Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/OVEFb-wy6t_aou7uIEQ-Kmtl2AY.roa
File: OVEFb-wy6t_aou7uIEQ-Kmtl2AY.roa (raw, json)
Hash identifier: SJtI542pLmsOnR/jLhqwe+9U36uzdYH37pcUMwMhvq0=
Subject key identifier: 39:51:05:6F:EC:32:EA:DF:DA:A2:EE:EE:20:44:3E:2A:6B:65:D8:06
Certificate issuer: /CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Certificate serial: 018570B99293EA37FCBD99CBD2A083C0A5B0
Authority key identifier: B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/OVEFb-wy6t_aou7uIEQ-Kmtl2AY.roa
Signing time: Mon 02 Jan 2023 04:24:47 +0000
ROA not before: Mon 02 Jan 2023 04:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200409
IP address blocks: 185.156.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:92:93:ea:37:fc:bd:99:cb:d2:a0:83:c0:a5:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Validity
Not Before: Jan 2 04:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3951056fec32eadfdaa2eeee20443e2a6b65d806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1e:57:4b:77:28:fd:f3:59:0e:8f:68:82:a3:
0e:61:3e:71:50:6d:2e:20:ac:d5:13:85:b6:bf:63:
35:19:af:45:4c:23:87:aa:60:e2:2e:37:5f:f4:dc:
2a:a7:f4:52:4c:17:8c:4a:40:a5:9b:d9:b5:23:1a:
60:fa:ec:68:b7:56:e5:9a:08:fc:7c:2b:75:9f:4d:
68:fa:ee:cb:18:8f:ae:e6:0a:37:80:ac:1d:6c:77:
c1:60:0b:1a:20:28:38:2b:18:63:ce:b8:76:b3:46:
c6:4c:7f:e3:5b:fb:da:9e:12:6b:43:3c:79:4c:c2:
31:5d:ad:82:df:88:b2:27:44:10:55:f5:27:25:50:
91:c8:f0:8e:87:a8:4e:0c:9e:7d:23:24:0c:af:b9:
5b:f8:26:a7:bc:37:2a:19:0b:bc:f6:6b:f3:fe:02:
b1:e9:35:3b:36:09:69:43:2d:41:b3:0c:4f:28:02:
e9:5c:1f:67:cb:1a:44:4e:70:17:53:9f:2c:8a:cd:
6f:ef:df:1f:51:fb:b6:c5:37:1a:a6:c4:44:b7:8f:
9d:5f:46:d1:25:a2:65:3b:00:9c:b7:3e:d9:11:4e:
18:1e:ee:f7:18:dc:a5:0f:d4:98:b6:66:76:f7:6c:
95:97:f9:92:8a:dc:29:35:be:62:46:f1:10:54:fb:
ae:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:51:05:6F:EC:32:EA:DF:DA:A2:EE:EE:20:44:3E:2A:6B:65:D8:06
X509v3 Authority Key Identifier:
keyid:B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/OVEFb-wy6t_aou7uIEQ-Kmtl2AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.151.0/24
Signature Algorithm: sha256WithRSAEncryption
60:05:ff:82:ad:29:ee:62:e7:8c:b5:91:36:e5:41:45:45:40:
86:8c:f3:ce:dc:83:87:59:61:86:88:71:ad:d6:90:77:bc:e1:
fd:d1:3d:08:29:8d:61:32:75:38:db:be:96:94:98:0e:ad:16:
25:95:5f:97:32:bd:dd:98:91:2d:07:03:d2:51:1e:9a:74:08:
50:db:a8:a7:64:2a:63:fd:47:47:8e:32:45:f9:a4:23:85:14:
dc:f9:44:aa:60:9c:4e:50:97:4e:f3:a0:36:81:a0:14:bc:3b:
de:8e:6f:15:ab:16:83:74:dd:d2:fa:e0:31:9b:c0:60:59:af:
f9:77:98:c2:0a:31:92:9f:e5:56:14:82:96:00:12:eb:01:bf:
3e:70:d0:2c:ee:98:1c:ed:a9:81:d4:83:23:cd:c8:8e:a8:76:
b8:1f:0c:1f:ae:89:28:90:6c:98:9f:ac:c2:cb:32:01:af:ac:
3e:af:cc:53:7d:f8:28:31:72:12:c2:33:6e:a2:6b:34:85:e4:
f3:d8:b0:ba:8e:df:30:06:65:0e:7f:5c:98:48:d0:e4:57:dc:
4d:eb:85:f5:23:9b:53:d6:50:8b:5a:8d:b2:36:bd:7c:8a:26:
2e:12:65:69:72:11:e2:c3:cc:bb:0b:f3:63:8b:7b:9e:48:d0:
a0:53:7a:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuZKT6jf8vZnL0qCDwKWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTBmNzk4NDFjMDIxMGQ5NWI0ZWY1NmZmNjg0NDFjMmFh
OWZjMGYwHhcNMjMwMTAyMDQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTUxMDU2ZmVjMzJlYWRmZGFhMmVlZWUyMDQ0M2UyYTZiNjVkODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR5XS3co/fNZDo9ogqMOYT5xUG0u
IKzVE4W2v2M1Ga9FTCOHqmDiLjdf9Nwqp/RSTBeMSkClm9m1Ixpg+uxot1blmgj8
fCt1n01o+u7LGI+u5go3gKwdbHfBYAsaICg4Kxhjzrh2s0bGTH/jW/vanhJrQzx5
TMIxXa2C34iyJ0QQVfUnJVCRyPCOh6hODJ59IyQMr7lb+CanvDcqGQu89mvz/gKx
6TU7NglpQy1BswxPKALpXB9nyxpETnAXU58sis1v798fUfu2xTcapsREt4+dX0bR
JaJlOwCctz7ZEU4YHu73GNylD9SYtmZ292yVl/mSitwpNb5iRvEQVPuunwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlRBW/sMurf2qLu7iBEPiprZdgGMB8GA1UdIwQY
MBaAFLjg95hBwCENlbTvVv9oRBwqqfwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2Mt
NmVhM2NiZmQzYTg0LzEvT1ZFRmItd3k2dF9hb3U3dUlFUS1LbXRsMkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2MtNmVhM2NiZmQzYTg0
LzEvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZyXMA0G
CSqGSIb3DQEBCwUAA4IBAQBgBf+CrSnuYueMtZE25UFFRUCGjPPO3IOHWWGGiHGt
1pB3vOH90T0IKY1hMnU4276WlJgOrRYllV+XMr3dmJEtBwPSUR6adAhQ26inZCpj
/UdHjjJF+aQjhRTc+USqYJxOUJdO86A2gaAUvDvejm8VqxaDdN3S+uAxm8BgWa/5
d5jCCjGSn+VWFIKWABLrAb8+cNAs7pgc7amB1IMjzciOqHa4HwwfrokokGyYn6zC
yzIBr6w+r8xTffgoMXISwjNuoms0heTz2LC6jt8wBmUOf1yYSNDkV9xN64X1I5tT
1lCLWo2yNr18iiYuEmVpchHiw8y7C/Nji3ueSNCgU3ri
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:42 2025 by rpki-client