Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/oYQMQB0E5EY8CBxGobrju3B_f6s.roa
File: oYQMQB0E5EY8CBxGobrju3B_f6s.roa (raw, json)
Hash identifier: Yd0VoZ+FmZMXb0Yna3sutILnYecAEoPp5qWev5e/aLY=
Subject key identifier: A1:84:0C:40:1D:04:E4:46:3C:08:1C:46:A1:BA:E3:BB:70:7F:7F:AB
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018572BA88CE31864DA5A30F92B75E4ACA9A
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/oYQMQB0E5EY8CBxGobrju3B_f6s.roa
Signing time: Mon 02 Jan 2023 13:45:05 +0000
ROA not before: Mon 02 Jan 2023 13:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202081
IP address blocks: 206.252.227.0/24 maxlen: 24
77.79.249.0/24 maxlen: 24
195.167.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:88:ce:31:86:4d:a5:a3:0f:92:b7:5e:4a:ca:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 13:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1840c401d04e4463c081c46a1bae3bb707f7fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cf:13:58:67:c3:ec:65:a2:69:51:f2:e1:d4:
c3:5e:e3:a5:4a:1e:11:7f:37:4f:f1:93:be:34:f9:
08:9e:57:a5:7f:38:fb:ff:6d:c1:3f:89:28:01:3c:
72:8c:51:35:87:a4:ac:b8:55:f1:e0:6d:97:de:4f:
53:59:8b:c6:bb:14:fe:5f:a4:33:05:25:6b:28:de:
9a:87:87:c5:ea:d2:64:84:bd:7d:68:f1:83:74:2b:
93:b5:ef:a0:b5:9b:13:d3:f9:a8:b6:83:b8:61:85:
f1:81:c4:39:65:91:66:20:ae:ab:e7:64:19:ac:06:
5b:64:b4:00:4b:b6:1a:f1:5b:b9:74:03:73:65:6d:
54:9e:0e:87:46:6e:7f:7c:52:f1:4a:e6:4e:a0:a5:
dc:9f:6d:67:58:2a:5a:85:c4:4f:cc:2b:79:d2:45:
f3:ea:1d:d2:0a:4a:16:02:a8:1d:d6:6f:29:d5:15:
d8:02:2d:5d:5e:fb:f7:c7:90:d9:ac:5d:2a:6a:3e:
52:0c:f3:15:e5:a0:db:81:73:b5:9c:18:36:62:57:
41:72:c8:19:5a:99:de:c6:df:7e:e8:08:2c:fa:5f:
8b:45:6a:76:61:bc:47:95:93:1b:5f:e2:75:cb:60:
b5:7f:a5:63:56:83:f0:1b:0c:c3:5f:85:66:af:b2:
4f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:84:0C:40:1D:04:E4:46:3C:08:1C:46:A1:BA:E3:BB:70:7F:7F:AB
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/oYQMQB0E5EY8CBxGobrju3B_f6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.79.249.0/24
195.167.152.0/24
206.252.227.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:35:7d:b0:c3:b1:2b:8d:d7:3b:4d:1d:c9:be:fe:e6:0a:ae:
c5:63:4e:d5:d8:b6:43:64:dd:05:cc:bc:b8:a4:60:db:12:bd:
b3:02:4e:00:b7:d0:70:1e:eb:b6:5a:ea:c2:9e:3e:22:c3:35:
86:71:42:5b:5c:6d:72:de:62:37:42:08:81:10:d9:27:0f:d3:
8d:7b:ba:aa:aa:08:0e:8e:a8:cc:a9:57:7e:e1:87:cf:df:88:
cd:5a:16:77:f3:73:c2:b2:6d:93:dd:be:c3:e3:72:77:04:dc:
f7:7f:02:03:37:f9:ce:77:f1:31:42:94:7d:21:3b:98:6c:6f:
7f:d0:50:71:f3:63:34:2e:ff:01:07:20:4f:b8:d2:be:a1:ba:
69:e9:5a:71:99:36:d5:3b:b3:b9:a1:0e:e6:2a:49:06:7c:88:
5b:a3:45:2e:20:1a:56:88:ed:ea:fc:af:d3:51:1c:66:8a:0a:
ed:64:3f:91:00:3a:3d:df:ca:97:89:0d:73:91:94:d8:46:76:
17:e8:9e:09:f0:6c:8c:42:0d:0d:4f:79:f9:39:03:2b:e0:a1:
45:3a:04:73:96:1e:66:b8:d6:33:75:48:b0:7b:15:28:d9:89:
f7:55:39:0d:80:ad:75:28:2a:e6:be:05:f8:a0:0d:f1:aa:46:
e6:75:8e:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyuojOMYZNpaMPkrdeSsqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTAyMTM0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTg0MGM0MDFkMDRlNDQ2M2MwODFjNDZhMWJhZTNiYjcwN2Y3ZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic8TWGfD7GWiaVHy4dTDXuOlSh4R
fzdP8ZO+NPkInlelfzj7/23BP4koATxyjFE1h6SsuFXx4G2X3k9TWYvGuxT+X6Qz
BSVrKN6ah4fF6tJkhL19aPGDdCuTte+gtZsT0/motoO4YYXxgcQ5ZZFmIK6r52QZ
rAZbZLQAS7Ya8Vu5dANzZW1Ung6HRm5/fFLxSuZOoKXcn21nWCpahcRPzCt50kXz
6h3SCkoWAqgd1m8p1RXYAi1dXvv3x5DZrF0qaj5SDPMV5aDbgXO1nBg2YldBcsgZ
Wpnext9+6Ags+l+LRWp2YbxHlZMbX+J1y2C1f6VjVoPwGwzDX4Vmr7JPFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKGEDEAdBORGPAgcRqG647twf3+rMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvb1lRTVFCMEU1RVk4Q0J4R29icmp1M0JfZjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATU/5AwQA
w6eYAwQAzvzjMA0GCSqGSIb3DQEBCwUAA4IBAQC4NX2ww7Erjdc7TR3Jvv7mCq7F
Y07V2LZDZN0FzLy4pGDbEr2zAk4At9BwHuu2WurCnj4iwzWGcUJbXG1y3mI3QgiB
ENknD9ONe7qqqggOjqjMqVd+4YfP34jNWhZ383PCsm2T3b7D43J3BNz3fwIDN/nO
d/ExQpR9ITuYbG9/0FBx82M0Lv8BByBPuNK+obpp6VpxmTbVO7O5oQ7mKkkGfIhb
o0UuIBpWiO3q/K/TURxmigrtZD+RADo938qXiQ1zkZTYRnYX6J4J8GyMQg0NT3n5
OQMr4KFFOgRzlh5muNYzdUiwexUo2Yn3VTkNgK11KCrmvgX4oA3xqkbmdY6Y
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:23 2025 by rpki-client