Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/O0i-toLr1QD-gHcPmqtVVVuKPVU.roa
File: O0i-toLr1QD-gHcPmqtVVVuKPVU.roa (raw, json)
Hash identifier: YIgdGs0/Fg5z69SQj/aRbsHlAceeEIXXNqT+w3mcATU=
Subject key identifier: 3B:48:BE:B6:82:EB:D5:00:FE:80:77:0F:9A:AB:55:55:5B:8A:3D:55
Certificate issuer: /CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Certificate serial: 018570797499D21F87E1D98B12F67A9345B3
Authority key identifier: 16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/O0i-toLr1QD-gHcPmqtVVVuKPVU.roa
Signing time: Mon 02 Jan 2023 03:14:45 +0000
ROA not before: Mon 02 Jan 2023 03:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51540
IP address blocks: 185.126.216.0/24 maxlen: 24
185.126.218.0/24 maxlen: 24
89.252.188.0/24 maxlen: 24
89.252.190.0/24 maxlen: 24
89.252.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:74:99:d2:1f:87:e1:d9:8b:12:f6:7a:93:45:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Validity
Not Before: Jan 2 03:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b48beb682ebd500fe80770f9aab55555b8a3d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cc:d0:9a:0a:8c:28:39:5b:18:62:31:f3:8b:
37:bb:29:d4:8e:d2:ba:b4:17:31:e2:4a:eb:f9:d7:
f5:b6:dc:5f:2a:4c:b9:fa:34:eb:c4:7a:75:92:28:
2d:4b:10:b7:df:61:1b:c1:5d:c6:ae:f0:ac:5d:22:
de:ef:e2:58:bc:f6:34:58:9c:47:66:d3:12:74:30:
06:c2:cc:07:79:b0:76:d3:02:04:cb:b8:56:23:da:
53:6b:fa:70:43:45:fc:26:99:57:78:83:7c:2c:a0:
22:a3:37:09:f1:f3:89:4f:83:56:45:90:c7:5b:80:
b9:99:18:12:6b:3c:05:0f:55:be:ec:6c:17:82:f3:
f4:97:44:f1:02:3b:fa:f3:a6:2f:39:a2:07:61:66:
70:ec:0b:6e:6e:3f:74:27:7a:51:d8:55:45:d3:59:
9b:a6:b9:9a:79:16:70:e4:c6:e1:78:74:3d:64:b6:
1e:2a:71:08:ca:12:06:d2:1b:bf:2a:9b:ac:86:28:
d7:6a:ad:34:19:ac:52:04:ff:50:27:70:77:f0:db:
dd:3d:12:5a:f1:b3:b5:a7:23:d0:e8:d4:8d:7b:27:
31:64:81:51:34:aa:4c:73:d2:67:bc:3c:6c:46:41:
11:f8:87:a5:ed:a4:22:1e:5d:f2:2a:9f:6c:04:42:
7d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:48:BE:B6:82:EB:D5:00:FE:80:77:0F:9A:AB:55:55:5B:8A:3D:55
X509v3 Authority Key Identifier:
keyid:16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/O0i-toLr1QD-gHcPmqtVVVuKPVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.188.0/24
89.252.190.0/23
185.126.216.0/24
185.126.218.0/24
Signature Algorithm: sha256WithRSAEncryption
93:da:8d:85:24:1a:48:39:3c:92:ea:74:34:99:ac:f3:7e:21:
5b:c0:7f:61:8b:ed:70:93:1c:de:10:1a:22:fa:62:3e:bb:08:
80:95:7e:d5:db:80:30:86:34:96:69:3b:5b:b2:34:0f:54:9c:
fe:1b:6a:f9:03:e8:a1:a5:6a:12:26:c4:84:7a:d3:76:d3:b6:
6a:43:58:c3:3b:f9:84:0c:84:3d:6b:1c:62:eb:eb:27:64:7d:
7d:b0:7e:8f:96:c9:86:3d:9f:58:c0:c6:25:c3:11:3f:ee:2b:
aa:b0:a1:92:db:db:d8:17:d5:04:b5:f1:b2:a0:55:62:2c:65:
a4:7f:9a:dd:5f:0e:66:6e:d9:a5:5c:53:93:ce:11:e0:87:6c:
dc:b4:e8:a2:29:a0:cb:a1:87:4f:5e:1a:c2:0a:05:a9:85:7e:
9a:00:be:15:75:09:e9:97:27:03:fe:19:73:4b:93:6d:e0:7c:
8e:11:3c:06:c0:bf:b1:59:d8:34:ce:ae:8f:c6:ae:ec:71:dd:
61:83:3d:43:b7:47:ea:44:45:48:2b:de:c9:e0:8c:da:37:db:
93:e1:f3:ce:67:fa:58:aa:87:02:d1:90:0e:c2:d0:66:65:58:
17:39:aa:f4:ee:b6:c0:b4:43:13:a1:15:74:a1:40:8d:f6:a4:
31:94:46:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVweXSZ0h+H4dmLEvZ6k0WzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODYwMGRmYWM5ZDNkMWE3NWU2NjMwZDY5NzEwMmYyZjIx
MzJjNDgwHhcNMjMwMTAyMDMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ4YmViNjgyZWJkNTAwZmU4MDc3MGY5YWFiNTU1NTViOGEzZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8zQmgqMKDlbGGIx84s3uynUjtK6
tBcx4krr+df1ttxfKky5+jTrxHp1kigtSxC332EbwV3GrvCsXSLe7+JYvPY0WJxH
ZtMSdDAGwswHebB20wIEy7hWI9pTa/pwQ0X8JplXeIN8LKAiozcJ8fOJT4NWRZDH
W4C5mRgSazwFD1W+7GwXgvP0l0TxAjv686YvOaIHYWZw7Atubj90J3pR2FVF01mb
prmaeRZw5MbheHQ9ZLYeKnEIyhIG0hu/KpushijXaq00GaxSBP9QJ3B38NvdPRJa
8bO1pyPQ6NSNeycxZIFRNKpMc9JnvDxsRkER+Iel7aQiHl3yKp9sBEJ92wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDtIvraC69UA/oB3D5qrVVVbij1VMB8GA1UdIwQY
MBaAFBaGAN+snT0adeZjDWlxAvLyEyxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEt
MThkYmU2NTA0YmI0LzEvTzBpLXRvTHIxUUQtZ0hjUG1xdFZWVnVLUFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEtMThkYmU2NTA0YmI0
LzEvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfy8AwQB
Wfy+AwQAuX7YAwQAuX7aMA0GCSqGSIb3DQEBCwUAA4IBAQCT2o2FJBpIOTyS6nQ0
mazzfiFbwH9hi+1wkxzeEBoi+mI+uwiAlX7V24AwhjSWaTtbsjQPVJz+G2r5A+ih
pWoSJsSEetN207ZqQ1jDO/mEDIQ9axxi6+snZH19sH6PlsmGPZ9YwMYlwxE/7iuq
sKGS29vYF9UEtfGyoFViLGWkf5rdXw5mbtmlXFOTzhHgh2zctOiiKaDLoYdPXhrC
CgWphX6aAL4VdQnplycD/hlzS5Nt4HyOETwGwL+xWdg0zq6Pxq7scd1hgz1Dt0fq
REVIK97J4IzaN9uT4fPOZ/pYqocC0ZAOwtBmZVgXOar07rbAtEMToRV0oUCN9qQx
lEaH
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:14:17 2025 by rpki-client