Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OQhlZilKz2UJDUiLSOOH73MVwS0.roa
File: OQhlZilKz2UJDUiLSOOH73MVwS0.roa (raw, json)
Hash identifier: jr61sz0P2cUtBW82H95/Sib76Q2yLPWbnu+0UFifSs8=
Subject key identifier: 39:08:65:66:29:4A:CF:65:09:0D:48:8B:48:E3:87:EF:73:15:C1:2D
Certificate issuer: /CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
Certificate serial: 01867854A0BB435EFCAAB02A54A4CA6E561B
Authority key identifier: 38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OQhlZilKz2UJDUiLSOOH73MVwS0.roa
Signing time: Wed 22 Feb 2023 08:54:17 +0000
ROA not before: Wed 22 Feb 2023 08:54:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56911
IP address blocks: 185.225.60.0/22 maxlen: 24
185.225.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:54:a0:bb:43:5e:fc:aa:b0:2a:54:a4:ca:6e:56:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
Validity
Not Before: Feb 22 08:54:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39086566294acf65090d488b48e387ef7315c12d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ec:37:11:13:27:2a:30:bc:58:85:a8:90:26:
a8:2f:20:fc:d2:df:58:c3:f9:0d:2a:2c:91:72:6a:
55:f5:1f:97:eb:96:5e:c0:73:b2:c9:db:65:ee:84:
67:a9:ef:aa:86:8a:80:25:d6:22:92:6b:54:d7:aa:
65:9b:44:a3:d5:55:36:ba:57:ac:c8:16:e9:c0:e8:
85:d6:8d:9f:8f:58:16:70:c4:df:b2:43:ca:41:53:
9a:8a:dc:96:0c:37:d2:7d:c5:7e:3d:3f:22:38:60:
ac:a2:e5:b4:16:c3:df:10:92:54:c3:fa:bc:50:70:
4a:1e:5c:95:ee:16:44:18:c2:d6:2a:dc:7c:a0:7b:
7a:50:99:9d:96:c5:c1:65:d1:73:ac:01:f2:6e:6a:
36:9e:bd:50:b6:37:1e:91:30:33:f3:17:44:fb:46:
ea:b2:52:2d:e2:54:35:5e:11:01:26:b8:4e:0b:f3:
87:0a:33:f8:ae:e2:25:9f:58:d0:83:d2:86:36:b0:
cd:29:39:af:e0:d3:63:3d:1b:04:4a:21:8f:d1:06:
0b:4e:d8:de:c3:ec:fb:c1:99:59:33:9c:32:31:00:
62:91:c6:11:92:81:5b:ef:25:e8:4d:c8:20:fa:22:
b2:24:6f:1b:08:e4:e3:17:25:87:15:b0:54:70:64:
27:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:08:65:66:29:4A:CF:65:09:0D:48:8B:48:E3:87:EF:73:15:C1:2D
X509v3 Authority Key Identifier:
keyid:38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OQhlZilKz2UJDUiLSOOH73MVwS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.60.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:27:44:b7:ec:87:fc:ca:da:70:21:a6:73:3f:47:7b:d0:be:
87:bf:6c:b4:1f:c9:14:6b:34:d7:d0:55:13:f2:b8:88:77:18:
02:ad:72:d9:93:ab:6c:7e:12:32:46:fb:eb:8e:24:a5:f2:7d:
04:72:01:dd:40:c9:a6:bf:15:31:ae:37:c6:c9:3b:5d:91:80:
54:f6:ec:4a:94:d0:a2:7e:26:84:f9:b2:8b:7f:bd:05:91:89:
d7:32:7a:e9:9b:49:49:74:ce:0a:4c:98:b4:41:16:e1:c2:88:
38:00:8e:a2:b1:11:80:b2:46:a4:f4:68:2b:c7:04:51:bf:d5:
27:fe:5d:0d:70:cb:ec:62:47:44:e9:bf:f8:10:61:64:2d:55:
e1:54:3f:98:07:3d:d4:b3:ad:a8:d5:79:43:3b:26:af:69:fb:
f1:b5:d8:71:21:fd:90:80:5e:1e:82:d8:fd:09:4c:c5:20:21:
b9:8c:5c:43:08:3d:da:99:e6:35:d4:a3:41:50:77:d2:ba:3a:
b6:74:88:24:0d:0a:0e:c3:b2:e6:77:c5:8e:11:52:f2:0d:e7:
df:8f:f0:8f:8f:8e:50:ec:1d:56:68:91:46:97:b8:18:c3:ab:
45:38:4a:bf:fc:11:36:6e:d2:36:0f:5d:fe:5d:13:58:b9:6b:
f3:bc:34:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ4VKC7Q178qrAqVKTKblYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTVlZDBmYTYyMGM4MDFhYWE5YTZmMTRmNjU5NmQ3ZWM5
NzUwYTEwHhcNMjMwMjIyMDg1NDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTA4NjU2NjI5NGFjZjY1MDkwZDQ4OGI0OGUzODdlZjczMTVjMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOw3ERMnKjC8WIWokCaoLyD80t9Y
w/kNKiyRcmpV9R+X65ZewHOyydtl7oRnqe+qhoqAJdYikmtU16plm0Sj1VU2ules
yBbpwOiF1o2fj1gWcMTfskPKQVOaityWDDfSfcV+PT8iOGCsouW0FsPfEJJUw/q8
UHBKHlyV7hZEGMLWKtx8oHt6UJmdlsXBZdFzrAHybmo2nr1QtjcekTAz8xdE+0bq
slIt4lQ1XhEBJrhOC/OHCjP4ruIln1jQg9KGNrDNKTmv4NNjPRsESiGP0QYLTtje
w+z7wZlZM5wyMQBikcYRkoFb7yXoTcgg+iKyJG8bCOTjFyWHFbBUcGQnfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDkIZWYpSs9lCQ1Ii0jjh+9zFcEtMB8GA1UdIwQY
MBaAFDgV7Q+mIMgBqqmm8U9lltfsl1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQt
ZjM1YTQ0NTYzNWNhLzEvT1FobFppbEt6MlVKRFVpTFNPT0g3M01Wd1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQtZjM1YTQ0NTYzNWNh
LzEvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueE8MA0G
CSqGSIb3DQEBCwUAA4IBAQDLJ0S37If8ytpwIaZzP0d70L6Hv2y0H8kUazTX0FUT
8riIdxgCrXLZk6tsfhIyRvvrjiSl8n0EcgHdQMmmvxUxrjfGyTtdkYBU9uxKlNCi
fiaE+bKLf70FkYnXMnrpm0lJdM4KTJi0QRbhwog4AI6isRGAskak9GgrxwRRv9Un
/l0NcMvsYkdE6b/4EGFkLVXhVD+YBz3Us62o1XlDOyavafvxtdhxIf2QgF4egtj9
CUzFICG5jFxDCD3ameY11KNBUHfSujq2dIgkDQoOw7Lmd8WOEVLyDeffj/CPj45Q
7B1WaJFGl7gYw6tFOEq//BE2btI2D13+XRNYuWvzvDTX
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:22:11 2025 by rpki-client