Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/oTYDcQrlVkjszeX5c3LzCpRmUnw.roa
File: oTYDcQrlVkjszeX5c3LzCpRmUnw.roa (raw, json)
Hash identifier: D06zgsApZ3rA+yGOOst47x7aADGknyh8EbLBIZPgxMM=
Subject key identifier: A1:36:03:71:0A:E5:56:48:EC:CD:E5:F9:73:72:F3:0A:94:66:52:7C
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018571DE7B81D13A198D2DE4B2CA6705DDFA
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/oTYDcQrlVkjszeX5c3LzCpRmUnw.roa
Signing time: Mon 02 Jan 2023 09:44:44 +0000
ROA not before: Mon 02 Jan 2023 09:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 149457
IP address blocks: 185.233.17.0/24 maxlen: 24
85.92.114.0/24 maxlen: 24
193.107.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:7b:81:d1:3a:19:8d:2d:e4:b2:ca:67:05:dd:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 09:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a13603710ae55648eccde5f97372f30a9466527c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4c:20:b6:98:43:53:96:f6:f1:02:4e:bc:9a:
26:05:57:a8:bc:18:70:2d:4a:00:41:5e:28:27:5a:
f2:a8:d9:6a:74:d8:e6:d2:48:51:75:80:58:72:b6:
6d:ff:e8:bb:c2:93:03:d7:06:e0:1a:bd:31:f8:77:
3c:52:8a:de:54:23:2b:0a:53:67:63:35:15:c2:c5:
8b:57:64:5a:bc:48:f9:52:d1:c1:c1:f9:b7:ae:38:
c9:7f:1d:20:6c:03:65:5f:76:25:dc:64:fa:5c:e2:
7a:e8:14:b4:31:48:8f:fa:a0:04:7e:8e:de:6a:eb:
ca:07:67:64:76:12:5c:f4:38:36:12:2f:15:eb:d7:
41:f9:64:0a:26:07:a8:18:5b:1c:dc:cf:7f:f1:61:
94:a1:7e:46:28:8a:86:10:03:22:57:61:cc:88:2b:
e3:e9:91:09:1b:77:f5:1d:5b:11:f3:59:49:bb:a7:
ec:2d:1e:23:b3:f3:6e:bf:ec:8a:92:e2:15:c1:ca:
0f:5b:f7:a5:d7:39:72:60:1f:b0:25:be:e0:05:a1:
84:e8:cc:d7:fb:9e:06:b4:53:e9:23:70:92:e9:e5:
cf:20:f5:aa:cc:08:50:4c:57:93:52:19:aa:cf:78:
f3:06:96:ed:f7:9b:76:31:f5:80:0d:c8:2b:c8:86:
d6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:36:03:71:0A:E5:56:48:EC:CD:E5:F9:73:72:F3:0A:94:66:52:7C
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/oTYDcQrlVkjszeX5c3LzCpRmUnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.114.0/24
185.233.17.0/24
193.107.218.0/24
Signature Algorithm: sha256WithRSAEncryption
47:4c:a4:b4:9b:31:67:20:5d:cb:18:19:d4:06:bd:fa:fd:30:
38:33:7d:b3:93:9e:2e:cd:43:93:f6:8f:a0:0a:b2:8e:68:0b:
f6:8c:0d:5b:39:13:ba:4e:fa:3a:76:09:05:40:e6:e5:49:28:
93:0a:28:da:30:80:67:49:09:4d:6c:56:4c:4e:05:68:46:1b:
7a:c2:8d:e2:ea:f6:e9:ee:14:3a:29:ce:a3:76:1a:48:3e:79:
8d:82:3c:c6:21:9d:a1:75:37:f2:e5:0f:89:4d:ae:3a:a5:c1:
c2:4f:00:b0:03:57:90:7a:c5:cc:e1:33:35:8e:ca:4c:a6:32:
ea:57:70:0d:6c:dc:b4:22:83:ea:5d:07:d5:10:31:0c:f1:12:
ae:b6:12:3b:b8:4c:40:d4:0e:29:d7:ad:99:e3:52:68:f0:4b:
03:58:61:3d:89:8d:e5:39:18:6d:ce:34:68:d1:2c:1e:7f:4f:
f2:27:b5:54:14:bb:b1:68:0d:e8:77:9a:8e:f0:d1:5b:7b:39:
53:24:4e:b7:38:37:6c:42:04:84:78:0b:dc:ae:f9:91:52:20:
f2:b5:42:71:ce:05:76:1f:7a:2f:f9:8f:79:77:e7:d4:d8:38:
c9:40:97:b4:10:0c:08:7d:b0:da:60:e3:9e:99:2c:7f:c2:8f:
5b:eb:20:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx3nuB0ToZjS3ksspnBd36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwMTAyMDk0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM2MDM3MTBhZTU1NjQ4ZWNjZGU1Zjk3MzcyZjMwYTk0NjY1MjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUwgtphDU5b28QJOvJomBVeovBhw
LUoAQV4oJ1ryqNlqdNjm0khRdYBYcrZt/+i7wpMD1wbgGr0x+Hc8UoreVCMrClNn
YzUVwsWLV2RavEj5UtHBwfm3rjjJfx0gbANlX3Yl3GT6XOJ66BS0MUiP+qAEfo7e
auvKB2dkdhJc9Dg2Ei8V69dB+WQKJgeoGFsc3M9/8WGUoX5GKIqGEAMiV2HMiCvj
6ZEJG3f1HVsR81lJu6fsLR4js/Nuv+yKkuIVwcoPW/el1zlyYB+wJb7gBaGE6MzX
+54GtFPpI3CS6eXPIPWqzAhQTFeTUhmqz3jzBpbt95t2MfWADcgryIbWUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKE2A3EK5VZI7M3l+XNy8wqUZlJ8MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvb1RZRGNRcmxWa2pzemVYNWMzTHpDcFJtVW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVVxyAwQA
uekRAwQAwWvaMA0GCSqGSIb3DQEBCwUAA4IBAQBHTKS0mzFnIF3LGBnUBr36/TA4
M32zk54uzUOT9o+gCrKOaAv2jA1bORO6Tvo6dgkFQOblSSiTCijaMIBnSQlNbFZM
TgVoRht6wo3i6vbp7hQ6Kc6jdhpIPnmNgjzGIZ2hdTfy5Q+JTa46pcHCTwCwA1eQ
esXM4TM1jspMpjLqV3ANbNy0IoPqXQfVEDEM8RKuthI7uExA1A4p162Z41Jo8EsD
WGE9iY3lORhtzjRo0Swef0/yJ7VUFLuxaA3od5qO8NFbezlTJE63ODdsQgSEeAvc
rvmRUiDytUJxzgV2H3ov+Y95d+fU2DjJQJe0EAwIfbDaYOOemSx/wo9b6yCf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:34 2025 by rpki-client