Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/OBeaRuyrQqlFOeyt-j3tqfyzagk.roa
File: OBeaRuyrQqlFOeyt-j3tqfyzagk.roa (raw, json)
Hash identifier: QfJmzGtCUkxrlEzMxLMkzIQqTwMrJDYgXm6ejL9z6cE=
Subject key identifier: 38:17:9A:46:EC:AB:42:A9:45:39:EC:AD:FA:3D:ED:A9:FC:B3:6A:09
Certificate issuer: /CN=61c5ed0ded8625b32b6533207229f2c467259848
Certificate serial: 06B5C724
Authority key identifier: 61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/OBeaRuyrQqlFOeyt-j3tqfyzagk.roa
Signing time: Sat 01 Jan 2022 01:53:50 +0000
ROA not before: Sat 01 Jan 2022 01:53:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204400
IP address blocks: 185.234.204.0/24 maxlen: 24
185.234.204.0/22 maxlen: 22
185.234.206.0/24 maxlen: 24
185.234.205.0/24 maxlen: 24
185.234.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112576292 (0x6b5c724)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c5ed0ded8625b32b6533207229f2c467259848
Validity
Not Before: Jan 1 01:53:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38179a46ecab42a94539ecadfa3deda9fcb36a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:26:a6:96:3b:d8:46:2b:15:81:1b:58:ed:71:
e8:45:a5:04:43:3f:cd:8b:dc:d2:61:2c:8e:d9:b4:
81:60:87:17:76:ca:b4:23:f0:ab:6d:58:8d:dd:dc:
31:99:b6:37:31:23:3d:2b:b5:00:54:ff:c9:13:01:
59:ed:5a:ca:6e:b0:c1:33:bc:36:08:4e:93:00:c9:
43:e5:56:c4:23:20:e3:7d:6b:96:71:0f:e4:0e:d7:
d3:4a:5c:29:03:ba:53:b1:6b:62:38:de:ba:9e:c4:
81:15:1c:ad:db:cf:7d:a3:32:b3:31:2b:4a:70:3b:
f8:14:ec:ab:ef:b6:ee:02:19:51:87:cd:6a:f4:26:
50:af:3f:c0:71:7d:6b:88:a7:51:84:d7:12:7c:49:
d5:af:2a:ef:86:26:51:88:49:25:43:f0:d2:1b:50:
b4:40:07:e4:09:ae:c4:57:43:f7:ca:a4:ce:a7:1f:
f5:8d:5f:89:0b:c2:b6:6a:6b:fa:ed:43:3b:0a:25:
6e:e9:8f:23:24:df:bc:c6:0c:02:1a:a7:73:16:59:
51:13:72:90:c6:ac:4e:5c:04:b0:2b:5f:1a:1c:dc:
8a:03:cd:24:a4:5f:7d:94:59:ab:90:72:d0:48:4e:
a3:a0:47:2f:72:47:21:f9:f0:5f:c2:72:db:3b:f9:
54:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:17:9A:46:EC:AB:42:A9:45:39:EC:AD:FA:3D:ED:A9:FC:B3:6A:09
X509v3 Authority Key Identifier:
keyid:61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/OBeaRuyrQqlFOeyt-j3tqfyzagk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.204.0/22
Signature Algorithm: sha256WithRSAEncryption
51:3a:f1:f1:b2:31:70:73:23:58:d3:1e:1b:82:b3:09:31:8e:
6a:17:f1:bd:b6:c4:05:b1:32:34:d5:b3:90:9f:5d:62:5a:37:
02:da:88:c0:b3:0f:6c:6b:e3:38:a3:f8:14:55:0c:5c:9e:76:
24:47:7e:d4:0e:c8:27:ff:f2:fd:46:a1:f4:27:9c:1d:44:9c:
64:59:5c:74:9d:12:90:59:f0:3e:71:89:65:00:da:80:cb:47:
44:57:7a:3c:95:3b:2c:c5:ab:f0:47:93:c2:e5:07:66:cd:67:
8e:73:fa:09:8c:2d:c0:23:67:1a:47:07:72:97:1f:93:27:c2:
be:fb:fd:b6:83:34:f6:1a:99:0b:b4:24:1e:28:6b:a0:0f:db:
19:8c:01:12:3c:23:b3:20:e7:0c:fb:e1:b7:9d:7b:81:ee:98:
28:ca:5b:64:39:45:7e:7a:63:f0:ee:fc:10:29:89:08:3f:12:
c5:0f:03:10:58:d2:9e:1a:be:08:e9:90:01:1b:ea:6c:27:af:
a8:bb:dc:a1:bd:84:b3:5b:30:c5:e6:63:ce:8e:69:92:15:38:
8e:0e:c0:2c:db:97:88:1f:ae:63:b5:3d:8b:03:3b:b8:dc:e6:
d3:0c:d1:42:a5:8c:dc:f2:de:8e:34:96:8c:54:05:d8:42:9e:
81:c5:7e:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBrXHJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MWM1ZWQwZGVkODYyNWIzMmI2NTMzMjA3MjI5ZjJjNDY3MjU5ODQ4MB4XDTIyMDEw
MTAxNTM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzgxNzlhNDZlY2Fi
NDJhOTQ1MzllY2FkZmEzZGVkYTlmY2IzNmEwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgmppY72EYrFYEbWO1x6EWlBEM/zYvc0mEsjtm0gWCHF3bK
tCPwq21Yjd3cMZm2NzEjPSu1AFT/yRMBWe1aym6wwTO8NghOkwDJQ+VWxCMg431r
lnEP5A7X00pcKQO6U7FrYjjeup7EgRUcrdvPfaMyszErSnA7+BTsq++27gIZUYfN
avQmUK8/wHF9a4inUYTXEnxJ1a8q74YmUYhJJUPw0htQtEAH5AmuxFdD98qkzqcf
9Y1fiQvCtmpr+u1DOwolbumPIyTfvMYMAhqncxZZURNykMasTlwEsCtfGhzcigPN
JKRffZRZq5By0EhOo6BHL3JHIfnwX8Jy2zv5VGUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4F5pG7KtCqUU57K36Pe2p/LNqCTAfBgNVHSMEGDAWgBRhxe0N7YYlsytl
MyByKfLEZyWYSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ljWHREZTJHSmJNclpUTWdjaW55eEdjbG1FZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvNjA2MmFmLTUzYmMtNDM1ZC1iNWZiLWExMTg0OTgzMjVmNy8x
L09CZWFSdXlyUXFsRk9leXQtajN0cWZ5emFnay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
NjA2MmFmLTUzYmMtNDM1ZC1iNWZiLWExMTg0OTgzMjVmNy8xL1ljWHREZTJHSmJN
clpUTWdjaW55eEdjbG1FZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnqzDANBgkqhkiG9w0BAQsFAAOC
AQEAUTrx8bIxcHMjWNMeG4KzCTGOahfxvbbEBbEyNNWzkJ9dYlo3AtqIwLMPbGvj
OKP4FFUMXJ52JEd+1A7IJ//y/Uah9CecHUScZFlcdJ0SkFnwPnGJZQDagMtHRFd6
PJU7LMWr8EeTwuUHZs1njnP6CYwtwCNnGkcHcpcfkyfCvvv9toM09hqZC7QkHihr
oA/bGYwBEjwjsyDnDPvht517ge6YKMpbZDlFfnpj8O78ECmJCD8SxQ8DEFjSnhq+
COmQARvqbCevqLvcob2Es1swxeZjzo5pkhU4jg7ALNuXiB+uY7U9iwM7uNzm0wzR
QqWM3PLejjSWjFQF2EKegcV+pA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:17 2025 by rpki-client