Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/7fe559-2f1d-47e8-8466-ef9135a2c82f/1/oCsYRhP9DFVDSfhaRV-fso7jMrk.roa
File: oCsYRhP9DFVDSfhaRV-fso7jMrk.roa (raw, json)
Hash identifier: exNV0hTco+zg50fJMEKXM9Dfc0ub6QIAaYVKCDOSa3U=
Subject key identifier: A0:2B:18:46:13:FD:0C:55:43:49:F8:5A:45:5F:9F:B2:8E:E3:32:B9
Certificate issuer: /CN=b7a230316b3e258e9255f46b20802ae2f3cb46a0
Certificate serial: 01856D53E03C1F210A4A145474E945FB04E4
Authority key identifier: B7:A2:30:31:6B:3E:25:8E:92:55:F4:6B:20:80:2A:E2:F3:CB:46:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t6IwMWs-JY6SVfRrIIAq4vPLRqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/7fe559-2f1d-47e8-8466-ef9135a2c82f/1/oCsYRhP9DFVDSfhaRV-fso7jMrk.roa
Signing time: Sun 01 Jan 2023 12:34:51 +0000
ROA not before: Sun 01 Jan 2023 12:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203836
IP address blocks: 185.66.132.0/24 maxlen: 24
185.66.135.0/24 maxlen: 24
185.66.133.0/24 maxlen: 24
185.66.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:e0:3c:1f:21:0a:4a:14:54:74:e9:45:fb:04:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7a230316b3e258e9255f46b20802ae2f3cb46a0
Validity
Not Before: Jan 1 12:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a02b184613fd0c554349f85a455f9fb28ee332b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:12:24:1a:71:a3:a1:0f:5c:96:64:ad:5d:f5:
2c:9e:f5:71:98:d2:84:59:3a:f8:28:19:3d:8e:49:
56:de:08:63:71:58:f4:54:ad:2c:d2:ac:b2:61:32:
11:09:27:8a:fc:e7:c2:2f:9b:56:0b:1f:d5:15:58:
8d:3a:a8:9b:67:d4:53:76:83:ec:5d:e7:e3:3f:94:
ce:b3:40:5a:ee:10:e7:08:95:bd:17:06:56:a6:2c:
6a:b5:1f:93:80:79:e8:a5:e4:94:db:d0:1c:a2:1a:
18:0f:cc:5f:d9:31:68:73:a9:2b:32:2f:3d:01:c7:
96:c9:9d:3a:92:55:74:f2:ca:60:92:35:e7:a4:18:
5b:d5:60:5f:29:7e:3f:f2:16:f3:4c:1b:36:93:ed:
1f:f5:92:40:df:50:21:41:b4:58:7b:f7:6a:5a:8e:
f9:59:7c:05:f2:1b:7a:70:83:7d:c7:1b:4d:5d:e2:
45:10:17:8f:d2:90:99:8b:fa:c6:fb:c3:fc:27:d0:
6a:e8:63:01:be:e4:59:94:08:52:44:14:65:73:c9:
c2:45:3a:54:9e:d1:3b:c2:ec:f4:ef:d4:78:cb:4d:
eb:4e:e7:48:2c:20:5e:0f:9a:c7:5a:65:e6:e2:0b:
fa:2c:89:5d:d0:fd:0b:9c:00:6a:c4:ac:38:49:c5:
a9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2B:18:46:13:FD:0C:55:43:49:F8:5A:45:5F:9F:B2:8E:E3:32:B9
X509v3 Authority Key Identifier:
keyid:B7:A2:30:31:6B:3E:25:8E:92:55:F4:6B:20:80:2A:E2:F3:CB:46:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t6IwMWs-JY6SVfRrIIAq4vPLRqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/7fe559-2f1d-47e8-8466-ef9135a2c82f/1/oCsYRhP9DFVDSfhaRV-fso7jMrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/7fe559-2f1d-47e8-8466-ef9135a2c82f/1/t6IwMWs-JY6SVfRrIIAq4vPLRqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.132.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:61:c1:dc:4e:7f:9d:76:7d:91:82:97:29:b7:b2:94:06:91:
af:7a:1f:46:37:a0:15:27:a0:6a:4f:a1:91:b2:8a:69:a5:d9:
1f:f4:10:b3:23:02:36:71:8f:b8:05:4d:0c:42:1f:3d:ef:9d:
f9:28:b0:ba:8b:3f:00:19:48:c8:10:52:33:12:a6:ed:91:0c:
a7:4e:4c:33:64:66:e4:ff:b6:ec:c4:74:7b:b5:f4:21:09:df:
3c:73:c2:78:6a:18:67:59:b5:cb:54:fd:18:0c:bd:1f:b0:4d:
d4:4a:f0:8a:07:70:7e:13:fe:eb:2d:f1:01:f7:81:5e:3a:75:
8c:2c:24:87:ea:b4:34:da:17:d2:fa:4a:95:ce:84:89:42:71:
26:96:b1:52:f3:9e:84:9c:e4:29:78:eb:7d:d8:e9:24:1a:a4:
16:c5:9a:25:15:7c:2a:4d:b3:94:94:af:c2:b0:33:51:77:49:
74:70:b2:27:3e:c4:c2:f0:0b:be:4a:5b:2a:98:4b:05:7b:54:
e8:02:39:51:8f:65:92:03:61:46:95:21:d9:5b:60:df:fc:df:
6b:b9:0c:be:2c:d6:18:42:c0:a9:c5:a9:4f:96:f3:b9:16:3a:
b8:a8:d3:02:89:08:59:c4:81:46:80:74:5b:f8:5f:cd:fb:82:
55:18:ba:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU+A8HyEKShRUdOlF+wTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YTIzMDMxNmIzZTI1OGU5MjU1ZjQ2YjIwODAyYWUyZjNj
YjQ2YTAwHhcNMjMwMTAxMTIzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDJiMTg0NjEzZmQwYzU1NDM0OWY4NWE0NTVmOWZiMjhlZTMzMmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxIkGnGjoQ9clmStXfUsnvVxmNKE
WTr4KBk9jklW3ghjcVj0VK0s0qyyYTIRCSeK/OfCL5tWCx/VFViNOqibZ9RTdoPs
XefjP5TOs0Ba7hDnCJW9FwZWpixqtR+TgHnopeSU29AcohoYD8xf2TFoc6krMi89
AceWyZ06klV08spgkjXnpBhb1WBfKX4/8hbzTBs2k+0f9ZJA31AhQbRYe/dqWo75
WXwF8ht6cIN9xxtNXeJFEBeP0pCZi/rG+8P8J9Bq6GMBvuRZlAhSRBRlc8nCRTpU
ntE7wuz079R4y03rTudILCBeD5rHWmXm4gv6LIld0P0LnABqxKw4ScWpCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKArGEYT/QxVQ0n4WkVfn7KO4zK5MB8GA1UdIwQY
MBaAFLeiMDFrPiWOklX0ayCAKuLzy0agMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDZJd01Xcy1KWTZTVmZScklJQXE0dlBMUnFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi83ZmU1NTktMmYxZC00N2U4LTg0NjYt
ZWY5MTM1YTJjODJmLzEvb0NzWVJoUDlERlZEU2ZoYVJWLWZzbzdqTXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi83ZmU1NTktMmYxZC00N2U4LTg0NjYtZWY5MTM1YTJjODJm
LzEvdDZJd01Xcy1KWTZTVmZScklJQXE0dlBMUnFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUKEMA0G
CSqGSIb3DQEBCwUAA4IBAQCqYcHcTn+ddn2Rgpcpt7KUBpGveh9GN6AVJ6BqT6GR
sopppdkf9BCzIwI2cY+4BU0MQh897535KLC6iz8AGUjIEFIzEqbtkQynTkwzZGbk
/7bsxHR7tfQhCd88c8J4ahhnWbXLVP0YDL0fsE3USvCKB3B+E/7rLfEB94FeOnWM
LCSH6rQ02hfS+kqVzoSJQnEmlrFS856EnOQpeOt92OkkGqQWxZolFXwqTbOUlK/C
sDNRd0l0cLInPsTC8Au+SlsqmEsFe1ToAjlRj2WSA2FGlSHZW2Df/N9ruQy+LNYY
QsCpxalPlvO5Fjq4qNMCiQhZxIFGgHRb+F/N+4JVGLqf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:17 2025 by rpki-client