Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/OKGSbcV5IEvSNb1M29q27gOrcsk.roa
File: OKGSbcV5IEvSNb1M29q27gOrcsk.roa (raw, json)
Hash identifier: RAoaPxtKvLYiXKndyJ3RvJQzMU/wcsVSaxGIOJ5EwZg=
Subject key identifier: 38:A1:92:6D:C5:79:20:4B:D2:35:BD:4C:DB:DA:B6:EE:03:AB:72:C9
Certificate issuer: /CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8
Certificate serial: 01856F8BA0B2A17484765E37AA03A7ACD955
Authority key identifier: 66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/OKGSbcV5IEvSNb1M29q27gOrcsk.roa
Signing time: Sun 01 Jan 2023 22:54:59 +0000
ROA not before: Sun 01 Jan 2023 22:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203649
IP address blocks: 185.208.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:a0:b2:a1:74:84:76:5e:37:aa:03:a7:ac:d9:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8
Validity
Not Before: Jan 1 22:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38a1926dc579204bd235bd4cdbdab6ee03ab72c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0f:22:b3:f2:2f:e5:86:0d:7a:1f:f6:a7:ae:
7d:3d:05:d2:20:83:86:2f:58:4a:13:3c:74:21:c7:
23:88:03:a6:22:97:f3:86:55:2a:0d:4e:d5:da:1e:
e8:55:25:33:86:94:3f:86:b6:62:14:53:22:01:c8:
ae:d5:38:fd:d7:c9:9c:41:88:4e:3d:cc:79:c4:e9:
06:91:c2:eb:14:e3:8d:a0:da:98:42:eb:bb:b2:b2:
aa:cd:ca:ad:00:0b:cf:69:30:74:6a:61:6d:79:41:
60:95:ce:67:78:cf:bf:cc:33:e4:16:4d:b3:3a:95:
60:06:fc:eb:0d:d4:5e:05:76:6b:b2:02:f9:14:3a:
57:6c:5d:61:5d:ba:8c:fc:ef:22:24:07:0c:ec:0c:
38:da:7c:96:10:a9:d3:e6:80:74:33:61:79:3f:93:
17:0a:f3:f7:a3:e8:c8:cd:a2:be:3e:33:4f:ec:45:
0f:c8:ba:22:5f:54:13:1d:86:0a:95:1a:58:2d:4a:
9e:91:04:28:e9:a6:fb:52:b3:e9:35:5e:1b:b2:18:
36:f7:1f:64:0f:73:d8:4a:34:2f:c8:53:93:3e:8d:
fd:23:95:c3:0f:85:93:62:9d:8e:3c:38:99:c2:ee:
a9:54:54:f2:3e:65:ab:e1:40:76:8f:77:90:c0:1a:
bb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A1:92:6D:C5:79:20:4B:D2:35:BD:4C:DB:DA:B6:EE:03:AB:72:C9
X509v3 Authority Key Identifier:
keyid:66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/OKGSbcV5IEvSNb1M29q27gOrcsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.88.0/22
Signature Algorithm: sha256WithRSAEncryption
17:30:c6:c4:1b:32:0a:c5:a4:ce:bd:0a:8b:7b:9f:70:2e:13:
d2:29:e3:47:3c:41:21:84:2a:ea:fa:ee:78:19:9a:c6:4a:64:
10:88:61:00:8f:9c:bf:cc:d1:ae:8c:31:d3:46:17:61:9a:fe:
44:fd:70:82:93:c9:7e:4b:3b:19:cf:29:a8:93:c3:eb:96:46:
4e:87:56:04:71:a7:07:63:43:d4:e4:7a:12:29:38:1f:8d:17:
e3:b9:14:d6:b1:47:68:1d:45:52:97:df:b0:23:7b:e5:e1:77:
d9:75:a3:92:da:d8:c4:7d:ec:a6:00:d4:55:fd:4a:3e:67:c3:
3c:0a:8d:9b:6d:34:12:33:7b:3a:e2:64:46:26:0a:5f:4a:eb:
b6:9f:41:b1:74:09:af:d2:e1:d0:f4:6c:31:f4:5f:22:d4:2b:
b7:e7:25:8f:0c:25:4b:21:74:4e:53:d2:60:d1:34:46:8f:d2:
22:bf:06:2d:63:89:d9:2a:c1:35:23:97:9c:4f:ed:6c:18:99:
23:d1:e7:ce:06:49:6e:c8:7f:3d:e1:89:b1:8e:9d:f0:84:fa:
09:2e:90:01:a7:1d:6c:bd:26:1c:9a:a8:a5:04:ef:00:40:d2:
88:b7:09:7e:36:3c:eb:05:dc:d1:55:5c:07:fd:54:a0:ce:fa:
ed:b3:77:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi6CyoXSEdl43qgOnrNlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjM0ZjE0NTg2ZTM5OWNkMzgwMmQ5Yzg4YjFlNjdkOGRk
YjAzYTgwHhcNMjMwMTAxMjI1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGExOTI2ZGM1NzkyMDRiZDIzNWJkNGNkYmRhYjZlZTAzYWI3MmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg8is/Iv5YYNeh/2p659PQXSIIOG
L1hKEzx0IccjiAOmIpfzhlUqDU7V2h7oVSUzhpQ/hrZiFFMiAciu1Tj918mcQYhO
Pcx5xOkGkcLrFOONoNqYQuu7srKqzcqtAAvPaTB0amFteUFglc5neM+/zDPkFk2z
OpVgBvzrDdReBXZrsgL5FDpXbF1hXbqM/O8iJAcM7Aw42nyWEKnT5oB0M2F5P5MX
CvP3o+jIzaK+PjNP7EUPyLoiX1QTHYYKlRpYLUqekQQo6ab7UrPpNV4bshg29x9k
D3PYSjQvyFOTPo39I5XDD4WTYp2OPDiZwu6pVFTyPmWr4UB2j3eQwBq7swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDihkm3FeSBL0jW9TNvatu4Dq3LJMB8GA1UdIwQY
MBaAFGZjTxRYbjmc04AtnIix5n2N2wOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDct
MTcxZGI0NjkwYzBhLzEvT0tHU2JjVjVJRXZTTmIxTTI5cTI3Z09yY3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDctMTcxZGI0NjkwYzBh
LzEvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudBYMA0G
CSqGSIb3DQEBCwUAA4IBAQAXMMbEGzIKxaTOvQqLe59wLhPSKeNHPEEhhCrq+u54
GZrGSmQQiGEAj5y/zNGujDHTRhdhmv5E/XCCk8l+SzsZzymok8PrlkZOh1YEcacH
Y0PU5HoSKTgfjRfjuRTWsUdoHUVSl9+wI3vl4XfZdaOS2tjEfeymANRV/Uo+Z8M8
Co2bbTQSM3s64mRGJgpfSuu2n0GxdAmv0uHQ9Gwx9F8i1Cu35yWPDCVLIXROU9Jg
0TRGj9IivwYtY4nZKsE1I5ecT+1sGJkj0efOBkluyH894Ymxjp3whPoJLpABpx1s
vSYcmqilBO8AQNKItwl+NjzrBdzRVVwH/VSgzvrts3eb
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:15 2025 by rpki-client