Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/519634-923d-4f98-838a-7e38dbd5664f/1/Og9l_MyltYhZDeDqhKNM1Ef02VA.roa
File: Og9l_MyltYhZDeDqhKNM1Ef02VA.roa (raw, json)
Hash identifier: oeA5UEbpgW0yRnaxdOemc1Bcl/Zh4gegnfEzR7sDqqY=
Subject key identifier: 3A:0F:65:FC:CC:A5:B5:88:59:0D:E0:EA:84:A3:4C:D4:47:F4:D9:50
Certificate issuer: /CN=167d54d8cb6a8309c512605657c2563e3a1aaa69
Certificate serial: 018B608B7C4D6356F9112AD1D3A1635CAF1F
Authority key identifier: 16:7D:54:D8:CB:6A:83:09:C5:12:60:56:57:C2:56:3E:3A:1A:AA:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fn1U2MtqgwnFEmBWV8JWPjoaqmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/519634-923d-4f98-838a-7e38dbd5664f/1/Og9l_MyltYhZDeDqhKNM1Ef02VA.roa
Signing time: Tue 24 Oct 2023 07:17:15 +0000
ROA not before: Tue 24 Oct 2023 07:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203503
IP address blocks: 185.132.91.0/24 maxlen: 24
185.132.89.0/24 maxlen: 24
185.132.88.0/24 maxlen: 24
2a06:e140::/30 maxlen: 30
2a06:e144::/30 maxlen: 30
2a06:e140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:60:8b:7c:4d:63:56:f9:11:2a:d1:d3:a1:63:5c:af:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=167d54d8cb6a8309c512605657c2563e3a1aaa69
Validity
Not Before: Oct 24 07:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a0f65fccca5b588590de0ea84a34cd447f4d950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:10:be:ed:78:17:80:e8:c3:c9:f4:4c:37:e1:
f1:5a:f1:ed:19:b9:82:01:0b:2c:28:a6:1c:da:94:
d0:cf:34:a2:e7:ed:52:eb:e7:fb:30:b6:2d:1c:69:
2f:c0:d4:f3:d6:17:6f:c3:a2:fe:2c:87:dd:e7:78:
03:bf:0b:00:0f:35:18:49:67:cf:f8:88:54:06:ba:
20:14:f0:25:02:37:29:28:54:30:de:45:9c:00:5a:
1c:43:1f:cc:88:0f:f3:7a:d2:59:74:73:3c:05:c5:
2b:96:6d:e0:28:2c:33:6d:c8:f6:90:07:75:a6:48:
12:3c:4f:bb:31:1b:10:04:f3:bb:2f:bd:62:2c:7a:
bd:81:1b:22:60:c8:92:b4:b1:d7:3c:03:b0:f4:48:
fe:93:b0:88:be:4f:e5:f0:9d:9d:39:17:0f:39:61:
37:79:ca:1e:ad:b6:6a:1f:32:1f:c3:21:14:a5:1d:
6e:82:50:68:15:97:b8:cf:26:ac:1c:99:d2:bc:0b:
75:74:fb:9a:24:5c:3c:5f:c4:c0:7e:98:8d:d6:e1:
fe:4c:63:08:71:3d:81:e2:a5:f1:b0:57:c0:01:0b:
6d:3e:69:09:28:9b:48:e8:37:34:a8:ce:73:65:83:
6c:e5:3f:55:03:6c:32:d8:38:c6:8b:44:e1:56:e2:
80:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0F:65:FC:CC:A5:B5:88:59:0D:E0:EA:84:A3:4C:D4:47:F4:D9:50
X509v3 Authority Key Identifier:
keyid:16:7D:54:D8:CB:6A:83:09:C5:12:60:56:57:C2:56:3E:3A:1A:AA:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fn1U2MtqgwnFEmBWV8JWPjoaqmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/519634-923d-4f98-838a-7e38dbd5664f/1/Og9l_MyltYhZDeDqhKNM1Ef02VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/519634-923d-4f98-838a-7e38dbd5664f/1/Fn1U2MtqgwnFEmBWV8JWPjoaqmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.88.0/23
185.132.91.0/24
IPv6:
2a06:e140::/29
Signature Algorithm: sha256WithRSAEncryption
8d:dd:92:36:da:96:61:d7:3f:ed:e5:ce:53:6f:a5:f7:2f:2d:
8a:77:6e:b2:fc:c8:04:0f:2e:78:3a:ff:f1:b6:4e:39:94:d9:
de:0d:8e:ec:21:10:8f:88:92:33:28:70:da:14:19:b5:c2:4b:
31:07:fa:0b:4c:61:d2:3a:60:a1:c6:9d:b5:ba:39:e4:b3:03:
9a:ba:06:8f:fc:88:7f:40:5b:4c:a8:3c:34:73:1d:20:b5:24:
d1:e0:e1:5b:ba:53:62:87:c4:73:1d:5d:3c:30:ee:aa:2b:8b:
5e:15:d8:bc:1e:33:97:b8:18:df:f4:47:ad:c3:d6:00:31:fe:
6c:c9:3d:11:fe:33:a8:29:35:20:cb:e6:7a:83:b6:6d:0c:2a:
57:4c:87:c6:62:de:bf:f1:fc:b4:b3:ca:66:b2:3f:0c:b8:21:
dc:bd:8e:d9:60:61:d7:3e:92:6e:e5:eb:4f:44:64:c1:50:ab:
3f:e7:1d:6a:84:84:bb:56:99:ed:f6:d6:28:68:fa:fc:c0:e5:
ba:1b:8f:60:bc:d3:e0:4d:1e:57:ee:21:e0:95:ba:60:f4:15:
9a:8c:68:d6:96:d2:cc:9c:52:60:44:cd:d1:3b:f5:48:9c:2a:
b9:17:21:1c:cc:e0:a6:ab:62:2d:42:4a:6c:c5:d1:a0:da:b1:
b0:29:55:8c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYtgi3xNY1b5ESrR06FjXK8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2N2Q1NGQ4Y2I2YTgzMDljNTEyNjA1NjU3YzI1NjNlM2Ex
YWFhNjkwHhcNMjMxMDI0MDcxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBmNjVmY2NjYTViNTg4NTkwZGUwZWE4NGEzNGNkNDQ3ZjRkOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihC+7XgXgOjDyfRMN+HxWvHtGbmC
AQssKKYc2pTQzzSi5+1S6+f7MLYtHGkvwNTz1hdvw6L+LIfd53gDvwsADzUYSWfP
+IhUBrogFPAlAjcpKFQw3kWcAFocQx/MiA/zetJZdHM8BcUrlm3gKCwzbcj2kAd1
pkgSPE+7MRsQBPO7L71iLHq9gRsiYMiStLHXPAOw9Ej+k7CIvk/l8J2dORcPOWE3
ecoerbZqHzIfwyEUpR1uglBoFZe4zyasHJnSvAt1dPuaJFw8X8TAfpiN1uH+TGMI
cT2B4qXxsFfAAQttPmkJKJtI6Dc0qM5zZYNs5T9VA2wy2DjGi0ThVuKAzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDoPZfzMpbWIWQ3g6oSjTNRH9NlQMB8GA1UdIwQY
MBaAFBZ9VNjLaoMJxRJgVlfCVj46GqppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm4xVTJNdHFnd25GRW1CV1Y4SldQam9hcW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTk2MzQtOTIzZC00Zjk4LTgzOGEt
N2UzOGRiZDU2NjRmLzEvT2c5bF9NeWx0WWhaRGVEcWhLTk0xRWYwMlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTk2MzQtOTIzZC00Zjk4LTgzOGEtN2UzOGRiZDU2NjRm
LzEvRm4xVTJNdHFnd25GRW1CV1Y4SldQam9hcW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuYRYAwQA
uYRbMA0EAgACMAcDBQMqBuFAMA0GCSqGSIb3DQEBCwUAA4IBAQCN3ZI22pZh1z/t
5c5Tb6X3Ly2Kd26y/MgEDy54Ov/xtk45lNneDY7sIRCPiJIzKHDaFBm1wksxB/oL
TGHSOmChxp21ujnkswOaugaP/Ih/QFtMqDw0cx0gtSTR4OFbulNih8RzHV08MO6q
K4teFdi8HjOXuBjf9Eetw9YAMf5syT0R/jOoKTUgy+Z6g7ZtDCpXTIfGYt6/8fy0
s8pmsj8MuCHcvY7ZYGHXPpJu5etPRGTBUKs/5x1qhIS7Vpnt9tYoaPr8wOW6G49g
vNPgTR5X7iHglbpg9BWajGjWltLMnFJgRM3RO/VInCq5FyEczOCmq2ItQkpsxdGg
2rGwKVWM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:50 2025 by rpki-client