Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/OTiGsfpvu3NVDgLKtaNFlqhXCSA.roa
File: OTiGsfpvu3NVDgLKtaNFlqhXCSA.roa (raw, json)
Hash identifier: outAmtpBWj3teVsiXWyHGE3cLgWaojXqMi1EMUrQpeg=
Subject key identifier: 39:38:86:B1:FA:6F:BB:73:55:0E:02:CA:B5:A3:45:96:A8:57:09:20
Certificate issuer: /CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Certificate serial: 018572C38EB5F3DD34BB2890D7895CAC654A
Authority key identifier: A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/OTiGsfpvu3NVDgLKtaNFlqhXCSA.roa
Signing time: Mon 02 Jan 2023 13:54:56 +0000
ROA not before: Mon 02 Jan 2023 13:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199727
IP address blocks: 185.189.173.0/24 maxlen: 24
185.189.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:8e:b5:f3:dd:34:bb:28:90:d7:89:5c:ac:65:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Validity
Not Before: Jan 2 13:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=393886b1fa6fbb73550e02cab5a34596a8570920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ff:f9:fd:a0:2d:b0:4d:30:c8:cf:c6:4d:b1:
38:84:a0:78:7e:77:ae:bb:f2:c4:a0:3d:9b:26:ca:
cb:58:73:88:c0:c2:0f:79:ca:8f:8d:18:dd:17:6f:
4b:ef:de:3f:8e:f0:e2:3f:bc:0d:4e:7e:bb:eb:97:
78:61:77:4c:7b:7b:b0:73:ce:34:17:05:b1:3c:07:
75:d7:7a:ab:8c:4d:b5:c0:b5:7f:2f:cd:87:59:87:
7f:e4:88:ff:76:a5:8a:f0:c3:00:31:69:6b:5a:bf:
ff:60:45:c6:c7:70:b4:9a:ba:0a:40:5e:c3:31:9c:
ba:4e:f0:69:16:f7:0a:0e:fe:60:ab:26:11:ed:ae:
9d:a9:7f:72:19:94:e1:d8:3e:1a:4a:b1:14:3a:c3:
29:ea:77:14:03:08:02:d0:83:0a:6c:48:d1:cc:74:
55:1b:70:01:94:e0:cd:10:23:3b:42:6f:cb:6c:58:
fa:95:4d:8c:57:13:b0:39:d2:8a:69:cb:24:d6:a9:
e5:68:7f:c2:c9:b8:7c:f7:c9:76:eb:c4:2a:24:74:
23:1d:fa:2e:9d:fc:a4:8f:f8:b5:cd:b7:ff:af:44:
ff:f5:6b:32:ca:01:5f:e2:ff:93:74:ab:a8:f1:a3:
da:1e:1d:2f:8b:2a:a9:3e:fa:ed:85:2d:13:39:83:
63:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:38:86:B1:FA:6F:BB:73:55:0E:02:CA:B5:A3:45:96:A8:57:09:20
X509v3 Authority Key Identifier:
keyid:A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/OTiGsfpvu3NVDgLKtaNFlqhXCSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.172.0/23
Signature Algorithm: sha256WithRSAEncryption
08:72:5e:c8:30:dc:0d:7c:df:ca:35:44:2f:a3:2d:83:6f:aa:
c8:10:3f:5f:33:5e:01:ee:3d:06:ad:96:d8:7f:6a:2f:d8:d8:
1e:b0:65:5f:12:2e:58:52:6a:31:8c:0a:48:95:16:cb:bf:ed:
bd:63:b9:f3:b5:46:1e:b2:1d:a4:da:6c:0a:34:fa:04:91:10:
9f:90:39:7a:57:9d:0d:00:3f:bc:1f:e2:6c:49:c3:d8:c6:bc:
41:68:49:e9:57:a4:55:97:7e:f3:dd:fc:84:5b:45:e1:f2:44:
88:6f:03:b4:8c:a6:a4:55:f6:dd:f1:75:e2:ad:6d:0b:d6:ed:
16:88:2c:7b:bf:ae:19:a3:5f:fa:fc:f0:d3:4a:52:a5:66:86:
7a:c0:29:11:ac:19:55:43:ae:02:fe:30:c0:93:00:37:cf:6f:
44:ee:e8:7b:bf:38:82:aa:c9:de:8d:0b:4b:9c:af:83:b5:ae:
f0:cd:c7:f4:8e:7e:38:b0:54:32:8b:c7:1d:9c:d5:80:78:40:
4b:3f:87:d6:78:e6:07:15:d7:cf:c7:99:ee:a0:2d:2d:0a:c7:
e4:db:97:97:d9:61:31:da:9f:15:af:8e:5e:07:1c:b6:7e:c9:
ca:84:d5:06:07:05:ad:3b:f6:48:46:3d:3b:01:0e:df:a4:99:
b9:d2:4b:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw4618900uyiQ14lcrGVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MTAzNTZkYzBhNTIxODk1Y2U2MWY4NTQ5NWUwNmRhZjdh
MTJiM2IwHhcNMjMwMTAyMTM1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTM4ODZiMWZhNmZiYjczNTUwZTAyY2FiNWEzNDU5NmE4NTcwOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm//5/aAtsE0wyM/GTbE4hKB4fneu
u/LEoD2bJsrLWHOIwMIPecqPjRjdF29L794/jvDiP7wNTn6765d4YXdMe3uwc840
FwWxPAd113qrjE21wLV/L82HWYd/5Ij/dqWK8MMAMWlrWr//YEXGx3C0mroKQF7D
MZy6TvBpFvcKDv5gqyYR7a6dqX9yGZTh2D4aSrEUOsMp6ncUAwgC0IMKbEjRzHRV
G3ABlODNECM7Qm/LbFj6lU2MVxOwOdKKacsk1qnlaH/Cybh898l268QqJHQjHfou
nfykj/i1zbf/r0T/9WsyygFf4v+TdKuo8aPaHh0viyqpPvrthS0TOYNjvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDk4hrH6b7tzVQ4CyrWjRZaoVwkgMB8GA1UdIwQY
MBaAFKUQNW3ApSGJXOYfhUleBtr3oSs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYt
MDExODJmODQwNzg5LzEvT1RpR3NmcHZ1M05WRGdMS3RhTkZscWhYQ1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYtMDExODJmODQwNzg5
LzEvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBub2sMA0G
CSqGSIb3DQEBCwUAA4IBAQAIcl7IMNwNfN/KNUQvoy2Db6rIED9fM14B7j0GrZbY
f2ov2NgesGVfEi5YUmoxjApIlRbLv+29Y7nztUYesh2k2mwKNPoEkRCfkDl6V50N
AD+8H+JsScPYxrxBaEnpV6RVl37z3fyEW0Xh8kSIbwO0jKakVfbd8XXirW0L1u0W
iCx7v64Zo1/6/PDTSlKlZoZ6wCkRrBlVQ64C/jDAkwA3z29E7uh7vziCqsnejQtL
nK+Dta7wzcf0jn44sFQyi8cdnNWAeEBLP4fWeOYHFdfPx5nuoC0tCsfk25eX2WEx
2p8Vr45eBxy2fsnKhNUGBwWtO/ZIRj07AQ7fpJm50kuQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:51 2025 by rpki-client