Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/OeuIRR6GJ2VcXZBwjLfkGQtrRGM.roa
File: OeuIRR6GJ2VcXZBwjLfkGQtrRGM.roa (raw, json)
Hash identifier: JU4pqFWhjISiKvz1TDpjeCK2B0yqeu6AoAxvcUYvLBg=
Subject key identifier: 39:EB:88:45:1E:86:27:65:5C:5D:90:70:8C:B7:E4:19:0B:6B:44:63
Certificate issuer: /CN=9c1cd1b3c8772956fa85535a8464b4ca19663ade
Certificate serial: 018734CABC700CC5938B16857925C87B1AAA
Authority key identifier: 9C:1C:D1:B3:C8:77:29:56:FA:85:53:5A:84:64:B4:CA:19:66:3A:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBzRs8h3KVb6hVNahGS0yhlmOt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/OeuIRR6GJ2VcXZBwjLfkGQtrRGM.roa
Signing time: Thu 30 Mar 2023 23:11:54 +0000
ROA not before: Thu 30 Mar 2023 23:11:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203374
IP address blocks: 185.136.240.0/22 maxlen: 22
185.136.240.0/23 maxlen: 23
185.136.243.0/24 maxlen: 24
185.136.242.0/24 maxlen: 24
185.136.242.0/23 maxlen: 23
185.136.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:34:ca:bc:70:0c:c5:93:8b:16:85:79:25:c8:7b:1a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1cd1b3c8772956fa85535a8464b4ca19663ade
Validity
Not Before: Mar 30 23:11:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39eb88451e8627655c5d90708cb7e4190b6b4463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c6:a9:b9:b1:42:3a:1d:3b:53:bd:19:79:5e:
fa:9f:0f:2f:d9:ac:71:a7:a1:c2:98:c9:c1:5b:da:
9e:47:fa:aa:9d:9c:d5:4a:8f:44:8e:b8:90:bb:06:
10:f2:3b:22:7e:ce:e5:9a:22:df:0e:82:ac:11:9f:
22:29:c0:fb:ab:ab:a7:3b:73:1f:2b:d2:44:d6:4e:
1a:9d:8b:0e:d8:33:68:4c:e8:ca:f1:e4:e8:77:b0:
70:4f:7c:57:12:d0:4e:3d:b8:48:cf:e8:2c:f3:36:
b5:aa:09:56:74:1e:7c:e6:b2:87:de:f5:e7:d1:97:
62:86:01:c7:9d:39:88:78:e7:ac:6f:c8:47:01:cd:
96:42:24:ae:62:68:d1:fb:73:45:d0:b9:19:f3:d6:
1a:f8:19:ed:28:17:d2:1a:0d:68:1e:48:81:77:b9:
89:87:d5:b9:bc:de:07:67:53:72:36:cf:05:b9:e9:
0c:e7:97:82:92:19:08:a6:ab:00:82:36:57:62:44:
44:9d:e7:af:a0:6f:2e:02:75:94:47:a5:a0:3e:e6:
4d:08:ce:89:5d:10:ec:1e:b8:4b:46:62:e2:58:ee:
c0:0f:e5:d6:22:8a:d6:46:21:65:c5:74:d1:b4:a9:
00:c0:c1:6b:73:46:05:7d:bf:45:ef:02:1f:44:3d:
8f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:EB:88:45:1E:86:27:65:5C:5D:90:70:8C:B7:E4:19:0B:6B:44:63
X509v3 Authority Key Identifier:
keyid:9C:1C:D1:B3:C8:77:29:56:FA:85:53:5A:84:64:B4:CA:19:66:3A:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBzRs8h3KVb6hVNahGS0yhlmOt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/OeuIRR6GJ2VcXZBwjLfkGQtrRGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/nBzRs8h3KVb6hVNahGS0yhlmOt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.240.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:4e:a7:91:bd:08:c3:db:53:dc:e7:21:67:77:e2:41:d9:d2:
11:49:a7:5c:9c:06:e7:06:2a:e1:41:a4:20:03:20:c1:19:2b:
26:b0:84:75:28:de:e7:01:ad:cb:f6:c1:7e:fd:4d:9f:04:f6:
c6:6d:d7:89:63:f4:7d:0b:86:06:7f:6a:ef:b8:cc:73:72:aa:
2d:b6:56:07:87:8e:58:01:24:22:df:fc:a3:19:80:21:5e:4e:
26:c9:ee:05:72:4c:ff:a3:cc:57:cc:72:5c:35:36:32:96:bf:
4a:83:44:d3:62:a8:a4:4c:fd:7d:b8:ca:b7:a6:05:46:98:0b:
f9:ec:86:09:f3:41:1f:8e:64:39:77:0b:1b:46:af:82:e9:00:
31:15:6d:29:8c:09:79:aa:81:ff:ea:68:db:96:0a:4f:d3:f6:
2a:80:83:9c:c7:c8:37:04:7b:1a:24:a0:62:bf:4c:57:b6:a3:
ed:2a:cd:cf:5f:24:3a:20:78:21:17:3b:54:0f:9a:61:c6:68:
1b:2d:95:b7:79:36:c1:d1:75:0c:90:50:20:e3:fb:c3:5b:7e:
0d:11:e5:ae:b0:1d:19:db:0e:1d:ee:d2:bc:7d:13:d4:f2:74:
d9:11:d8:7f:c0:53:da:9f:d5:50:39:5c:8a:a5:09:95:7f:8e:
2a:69:bd:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc0yrxwDMWTixaFeSXIexqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWNkMWIzYzg3NzI5NTZmYTg1NTM1YTg0NjRiNGNhMTk2
NjNhZGUwHhcNMjMwMzMwMjMxMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWViODg0NTFlODYyNzY1NWM1ZDkwNzA4Y2I3ZTQxOTBiNmI0NDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38apubFCOh07U70ZeV76nw8v2axx
p6HCmMnBW9qeR/qqnZzVSo9EjriQuwYQ8jsifs7lmiLfDoKsEZ8iKcD7q6unO3Mf
K9JE1k4anYsO2DNoTOjK8eTod7BwT3xXEtBOPbhIz+gs8za1qglWdB585rKH3vXn
0ZdihgHHnTmIeOesb8hHAc2WQiSuYmjR+3NF0LkZ89Ya+BntKBfSGg1oHkiBd7mJ
h9W5vN4HZ1NyNs8FuekM55eCkhkIpqsAgjZXYkREneevoG8uAnWUR6WgPuZNCM6J
XRDsHrhLRmLiWO7AD+XWIorWRiFlxXTRtKkAwMFrc0YFfb9F7wIfRD2PGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnriEUehidlXF2QcIy35BkLa0RjMB8GA1UdIwQY
MBaAFJwc0bPIdylW+oVTWoRktMoZZjreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJ6UnM4aDNLVmI2aFZOYWhHUzB5aGxtT3Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8wNmVhYjAtNmM2ZS00Yzk1LWJiZGMt
OTE2MDQ3MDYyYTIyLzEvT2V1SVJSNkdKMlZjWFpCd2pMZmtHUXRyUkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8wNmVhYjAtNmM2ZS00Yzk1LWJiZGMtOTE2MDQ3MDYyYTIy
LzEvbkJ6UnM4aDNLVmI2aFZOYWhHUzB5aGxtT3Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYjwMA0G
CSqGSIb3DQEBCwUAA4IBAQDCTqeRvQjD21Pc5yFnd+JB2dIRSadcnAbnBirhQaQg
AyDBGSsmsIR1KN7nAa3L9sF+/U2fBPbGbdeJY/R9C4YGf2rvuMxzcqottlYHh45Y
ASQi3/yjGYAhXk4mye4Fckz/o8xXzHJcNTYylr9Kg0TTYqikTP19uMq3pgVGmAv5
7IYJ80EfjmQ5dwsbRq+C6QAxFW0pjAl5qoH/6mjblgpP0/YqgIOcx8g3BHsaJKBi
v0xXtqPtKs3PXyQ6IHghFztUD5phxmgbLZW3eTbB0XUMkFAg4/vDW34NEeWusB0Z
2w4d7tK8fRPU8nTZEdh/wFPan9VQOVyKpQmVf44qab0G
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:46 2025 by rpki-client