Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/omQL4t44-m39VYV6JGyVmTI0-pE.roa
File: omQL4t44-m39VYV6JGyVmTI0-pE.roa (raw, json)
Hash identifier: 1mol3K9gJfcJ2KOW7zuPVNR9mrV2MP+VqPtNU2sbUTw=
Subject key identifier: A2:64:0B:E2:DE:38:FA:6D:FD:55:85:7A:24:6C:95:99:32:34:FA:91
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 018A650F2D1C89A71A19FA4B672456FFB5F1
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/omQL4t44-m39VYV6JGyVmTI0-pE.roa
Signing time: Tue 05 Sep 2023 11:16:47 +0000
ROA not before: Tue 05 Sep 2023 11:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400790
IP address blocks: 206.245.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:0f:2d:1c:89:a7:1a:19:fa:4b:67:24:56:ff:b5:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Sep 5 11:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2640be2de38fa6dfd55857a246c95993234fa91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f1:8b:01:a5:81:d8:99:48:35:d5:f0:8b:07:
6e:52:9a:db:08:25:b0:87:4f:7d:a1:32:a7:0f:34:
4c:41:39:02:bf:db:eb:ae:bf:c1:a0:68:8a:ae:75:
b4:71:06:42:20:1f:35:de:e2:bb:e6:f3:4e:d9:8c:
6c:c8:08:63:95:8e:e0:e1:26:5c:93:05:06:d9:30:
9a:2f:ea:85:a2:d0:91:ae:e0:62:7a:5f:bc:f1:cc:
56:96:df:8a:c4:bf:58:e6:43:b9:ea:b4:39:2a:1b:
7a:da:97:f9:8f:cf:58:b0:e8:bd:62:e4:0c:34:5a:
b0:a6:3c:fd:eb:ae:a2:29:57:3f:ed:7b:28:9f:5e:
f7:a2:46:f8:33:cd:79:fb:50:53:b3:37:14:77:ec:
7e:ad:65:13:da:89:89:a0:cd:5c:1b:3e:a6:2c:0a:
8c:00:4a:4c:ed:f3:42:05:42:da:27:69:e5:4f:11:
dd:e2:76:91:bd:7a:b8:52:f6:73:c5:a8:ec:1c:77:
7a:e0:25:43:9a:9d:be:f0:7c:a8:1f:9a:d2:4a:3a:
33:ca:b7:fc:b6:0e:63:92:91:14:bd:73:d6:ee:2b:
82:05:b8:86:10:9c:a6:76:6b:99:7f:d0:f4:b8:be:
26:1c:72:dc:71:15:70:24:e4:0e:a4:18:d6:61:68:
cf:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:64:0B:E2:DE:38:FA:6D:FD:55:85:7A:24:6C:95:99:32:34:FA:91
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/omQL4t44-m39VYV6JGyVmTI0-pE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.245.208.0/24
Signature Algorithm: sha256WithRSAEncryption
09:96:a7:27:e7:80:82:c0:79:a0:ee:f0:15:fe:33:f0:a6:97:
90:f7:9f:f8:c6:77:a2:9c:71:c3:83:d9:56:5f:c1:bc:eb:68:
0c:83:d5:c8:3e:54:f4:dc:cf:79:32:fb:46:43:39:3f:0e:05:
45:cc:6b:af:6f:f8:cb:11:d3:a9:17:d8:ca:e9:7d:f8:78:ca:
67:b0:59:46:f7:7c:47:ef:ca:bc:5b:dc:0c:77:f9:f9:31:a6:
57:1d:ba:4f:fd:88:89:7a:3f:3c:ed:3e:dd:1f:a8:db:60:e9:
eb:dc:77:94:1d:2d:69:cf:80:53:11:cf:a6:53:df:bd:9a:a3:
55:36:c7:46:9a:e0:a0:96:23:ad:39:dc:f0:ba:cf:31:42:9a:
c5:1f:bd:13:2c:ea:d0:33:e8:d0:a6:96:78:e4:f1:7f:6b:6c:
ff:d9:40:f3:d9:b5:eb:de:cb:36:68:ab:e6:58:8f:88:22:f6:
c8:5d:f7:94:81:37:f9:42:6d:23:2a:a4:36:15:e8:8e:89:dc:
0b:f3:ff:f1:ab:a0:01:0c:5b:33:ae:ee:2e:b4:4c:cc:04:46:
2f:7f:a9:d7:72:35:2f:7f:31:ad:10:06:42:0f:25:ed:c3:f7:
ce:91:ba:e2:70:bf:e7:a8:13:a1:31:c0:30:e0:fb:a0:a3:aa:
b4:15:25:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYplDy0ciacaGfpLZyRW/7XxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjMwOTA1MTExNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjY0MGJlMmRlMzhmYTZkZmQ1NTg1N2EyNDZjOTU5OTMyMzRmYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvGLAaWB2JlINdXwiwduUprbCCWw
h099oTKnDzRMQTkCv9vrrr/BoGiKrnW0cQZCIB813uK75vNO2YxsyAhjlY7g4SZc
kwUG2TCaL+qFotCRruBiel+88cxWlt+KxL9Y5kO56rQ5Kht62pf5j89YsOi9YuQM
NFqwpjz9666iKVc/7Xson173okb4M815+1BTszcUd+x+rWUT2omJoM1cGz6mLAqM
AEpM7fNCBULaJ2nlTxHd4naRvXq4UvZzxajsHHd64CVDmp2+8HyoH5rSSjozyrf8
tg5jkpEUvXPW7iuCBbiGEJymdmuZf9D0uL4mHHLccRVwJOQOpBjWYWjPZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJkC+LeOPpt/VWFeiRslZkyNPqRMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvb21RTDR0NDQtbTM5VllWNkpHeVZtVEkwLXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzvXQMA0G
CSqGSIb3DQEBCwUAA4IBAQAJlqcn54CCwHmg7vAV/jPwppeQ95/4xneinHHDg9lW
X8G862gMg9XIPlT03M95MvtGQzk/DgVFzGuvb/jLEdOpF9jK6X34eMpnsFlG93xH
78q8W9wMd/n5MaZXHbpP/YiJej887T7dH6jbYOnr3HeUHS1pz4BTEc+mU9+9mqNV
NsdGmuCgliOtOdzwus8xQprFH70TLOrQM+jQppZ45PF/a2z/2UDz2bXr3ss2aKvm
WI+IIvbIXfeUgTf5Qm0jKqQ2FeiOidwL8//xq6ABDFszru4utEzMBEYvf6nXcjUv
fzGtEAZCDyXtw/fOkbricL/nqBOhMcAw4Pugo6q0FSXU
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:01 2025 by rpki-client