Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/fb42e6-cc51-4d2b-8637-a243cbfaaef3/1/O6OKumGCKVJ3dzdx7fPP-HOkwhk.roa
File: O6OKumGCKVJ3dzdx7fPP-HOkwhk.roa (raw, json)
Hash identifier: t1569ZQnSel1JaJp2X9p8iQqrKIN5MnA8lRXGlsB89g=
Subject key identifier: 3B:A3:8A:BA:61:82:29:52:77:77:37:71:ED:F3:CF:F8:73:A4:C2:19
Certificate issuer: /CN=986ce5249635e4e2964d374493dcc37a875d0539
Certificate serial: 01857315CFCFFA6A9084489A44AAA6A0D8B0
Authority key identifier: 98:6C:E5:24:96:35:E4:E2:96:4D:37:44:93:DC:C3:7A:87:5D:05:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGzlJJY15OKWTTdEk9zDeoddBTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/fb42e6-cc51-4d2b-8637-a243cbfaaef3/1/O6OKumGCKVJ3dzdx7fPP-HOkwhk.roa
Signing time: Mon 02 Jan 2023 15:24:47 +0000
ROA not before: Mon 02 Jan 2023 15:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198024
IP address blocks: 185.124.92.0/22 maxlen: 22
2a06:b100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:cf:cf:fa:6a:90:84:48:9a:44:aa:a6:a0:d8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=986ce5249635e4e2964d374493dcc37a875d0539
Validity
Not Before: Jan 2 15:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ba38aba6182295277773771edf3cff873a4c219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:31:89:26:89:9a:59:67:2a:a2:24:a4:e8:37:
d2:e3:ae:06:f9:5f:fc:af:27:d1:7c:f2:38:b0:7d:
73:a1:57:21:a3:54:e0:fa:f9:33:e6:e4:99:ad:04:
00:77:33:4f:05:1d:04:f6:4e:b1:8f:31:f4:18:1c:
ec:77:3b:78:19:39:38:b6:bb:a8:76:2a:ba:79:d3:
90:18:3c:91:c1:aa:e4:e4:a5:1e:21:46:d7:b5:9f:
8f:d4:81:5f:62:14:99:5d:d0:61:ea:54:c7:89:9b:
cf:41:58:04:17:cd:f0:88:4d:7d:4b:21:29:3e:0b:
9d:38:09:fe:51:d5:a1:f0:94:b7:1b:d7:e7:06:89:
8e:6f:ea:0d:32:82:84:0b:15:60:23:05:b5:10:ec:
4b:cb:5d:2e:37:90:85:88:84:1a:f9:1d:15:41:03:
d4:da:e4:7e:e9:cd:ee:95:a0:3a:84:2a:69:a0:e7:
a2:4f:c1:35:e2:a5:6d:be:ec:12:ea:af:62:5a:91:
65:de:5b:29:dc:1c:dd:6f:1c:04:7d:98:21:0e:83:
28:4f:4e:1c:aa:2b:83:3f:50:2d:cf:75:2f:93:57:
be:b4:5d:91:7f:c3:cf:03:66:8c:f0:21:50:d0:d1:
e4:ac:64:78:b3:54:93:1b:c8:05:ef:4f:c8:a2:7b:
b4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A3:8A:BA:61:82:29:52:77:77:37:71:ED:F3:CF:F8:73:A4:C2:19
X509v3 Authority Key Identifier:
keyid:98:6C:E5:24:96:35:E4:E2:96:4D:37:44:93:DC:C3:7A:87:5D:05:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGzlJJY15OKWTTdEk9zDeoddBTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/fb42e6-cc51-4d2b-8637-a243cbfaaef3/1/O6OKumGCKVJ3dzdx7fPP-HOkwhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/fb42e6-cc51-4d2b-8637-a243cbfaaef3/1/mGzlJJY15OKWTTdEk9zDeoddBTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.92.0/22
IPv6:
2a06:b100::/29
Signature Algorithm: sha256WithRSAEncryption
37:36:8a:86:9b:dd:9f:95:af:17:c2:78:ac:7e:e8:0a:70:88:
18:4f:a5:5f:86:5e:b7:eb:c8:8f:92:49:ca:84:71:cd:cd:04:
67:65:8d:15:7b:1e:59:de:c4:7e:cd:fa:92:4f:9f:a3:62:28:
32:3e:02:b8:cb:39:23:21:07:3a:28:39:ea:21:49:aa:70:71:
42:df:86:96:7e:cf:89:c4:68:b9:51:f7:f5:b0:da:7c:ac:90:
2d:91:19:fa:9c:d7:30:8d:30:3b:c2:a7:08:cf:ee:88:f3:62:
87:9d:76:0c:31:f1:e8:28:0a:0f:89:5b:e2:f8:c7:61:4f:ca:
e7:22:26:2b:89:ec:8d:3d:d5:c4:2c:9c:ee:85:15:b9:bd:c9:
f8:73:41:63:8e:f4:b5:5a:d9:fe:8a:29:13:51:07:6b:ab:6b:
6e:e5:17:58:81:79:2e:04:a4:b1:d7:42:51:55:e3:05:db:8e:
5e:fd:05:ae:74:c6:78:ce:21:ab:b3:bb:d6:8f:f9:f7:8b:b3:
b6:de:78:46:76:70:08:77:d6:e4:b8:f2:b0:13:e8:fd:5a:55:
03:aa:0d:77:1f:33:b0:3f:c0:e6:4d:5f:a1:a0:28:34:d9:e3:
9f:65:ea:74:53:23:7c:ea:24:9a:68:67:40:76:1a:c4:11:15:
cd:7e:37:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzFc/P+mqQhEiaRKqmoNiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NmNlNTI0OTYzNWU0ZTI5NjRkMzc0NDkzZGNjMzdhODc1
ZDA1MzkwHhcNMjMwMTAyMTUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmEzOGFiYTYxODIyOTUyNzc3NzM3NzFlZGYzY2ZmODczYTRjMjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTGJJomaWWcqoiSk6DfS464G+V/8
ryfRfPI4sH1zoVcho1Tg+vkz5uSZrQQAdzNPBR0E9k6xjzH0GBzsdzt4GTk4truo
diq6edOQGDyRwark5KUeIUbXtZ+P1IFfYhSZXdBh6lTHiZvPQVgEF83wiE19SyEp
PgudOAn+UdWh8JS3G9fnBomOb+oNMoKECxVgIwW1EOxLy10uN5CFiIQa+R0VQQPU
2uR+6c3ulaA6hCppoOeiT8E14qVtvuwS6q9iWpFl3lsp3BzdbxwEfZghDoMoT04c
qiuDP1Atz3Uvk1e+tF2Rf8PPA2aM8CFQ0NHkrGR4s1STG8gF70/Ionu0ewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDujirphgilSd3c3ce3zz/hzpMIZMB8GA1UdIwQY
MBaAFJhs5SSWNeTilk03RJPcw3qHXQU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUd6bEpKWTE1T0tXVFRkRWs5ekRlb2RkQlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9mYjQyZTYtY2M1MS00ZDJiLTg2Mzct
YTI0M2NiZmFhZWYzLzEvTzZPS3VtR0NLVkozZHpkeDdmUFAtSE9rd2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9mYjQyZTYtY2M1MS00ZDJiLTg2MzctYTI0M2NiZmFhZWYz
LzEvbUd6bEpKWTE1T0tXVFRkRWs5ekRlb2RkQlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXxcMA0E
AgACMAcDBQMqBrEAMA0GCSqGSIb3DQEBCwUAA4IBAQA3NoqGm92fla8XwnisfugK
cIgYT6Vfhl6368iPkknKhHHNzQRnZY0Vex5Z3sR+zfqST5+jYigyPgK4yzkjIQc6
KDnqIUmqcHFC34aWfs+JxGi5Uff1sNp8rJAtkRn6nNcwjTA7wqcIz+6I82KHnXYM
MfHoKAoPiVvi+MdhT8rnIiYrieyNPdXELJzuhRW5vcn4c0FjjvS1Wtn+iikTUQdr
q2tu5RdYgXkuBKSx10JRVeMF245e/QWudMZ4ziGrs7vWj/n3i7O23nhGdnAId9bk
uPKwE+j9WlUDqg13HzOwP8DmTV+hoCg02eOfZep0UyN86iSaaGdAdhrEERXNfjfE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:37 2025 by rpki-client