Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/omQgG7UIx5q8_O9QFqCweotdc5E.roa
File: omQgG7UIx5q8_O9QFqCweotdc5E.roa (raw, json)
Hash identifier: UMtJGyf6GmNeLwdq6viCAA68YUEgGBoUzsOxmTDXudQ=
Subject key identifier: A2:64:20:1B:B5:08:C7:9A:BC:FC:EF:50:16:A0:B0:7A:8B:5D:73:91
Certificate issuer: /CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Certificate serial: 020EAD82
Authority key identifier: AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/omQgG7UIx5q8_O9QFqCweotdc5E.roa
Signing time: Sat 01 Jan 2022 06:02:35 +0000
ROA not before: Sat 01 Jan 2022 06:02:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205800
IP address blocks: 185.206.125.0/24 maxlen: 24
185.206.124.0/24 maxlen: 24
185.206.126.0/24 maxlen: 24
185.206.127.0/24 maxlen: 24
2a0b:d3c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34516354 (0x20ead82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Validity
Not Before: Jan 1 06:02:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a264201bb508c79abcfcef5016a0b07a8b5d7391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:17:0d:0a:03:50:b4:3b:2c:02:84:0f:98:1c:
bb:33:90:fb:8e:bd:58:dc:fe:e7:78:9d:9d:f1:86:
48:70:ba:c7:8f:82:27:36:49:47:0b:a7:a9:2f:72:
c0:d4:ca:9b:51:40:4f:19:97:eb:f7:5d:f8:e9:d5:
7e:28:53:8b:3b:bd:8a:f3:cb:32:92:d2:56:55:04:
db:a8:c5:25:b1:8a:eb:b6:1d:9c:24:41:05:b0:f9:
27:66:b0:df:e3:83:93:cc:b3:5d:91:c5:db:68:8d:
77:ac:01:79:e0:4a:5c:ec:66:5a:c4:bc:80:bb:82:
6f:ee:bb:92:1e:1a:39:1e:7c:85:f2:f8:6f:0e:57:
7e:7c:bd:e9:3f:28:62:4d:b6:80:5e:33:72:e4:fc:
14:9a:a7:05:d0:52:08:b1:fa:45:94:37:b6:d7:60:
15:42:ec:0c:3c:9c:59:34:89:0f:9f:75:ef:f8:91:
31:6b:34:fa:d5:21:d1:08:24:b9:18:61:ad:60:da:
30:00:6b:5e:9d:b4:da:de:0e:2e:28:d0:9b:14:83:
0f:43:43:e6:46:16:fc:e4:ae:de:d5:cc:c3:f9:48:
b2:00:94:31:9b:39:f8:5c:06:f8:03:a4:7d:26:4e:
ba:5f:21:c7:98:c1:65:9f:f3:c0:f9:cf:55:7e:e9:
30:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:64:20:1B:B5:08:C7:9A:BC:FC:EF:50:16:A0:B0:7A:8B:5D:73:91
X509v3 Authority Key Identifier:
keyid:AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/omQgG7UIx5q8_O9QFqCweotdc5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/rJCSu8LKyuJHd09isP29xEqXTPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.124.0/22
IPv6:
2a0b:d3c0::/32
Signature Algorithm: sha256WithRSAEncryption
57:c1:f6:b2:4d:af:0f:cd:92:af:02:32:11:d8:95:13:7d:b9:
ad:a0:ee:1e:02:d0:e7:65:ad:df:52:78:da:3c:3f:94:b3:09:
22:dd:21:3e:23:35:df:b7:f9:43:05:6c:b2:4d:b5:71:e3:63:
56:9e:42:0d:29:cc:55:a4:c0:b2:ba:cc:04:a4:da:f8:ac:56:
ad:74:cb:ad:2a:1b:34:9f:91:d4:98:03:36:db:43:63:9e:f6:
ae:57:31:3a:13:91:6b:8a:da:15:23:82:35:80:25:63:65:b2:
82:ef:1f:c9:eb:ad:1a:12:9c:92:5e:58:e4:a7:a2:f8:a6:c5:
3c:7a:9f:fa:1b:a3:67:1f:79:0e:62:e3:52:90:2b:e4:f0:bd:
09:16:c4:82:61:67:e2:33:3e:87:34:0b:bd:cf:34:6c:52:d5:
fd:65:64:d5:74:70:dd:e2:3d:20:8c:6f:cd:b9:04:28:62:d6:
38:c7:95:39:25:c3:64:f5:9d:ee:48:86:73:4a:80:45:85:06:
83:1f:06:68:2f:de:1b:f1:e3:8f:fa:25:a2:05:48:5a:ba:ac:
92:8e:ee:bb:48:c8:97:22:58:a1:05:27:01:ef:8a:75:56:bb:
f8:07:83:57:06:41:68:db:c3:63:ec:6e:84:c4:6f:b1:9d:eb:
ca:ce:0e:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAg6tgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzkwOTJiYmMyY2FjYWUyNDc3NzRmNjJiMGZkYmRjNDRhOTc0Y2YyMB4XDTIyMDEw
MTA2MDIzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI2NDIwMWJiNTA4
Yzc5YWJjZmNlZjUwMTZhMGIwN2E4YjVkNzM5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0XDQoDULQ7LAKED5gcuzOQ+469WNz+53idnfGGSHC6x4+C
JzZJRwunqS9ywNTKm1FATxmX6/dd+OnVfihTizu9ivPLMpLSVlUE26jFJbGK67Yd
nCRBBbD5J2aw3+ODk8yzXZHF22iNd6wBeeBKXOxmWsS8gLuCb+67kh4aOR58hfL4
bw5Xfny96T8oYk22gF4zcuT8FJqnBdBSCLH6RZQ3ttdgFULsDDycWTSJD5917/iR
MWs0+tUh0QgkuRhhrWDaMABrXp202t4OLijQmxSDD0ND5kYW/OSu3tXMw/lIsgCU
MZs5+FwG+AOkfSZOul8hx5jBZZ/zwPnPVX7pMG0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSiZCAbtQjHmrz871AWoLB6i11zkTAfBgNVHSMEGDAWgBSskJK7wsrK4kd3
T2Kw/b3ESpdM8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JKQ1N1OExLeXVKSGQwOWlzUDI5eEVxWFRQSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvYzk2MzQ5LTBhMjItNDI0Ny05OTQzLWEzZmMxOTZhYWJiMy8x
L29tUWdHN1VJeDVxOF9POVFGcUN3ZW90ZGM1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
Yzk2MzQ5LTBhMjItNDI0Ny05OTQzLWEzZmMxOTZhYWJiMy8xL3JKQ1N1OExLeXVK
SGQwOWlzUDI5eEVxWFRQSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnOfDANBAIAAjAHAwUAKgvTwDAN
BgkqhkiG9w0BAQsFAAOCAQEAV8H2sk2vD82SrwIyEdiVE325raDuHgLQ52Wt31J4
2jw/lLMJIt0hPiM137f5QwVssk21ceNjVp5CDSnMVaTAsrrMBKTa+KxWrXTLrSob
NJ+R1JgDNttDY572rlcxOhORa4raFSOCNYAlY2Wygu8fyeutGhKckl5Y5Kei+KbF
PHqf+hujZx95DmLjUpAr5PC9CRbEgmFn4jM+hzQLvc80bFLV/WVk1XRw3eI9IIxv
zbkEKGLWOMeVOSXDZPWd7kiGc0qARYUGgx8GaC/eG/Hjj/ologVIWrqsko7uu0jI
lyJYoQUnAe+KdVa7+AeDVwZBaNvDY+xuhMRvsZ3rys4O3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:57 2024 by rpki-client on console-ams.rpki-client.org