Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/oaO1kJkjc7v1hpgQYbdGyz-nPhU.roa
File: oaO1kJkjc7v1hpgQYbdGyz-nPhU.roa (raw, json)
Hash identifier: 7NjDmnfjrScrlxk7m0bc8702nWkXnmX+ufa4BiLXt9E=
Subject key identifier: A1:A3:B5:90:99:23:73:BB:F5:86:98:10:61:B7:46:CB:3F:A7:3E:15
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018849830A3FA3EFE37097F14F9BACCF787D
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/oaO1kJkjc7v1hpgQYbdGyz-nPhU.roa
Signing time: Tue 23 May 2023 16:48:24 +0000
ROA not before: Tue 23 May 2023 16:48:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 149457
IP address blocks: 185.233.17.0/24 maxlen: 24
85.92.114.0/24 maxlen: 24
85.92.115.0/24 maxlen: 24
193.107.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:49:83:0a:3f:a3:ef:e3:70:97:f1:4f:9b:ac:cf:78:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: May 23 16:48:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1a3b590992373bbf586981061b746cb3fa73e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:32:aa:ae:1e:da:12:36:1b:3c:b7:c5:22:21:
09:f2:75:ac:fe:0f:71:89:3a:cf:bc:0c:df:36:13:
4b:2d:13:d6:41:ea:3e:f1:fc:e2:05:1b:b2:24:b6:
c0:c9:5e:6d:28:c8:17:d5:ce:9a:6f:c7:e9:10:8c:
2d:b8:dd:a0:10:cb:de:30:2a:3b:18:8f:df:69:28:
a4:ad:b0:97:7a:f4:75:60:fd:c8:9a:36:a7:5f:ee:
57:e2:48:94:7d:5a:15:ca:ca:53:35:10:09:53:f2:
35:5d:ae:48:7c:db:ad:04:ec:66:7d:25:44:84:e4:
12:d2:09:bf:2c:e1:0f:9a:71:30:b6:e9:4b:de:da:
01:4b:8f:5f:70:2a:18:f6:47:0a:34:6e:58:f9:57:
5d:4a:f7:f7:d8:71:7c:8c:6b:52:21:33:99:83:56:
19:ae:a7:16:4a:c9:80:9a:0d:31:89:b3:bb:30:01:
6b:0a:68:32:9e:50:a2:c6:c1:30:8b:df:42:28:d8:
a5:4c:60:59:62:ba:6c:22:32:90:41:ca:42:1b:7a:
83:d7:05:87:09:c3:a2:06:4e:2a:c2:3d:b5:66:9e:
9e:49:7f:07:b5:f5:de:be:a1:99:9b:5c:6c:95:20:
a8:4b:db:fa:f0:21:c0:09:ce:c2:e9:e0:e1:8e:4b:
4a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A3:B5:90:99:23:73:BB:F5:86:98:10:61:B7:46:CB:3F:A7:3E:15
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/oaO1kJkjc7v1hpgQYbdGyz-nPhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.114.0/23
185.233.17.0/24
193.107.218.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:7b:53:f4:bf:f6:21:8a:05:ac:30:53:ae:85:86:36:5a:f5:
85:4b:28:3b:23:44:36:3f:4b:b3:bc:1c:05:f1:51:ad:55:ed:
68:e9:32:59:a7:c2:b6:1f:03:ad:d1:80:92:ae:32:ad:a0:2c:
69:9e:f7:09:07:b0:71:95:09:2d:c2:b1:68:bf:79:10:a5:91:
fb:90:12:25:62:b8:b4:20:8a:3a:11:9d:2a:c5:40:d3:37:55:
50:4e:31:ed:88:29:be:34:58:ba:59:38:e6:e4:03:b4:1c:b6:
69:dc:6d:b4:e4:22:b9:ab:c4:23:7c:05:62:65:3a:20:08:01:
1e:60:fa:d4:84:80:0a:0f:19:d4:a6:86:30:8d:fb:e1:3b:c0:
ba:ec:ee:aa:16:f1:00:fd:48:76:0c:29:42:b4:9f:a3:c3:7c:
fb:e7:b7:c2:6f:e8:76:e0:c3:74:b0:67:29:ed:64:55:07:f5:
22:30:f4:f2:a6:4c:1b:98:4a:cb:66:05:dd:1c:18:3b:cc:cc:
43:8d:ed:82:97:db:55:85:bb:ed:a9:4d:a6:dc:89:85:ee:87:
6e:dd:cc:ae:ad:5b:8e:00:e5:9a:87:33:d6:c5:b7:36:d0:50:
30:e0:b6:63:e2:09:a0:75:44:9a:e5:de:ed:24:ed:ce:0f:07:
af:f9:8c:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhJgwo/o+/jcJfxT5usz3h9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwNTIzMTY0ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWEzYjU5MDk5MjM3M2JiZjU4Njk4MTA2MWI3NDZjYjNmYTczZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDKqrh7aEjYbPLfFIiEJ8nWs/g9x
iTrPvAzfNhNLLRPWQeo+8fziBRuyJLbAyV5tKMgX1c6ab8fpEIwtuN2gEMveMCo7
GI/faSikrbCXevR1YP3ImjanX+5X4kiUfVoVyspTNRAJU/I1Xa5IfNutBOxmfSVE
hOQS0gm/LOEPmnEwtulL3toBS49fcCoY9kcKNG5Y+VddSvf32HF8jGtSITOZg1YZ
rqcWSsmAmg0xibO7MAFrCmgynlCixsEwi99CKNilTGBZYrpsIjKQQcpCG3qD1wWH
CcOiBk4qwj21Zp6eSX8HtfXevqGZm1xslSCoS9v68CHACc7C6eDhjktKUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKGjtZCZI3O79YaYEGG3Rss/pz4VMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvb2FPMWtKa2pjN3YxaHBnUVliZEd5ei1uUGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVVxyAwQA
uekRAwQAwWvaMA0GCSqGSIb3DQEBCwUAA4IBAQCee1P0v/YhigWsMFOuhYY2WvWF
Syg7I0Q2P0uzvBwF8VGtVe1o6TJZp8K2HwOt0YCSrjKtoCxpnvcJB7BxlQktwrFo
v3kQpZH7kBIlYri0IIo6EZ0qxUDTN1VQTjHtiCm+NFi6WTjm5AO0HLZp3G205CK5
q8QjfAViZTogCAEeYPrUhIAKDxnUpoYwjfvhO8C67O6qFvEA/Uh2DClCtJ+jw3z7
57fCb+h24MN0sGcp7WRVB/UiMPTypkwbmErLZgXdHBg7zMxDje2Cl9tVhbvtqU2m
3ImF7odu3cyurVuOAOWahzPWxbc20FAw4LZj4gmgdUSa5d7tJO3ODwev+Yz5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:15 2025 by rpki-client