDIaFDI.roa
File: OM-nIVZcQ8LIXrvTHXChlDIaFDI.roa (raw, json)
Hash identifier: ABRq/0IlK0aUO2qR1JbDCb9JfAhdHuSFV5scrPTar90=
Subject key identifier: 38:CF:A7:21:56:5C:43:C2:C8:5E:BB:D3:1D:70:A1:94:32:1A:14:32
Certificate issuer: /CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Certificate serial: 01827D34EBBBC6B29407475683A774B41CC6
Authority key identifier: C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/OM-nIVZcQ8LIXrvTHXChlDIaFDI.roa
Signing time: Mon 08 Aug 2022 11:26:36 +0000
ROA not before: Mon 08 Aug 2022 11:26:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42083
IP address blocks: 185.208.100.0/24 maxlen: 24
185.208.101.0/24 maxlen: 24
185.208.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7d:34:eb:bb:c6:b2:94:07:47:56:83:a7:74:b4:1c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Validity
Not Before: Aug 8 11:26:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38cfa721565c43c2c85ebbd31d70a194321a1432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:52:13:47:9c:1c:83:4f:88:96:fc:5a:58:1b:
33:a9:32:59:0a:30:58:bf:cc:3a:6a:bb:9a:9a:ce:
89:33:7b:31:00:d7:05:ae:58:9c:39:f2:23:0a:5b:
9a:af:87:d0:d8:42:44:88:73:fa:70:03:59:cf:84:
84:0e:17:be:f6:1a:8e:ef:8a:b5:2e:e5:02:96:22:
6e:b6:6f:df:ef:0b:96:3d:cf:f9:00:ac:84:e0:b4:
6b:4a:9c:b3:45:52:04:7c:16:a1:57:6d:6a:2c:ce:
4b:10:d9:33:7f:37:67:18:30:3b:4d:c9:4c:37:a3:
f0:23:ae:42:ed:ff:cd:8b:88:55:27:c4:50:39:1b:
0a:13:5e:7f:bc:07:7c:e7:ea:77:4a:98:0a:e3:cf:
d9:2a:de:55:58:ea:52:64:14:c7:e0:38:38:41:5c:
4b:e3:d2:a8:a6:0e:53:e0:89:6a:67:02:9f:1a:0c:
0f:2b:2c:a5:6d:60:cf:79:5d:0b:67:f1:1a:30:b1:
6a:65:a5:25:d6:cb:26:59:1d:e8:c7:71:d2:5a:7e:
a8:50:c7:d2:f4:14:11:b2:55:94:5c:40:b8:6a:19:
40:d1:51:6a:a1:db:db:3d:39:40:ae:68:50:b6:e2:
64:8a:3c:61:79:f1:0c:e4:0c:5d:99:a6:d2:f2:5d:
9f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CF:A7:21:56:5C:43:C2:C8:5E:BB:D3:1D:70:A1:94:32:1A:14:32
X509v3 Authority Key Identifier:
keyid:C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/OM-nIVZcQ8LIXrvTHXChlDIaFDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.100.0/23
185.208.103.0/24
Signature Algorithm: sha256WithRSAEncryption
54:bf:ff:23:07:15:82:c7:06:91:a9:18:01:4a:68:79:0e:57:
78:f6:ab:30:3c:75:e6:d2:f3:c3:16:08:26:96:15:88:64:72:
4e:13:72:0c:8a:a6:63:55:83:08:ba:4b:4a:6e:6b:ff:18:77:
1c:ab:7d:fa:9c:9e:00:b4:f4:81:9a:4c:c7:47:ec:2a:83:b9:
1f:e2:33:be:3a:4d:04:7d:1d:9d:5d:bd:88:6b:f5:d5:0c:22:
65:42:06:7b:e1:83:f3:bd:05:c9:b8:56:44:fb:c6:c5:b8:59:
4e:35:e3:69:0b:71:48:d0:b3:30:5b:e1:cc:0b:08:91:b5:97:
8e:54:9a:14:1d:aa:29:40:2a:95:d7:f7:1d:cd:a9:f7:42:a2:
2f:30:5c:d1:e9:e2:e0:cb:26:c6:14:b5:8d:d3:8e:0d:4a:88:
6e:d3:c5:36:4b:6d:20:9c:88:13:93:92:47:c5:96:7b:84:2e:
fe:e1:19:d8:09:02:f1:c4:57:c3:63:e6:6f:1f:2e:9c:0e:11:
13:23:d5:91:43:31:a8:9f:2d:41:6a:0a:27:0c:6e:2b:7b:2f:
72:c8:d9:83:ad:c6:6f:a2:36:13:ce:5a:a5:cc:24:9e:73:42:
9b:da:fe:a9:71:95:a7:74:a5:6c:e7:1b:e8:af:f8:9d:76:78:
e1:27:9b:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJ9NOu7xrKUB0dWg6d0tBzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ODhhMDc5ZTRjZWI2YmIyNGMyM2M1MjcxZTQ1ODNlMWNm
MmY5YTkwHhcNMjIwODA4MTEyNjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNmYTcyMTU2NWM0M2MyYzg1ZWJiZDMxZDcwYTE5NDMyMWExNDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllITR5wcg0+IlvxaWBszqTJZCjBY
v8w6aruams6JM3sxANcFrlicOfIjCluar4fQ2EJEiHP6cANZz4SEDhe+9hqO74q1
LuUCliJutm/f7wuWPc/5AKyE4LRrSpyzRVIEfBahV21qLM5LENkzfzdnGDA7TclM
N6PwI65C7f/Ni4hVJ8RQORsKE15/vAd85+p3SpgK48/ZKt5VWOpSZBTH4Dg4QVxL
49Kopg5T4IlqZwKfGgwPKyylbWDPeV0LZ/EaMLFqZaUl1ssmWR3ox3HSWn6oUMfS
9BQRslWUXEC4ahlA0VFqodvbPTlArmhQtuJkijxhefEM5AxdmabS8l2fsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDjPpyFWXEPCyF670x1woZQyGhQyMB8GA1UdIwQY
MBaAFMWIoHnkzra7JMI8UnHkWD4c8vmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTIt
MTdlZGI5OGJiYjA4LzEvT00tbklWWmNROExJWHJ2VEhYQ2hsRElhRkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTItMTdlZGI5OGJiYjA4
LzEveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudBkAwQA
udBnMA0GCSqGSIb3DQEBCwUAA4IBAQBUv/8jBxWCxwaRqRgBSmh5Dld49qswPHXm
0vPDFggmlhWIZHJOE3IMiqZjVYMIuktKbmv/GHccq336nJ4AtPSBmkzHR+wqg7kf
4jO+Ok0EfR2dXb2Ia/XVDCJlQgZ74YPzvQXJuFZE+8bFuFlONeNpC3FI0LMwW+HM
CwiRtZeOVJoUHaopQCqV1/cdzan3QqIvMFzR6eLgyybGFLWN044NSohu08U2S20g
nIgTk5JHxZZ7hC7+4RnYCQLxxFfDY+ZvHy6cDhETI9WRQzGony1BagonDG4rey9y
yNmDrcZvojYTzlqlzCSec0Kb2v6pcZWndKVs5xvor/iddnjhJ5s7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:59 2025 by rpki-client