Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/ovRiTU1DSO_izaVwz0pl6FY5K5c.roa
File: ovRiTU1DSO_izaVwz0pl6FY5K5c.roa (raw, json)
Hash identifier: 1w8FG2W4xEaPApV+vwnNtwyGS16UImqkrHC0TysEAo4=
Subject key identifier: A2:F4:62:4D:4D:43:48:EF:E2:CD:A5:70:CF:4A:65:E8:56:39:2B:97
Certificate issuer: /CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Certificate serial: 0182252C18AC57AB6B41A7C88DB2EE213C82
Authority key identifier: C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/ovRiTU1DSO_izaVwz0pl6FY5K5c.roa
Signing time: Fri 22 Jul 2022 09:10:23 +0000
ROA not before: Fri 22 Jul 2022 09:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42083
IP address blocks: 185.208.100.0/24 maxlen: 24
185.208.101.0/24 maxlen: 24
185.208.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:2c:18:ac:57:ab:6b:41:a7:c8:8d:b2:ee:21:3c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Validity
Not Before: Jul 22 09:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2f4624d4d4348efe2cda570cf4a65e856392b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3f:5f:c7:de:39:7e:75:c0:67:52:8c:f5:c9:
b1:c8:f7:5f:39:0d:e4:9f:7f:72:92:0d:91:db:28:
08:be:3a:64:30:82:b8:17:0b:2e:18:e7:69:ad:2c:
fd:12:70:f8:d2:88:32:65:da:2e:e8:1e:f2:37:93:
ea:07:07:a2:d9:65:c0:d7:e0:4d:17:88:9a:71:56:
0f:c7:cb:14:c0:4b:d4:ea:09:fc:ed:8f:17:f9:80:
a6:31:ee:48:a4:5c:19:03:1d:9e:c8:ae:ec:ca:2b:
a2:a0:57:0a:ed:4f:9d:90:77:e0:32:be:1d:2c:5c:
38:ef:8c:26:ef:4e:c6:a4:ad:fb:67:6c:73:e9:56:
20:8f:c2:e0:d3:cd:d6:7b:aa:98:b5:72:f4:51:7f:
a4:db:27:0d:c9:39:4e:1f:19:05:00:63:f4:73:15:
bd:24:7e:82:ba:ce:6c:24:db:88:65:06:82:1d:60:
d7:ad:3c:4c:d4:57:be:b3:09:23:a2:5b:e3:11:49:
f3:26:bb:bb:87:dc:49:40:05:d3:83:f5:1f:56:30:
e9:7c:9d:e3:c8:a3:c3:b9:bc:65:b0:43:65:1e:65:
87:2c:58:df:62:46:8f:bc:34:64:ae:08:c3:4e:c0:
30:8e:67:45:c9:b1:3a:d3:52:83:37:8a:d1:cb:8b:
b0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F4:62:4D:4D:43:48:EF:E2:CD:A5:70:CF:4A:65:E8:56:39:2B:97
X509v3 Authority Key Identifier:
keyid:C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/ovRiTU1DSO_izaVwz0pl6FY5K5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.100.0/23
185.208.103.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:7e:a0:22:64:27:66:69:64:8a:18:bc:9e:67:e2:58:c2:48:
e2:31:d8:6f:37:ff:14:76:e3:5e:60:63:45:ad:09:c9:57:e0:
d3:99:6b:0a:0a:8d:26:f2:2f:b3:f2:26:4c:c0:30:1d:29:2d:
61:22:a2:3e:cc:eb:26:fe:3d:4b:fc:9e:ee:5f:ec:d0:99:fd:
8e:1c:47:ba:1a:56:c3:2f:c7:4d:ce:d8:24:2b:6c:65:f5:76:
5f:91:76:e4:5f:f8:9e:9a:f2:35:33:96:7e:75:25:18:00:a0:
86:b0:85:a1:f6:b0:4e:e6:5e:e3:ea:39:57:a4:22:c8:49:fc:
91:24:a5:78:9c:23:19:60:f3:e6:53:ef:52:4a:b8:f3:0e:96:
b6:60:97:37:e7:f9:38:01:13:ff:6f:32:91:38:5b:06:fe:12:
3a:48:6c:be:58:07:ea:9b:8d:af:98:ae:45:1d:07:d4:95:9b:
31:bd:f0:57:91:c9:58:1f:12:87:dd:b7:26:cc:fc:6b:2b:e4:
6c:34:6e:c4:ac:01:08:6e:92:9a:ab:ce:e8:a2:06:ac:9b:15:
6f:3f:f8:0c:2d:a7:90:ed:75:6f:84:0a:a4:4c:2d:a6:dc:e0:
d6:1b:96:eb:94:e5:c1:28:d9:d8:23:22:a0:0a:8c:e0:cc:4f:
eb:d1:c8:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIlLBisV6trQafIjbLuITyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ODhhMDc5ZTRjZWI2YmIyNGMyM2M1MjcxZTQ1ODNlMWNm
MmY5YTkwHhcNMjIwNzIyMDkxMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmY0NjI0ZDRkNDM0OGVmZTJjZGE1NzBjZjRhNjVlODU2MzkyYjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhz9fx945fnXAZ1KM9cmxyPdfOQ3k
n39ykg2R2ygIvjpkMIK4FwsuGOdprSz9EnD40ogyZdou6B7yN5PqBwei2WXA1+BN
F4iacVYPx8sUwEvU6gn87Y8X+YCmMe5IpFwZAx2eyK7syiuioFcK7U+dkHfgMr4d
LFw474wm707GpK37Z2xz6VYgj8Lg083We6qYtXL0UX+k2ycNyTlOHxkFAGP0cxW9
JH6Cus5sJNuIZQaCHWDXrTxM1Fe+swkjolvjEUnzJru7h9xJQAXTg/UfVjDpfJ3j
yKPDubxlsENlHmWHLFjfYkaPvDRkrgjDTsAwjmdFybE601KDN4rRy4uwrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKL0Yk1NQ0jv4s2lcM9KZehWOSuXMB8GA1UdIwQY
MBaAFMWIoHnkzra7JMI8UnHkWD4c8vmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTIt
MTdlZGI5OGJiYjA4LzEvb3ZSaVRVMURTT19pemFWd3owcGw2Rlk1SzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTItMTdlZGI5OGJiYjA4
LzEveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudBkAwQA
udBnMA0GCSqGSIb3DQEBCwUAA4IBAQAdfqAiZCdmaWSKGLyeZ+JYwkjiMdhvN/8U
duNeYGNFrQnJV+DTmWsKCo0m8i+z8iZMwDAdKS1hIqI+zOsm/j1L/J7uX+zQmf2O
HEe6GlbDL8dNztgkK2xl9XZfkXbkX/iemvI1M5Z+dSUYAKCGsIWh9rBO5l7j6jlX
pCLISfyRJKV4nCMZYPPmU+9SSrjzDpa2YJc35/k4ARP/bzKROFsG/hI6SGy+WAfq
m42vmK5FHQfUlZsxvfBXkclYHxKH3bcmzPxrK+RsNG7ErAEIbpKaq87oogasmxVv
P/gMLaeQ7XVvhAqkTC2m3ODWG5brlOXBKNnYIyKgCozgzE/r0chO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:37 2025 by rpki-client