Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/og4-HoqXMZaKBmmRANRKHeON_J4.roa
File: og4-HoqXMZaKBmmRANRKHeON_J4.roa (raw, json)
Hash identifier: tShnosrz5K63EFmwMSAyF3t7zvH+wMpVzratRKEjrus=
Subject key identifier: A2:0E:3E:1E:8A:97:31:96:8A:06:69:91:00:D4:4A:1D:E3:8D:FC:9E
Certificate issuer: /CN=8335444c581161c588ae84be01965bc8e83780b8
Certificate serial: 01856EAFA8012622CFCC918B37BFCD1EFC52
Authority key identifier: 83:35:44:4C:58:11:61:C5:88:AE:84:BE:01:96:5B:C8:E8:37:80:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzVETFgRYcWIroS-AZZbyOg3gLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/og4-HoqXMZaKBmmRANRKHeON_J4.roa
Signing time: Sun 01 Jan 2023 18:54:43 +0000
ROA not before: Sun 01 Jan 2023 18:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6908
IP address blocks: 185.8.89.0/24 maxlen: 24
185.8.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:a8:01:26:22:cf:cc:91:8b:37:bf:cd:1e:fc:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8335444c581161c588ae84be01965bc8e83780b8
Validity
Not Before: Jan 1 18:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a20e3e1e8a9731968a06699100d44a1de38dfc9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d9:96:f6:81:df:d5:68:0e:2b:cc:c8:17:eb:
64:ed:7c:3f:b0:3a:d5:43:91:55:0e:78:4e:2b:ba:
eb:45:9a:0c:8b:44:cf:cf:f4:1c:be:1a:b6:0c:62:
a3:bc:1e:95:98:32:57:b8:98:80:fe:29:f9:f8:16:
fd:ca:ff:80:fc:d5:b5:4d:90:2c:9b:54:0e:b8:12:
ef:e1:77:8c:78:d4:5f:f3:d4:56:df:ea:b4:09:98:
17:16:01:be:aa:2d:7f:60:b0:f4:65:34:e4:51:86:
df:ad:04:ef:5b:98:d6:30:6b:0b:bb:5e:7b:00:98:
52:3e:c0:89:4b:b5:1a:a7:d2:ee:37:7a:78:d4:8c:
6f:87:5d:7d:9e:35:0b:83:a2:58:fc:19:45:79:4e:
ba:4f:bc:ff:6b:09:55:99:55:54:29:54:ac:61:1c:
b5:d9:dc:d7:c8:6a:e8:e9:96:5b:ac:93:93:11:0f:
7d:a0:d4:0f:96:51:8b:26:45:a3:b8:28:77:a9:5e:
e6:8a:5e:66:95:40:b9:1f:cd:f8:3e:a8:fb:5c:d7:
40:51:c4:6f:5a:f2:da:64:89:23:aa:5e:01:39:9d:
2c:2a:8f:be:2a:b2:a3:1d:31:cf:4c:f9:c5:53:8e:
22:94:30:11:b2:34:af:eb:88:e6:2f:5a:90:c8:0f:
85:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0E:3E:1E:8A:97:31:96:8A:06:69:91:00:D4:4A:1D:E3:8D:FC:9E
X509v3 Authority Key Identifier:
keyid:83:35:44:4C:58:11:61:C5:88:AE:84:BE:01:96:5B:C8:E8:37:80:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzVETFgRYcWIroS-AZZbyOg3gLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/og4-HoqXMZaKBmmRANRKHeON_J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/gzVETFgRYcWIroS-AZZbyOg3gLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.89.0/24
185.8.91.0/24
Signature Algorithm: sha256WithRSAEncryption
31:ca:1e:fb:3d:6e:1f:0b:60:6e:f5:e0:b1:28:56:55:2a:09:
41:31:3f:ac:70:31:04:6b:50:a2:d4:d7:64:41:27:36:df:48:
87:dd:00:84:ba:98:64:11:79:d9:e1:d3:80:7b:73:1c:fb:21:
56:6b:fc:5e:f5:04:84:7a:af:87:ba:90:f1:9a:c4:47:13:1e:
b3:61:db:db:08:cf:60:00:d4:59:29:44:47:0c:f9:95:da:ee:
97:7c:dd:7f:70:3c:2b:4d:79:83:15:0b:59:c6:80:2d:62:14:
fc:7d:7a:2a:c4:c1:1d:f3:aa:c7:2e:eb:32:6d:e1:0c:51:28:
f6:2a:a2:63:8c:b0:ae:31:92:dc:87:39:39:4f:cc:c5:ac:2f:
80:e2:4b:15:ae:7b:11:19:4f:e7:14:17:a9:4a:9b:b8:b3:20:
b8:89:b2:fe:cd:6b:39:70:06:09:36:5f:d9:74:28:2b:43:02:
81:92:f1:eb:5a:1c:a4:39:b7:d9:11:69:e8:18:b5:e0:eb:09:
af:b2:f7:99:10:2b:fd:c0:a4:fc:cf:f5:5f:3c:d5:ab:01:da:
d5:8b:53:74:0f:69:82:74:55:e9:ea:df:84:2b:b2:72:9c:6b:
5f:e1:3b:9b:7d:5a:54:a6:bd:5e:df:b8:99:ea:46:97:0e:73:
56:46:c8:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVur6gBJiLPzJGLN7/NHvxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzU0NDRjNTgxMTYxYzU4OGFlODRiZTAxOTY1YmM4ZTgz
NzgwYjgwHhcNMjMwMTAxMTg1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBlM2UxZThhOTczMTk2OGEwNjY5OTEwMGQ0NGExZGUzOGRmYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNmW9oHf1WgOK8zIF+tk7Xw/sDrV
Q5FVDnhOK7rrRZoMi0TPz/Qcvhq2DGKjvB6VmDJXuJiA/in5+Bb9yv+A/NW1TZAs
m1QOuBLv4XeMeNRf89RW3+q0CZgXFgG+qi1/YLD0ZTTkUYbfrQTvW5jWMGsLu157
AJhSPsCJS7Uap9LuN3p41Ixvh119njULg6JY/BlFeU66T7z/awlVmVVUKVSsYRy1
2dzXyGro6ZZbrJOTEQ99oNQPllGLJkWjuCh3qV7mil5mlUC5H834Pqj7XNdAUcRv
WvLaZIkjql4BOZ0sKo++KrKjHTHPTPnFU44ilDARsjSv64jmL1qQyA+FcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIOPh6KlzGWigZpkQDUSh3jjfyeMB8GA1UdIwQY
MBaAFIM1RExYEWHFiK6EvgGWW8joN4C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pWRVRGZ1JZY1dJcm9TLUFaWmJ5T2czZ0xnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wNGI5MWEtZTM0OS00MGNkLWI5MDEt
MWYxM2Y1NWQwMDU5LzEvb2c0LUhvcVhNWmFLQm1tUkFOUktIZU9OX0o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wNGI5MWEtZTM0OS00MGNkLWI5MDEtMWYxM2Y1NWQwMDU5
LzEvZ3pWRVRGZ1JZY1dJcm9TLUFaWmJ5T2czZ0xnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQhZAwQA
uQhbMA0GCSqGSIb3DQEBCwUAA4IBAQAxyh77PW4fC2Bu9eCxKFZVKglBMT+scDEE
a1Ci1NdkQSc230iH3QCEuphkEXnZ4dOAe3Mc+yFWa/xe9QSEeq+HupDxmsRHEx6z
YdvbCM9gANRZKURHDPmV2u6XfN1/cDwrTXmDFQtZxoAtYhT8fXoqxMEd86rHLusy
beEMUSj2KqJjjLCuMZLchzk5T8zFrC+A4ksVrnsRGU/nFBepSpu4syC4ibL+zWs5
cAYJNl/ZdCgrQwKBkvHrWhykObfZEWnoGLXg6wmvsveZECv9wKT8z/VfPNWrAdrV
i1N0D2mCdFXp6t+EK7JynGtf4TubfVpUpr1e37iZ6kaXDnNWRsit
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:42 2025 by rpki-client