Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7474e1-4d65-43b4-8bb1-feef105f0a77/1/Oed_PRhyffv5pNx-oMnyqjUov-w.roa
File: Oed_PRhyffv5pNx-oMnyqjUov-w.roa (raw, json)
Hash identifier: ZRMCFckly/uE1z8rxex9/ewcgz+CEW1GouPCwKF4O1U=
Subject key identifier: 39:E7:7F:3D:18:72:7D:FB:F9:A4:DC:7E:A0:C9:F2:AA:35:28:BF:EC
Certificate issuer: /CN=ee3be768d28668f490afb74e9aefe41e03495d7a
Certificate serial: 0189D0BF83FFD1B8252F3F03CDD2C54E4578
Authority key identifier: EE:3B:E7:68:D2:86:68:F4:90:AF:B7:4E:9A:EF:E4:1E:03:49:5D:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jvnaNKGaPSQr7dOmu_kHgNJXXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7474e1-4d65-43b4-8bb1-feef105f0a77/1/Oed_PRhyffv5pNx-oMnyqjUov-w.roa
Signing time: Mon 07 Aug 2023 16:05:59 +0000
ROA not before: Mon 07 Aug 2023 16:05:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197033
IP address blocks: 185.19.224.0/22 maxlen: 24
185.243.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d0:bf:83:ff:d1:b8:25:2f:3f:03:cd:d2:c5:4e:45:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee3be768d28668f490afb74e9aefe41e03495d7a
Validity
Not Before: Aug 7 16:05:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39e77f3d18727dfbf9a4dc7ea0c9f2aa3528bfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e3:2e:00:e7:a5:ac:58:3f:4b:f8:f0:ae:26:
ab:75:d4:46:4d:5e:a5:ca:da:d7:b3:44:81:58:d1:
e8:89:7e:61:a0:61:b9:2d:9d:d5:5a:df:ba:7e:10:
87:b5:86:99:9a:03:27:12:aa:7c:5a:86:10:27:06:
d5:b0:20:a4:c7:4c:14:38:13:ad:aa:84:fa:f5:d1:
d3:81:ff:29:8d:ca:45:cf:6a:3a:8b:60:b3:2a:fa:
38:af:40:8f:e0:4e:9f:2a:18:55:8f:9e:61:a3:ac:
d6:84:b7:8e:09:e0:df:99:89:9f:14:4e:0a:e3:b0:
9b:f7:63:f8:b2:98:26:d4:74:18:9c:d0:28:10:91:
36:a6:b4:c5:bb:5a:39:1d:8d:bb:c8:fa:76:ca:85:
ec:d5:53:25:3c:b0:a3:dc:3e:b1:54:69:cb:1d:94:
51:65:4d:d2:2e:55:c2:ed:79:96:b8:43:4d:a6:59:
b7:1c:37:f5:eb:46:d3:bf:c7:e4:bc:eb:15:d0:f0:
f8:0c:aa:32:bf:0a:3b:fa:01:79:c7:a5:c6:63:7c:
87:65:bb:31:cf:0f:5c:20:8c:ac:b3:f7:35:8f:79:
e3:44:36:28:0c:c1:46:c8:9f:f7:f6:b6:4d:b6:87:
c0:7f:27:71:db:e3:62:60:0b:62:de:f5:e0:31:d6:
93:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E7:7F:3D:18:72:7D:FB:F9:A4:DC:7E:A0:C9:F2:AA:35:28:BF:EC
X509v3 Authority Key Identifier:
keyid:EE:3B:E7:68:D2:86:68:F4:90:AF:B7:4E:9A:EF:E4:1E:03:49:5D:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jvnaNKGaPSQr7dOmu_kHgNJXXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7474e1-4d65-43b4-8bb1-feef105f0a77/1/Oed_PRhyffv5pNx-oMnyqjUov-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7474e1-4d65-43b4-8bb1-feef105f0a77/1/7jvnaNKGaPSQr7dOmu_kHgNJXXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.224.0/22
185.243.16.0/22
Signature Algorithm: sha256WithRSAEncryption
74:f3:f1:2d:f2:e8:c3:10:6a:54:87:59:59:b2:5c:6e:21:ae:
61:5c:5a:ef:8b:a5:dd:22:45:4a:6a:60:7d:3c:cb:4a:cc:a3:
7c:b7:63:28:80:77:8a:90:9f:fa:42:c6:3f:01:2e:a9:b0:c0:
18:eb:16:91:ef:1c:37:2b:e0:74:63:a5:c0:9b:e1:67:d8:50:
9b:c4:e6:65:d7:29:2a:4a:84:7e:fd:37:93:ad:6c:fb:a2:2b:
20:53:a9:99:aa:57:ad:89:76:58:eb:fd:f7:7c:c5:2a:da:7a:
82:74:22:78:01:6b:c6:26:57:7d:61:a4:05:7f:88:24:1d:da:
b7:1e:9e:de:25:6f:2c:b4:04:6d:1b:4d:de:20:d6:fd:8f:ee:
94:a4:5c:1a:22:ff:f6:69:d5:a0:ba:a5:05:c1:f3:a4:aa:c3:
e3:07:7a:a9:4e:f9:59:d4:24:bc:0c:8c:da:3a:60:9c:a1:1c:
99:04:8e:ef:ec:09:92:ca:0e:28:b4:9e:f3:7f:46:49:64:6e:
09:ed:99:ae:55:aa:0b:5b:6d:7f:c7:d8:02:e0:1c:f1:3f:7e:
58:41:17:03:7d:60:ef:11:1c:97:25:4c:f7:c1:41:11:9f:7c:
60:44:b8:a4:be:c7:85:5d:a7:3d:76:f3:be:f8:66:df:e5:b5:
84:55:1f:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnQv4P/0bglLz8DzdLFTkV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlM2JlNzY4ZDI4NjY4ZjQ5MGFmYjc0ZTlhZWZlNDFlMDM0
OTVkN2EwHhcNMjMwODA3MTYwNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWU3N2YzZDE4NzI3ZGZiZjlhNGRjN2VhMGM5ZjJhYTM1MjhiZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieMuAOelrFg/S/jwriarddRGTV6l
ytrXs0SBWNHoiX5hoGG5LZ3VWt+6fhCHtYaZmgMnEqp8WoYQJwbVsCCkx0wUOBOt
qoT69dHTgf8pjcpFz2o6i2CzKvo4r0CP4E6fKhhVj55ho6zWhLeOCeDfmYmfFE4K
47Cb92P4spgm1HQYnNAoEJE2prTFu1o5HY27yPp2yoXs1VMlPLCj3D6xVGnLHZRR
ZU3SLlXC7XmWuENNplm3HDf160bTv8fkvOsV0PD4DKoyvwo7+gF5x6XGY3yHZbsx
zw9cIIyss/c1j3njRDYoDMFGyJ/39rZNtofAfydx2+NiYAti3vXgMdaTWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDnnfz0Ycn37+aTcfqDJ8qo1KL/sMB8GA1UdIwQY
MBaAFO4752jShmj0kK+3Tprv5B4DSV16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2p2bmFOS0dhUFNRcjdkT211X2tIZ05KWFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83NDc0ZTEtNGQ2NS00M2I0LThiYjEt
ZmVlZjEwNWYwYTc3LzEvT2VkX1BSaHlmZnY1cE54LW9NbnlxalVvdi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83NDc0ZTEtNGQ2NS00M2I0LThiYjEtZmVlZjEwNWYwYTc3
LzEvN2p2bmFOS0dhUFNRcjdkT211X2tIZ05KWFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRPgAwQC
ufMQMA0GCSqGSIb3DQEBCwUAA4IBAQB08/Et8ujDEGpUh1lZslxuIa5hXFrvi6Xd
IkVKamB9PMtKzKN8t2MogHeKkJ/6QsY/AS6psMAY6xaR7xw3K+B0Y6XAm+Fn2FCb
xOZl1ykqSoR+/TeTrWz7oisgU6mZqletiXZY6/33fMUq2nqCdCJ4AWvGJld9YaQF
f4gkHdq3Hp7eJW8stARtG03eINb9j+6UpFwaIv/2adWguqUFwfOkqsPjB3qpTvlZ
1CS8DIzaOmCcoRyZBI7v7AmSyg4otJ7zf0ZJZG4J7ZmuVaoLW21/x9gC4BzxP35Y
QRcDfWDvERyXJUz3wUERn3xgRLikvseFXac9dvO++Gbf5bWEVR+D
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:22 2025 by rpki-client