Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1cd134-4d03-4fcd-b229-7bf0356a6bab/1/OuoWVsR8YkzANBENUaOkfZCL150.roa
File: OuoWVsR8YkzANBENUaOkfZCL150.roa (raw, json)
Hash identifier: zP8ULCQyDAVExUWebopFWbrorA8V+VQ7R9+liW+bwFU=
Subject key identifier: 3A:EA:16:56:C4:7C:62:4C:C0:34:11:0D:51:A3:A4:7D:90:8B:D7:9D
Certificate issuer: /CN=111b09710acdb72086d658e90d8f025fa6a111b1
Certificate serial: 0189D4C74FECD8F6A2E23A61AFCDCC45F971
Authority key identifier: 11:1B:09:71:0A:CD:B7:20:86:D6:58:E9:0D:8F:02:5F:A6:A1:11:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ERsJcQrNtyCG1ljpDY8CX6ahEbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/1cd134-4d03-4fcd-b229-7bf0356a6bab/1/OuoWVsR8YkzANBENUaOkfZCL150.roa
Signing time: Tue 08 Aug 2023 10:52:59 +0000
ROA not before: Tue 08 Aug 2023 10:52:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395743
IP address blocks: 185.101.14.0/24 maxlen: 24
185.101.12.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:c7:4f:ec:d8:f6:a2:e2:3a:61:af:cd:cc:45:f9:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111b09710acdb72086d658e90d8f025fa6a111b1
Validity
Not Before: Aug 8 10:52:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3aea1656c47c624cc034110d51a3a47d908bd79d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:30:14:5a:54:b0:26:7f:fd:51:66:ae:93:7d:
99:c7:74:1a:52:87:9d:fa:56:30:21:18:f9:c7:26:
09:ba:04:0b:60:da:2d:a1:62:83:5f:9b:01:b8:ba:
47:68:e7:5f:f9:88:4a:08:8d:d6:c4:a3:02:46:1c:
89:27:35:6d:af:06:a6:bc:71:c6:cc:ad:89:b9:9d:
4f:38:b7:0a:96:02:0b:8b:50:81:a1:44:e0:d0:21:
f1:e7:aa:a0:f9:82:63:8e:fd:2a:bb:1b:07:a5:3e:
3b:38:f5:d7:2e:9f:63:00:ab:70:c3:65:9b:47:83:
44:7d:6e:ed:bc:c8:91:26:d6:c4:89:16:ed:04:a7:
44:6d:c7:ee:7c:53:a7:99:11:a3:0e:95:a2:b8:cd:
1b:5c:5c:89:42:5c:de:aa:dd:a5:d1:43:d6:23:7b:
02:b9:7c:c7:f1:e0:22:77:1d:55:cd:ec:76:d7:e5:
70:d2:70:37:c6:a5:a7:93:55:22:78:e8:34:40:df:
0f:0f:a1:7f:4b:86:ee:d0:93:47:c9:56:db:02:94:
99:b8:72:83:af:e0:9e:58:95:56:12:9b:35:2b:59:
8c:73:6d:d6:ed:fd:36:ff:b2:37:02:4e:5e:9f:e2:
4c:ce:bb:bd:50:30:2e:6b:0d:f7:2a:ee:43:5a:78:
21:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EA:16:56:C4:7C:62:4C:C0:34:11:0D:51:A3:A4:7D:90:8B:D7:9D
X509v3 Authority Key Identifier:
keyid:11:1B:09:71:0A:CD:B7:20:86:D6:58:E9:0D:8F:02:5F:A6:A1:11:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ERsJcQrNtyCG1ljpDY8CX6ahEbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1cd134-4d03-4fcd-b229-7bf0356a6bab/1/OuoWVsR8YkzANBENUaOkfZCL150.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1cd134-4d03-4fcd-b229-7bf0356a6bab/1/ERsJcQrNtyCG1ljpDY8CX6ahEbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.12.0/22
Signature Algorithm: sha256WithRSAEncryption
60:fe:2a:5a:a0:64:18:b6:75:5c:87:53:ae:8e:b8:69:b4:2c:
a6:c6:6b:07:92:02:6c:5f:1b:67:00:50:70:d2:58:0e:93:a3:
76:aa:f5:99:c0:f6:b4:e4:72:2c:7f:69:e0:8c:75:48:22:89:
2a:a7:d5:d8:72:4f:13:e2:96:dc:5c:b6:8f:7e:d1:5c:78:d0:
c6:05:4a:04:ca:e6:4d:2f:e6:ef:8d:04:a3:08:e6:2b:3c:63:
09:5a:52:a7:db:2b:2f:b2:b3:b9:b5:bb:4f:c2:05:37:6f:a2:
90:93:9f:fa:36:f3:1b:50:3a:88:c5:18:c1:7b:36:c8:14:5b:
91:98:f9:5b:88:7a:99:32:98:f4:9b:d3:90:59:4b:68:58:13:
6d:2d:5b:6e:52:cc:72:32:d9:eb:05:22:51:dc:71:f0:e2:0e:
db:e4:9c:e3:6e:af:10:d4:06:fd:44:0b:e1:ce:04:48:c8:1e:
cd:ac:cd:76:47:a5:62:5f:ee:05:f5:87:fa:3b:bd:93:96:15:
f6:49:2c:82:a9:8e:11:f5:9a:48:71:dc:fc:7b:a7:c9:bc:d9:
94:a3:ae:5c:d4:72:d3:22:96:ba:ec:b8:de:66:3a:61:5a:03:
ca:40:61:91:a9:26:6e:9a:eb:ce:ef:60:a5:b3:59:28:81:3a:
23:e6:3f:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnUx0/s2Pai4jphr83MRflxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWIwOTcxMGFjZGI3MjA4NmQ2NThlOTBkOGYwMjVmYTZh
MTExYjEwHhcNMjMwODA4MTA1MjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWVhMTY1NmM0N2M2MjRjYzAzNDExMGQ1MWEzYTQ3ZDkwOGJkNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjAUWlSwJn/9UWauk32Zx3QaUoed
+lYwIRj5xyYJugQLYNotoWKDX5sBuLpHaOdf+YhKCI3WxKMCRhyJJzVtrwamvHHG
zK2JuZ1POLcKlgILi1CBoUTg0CHx56qg+YJjjv0quxsHpT47OPXXLp9jAKtww2Wb
R4NEfW7tvMiRJtbEiRbtBKdEbcfufFOnmRGjDpWiuM0bXFyJQlzeqt2l0UPWI3sC
uXzH8eAidx1Vzex21+Vw0nA3xqWnk1UieOg0QN8PD6F/S4bu0JNHyVbbApSZuHKD
r+CeWJVWEps1K1mMc23W7f02/7I3Ak5en+JMzru9UDAuaw33Ku5DWnghNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrqFlbEfGJMwDQRDVGjpH2Qi9edMB8GA1UdIwQY
MBaAFBEbCXEKzbcghtZY6Q2PAl+moRGxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVJzSmNRck50eUNHMWxqcERZOENYNmFoRWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xY2QxMzQtNGQwMy00ZmNkLWIyMjkt
N2JmMDM1NmE2YmFiLzEvT3VvV1ZzUjhZa3pBTkJFTlVhT2tmWkNMMTUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xY2QxMzQtNGQwMy00ZmNkLWIyMjktN2JmMDM1NmE2YmFi
LzEvRVJzSmNRck50eUNHMWxqcERZOENYNmFoRWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWUMMA0G
CSqGSIb3DQEBCwUAA4IBAQBg/ipaoGQYtnVch1OujrhptCymxmsHkgJsXxtnAFBw
0lgOk6N2qvWZwPa05HIsf2ngjHVIIokqp9XYck8T4pbcXLaPftFceNDGBUoEyuZN
L+bvjQSjCOYrPGMJWlKn2ysvsrO5tbtPwgU3b6KQk5/6NvMbUDqIxRjBezbIFFuR
mPlbiHqZMpj0m9OQWUtoWBNtLVtuUsxyMtnrBSJR3HHw4g7b5Jzjbq8Q1Ab9RAvh
zgRIyB7NrM12R6ViX+4F9Yf6O72TlhX2SSyCqY4R9ZpIcdz8e6fJvNmUo65c1HLT
Ipa67LjeZjphWgPKQGGRqSZumuvO72Cls1kogToj5j92
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:56 2025 by rpki-client