Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/OWjJhhHKyRRXo_T_jI0lEuHILJk.roa
File: OWjJhhHKyRRXo_T_jI0lEuHILJk.roa (raw, json)
Hash identifier: RUmANbGGQ/0bdVCfOUsYeGed5iNP3/t7t++0eDMXc2I=
Subject key identifier: 39:68:C9:86:11:CA:C9:14:57:A3:F4:FF:8C:8D:25:12:E1:C8:2C:99
Certificate issuer: /CN=fa70b42d7af6ad78222b30f05f2b7913f8063570
Certificate serial: 01856D4ACA478DC2904E4E8555EF76318C18
Authority key identifier: FA:70:B4:2D:7A:F6:AD:78:22:2B:30:F0:5F:2B:79:13:F8:06:35:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/OWjJhhHKyRRXo_T_jI0lEuHILJk.roa
Signing time: Sun 01 Jan 2023 12:24:56 +0000
ROA not before: Sun 01 Jan 2023 12:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35332
IP address blocks: 185.100.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:ca:47:8d:c2:90:4e:4e:85:55:ef:76:31:8c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa70b42d7af6ad78222b30f05f2b7913f8063570
Validity
Not Before: Jan 1 12:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3968c98611cac91457a3f4ff8c8d2512e1c82c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4b:cd:66:af:af:90:86:4b:08:99:c6:f6:8b:
b7:96:36:7d:3e:77:89:58:a2:02:a8:5f:39:46:26:
d2:b9:15:b8:be:09:b3:25:a9:c5:a5:73:8e:0e:a4:
22:f3:04:4f:df:11:a4:c1:db:50:0c:ef:5a:2d:36:
95:4d:ca:9b:32:fe:00:80:7a:4f:0c:c1:20:60:13:
06:8c:77:79:7b:bc:31:72:e9:5a:65:e3:6c:4c:22:
9c:a0:9f:f1:a2:6f:92:69:be:36:27:1e:d9:c8:3a:
c2:8b:f9:04:32:54:63:72:aa:49:28:48:2b:db:27:
a0:ec:e6:c1:37:56:38:f1:66:bd:86:64:56:e1:33:
b9:4f:52:be:33:6a:ae:f4:f6:5e:bb:f8:e0:ed:11:
9d:29:98:16:fb:f2:75:c2:44:78:c2:e1:51:cc:48:
45:fa:46:42:15:de:54:e6:23:1a:92:40:f7:18:09:
8b:df:52:79:a8:c2:f2:dd:e3:b5:75:9c:41:50:5a:
d8:96:3a:91:4f:f2:38:71:68:42:87:5e:50:d3:8e:
04:fc:bd:f5:0a:05:94:c2:31:93:4e:f3:43:6a:7c:
92:37:a3:26:ae:00:34:d6:ea:a0:e6:83:8f:4d:25:
d8:0d:2e:6b:11:3f:10:bc:82:47:03:ae:00:f7:d6:
ef:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:68:C9:86:11:CA:C9:14:57:A3:F4:FF:8C:8D:25:12:E1:C8:2C:99
X509v3 Authority Key Identifier:
keyid:FA:70:B4:2D:7A:F6:AD:78:22:2B:30:F0:5F:2B:79:13:F8:06:35:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/OWjJhhHKyRRXo_T_jI0lEuHILJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.192.0/22
Signature Algorithm: sha256WithRSAEncryption
20:b4:62:75:ba:e6:2e:04:1c:2c:d3:b8:9e:8f:47:72:6d:cc:
97:d4:41:ea:7b:af:3d:59:c9:ab:02:f3:b0:cb:e6:77:ea:75:
54:ad:69:4f:b8:89:e9:98:86:ed:75:7d:0b:05:72:16:bc:18:
c2:b2:83:45:04:3f:64:b6:f4:b5:2e:56:4a:cc:7a:c1:5d:cd:
f6:6d:ac:f8:ba:1b:60:b3:b4:53:45:35:be:76:05:d7:02:de:
86:0c:c0:4a:57:9e:dd:ae:1a:6c:fb:92:ad:69:8c:a2:a3:56:
ec:36:17:47:98:bd:97:75:9f:2c:4d:85:bc:ea:f8:9e:08:1c:
95:fd:e6:40:37:7f:db:ab:5b:3b:0f:66:02:f9:1d:9a:15:c9:
bb:ba:30:10:7b:1b:f7:08:14:5d:d0:a6:0a:36:1a:b3:5e:23:
43:fd:89:d5:ff:07:82:e4:6a:c2:10:f6:1c:52:b4:2c:51:a7:
44:ed:85:53:10:3f:a1:cc:53:f5:f8:7c:02:84:22:fd:a5:82:
f8:37:1f:34:17:68:a5:26:0a:ee:b5:4f:bf:a4:f2:5a:2a:3a:
d9:8d:60:01:c3:51:4e:ef:9b:42:f5:da:da:12:1e:af:20:81:
5c:49:b2:5a:df:78:ba:cf:43:a2:49:90:47:17:a2:3a:f4:c9:
bb:e2:10:f0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtSspHjcKQTk6FVe92MYwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNzBiNDJkN2FmNmFkNzgyMjJiMzBmMDVmMmI3OTEzZjgw
NjM1NzAwHhcNMjMwMTAxMTIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY4Yzk4NjExY2FjOTE0NTdhM2Y0ZmY4YzhkMjUxMmUxYzgyYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00vNZq+vkIZLCJnG9ou3ljZ9PneJ
WKICqF85RibSuRW4vgmzJanFpXOODqQi8wRP3xGkwdtQDO9aLTaVTcqbMv4AgHpP
DMEgYBMGjHd5e7wxculaZeNsTCKcoJ/xom+Sab42Jx7ZyDrCi/kEMlRjcqpJKEgr
2yeg7ObBN1Y48Wa9hmRW4TO5T1K+M2qu9PZeu/jg7RGdKZgW+/J1wkR4wuFRzEhF
+kZCFd5U5iMakkD3GAmL31J5qMLy3eO1dZxBUFrYljqRT/I4cWhCh15Q044E/L31
CgWUwjGTTvNDanySN6MmrgA01uqg5oOPTSXYDS5rET8QvIJHA64A99bvPQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDloyYYRyskUV6P0/4yNJRLhyCyZMB8GA1UdIwQY
MBaAFPpwtC169q14Iisw8F8reRP4BjVwMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1uQzBMWHIyclhnaUt6RHdYeXQ1RV9nR05YQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvZDNiZmU2LTc4YjUtNDM3Yi05OGU5
LWI5MTQxNTliYThhZC8xL09XakpoaEhLeVJSWG9fVF9qSTBsRXVISUxKay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvZDNiZmU2LTc4YjUtNDM3Yi05OGU5LWI5MTQxNTliYThh
ZC8xLzEtbkMwTFhyMnJYZ2lLekR3WHl0NUVfZ0dOWEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5ZMAw
DQYJKoZIhvcNAQELBQADggEBACC0YnW65i4EHCzTuJ6PR3JtzJfUQep7rz1ZyasC
87DL5nfqdVStaU+4iemYhu11fQsFcha8GMKyg0UEP2S29LUuVkrMesFdzfZtrPi6
G2CztFNFNb52BdcC3oYMwEpXnt2uGmz7kq1pjKKjVuw2F0eYvZd1nyxNhbzq+J4I
HJX95kA3f9urWzsPZgL5HZoVybu6MBB7G/cIFF3Qpgo2GrNeI0P9idX/B4LkasIQ
9hxStCxRp0TthVMQP6HMU/X4fAKEIv2lgvg3HzQXaKUmCu61T7+k8loqOtmNYAHD
UU7vm0L12toSHq8ggVxJslrfeLrPQ6JJkEcXojr0ybviEPA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:54 2025 by rpki-client