Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/Osg_fFqfI42jazj1QUpnre_2K0U.roa
File: Osg_fFqfI42jazj1QUpnre_2K0U.roa (raw, json)
Hash identifier: o1iPkmMUC46oKUC29rAdufQPzvTB2ICPEqxdY5670F4=
Subject key identifier: 3A:C8:3F:7C:5A:9F:23:8D:A3:6B:38:F5:41:4A:67:AD:EF:F6:2B:45
Certificate issuer: /CN=467350d5975a272a88bfb8810af45981cd55935a
Certificate serial: 01856FDDC9BB15B6C03ADB5BCE12672878EC
Authority key identifier: 46:73:50:D5:97:5A:27:2A:88:BF:B8:81:0A:F4:59:81:CD:55:93:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/Osg_fFqfI42jazj1QUpnre_2K0U.roa
Signing time: Mon 02 Jan 2023 00:24:44 +0000
ROA not before: Mon 02 Jan 2023 00:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12590
IP address blocks: 185.118.222.0/24 maxlen: 24
185.118.221.0/24 maxlen: 24
185.118.220.0/24 maxlen: 24
185.118.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:c9:bb:15:b6:c0:3a:db:5b:ce:12:67:28:78:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=467350d5975a272a88bfb8810af45981cd55935a
Validity
Not Before: Jan 2 00:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ac83f7c5a9f238da36b38f5414a67adeff62b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9c:b3:70:3c:9c:b2:3c:c9:54:18:48:f1:14:
05:1d:bd:35:ed:2a:44:f8:26:4c:79:bf:94:e2:5c:
99:e9:6b:1c:7b:86:29:65:ba:6c:59:01:1e:4e:27:
ba:98:53:5a:a9:5d:61:48:0e:26:70:ce:64:62:86:
a6:88:0d:98:23:cb:43:10:ef:f0:6f:2b:e9:f9:96:
24:2f:7f:8b:ec:90:c7:8c:5e:71:e8:05:31:26:5d:
77:e9:79:22:85:81:b7:b4:7e:bb:22:6d:c1:1b:36:
c6:15:6a:31:7d:ba:c2:1c:c0:d7:19:15:5d:a4:b7:
34:a9:e7:c3:28:12:3a:61:6a:48:ab:9d:6b:8f:1f:
e6:cf:51:c5:87:80:50:ee:e8:34:eb:00:7b:db:d9:
69:dc:89:34:46:71:f4:62:84:33:b4:27:23:5b:cf:
66:59:18:71:5f:3f:db:13:a5:e8:6a:da:b8:dd:96:
d8:bb:0e:5c:4e:b4:c6:c0:0a:d7:cd:a0:bb:ba:f8:
6f:13:5a:a7:62:29:5a:9b:89:7f:7f:13:c5:43:b2:
fd:31:03:f7:d9:48:01:67:82:d0:af:bf:9f:5d:13:
a1:59:1f:72:04:4e:dc:6f:bf:b1:df:61:d9:29:68:
af:9e:63:b3:fa:60:45:e5:e9:08:1f:56:f9:c5:36:
6e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C8:3F:7C:5A:9F:23:8D:A3:6B:38:F5:41:4A:67:AD:EF:F6:2B:45
X509v3 Authority Key Identifier:
keyid:46:73:50:D5:97:5A:27:2A:88:BF:B8:81:0A:F4:59:81:CD:55:93:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/Osg_fFqfI42jazj1QUpnre_2K0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.220.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:22:2d:cd:40:58:b0:4b:39:71:6b:02:a6:13:a7:26:67:c1:
ed:c8:24:17:0c:e6:a0:79:46:f9:8f:9d:bd:eb:82:87:01:d5:
07:82:58:a8:6c:4d:4f:ea:bb:6f:1c:12:84:d7:50:1f:76:c6:
3e:1c:b7:85:dd:81:5b:96:72:9a:b6:b6:47:db:b1:7d:14:62:
f9:a2:99:06:0a:b4:5a:04:3b:62:42:02:ba:6f:06:78:2d:65:
96:73:d8:5f:3f:4e:d7:ff:d2:f2:59:f5:39:f2:2c:5b:c8:35:
03:12:e1:4e:a7:cf:7b:b0:31:56:26:da:f7:3c:78:53:c5:ea:
fe:d4:04:58:ed:b2:b3:2b:b5:ff:0a:e0:9d:58:fb:39:3f:b8:
f6:6f:bf:dd:46:c8:78:c5:03:10:11:35:30:7e:4f:e3:d8:29:
8b:a6:a2:ed:2a:c2:ed:ec:21:80:56:b6:56:65:d3:8a:d6:e5:
ac:48:e3:24:0c:59:19:c3:c3:2a:ec:15:18:60:8b:38:8b:94:
fc:20:32:d4:16:97:35:49:83:37:30:f5:14:5f:86:6c:36:28:
87:94:77:a3:94:de:8b:27:1e:6a:f8:7d:ac:bb:13:cc:1b:39:
fc:c4:25:b1:23:2b:82:e1:24:20:a0:90:8d:d0:72:11:b5:65:
60:d1:67:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv3cm7FbbAOttbzhJnKHjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NzM1MGQ1OTc1YTI3MmE4OGJmYjg4MTBhZjQ1OTgxY2Q1
NTkzNWEwHhcNMjMwMTAyMDAyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWM4M2Y3YzVhOWYyMzhkYTM2YjM4ZjU0MTRhNjdhZGVmZjYyYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopyzcDycsjzJVBhI8RQFHb017SpE
+CZMeb+U4lyZ6Wsce4YpZbpsWQEeTie6mFNaqV1hSA4mcM5kYoamiA2YI8tDEO/w
byvp+ZYkL3+L7JDHjF5x6AUxJl136XkihYG3tH67Im3BGzbGFWoxfbrCHMDXGRVd
pLc0qefDKBI6YWpIq51rjx/mz1HFh4BQ7ug06wB729lp3Ik0RnH0YoQztCcjW89m
WRhxXz/bE6Xoatq43ZbYuw5cTrTGwArXzaC7uvhvE1qnYilam4l/fxPFQ7L9MQP3
2UgBZ4LQr7+fXROhWR9yBE7cb7+x32HZKWivnmOz+mBF5ekIH1b5xTZuyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrIP3xanyONo2s49UFKZ63v9itFMB8GA1UdIwQY
MBaAFEZzUNWXWicqiL+4gQr0WYHNVZNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5OUTFaZGFKeXFJdjdpQkN2UlpnYzFWazFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9jNTdiNzUtMTBhNy00NzIzLTk0ZWEt
ZTg1NzQ3N2E3MDA4LzEvT3NnX2ZGcWZJNDJqYXpqMVFVcG5yZV8ySzBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9jNTdiNzUtMTBhNy00NzIzLTk0ZWEtZTg1NzQ3N2E3MDA4
LzEvUm5OUTFaZGFKeXFJdjdpQkN2UlpnYzFWazFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXbcMA0G
CSqGSIb3DQEBCwUAA4IBAQAPIi3NQFiwSzlxawKmE6cmZ8HtyCQXDOageUb5j529
64KHAdUHgliobE1P6rtvHBKE11AfdsY+HLeF3YFblnKatrZH27F9FGL5opkGCrRa
BDtiQgK6bwZ4LWWWc9hfP07X/9LyWfU58ixbyDUDEuFOp897sDFWJtr3PHhTxer+
1ARY7bKzK7X/CuCdWPs5P7j2b7/dRsh4xQMQETUwfk/j2CmLpqLtKsLt7CGAVrZW
ZdOK1uWsSOMkDFkZw8Mq7BUYYIs4i5T8IDLUFpc1SYM3MPUUX4ZsNiiHlHejlN6L
Jx5q+H2suxPMGzn8xCWxIyuC4SQgoJCN0HIRtWVg0WcY
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:24:39 2025 by rpki-client