Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/OMOAOSDW30pr_8VquKaVwzOyvKA.roa
File: OMOAOSDW30pr_8VquKaVwzOyvKA.roa (raw, json)
Hash identifier: 0RvyKxuLVdJuVwvm+Wrjy9LiwbjeUIuMYg81VyVnHh8=
Subject key identifier: 38:C3:80:39:20:D6:DF:4A:6B:FF:C5:6A:B8:A6:95:C3:33:B2:BC:A0
Certificate issuer: /CN=7b5754e4d208c6435f1abec937cde20009204dc0
Certificate serial: 0184DDCD94D65A639AE63B2E743DAE325316
Authority key identifier: 7B:57:54:E4:D2:08:C6:43:5F:1A:BE:C9:37:CD:E2:00:09:20:4D:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1dU5NIIxkNfGr7JN83iAAkgTcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/OMOAOSDW30pr_8VquKaVwzOyvKA.roa
Signing time: Sun 04 Dec 2022 15:42:28 +0000
ROA not before: Sun 04 Dec 2022 15:42:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199486
IP address blocks: 185.214.158.0/24 maxlen: 24
2a09:2e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:dd:cd:94:d6:5a:63:9a:e6:3b:2e:74:3d:ae:32:53:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5754e4d208c6435f1abec937cde20009204dc0
Validity
Not Before: Dec 4 15:42:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38c3803920d6df4a6bffc56ab8a695c333b2bca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1a:62:ce:e6:fe:bd:b8:14:97:fd:a8:87:df:
27:5c:b9:ed:10:2d:01:62:3d:fe:e4:6e:f6:22:a5:
e2:68:7f:20:cc:af:80:06:24:92:a5:45:67:b6:60:
31:35:67:84:bd:df:c1:1a:32:1d:1b:90:5f:ad:23:
65:e0:56:ef:e2:ce:c3:4a:03:81:c3:58:98:b8:79:
79:d3:d7:39:4e:81:f8:6d:00:dd:0e:12:bc:2c:a8:
ed:14:b1:f7:73:e5:97:ff:0b:77:f4:6f:a6:4e:15:
04:e3:1c:e6:31:3a:c1:32:cd:4d:3a:3b:49:19:fe:
33:52:7c:ed:2c:2b:78:52:c2:6b:6c:98:48:47:50:
22:09:ba:a3:43:64:73:f9:f4:5c:c5:4b:51:a3:d0:
18:20:c0:43:cd:b4:3a:22:b1:1e:af:38:5b:bb:49:
18:33:e0:15:9d:cd:cf:fb:32:2d:61:79:f1:f4:6e:
ce:09:23:cf:99:32:48:2c:5a:a0:8c:fb:94:3f:db:
bf:48:a1:fc:b2:a9:ea:7e:c3:76:50:a6:1a:ae:88:
a2:29:d3:38:6c:b0:0b:65:b4:e2:e6:8e:bd:1b:31:
66:11:3f:6a:b5:8d:84:f2:4b:d6:99:3a:ad:18:63:
b8:2b:d2:c4:dd:d1:c1:63:36:bf:f6:ff:39:ae:08:
84:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C3:80:39:20:D6:DF:4A:6B:FF:C5:6A:B8:A6:95:C3:33:B2:BC:A0
X509v3 Authority Key Identifier:
keyid:7B:57:54:E4:D2:08:C6:43:5F:1A:BE:C9:37:CD:E2:00:09:20:4D:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1dU5NIIxkNfGr7JN83iAAkgTcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/OMOAOSDW30pr_8VquKaVwzOyvKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/e1dU5NIIxkNfGr7JN83iAAkgTcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.158.0/24
IPv6:
2a09:2e80::/29
Signature Algorithm: sha256WithRSAEncryption
79:9a:23:e7:c8:ec:9c:03:0b:24:6a:2d:6c:a2:9f:5d:55:f7:
14:34:9f:87:24:d3:06:b6:41:f5:ed:fe:02:c0:b9:06:ba:e9:
dc:fb:b0:80:cc:8d:83:64:b6:16:42:4e:a9:41:d3:f0:68:2e:
c0:2b:a0:dd:9b:39:8f:24:47:81:71:60:d2:9f:94:3d:af:10:
c2:43:ff:e7:2e:e7:b3:5d:09:10:cd:34:f1:95:b5:12:52:78:
1f:15:2f:af:9b:a8:7b:51:35:68:a7:ce:36:75:97:3a:2b:8c:
b5:cd:81:3d:14:80:53:a7:86:28:56:e3:6e:71:52:b9:e0:fb:
cd:e0:f7:3e:fc:84:61:83:63:d3:50:e5:2a:1c:6e:1d:02:a5:
7f:7d:cd:dd:30:f4:97:12:0b:75:63:84:14:f8:55:a7:6b:37:
e6:0c:25:9f:71:8f:89:1a:13:1c:03:54:6f:31:93:ce:c6:59:
33:9c:ae:a5:e8:6a:9b:45:a1:d8:d8:97:cc:84:6d:cc:7a:92:
6f:55:3f:74:d7:dd:e7:20:39:54:ca:45:ef:61:de:54:7e:bc:
3d:43:40:28:5e:45:32:54:98:f0:f5:69:3a:5f:b1:c6:eb:6c:
69:97:8b:af:e4:e9:3b:c4:4e:44:91:69:00:e4:74:14:52:2c:
fb:5b:00:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTdzZTWWmOa5jsudD2uMlMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNTc1NGU0ZDIwOGM2NDM1ZjFhYmVjOTM3Y2RlMjAwMDky
MDRkYzAwHhcNMjIxMjA0MTU0MjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGMzODAzOTIwZDZkZjRhNmJmZmM1NmFiOGE2OTVjMzMzYjJiY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhpizub+vbgUl/2oh98nXLntEC0B
Yj3+5G72IqXiaH8gzK+ABiSSpUVntmAxNWeEvd/BGjIdG5BfrSNl4Fbv4s7DSgOB
w1iYuHl509c5ToH4bQDdDhK8LKjtFLH3c+WX/wt39G+mThUE4xzmMTrBMs1NOjtJ
Gf4zUnztLCt4UsJrbJhIR1AiCbqjQ2Rz+fRcxUtRo9AYIMBDzbQ6IrEerzhbu0kY
M+AVnc3P+zItYXnx9G7OCSPPmTJILFqgjPuUP9u/SKH8sqnqfsN2UKYaroiiKdM4
bLALZbTi5o69GzFmET9qtY2E8kvWmTqtGGO4K9LE3dHBYza/9v85rgiEwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDjDgDkg1t9Ka//FarimlcMzsrygMB8GA1UdIwQY
MBaAFHtXVOTSCMZDXxq+yTfN4gAJIE3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTFkVTVOSUl4a05mR3I3Sk44M2lBQWtnVGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8xZGQxYWMtNGE4Ny00YmYxLThkNTIt
ZmQ0OTNjNmE1Yzc2LzEvT01PQU9TRFczMHByXzhWcXVLYVZ3ek95dktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8xZGQxYWMtNGE4Ny00YmYxLThkNTItZmQ0OTNjNmE1Yzc2
LzEvZTFkVTVOSUl4a05mR3I3Sk44M2lBQWtnVGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudaeMA0E
AgACMAcDBQMqCS6AMA0GCSqGSIb3DQEBCwUAA4IBAQB5miPnyOycAwskai1sop9d
VfcUNJ+HJNMGtkH17f4CwLkGuunc+7CAzI2DZLYWQk6pQdPwaC7AK6DdmzmPJEeB
cWDSn5Q9rxDCQ//nLuezXQkQzTTxlbUSUngfFS+vm6h7UTVop842dZc6K4y1zYE9
FIBTp4YoVuNucVK54PvN4Pc+/IRhg2PTUOUqHG4dAqV/fc3dMPSXEgt1Y4QU+FWn
azfmDCWfcY+JGhMcA1RvMZPOxlkznK6l6GqbRaHY2JfMhG3MepJvVT90193nIDlU
ykXvYd5Ufrw9Q0AoXkUyVJjw9Wk6X7HG62xpl4uv5Ok7xE5EkWkA5HQUUiz7WwB1
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:38:39 2025 by rpki-client