Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/O1VWcY10vGLpoykAWXy_06g6uWg.roa
File: O1VWcY10vGLpoykAWXy_06g6uWg.roa (raw, json)
Hash identifier: b+0VaOdYGFVWkq1hhoDY5tVJkCrx4TV/MJec9ZkSgPM=
Subject key identifier: 3B:55:56:71:8D:74:BC:62:E9:A3:29:00:59:7C:BF:D3:A8:3A:B9:68
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 0188591D7C41EA5F0742B37D31FA9FF3EBC4
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/O1VWcY10vGLpoykAWXy_06g6uWg.roa
Signing time: Fri 26 May 2023 17:31:24 +0000
ROA not before: Fri 26 May 2023 17:31:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16262
IP address blocks: 185.245.42.0/23 maxlen: 24
185.245.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:59:1d:7c:41:ea:5f:07:42:b3:7d:31:fa:9f:f3:eb:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: May 26 17:31:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b5556718d74bc62e9a32900597cbfd3a83ab968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b9:0d:e8:67:77:ec:f2:f7:2e:20:51:0c:c4:
ac:73:4e:fb:c0:4f:63:d4:5c:29:b8:0e:eb:4a:17:
b0:d2:d2:a0:45:a9:ae:bf:f4:2f:3a:2d:11:57:d2:
1f:81:ff:ad:19:11:f6:38:ad:3e:3f:76:9d:56:88:
65:ea:ec:85:9d:1b:4b:cb:5a:73:79:1e:b4:b0:5b:
d9:88:fb:1c:a2:e8:68:fe:75:b5:17:f9:66:08:9f:
27:a9:e8:23:b2:f9:67:3c:ab:94:bc:c8:26:68:44:
a3:36:28:bc:d6:21:57:88:c9:46:51:ce:59:52:a4:
2b:3a:89:2b:72:7d:5b:04:65:bf:55:79:1d:2c:bc:
cd:67:d4:e7:54:34:23:09:10:56:23:73:a0:b2:60:
47:81:8d:18:bc:bc:d4:52:55:04:98:72:5e:f2:b3:
a2:f2:9d:7e:ad:44:45:de:b8:ba:b1:fb:ed:73:6f:
3a:b0:1d:8c:f4:d4:a3:a9:af:c5:05:ad:26:c4:a1:
a3:be:78:90:ae:0a:84:fb:f2:be:e1:62:3b:7f:c9:
95:5f:f7:fa:9f:6c:5b:ef:68:4f:69:0b:1c:77:2b:
d6:a4:cd:62:3f:4c:8f:13:39:d4:cc:35:0c:46:28:
92:e1:a2:83:68:7b:2d:0a:24:d1:cf:0a:26:7e:60:
56:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:55:56:71:8D:74:BC:62:E9:A3:29:00:59:7C:BF:D3:A8:3A:B9:68
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/O1VWcY10vGLpoykAWXy_06g6uWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.42.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:98:02:ce:48:88:72:c4:39:14:76:22:fd:9a:3a:46:60:91:
20:1d:2c:f1:63:fc:30:b9:7d:6a:6c:c0:69:cf:c7:ce:5b:d7:
25:fa:c2:f3:eb:d5:7e:b8:d1:39:73:72:a3:d0:59:00:db:8a:
59:45:63:b9:a7:d9:bc:f7:ec:9d:98:93:a7:b7:c6:ef:d4:74:
48:66:c8:be:09:fa:47:b5:83:fe:d6:e8:b2:b2:4b:0c:a8:4a:
53:8d:19:16:78:03:94:be:69:12:43:69:57:f9:8d:3b:87:85:
c4:44:95:b7:46:e7:0a:c1:0c:67:dc:12:b4:90:28:f9:ca:ba:
fa:9f:d3:c2:2c:0d:53:fe:fe:36:27:46:b7:39:61:6c:e3:68:
cf:98:0f:56:9b:48:96:91:a7:ee:23:ea:87:39:a0:77:a2:e5:
86:64:d4:cb:9a:da:2a:88:69:ea:e5:30:09:06:5b:7b:88:a8:
22:43:61:4a:f5:9c:51:11:6b:ad:04:4e:c6:b7:05:7f:4e:d1:
b2:1b:c5:4f:40:67:26:d5:e7:4d:52:bc:ca:70:38:99:fa:01:
1f:db:f0:0f:88:8e:43:98:fd:87:45:47:34:c1:4e:0a:0b:29:
95:6a:7b:02:3f:02:39:d9:f0:80:e8:4c:35:27:37:ab:0c:1d:
72:0b:d1:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhZHXxB6l8HQrN9Mfqf8+vEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjMwNTI2MTczMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjU1NTY3MThkNzRiYzYyZTlhMzI5MDA1OTdjYmZkM2E4M2FiOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLkN6Gd37PL3LiBRDMSsc077wE9j
1FwpuA7rShew0tKgRamuv/QvOi0RV9Ifgf+tGRH2OK0+P3adVohl6uyFnRtLy1pz
eR60sFvZiPscouho/nW1F/lmCJ8nqegjsvlnPKuUvMgmaESjNii81iFXiMlGUc5Z
UqQrOokrcn1bBGW/VXkdLLzNZ9TnVDQjCRBWI3OgsmBHgY0YvLzUUlUEmHJe8rOi
8p1+rURF3ri6sfvtc286sB2M9NSjqa/FBa0mxKGjvniQrgqE+/K+4WI7f8mVX/f6
n2xb72hPaQscdyvWpM1iP0yPEznUzDUMRiiS4aKDaHstCiTRzwomfmBWUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtVVnGNdLxi6aMpAFl8v9OoOrloMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvTzFWV2NZMTB2R0xwb3lrQVdYeV8wNmc2dVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufUqMA0G
CSqGSIb3DQEBCwUAA4IBAQBcmALOSIhyxDkUdiL9mjpGYJEgHSzxY/wwuX1qbMBp
z8fOW9cl+sLz69V+uNE5c3Kj0FkA24pZRWO5p9m89+ydmJOnt8bv1HRIZsi+CfpH
tYP+1uiysksMqEpTjRkWeAOUvmkSQ2lX+Y07h4XERJW3RucKwQxn3BK0kCj5yrr6
n9PCLA1T/v42J0a3OWFs42jPmA9Wm0iWkafuI+qHOaB3ouWGZNTLmtoqiGnq5TAJ
Blt7iKgiQ2FK9ZxREWutBE7GtwV/TtGyG8VPQGcm1edNUrzKcDiZ+gEf2/APiI5D
mP2HRUc0wU4KCymVansCPwI52fCA6Ew1JzerDB1yC9F9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:15 2025 by rpki-client