Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ombO8p3PEiqapgyHAzyrL8CEWvw.roa
File: ombO8p3PEiqapgyHAzyrL8CEWvw.roa (raw, json)
Hash identifier: rMJStmLrNmp2thcMgNZYuHirHQpDmHHqvZM8v8BIiac=
Subject key identifier: A2:66:CE:F2:9D:CF:12:2A:9A:A6:0C:87:03:3C:AB:2F:C0:84:5A:FC
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0185361D5C2D7D6A4A221BD99524F692F0AD
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ombO8p3PEiqapgyHAzyrL8CEWvw.roa
Signing time: Wed 21 Dec 2022 19:16:11 +0000
ROA not before: Wed 21 Dec 2022 19:16:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43357
IP address blocks: 194.36.25.0/24 maxlen: 24
185.254.75.0/24 maxlen: 24
185.194.52.0/22 maxlen: 24
2a09:7:2007::/48 maxlen: 48
2a07:fe00:1::/48 maxlen: 48
2a03:d9c0:3000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:36:1d:5c:2d:7d:6a:4a:22:1b:d9:95:24:f6:92:f0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Dec 21 19:16:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a266cef29dcf122a9aa60c87033cab2fc0845afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cf:83:b6:f2:67:46:96:31:78:73:e9:56:81:
dc:c1:98:97:c6:18:cb:44:c3:ae:d9:fa:0e:4f:a5:
ca:8f:17:0a:72:ba:2c:82:58:c3:c2:aa:71:07:35:
6c:d2:12:9c:f6:c4:64:7d:c7:31:97:67:66:5e:c0:
c0:80:0e:bb:aa:bf:94:83:13:36:d9:30:0f:08:75:
62:3a:78:4e:06:ae:5a:ee:43:35:9d:f2:90:a3:f7:
62:3d:41:84:66:11:9d:43:05:91:e4:b1:fa:e7:00:
c2:cd:b1:b1:79:20:e8:71:b5:76:01:7b:43:3b:dc:
42:9f:7f:e2:63:6e:4d:fa:0d:24:1b:d5:86:68:87:
e9:a6:5d:41:5a:84:69:d1:98:f0:e5:72:bd:ae:98:
c3:ea:b1:d0:8f:3f:cc:aa:70:a6:c3:ae:a6:97:5e:
6c:76:83:f9:0e:12:fa:41:4b:fa:93:aa:5b:5d:b3:
05:7a:b0:5b:ee:48:3b:20:78:ad:dc:57:98:39:ab:
1c:e6:ab:c4:43:15:5b:2a:9c:4d:63:f8:8e:93:58:
06:09:59:c4:90:f0:fb:dc:dd:05:ec:e4:3b:2f:b5:
3c:b1:e2:ac:5a:47:af:d1:b0:a6:0b:f8:06:7f:a0:
c7:d5:e4:6a:fb:b4:d5:f3:e7:7f:a7:d1:f1:d2:f5:
7a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:66:CE:F2:9D:CF:12:2A:9A:A6:0C:87:03:3C:AB:2F:C0:84:5A:FC
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ombO8p3PEiqapgyHAzyrL8CEWvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.52.0/22
185.254.75.0/24
194.36.25.0/24
IPv6:
2a03:d9c0:3000::/48
2a07:fe00:1::/48
2a09:7:2007::/48
Signature Algorithm: sha256WithRSAEncryption
01:ea:ef:b0:28:ba:94:92:f2:2d:a5:14:66:5c:9f:8b:bb:92:
5a:fe:e0:ac:0c:49:0f:32:2c:fb:d5:17:27:0e:56:e7:1e:62:
09:2d:db:e3:4e:fc:cd:7c:d5:3e:47:6b:f5:df:1f:17:e7:b0:
28:bd:8b:bf:23:53:57:57:30:f8:8e:c1:59:88:d7:b3:10:cd:
d0:c4:7b:df:ff:ea:b2:a3:86:a8:6f:96:0f:b8:bc:04:60:2d:
39:9f:5c:d5:44:8a:23:07:13:89:8f:8a:12:1f:b2:34:2d:34:
f1:95:5b:12:2c:52:a0:16:a6:39:35:d7:82:0d:a4:71:8f:64:
a4:40:ed:aa:b3:19:a0:d2:da:79:a2:d6:22:a0:98:fe:dd:52:
a1:ba:81:80:b4:7d:4f:ed:40:b9:7f:e2:7e:df:74:ff:0c:1d:
62:d1:27:e2:a4:e6:30:cc:05:dd:4f:a1:77:c8:59:83:ec:a3:
be:f7:e0:a8:99:f2:bb:c9:a8:f1:fc:e5:65:41:1a:95:19:d6:
ac:53:57:7a:5f:5f:c4:e8:04:8f:19:2b:ce:e5:ec:00:d6:02:
e4:90:d1:ff:13:04:1a:d4:0c:5b:75:85:c1:f2:6e:6d:90:08:
b0:c5:e4:21:1f:a1:d9:d2:04:dd:2e:0b:8e:d8:56:aa:72:5f:
3f:35:93:d6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYU2HVwtfWpKIhvZlST2kvCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIxMjIxMTkxNjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjY2Y2VmMjlkY2YxMjJhOWFhNjBjODcwMzNjYWIyZmMwODQ1YWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8+DtvJnRpYxeHPpVoHcwZiXxhjL
RMOu2foOT6XKjxcKcrosgljDwqpxBzVs0hKc9sRkfccxl2dmXsDAgA67qr+UgxM2
2TAPCHViOnhOBq5a7kM1nfKQo/diPUGEZhGdQwWR5LH65wDCzbGxeSDocbV2AXtD
O9xCn3/iY25N+g0kG9WGaIfppl1BWoRp0Zjw5XK9rpjD6rHQjz/MqnCmw66ml15s
doP5DhL6QUv6k6pbXbMFerBb7kg7IHit3FeYOasc5qvEQxVbKpxNY/iOk1gGCVnE
kPD73N0F7OQ7L7U8seKsWkev0bCmC/gGf6DH1eRq+7TV8+d/p9Hx0vV6OQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFKJmzvKdzxIqmqYMhwM8qy/AhFr8MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvb21iTzhwM1BFaXFhcGd5SEF6eXJMOENFV3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQCucI0AwQA
uf5LAwQAwiQZMCEEAgACMBsDBwAqA9nAMAADBwAqB/4AAAEDBwAqCQAHIAcwDQYJ
KoZIhvcNAQELBQADggEBAAHq77AoupSS8i2lFGZcn4u7klr+4KwMSQ8yLPvVFycO
VuceYgkt2+NO/M181T5Ha/XfHxfnsCi9i78jU1dXMPiOwVmI17MQzdDEe9//6rKj
hqhvlg+4vARgLTmfXNVEiiMHE4mPihIfsjQtNPGVWxIsUqAWpjk114INpHGPZKRA
7aqzGaDS2nmi1iKgmP7dUqG6gYC0fU/tQLl/4n7fdP8MHWLRJ+Kk5jDMBd1PoXfI
WYPso7734KiZ8rvJqPH85WVBGpUZ1qxTV3pfX8ToBI8ZK87l7ADWAuSQ0f8TBBrU
DFt1hcHybm2QCLDF5CEfodnSBN0uC47YVqpyXz81k9Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org