Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/OJoY9w32qPytXyVEeNx-b8EqJe0.roa
File: OJoY9w32qPytXyVEeNx-b8EqJe0.roa (raw, json)
Hash identifier: 1AxwoEafZlFCa3vJdp5IPRZNtaRrlLtFZ68bZ4q0kFs=
Subject key identifier: 38:9A:18:F7:0D:F6:A8:FC:AD:5F:25:44:78:DC:7E:6F:C1:2A:25:ED
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 367DFE35
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/OJoY9w32qPytXyVEeNx-b8EqJe0.roa
Signing time: Sat 01 Jan 2022 15:06:33 +0000
ROA not before: Sat 01 Jan 2022 15:06:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202780
IP address blocks: 185.101.125.0/24 maxlen: 24
185.101.124.0/24 maxlen: 24
185.101.126.0/24 maxlen: 24
185.101.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 914226741 (0x367dfe35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Jan 1 15:06:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=389a18f70df6a8fcad5f254478dc7e6fc12a25ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a6:d4:30:5a:9f:b0:6e:10:41:48:88:3d:03:
ef:6c:e0:61:1d:4e:b9:5a:d7:3d:5e:92:7f:73:2a:
86:10:c7:51:1d:11:36:50:57:3a:6f:81:ee:6d:29:
88:87:76:05:e4:df:28:e1:03:3a:fe:98:16:de:ca:
5a:61:d3:6a:3a:d3:14:fd:34:d5:53:f8:75:f7:ed:
41:1e:db:51:cb:06:be:e8:65:0b:37:2c:31:91:32:
eb:26:f6:e2:92:b2:f1:bf:41:18:b9:81:cc:bf:01:
c3:19:40:c5:32:fa:f7:e7:c5:70:bf:6a:b1:02:36:
ba:d2:bf:d3:b3:bd:c4:db:22:55:49:63:7b:2f:d2:
13:8d:0f:2e:ba:1a:1b:ec:2a:8b:47:0b:2a:0a:54:
2f:4a:78:71:d5:e1:e6:97:59:00:de:af:b6:f6:1c:
da:e5:f3:1b:6c:64:f1:80:f2:a6:07:7a:f9:2e:cc:
cb:01:65:9e:59:ab:52:cd:73:7f:75:c4:c5:f3:57:
91:d9:5d:7f:e6:39:9d:fd:d6:77:27:73:1e:28:8c:
79:0c:36:8b:76:88:4e:da:ed:29:e5:96:a5:72:bc:
bf:2d:1d:4d:27:66:86:f8:92:02:77:5e:f3:ee:c7:
a4:31:26:03:dc:7d:d7:e8:b1:a5:00:0b:2f:79:6f:
2b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9A:18:F7:0D:F6:A8:FC:AD:5F:25:44:78:DC:7E:6F:C1:2A:25:ED
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/OJoY9w32qPytXyVEeNx-b8EqJe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.124.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:70:09:ac:20:c7:fc:62:12:85:3c:45:08:68:03:b7:11:6b:
ee:cc:2e:71:d1:d3:2b:e0:ae:08:14:19:80:55:21:b2:1b:a7:
1a:b4:d1:51:66:b0:ab:8e:a2:96:95:7d:80:39:29:c3:b0:4b:
f5:cb:e9:6d:7b:40:08:ac:50:4d:fd:e2:e0:4e:e9:75:b3:00:
15:23:d9:fb:76:48:04:d7:a3:20:2f:cd:8d:92:ce:67:59:64:
2e:b5:07:42:8d:f9:4c:d5:3c:98:bf:e6:1f:ce:86:63:0e:3b:
ac:6e:cc:76:3b:e3:7c:4d:17:67:db:ae:9a:6d:54:15:fe:2a:
cf:3a:87:7b:ab:c8:18:bc:bc:b0:85:97:44:52:d1:5a:a6:d7:
72:9d:8b:88:03:18:0f:08:13:fd:88:31:28:87:c9:28:72:6d:
d8:53:28:b8:08:84:f1:47:f3:a7:9e:6b:1f:ba:ae:d6:80:3f:
86:4d:71:23:cc:70:ff:a9:82:40:a4:d3:4c:aa:97:d0:d1:b5:
ae:33:2b:93:d8:53:74:d6:2b:3e:f5:d0:88:b8:0b:44:2d:e8:
f4:0b:be:4f:43:12:29:1a:0d:3b:e4:0b:ba:0e:d3:0f:13:51:
31:19:e8:1d:7a:43:5d:da:f5:a4:2a:99:0d:ae:cc:5f:28:02:
67:0e:b5:88
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENn3+NTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDgwMjVjN2RlMDQwMGUwZjNjODhkNGExMjJhMzE3ZTMyYzVlMjFjMB4XDTIyMDEw
MTE1MDYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg5YTE4ZjcwZGY2
YThmY2FkNWYyNTQ0NzhkYzdlNmZjMTJhMjVlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmm1DBan7BuEEFIiD0D72zgYR1OuVrXPV6Sf3MqhhDHUR0R
NlBXOm+B7m0piId2BeTfKOEDOv6YFt7KWmHTajrTFP001VP4dfftQR7bUcsGvuhl
CzcsMZEy6yb24pKy8b9BGLmBzL8BwxlAxTL69+fFcL9qsQI2utK/07O9xNsiVUlj
ey/SE40PLroaG+wqi0cLKgpUL0p4cdXh5pdZAN6vtvYc2uXzG2xk8YDypgd6+S7M
ywFlnlmrUs1zf3XExfNXkdldf+Y5nf3WdydzHiiMeQw2i3aITtrtKeWWpXK8vy0d
TSdmhviSAnde8+7HpDEmA9x91+ixpQALL3lvK+ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4mhj3Dfao/K1fJUR43H5vwSol7TAfBgNVHSMEGDAWgBRAgCXH3gQA4PPI
jUoSKjF+MsXiHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FJQWx4OTRFQU9EenlJMUtFaW94ZmpMRjRody5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvNTkzMDNkLTc0OGEtNDc5Ny04MTFlLWZlZTJlOGQ0MDg0Zi8x
L09Kb1k5dzMycVB5dFh5VkVlTngtYjhFcUplMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
NTkzMDNkLTc0OGEtNDc5Ny04MTFlLWZlZTJlOGQ0MDg0Zi8xL1FJQWx4OTRFQU9E
enlJMUtFaW94ZmpMRjRody5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArllfDANBgkqhkiG9w0BAQsFAAOC
AQEArXAJrCDH/GIShTxFCGgDtxFr7swucdHTK+CuCBQZgFUhshunGrTRUWawq46i
lpV9gDkpw7BL9cvpbXtACKxQTf3i4E7pdbMAFSPZ+3ZIBNejIC/NjZLOZ1lkLrUH
Qo35TNU8mL/mH86GYw47rG7MdjvjfE0XZ9uumm1UFf4qzzqHe6vIGLy8sIWXRFLR
WqbXcp2LiAMYDwgT/YgxKIfJKHJt2FMouAiE8Ufzp55rH7qu1oA/hk1xI8xw/6mC
QKTTTKqX0NG1rjMrk9hTdNYrPvXQiLgLRC3o9Au+T0MSKRoNO+QLug7TDxNRMRno
HXpDXdr1pCqZDa7MXygCZw61iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:57 2024 by rpki-client on console-ams.rpki-client.org