Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/79ed04-be11-4388-a66a-482ec7d6872e/1/oGBkxMkjYttasu823adwUrtYzHw.roa
File: oGBkxMkjYttasu823adwUrtYzHw.roa (raw, json)
Hash identifier: oH/gbEUlhO0mfL2vW5Lj0QDLSZ2QLlfrr+YObtZfe3Y=
Subject key identifier: A0:60:64:C4:C9:23:62:DB:5A:B2:EF:36:DD:A7:70:52:BB:58:CC:7C
Certificate issuer: /CN=8d992719191a894d068dba8d0a1006e9feadaa68
Certificate serial: 0189BBDBE644520B99D0EBB15EC79AA376AE
Authority key identifier: 8D:99:27:19:19:1A:89:4D:06:8D:BA:8D:0A:10:06:E9:FE:AD:AA:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jZknGRkaiU0GjbqNChAG6f6tqmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/79ed04-be11-4388-a66a-482ec7d6872e/1/oGBkxMkjYttasu823adwUrtYzHw.roa
Signing time: Thu 03 Aug 2023 14:44:58 +0000
ROA not before: Thu 03 Aug 2023 14:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207281
IP address blocks: 185.63.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:db:e6:44:52:0b:99:d0:eb:b1:5e:c7:9a:a3:76:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d992719191a894d068dba8d0a1006e9feadaa68
Validity
Not Before: Aug 3 14:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a06064c4c92362db5ab2ef36dda77052bb58cc7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:77:c1:51:c7:5f:bc:49:f3:c9:04:14:a1:0e:
db:e8:84:be:df:34:15:f4:2e:6c:08:f0:e9:5a:01:
26:8a:1d:87:2a:f1:b8:f5:70:ac:07:af:47:d2:73:
2e:52:aa:98:2d:e0:52:24:88:62:46:35:b5:23:ea:
04:c8:71:2f:2f:4c:f8:91:f9:e6:80:8a:c5:44:cf:
c8:3d:94:b1:f7:b7:25:13:78:0d:0d:c9:3c:26:0b:
04:b0:d3:00:82:1d:f7:1e:bb:bd:31:3d:32:8d:ca:
2b:6a:f5:86:bf:c5:cb:b1:d1:c0:20:60:71:0b:c7:
37:9e:91:09:7f:02:13:17:57:96:69:ee:38:b8:46:
63:d9:33:33:ff:cd:05:c4:6b:72:36:5d:a1:4f:25:
12:52:f8:f1:0e:29:84:d0:3b:c5:ac:e3:4a:c3:80:
a1:7c:78:33:f1:8b:57:ee:f5:58:ae:48:bb:81:6a:
0b:00:95:2e:4d:03:90:53:96:03:71:e8:08:60:bd:
00:d4:7d:84:e5:63:93:86:81:03:e1:fc:9c:0c:73:
60:9b:c8:51:db:ae:74:b9:35:a4:57:21:7d:50:ea:
fa:19:d6:53:12:1a:da:82:b0:e3:37:52:b9:90:68:
b3:83:47:3b:0d:d2:39:30:ad:20:99:0f:9e:e4:af:
d5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:60:64:C4:C9:23:62:DB:5A:B2:EF:36:DD:A7:70:52:BB:58:CC:7C
X509v3 Authority Key Identifier:
keyid:8D:99:27:19:19:1A:89:4D:06:8D:BA:8D:0A:10:06:E9:FE:AD:AA:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jZknGRkaiU0GjbqNChAG6f6tqmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/79ed04-be11-4388-a66a-482ec7d6872e/1/oGBkxMkjYttasu823adwUrtYzHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/79ed04-be11-4388-a66a-482ec7d6872e/1/jZknGRkaiU0GjbqNChAG6f6tqmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.85.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:b2:45:e5:8c:5a:5e:a4:12:c1:fd:0d:7e:fa:b1:b7:24:d7:
4a:5d:e3:6a:74:aa:fa:a1:24:82:b5:ed:21:e5:60:92:ad:d8:
2a:76:3f:83:32:71:1f:d7:60:0a:f7:19:11:f9:e4:28:4c:56:
27:98:cb:82:03:51:75:11:2f:73:3d:9c:ae:b6:85:e1:2f:12:
bf:8a:2f:07:75:60:f4:d0:2d:04:a6:d5:3a:4c:4e:5d:82:83:
56:e9:56:aa:72:9d:98:00:89:88:0f:77:e9:c7:5c:85:fd:b0:
e8:c2:ae:f0:e9:ff:ff:12:21:ea:19:d1:c5:54:af:ca:c9:7e:
bf:f2:fd:9f:ed:83:6d:ce:e9:67:f0:a8:b7:6d:f4:8d:91:60:
28:91:e3:aa:3a:6a:df:c8:ee:f9:51:11:ce:b0:87:f6:34:f0:
5e:f3:9d:4c:0c:1c:20:d9:e0:bc:e1:79:9a:8a:71:63:6b:e9:
b3:c4:ce:e4:af:32:f8:42:63:f9:02:44:7e:ae:80:5e:9a:0e:
31:16:6b:db:16:a5:37:34:cf:d4:29:9d:58:1a:25:8f:81:86:
43:32:37:cf:dc:f0:77:d3:40:86:77:cc:c6:4e:1b:4c:2d:60:
ee:e7:7a:e1:a5:b4:e1:64:49:c1:c9:66:51:41:e1:0d:ee:63:
74:93:0c:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm72+ZEUguZ0OuxXseao3auMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkOTkyNzE5MTkxYTg5NGQwNjhkYmE4ZDBhMTAwNmU5ZmVh
ZGFhNjgwHhcNMjMwODAzMTQ0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDYwNjRjNGM5MjM2MmRiNWFiMmVmMzZkZGE3NzA1MmJiNThjYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXfBUcdfvEnzyQQUoQ7b6IS+3zQV
9C5sCPDpWgEmih2HKvG49XCsB69H0nMuUqqYLeBSJIhiRjW1I+oEyHEvL0z4kfnm
gIrFRM/IPZSx97clE3gNDck8JgsEsNMAgh33Hru9MT0yjcoravWGv8XLsdHAIGBx
C8c3npEJfwITF1eWae44uEZj2TMz/80FxGtyNl2hTyUSUvjxDimE0DvFrONKw4Ch
fHgz8YtX7vVYrki7gWoLAJUuTQOQU5YDcegIYL0A1H2E5WOThoED4fycDHNgm8hR
2650uTWkVyF9UOr6GdZTEhragrDjN1K5kGizg0c7DdI5MK0gmQ+e5K/VmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBgZMTJI2LbWrLvNt2ncFK7WMx8MB8GA1UdIwQY
MBaAFI2ZJxkZGolNBo26jQoQBun+rapoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalprbkdSa2FpVTBHamJxTkNoQUc2ZjZ0cW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS83OWVkMDQtYmUxMS00Mzg4LWE2NmEt
NDgyZWM3ZDY4NzJlLzEvb0dCa3hNa2pZdHRhc3U4MjNhZHdVcnRZekh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS83OWVkMDQtYmUxMS00Mzg4LWE2NmEtNDgyZWM3ZDY4NzJl
LzEvalprbkdSa2FpVTBHamJxTkNoQUc2ZjZ0cW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT9VMA0G
CSqGSIb3DQEBCwUAA4IBAQAqskXljFpepBLB/Q1++rG3JNdKXeNqdKr6oSSCte0h
5WCSrdgqdj+DMnEf12AK9xkR+eQoTFYnmMuCA1F1ES9zPZyutoXhLxK/ii8HdWD0
0C0EptU6TE5dgoNW6Vaqcp2YAImID3fpx1yF/bDowq7w6f//EiHqGdHFVK/KyX6/
8v2f7YNtzuln8Ki3bfSNkWAokeOqOmrfyO75URHOsIf2NPBe851MDBwg2eC84Xma
inFja+mzxM7krzL4QmP5AkR+roBemg4xFmvbFqU3NM/UKZ1YGiWPgYZDMjfP3PB3
00CGd8zGThtMLWDu53rhpbThZEnByWZRQeEN7mN0kwxH
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:21:06 2025 by rpki-client