Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/1cfeb7-d0aa-4c1d-bb9b-763abab97101/1/OWcAcJjgBS3pmPej88en53GNczU.roa
File: OWcAcJjgBS3pmPej88en53GNczU.roa (raw, json)
Hash identifier: DvAYIoiZSPp3wmqywJh7vPyDETyO555r0Z+UDULjdgQ=
Subject key identifier: 39:67:00:70:98:E0:05:2D:E9:98:F7:A3:F3:C7:A7:E7:71:8D:73:35
Certificate issuer: /CN=185f3c33fb0113b45d45929a4c06f28c714dca4b
Certificate serial: 01856F14E3602016A2732505B04389DEADE8
Authority key identifier: 18:5F:3C:33:FB:01:13:B4:5D:45:92:9A:4C:06:F2:8C:71:4D:CA:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GF88M_sBE7RdRZKaTAbyjHFNyks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/1cfeb7-d0aa-4c1d-bb9b-763abab97101/1/OWcAcJjgBS3pmPej88en53GNczU.roa
Signing time: Sun 01 Jan 2023 20:45:17 +0000
ROA not before: Sun 01 Jan 2023 20:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58183
IP address blocks: 195.62.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e3:60:20:16:a2:73:25:05:b0:43:89:de:ad:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=185f3c33fb0113b45d45929a4c06f28c714dca4b
Validity
Not Before: Jan 1 20:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3967007098e0052de998f7a3f3c7a7e7718d7335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3f:73:ba:bc:db:06:65:85:3d:f1:36:9b:ca:
dd:47:11:f4:cf:de:4d:a1:0e:b3:a1:ff:1a:6a:85:
59:6f:c4:c9:02:eb:bd:2f:7f:90:22:02:4b:e9:33:
d8:6b:27:92:af:9c:f9:5c:cc:f4:58:3e:f7:70:99:
39:07:3c:0e:4f:f8:e3:43:e3:2c:3f:97:8a:37:b8:
ed:22:a9:66:22:f7:85:7f:8d:a3:ec:f4:a4:77:41:
a0:54:39:94:56:a3:e6:8a:f7:44:f8:45:60:a5:21:
2a:56:1a:db:68:bf:fb:f2:89:49:da:f3:66:45:3b:
e0:4a:d4:8f:68:d4:7d:e3:4a:e8:3c:a5:54:5b:a9:
31:d7:3e:80:43:31:bd:29:db:0b:6f:7e:1f:d3:83:
10:11:06:e5:35:eb:47:e7:0d:b8:8f:5b:a3:ca:9f:
41:94:45:aa:7b:e7:eb:f9:b5:95:8a:53:22:fd:e1:
0b:e6:56:71:24:89:d4:49:0e:ef:74:a1:5f:c3:83:
f8:e5:bb:d1:8b:33:12:0b:53:5c:80:a8:f1:1e:b8:
f2:97:e3:6f:84:66:26:5f:6c:28:99:1e:e3:91:9d:
61:80:11:0e:04:d6:bf:94:d5:db:0c:17:ba:1a:58:
15:83:0b:d8:44:f8:2d:fb:81:28:a2:2b:d7:ba:3f:
7a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:67:00:70:98:E0:05:2D:E9:98:F7:A3:F3:C7:A7:E7:71:8D:73:35
X509v3 Authority Key Identifier:
keyid:18:5F:3C:33:FB:01:13:B4:5D:45:92:9A:4C:06:F2:8C:71:4D:CA:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GF88M_sBE7RdRZKaTAbyjHFNyks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/1cfeb7-d0aa-4c1d-bb9b-763abab97101/1/OWcAcJjgBS3pmPej88en53GNczU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/1cfeb7-d0aa-4c1d-bb9b-763abab97101/1/GF88M_sBE7RdRZKaTAbyjHFNyks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.62.35.0/24
Signature Algorithm: sha256WithRSAEncryption
53:85:e5:f1:ce:50:ce:bc:04:ca:06:42:bb:dd:a5:1e:d6:f0:
09:c2:cd:8a:1f:fb:aa:a3:41:8b:24:43:09:cf:31:93:7f:a5:
6a:7f:25:51:8a:08:41:1f:ac:1f:1f:54:3b:70:40:9b:87:8c:
f6:ae:cc:d1:7e:4a:df:28:4e:51:34:07:93:87:06:52:4a:c2:
5c:d0:c2:5f:ff:5b:be:76:44:db:61:ad:5c:b9:7a:5b:e1:e2:
e7:05:76:61:9d:d3:cc:b2:61:eb:af:7f:a6:ed:d6:c3:ff:67:
ea:8d:6e:a3:7f:d1:ee:c2:44:7e:40:8b:c6:4a:48:95:cc:b4:
65:07:90:b1:a1:49:1b:3a:74:4c:26:fa:49:70:e8:4e:e2:9d:
d4:9c:40:2c:71:c5:35:77:7e:00:d7:49:f2:7e:e9:39:39:ac:
f8:a3:fc:a4:76:ea:46:9c:bd:91:f9:f5:cb:4d:82:0a:d5:bd:
af:df:19:1e:80:3c:d5:a6:05:d1:c0:90:c9:1e:17:8b:fc:7b:
5d:98:8d:24:8f:af:36:42:e3:2a:2a:4b:82:d1:df:ff:27:8e:
cf:eb:12:f9:cf:79:6a:55:87:ad:ac:5c:a7:cd:26:bf:72:ca:
e6:65:44:83:f5:1b:73:77:5d:d9:1c:12:da:b0:f0:5d:40:fa:
a2:54:a3:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFONgIBaicyUFsEOJ3q3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NWYzYzMzZmIwMTEzYjQ1ZDQ1OTI5YTRjMDZmMjhjNzE0
ZGNhNGIwHhcNMjMwMTAxMjA0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY3MDA3MDk4ZTAwNTJkZTk5OGY3YTNmM2M3YTdlNzcxOGQ3MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz9zurzbBmWFPfE2m8rdRxH0z95N
oQ6zof8aaoVZb8TJAuu9L3+QIgJL6TPYayeSr5z5XMz0WD73cJk5BzwOT/jjQ+Ms
P5eKN7jtIqlmIveFf42j7PSkd0GgVDmUVqPmivdE+EVgpSEqVhrbaL/78olJ2vNm
RTvgStSPaNR940roPKVUW6kx1z6AQzG9KdsLb34f04MQEQblNetH5w24j1ujyp9B
lEWqe+fr+bWVilMi/eEL5lZxJInUSQ7vdKFfw4P45bvRizMSC1NcgKjxHrjyl+Nv
hGYmX2womR7jkZ1hgBEOBNa/lNXbDBe6GlgVgwvYRPgt+4EooivXuj96EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlnAHCY4AUt6Zj3o/PHp+dxjXM1MB8GA1UdIwQY
MBaAFBhfPDP7ARO0XUWSmkwG8oxxTcpLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0Y4OE1fc0JFN1JkUlpLYVRBYnlqSEZOeWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8xY2ZlYjctZDBhYS00YzFkLWJiOWIt
NzYzYWJhYjk3MTAxLzEvT1djQWNKamdCUzNwbVBlajg4ZW41M0dOY3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8xY2ZlYjctZDBhYS00YzFkLWJiOWItNzYzYWJhYjk3MTAx
LzEvR0Y4OE1fc0JFN1JkUlpLYVRBYnlqSEZOeWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwz4jMA0G
CSqGSIb3DQEBCwUAA4IBAQBTheXxzlDOvATKBkK73aUe1vAJws2KH/uqo0GLJEMJ
zzGTf6VqfyVRighBH6wfH1Q7cECbh4z2rszRfkrfKE5RNAeThwZSSsJc0MJf/1u+
dkTbYa1cuXpb4eLnBXZhndPMsmHrr3+m7dbD/2fqjW6jf9HuwkR+QIvGSkiVzLRl
B5CxoUkbOnRMJvpJcOhO4p3UnEAsccU1d34A10nyfuk5Oaz4o/ykdupGnL2R+fXL
TYIK1b2v3xkegDzVpgXRwJDJHheL/HtdmI0kj682QuMqKkuC0d//J47P6xL5z3lq
VYetrFynzSa/csrmZUSD9Rtzd13ZHBLasPBdQPqiVKND
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:25 2025 by rpki-client