Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/8OveSciRC1XCbIE5nWkUT0yzKDU.roa
File: 8OveSciRC1XCbIE5nWkUT0yzKDU.roa (raw, json)
Hash identifier: XDQBtGU62WXrg4IxVnqy3aSxPRcIoXiq7SPiB62X3Ak=
Subject key identifier: F0:EB:DE:49:C8:91:0B:55:C2:6C:81:39:9D:69:14:4F:4C:B3:28:35
Certificate issuer: /CN=d9c9baf46d6c94d27ce128da3b65b5a3b06db38b
Certificate serial: 01857355FECEBCD9C072B3CECF6494CADEB3
Authority key identifier: D9:C9:BA:F4:6D:6C:94:D2:7C:E1:28:DA:3B:65:B5:A3:B0:6D:B3:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2cm69G1slNJ84SjaO2W1o7Bts4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/8OveSciRC1XCbIE5nWkUT0yzKDU.roa
Signing time: Mon 02 Jan 2023 16:34:53 +0000
ROA not before: Mon 02 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212122
IP address blocks: 185.228.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:fe:ce:bc:d9:c0:72:b3:ce:cf:64:94:ca:de:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9c9baf46d6c94d27ce128da3b65b5a3b06db38b
Validity
Not Before: Jan 2 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0ebde49c8910b55c26c81399d69144f4cb32835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e8:87:e7:7b:3a:6d:2d:5d:2c:40:8a:03:99:
ef:57:8f:f9:b3:6d:c0:43:86:69:18:2f:7d:c1:14:
c1:cc:bd:4c:f3:af:51:08:4c:7d:61:61:34:5f:6f:
8f:4e:f6:e0:fe:bb:a1:6f:8f:6f:59:88:14:9f:df:
77:2e:a5:be:ad:a6:4a:ee:3d:96:de:7d:8e:b7:61:
06:29:95:5d:2d:05:8a:25:f0:9e:df:8f:cf:7d:62:
13:67:d5:d6:5d:53:1a:6a:df:01:46:27:93:ba:fa:
35:b0:0b:a3:2e:26:8a:31:0a:d3:f0:d1:bd:6c:d4:
e9:bc:a1:cc:15:50:30:6b:c9:f6:f4:22:21:cd:e7:
03:96:a8:40:3f:90:6a:9e:11:5d:d0:f7:c9:26:a7:
6a:d2:15:37:26:2e:77:33:d2:b8:7f:fc:51:89:27:
9f:b7:9e:ad:f2:48:d2:f4:51:f7:01:01:f2:5a:d9:
8c:a1:b2:e9:23:d0:82:31:3e:50:60:74:0a:3a:21:
b1:02:0d:82:a9:bd:6b:dd:d8:39:e8:ef:96:48:4a:
1f:97:b9:30:6c:3b:1b:25:f4:8f:e3:ea:04:c7:06:
c4:33:4c:cd:1e:98:1c:6f:85:8e:43:cc:43:19:e1:
84:05:f3:90:38:c4:6d:fe:d3:a8:56:dd:16:71:28:
95:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EB:DE:49:C8:91:0B:55:C2:6C:81:39:9D:69:14:4F:4C:B3:28:35
X509v3 Authority Key Identifier:
keyid:D9:C9:BA:F4:6D:6C:94:D2:7C:E1:28:DA:3B:65:B5:A3:B0:6D:B3:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2cm69G1slNJ84SjaO2W1o7Bts4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/8OveSciRC1XCbIE5nWkUT0yzKDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/2cm69G1slNJ84SjaO2W1o7Bts4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.249.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ea:68:44:d3:10:63:0a:33:4f:5d:81:27:cb:48:87:7f:06:
68:4c:f6:94:78:57:1c:43:82:ff:ea:fa:57:ea:42:eb:f7:f7:
94:07:aa:72:d2:71:5e:4d:81:cf:b7:9e:f8:71:9a:9d:52:8d:
bb:59:9d:20:95:c6:d0:d4:80:c3:55:32:bd:c4:64:24:2d:98:
2b:8c:29:db:72:b0:7d:d2:99:d8:fc:e5:00:ea:eb:43:56:aa:
05:88:39:bf:8c:4c:36:46:66:72:81:65:2b:b4:53:9f:b9:fc:
ba:2c:39:12:59:e5:f7:a2:4c:f8:39:42:ff:99:a7:d5:7b:7b:
00:b0:e4:89:7e:5d:a0:7b:52:55:7d:c4:bf:1c:64:8e:86:0d:
67:b2:cf:a7:6b:0b:0d:ae:ce:74:e5:f7:df:b3:e4:e3:58:27:
1f:05:d2:95:74:9e:de:42:69:9e:55:08:f7:9a:b8:28:71:27:
2c:3f:5d:bf:b3:c4:89:1b:4f:21:71:86:72:22:41:57:2c:3f:
8f:d9:03:c7:60:1e:e2:e0:29:c4:81:06:49:45:c1:de:99:1d:
fe:b0:b3:a6:f6:5b:28:0e:07:59:d9:9f:13:d2:10:3f:a1:af:
b9:d4:f8:05:e0:ef:63:1e:8e:89:73:9f:02:d7:6f:51:fd:3b:
d4:e2:65:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzVf7OvNnAcrPOz2SUyt6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YzliYWY0NmQ2Yzk0ZDI3Y2UxMjhkYTNiNjViNWEzYjA2
ZGIzOGIwHhcNMjMwMTAyMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGViZGU0OWM4OTEwYjU1YzI2YzgxMzk5ZDY5MTQ0ZjRjYjMyODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOiH53s6bS1dLECKA5nvV4/5s23A
Q4ZpGC99wRTBzL1M869RCEx9YWE0X2+PTvbg/ruhb49vWYgUn993LqW+raZK7j2W
3n2Ot2EGKZVdLQWKJfCe34/PfWITZ9XWXVMaat8BRieTuvo1sAujLiaKMQrT8NG9
bNTpvKHMFVAwa8n29CIhzecDlqhAP5BqnhFd0PfJJqdq0hU3Ji53M9K4f/xRiSef
t56t8kjS9FH3AQHyWtmMobLpI9CCMT5QYHQKOiGxAg2Cqb1r3dg56O+WSEofl7kw
bDsbJfSP4+oExwbEM0zNHpgcb4WOQ8xDGeGEBfOQOMRt/tOoVt0WcSiVeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDr3knIkQtVwmyBOZ1pFE9Msyg1MB8GA1UdIwQY
MBaAFNnJuvRtbJTSfOEo2jtltaOwbbOLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmNtNjlHMXNsTko4NFNqYU8yVzFvN0J0czRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NGY5OGMtYzFkMS00ZmUyLTlhZGMt
YTAxMGQ4ZTRmYWYwLzEvOE92ZVNjaVJDMVhDYklFNW5Xa1VUMHl6S0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NGY5OGMtYzFkMS00ZmUyLTlhZGMtYTAxMGQ4ZTRmYWYw
LzEvMmNtNjlHMXNsTko4NFNqYU8yVzFvN0J0czRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueT5MA0G
CSqGSIb3DQEBCwUAA4IBAQBA6mhE0xBjCjNPXYEny0iHfwZoTPaUeFccQ4L/6vpX
6kLr9/eUB6py0nFeTYHPt574cZqdUo27WZ0glcbQ1IDDVTK9xGQkLZgrjCnbcrB9
0pnY/OUA6utDVqoFiDm/jEw2RmZygWUrtFOfufy6LDkSWeX3okz4OUL/mafVe3sA
sOSJfl2ge1JVfcS/HGSOhg1nss+nawsNrs505fffs+TjWCcfBdKVdJ7eQmmeVQj3
mrgocScsP12/s8SJG08hcYZyIkFXLD+P2QPHYB7i4CnEgQZJRcHemR3+sLOm9lso
DgdZ2Z8T0hA/oa+51PgF4O9jHo6Jc58C129R/TvU4mW1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:13 2025 by rpki-client