Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/aacdcc-aa17-42f8-9ade-7c379a551c12/1/To-Op9FF_WXTLgRfcbMDPMxgun0.roa
File: To-Op9FF_WXTLgRfcbMDPMxgun0.roa (raw, json)
Hash identifier: kJlRIaIexJHtMXrQ6Ch7ZvF/YjaTeRe4e0uGKaxatP8=
Subject key identifier: 4E:8F:8E:A7:D1:45:FD:65:D3:2E:04:5F:71:B3:03:3C:CC:60:BA:7D
Certificate issuer: /CN=7ddc36414c991bfa8d92f6027e5308370b22b6a6
Certificate serial: 018A2791CBA6DDF04A75311CBD263A831515
Authority key identifier: 7D:DC:36:41:4C:99:1B:FA:8D:92:F6:02:7E:53:08:37:0B:22:B6:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fdw2QUyZG_qNkvYCflMINwsitqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/aacdcc-aa17-42f8-9ade-7c379a551c12/1/To-Op9FF_WXTLgRfcbMDPMxgun0.roa
Signing time: Thu 24 Aug 2023 12:43:00 +0000
ROA not before: Thu 24 Aug 2023 12:43:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203825
IP address blocks: 185.122.188.0/23 maxlen: 23
185.122.190.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:91:cb:a6:dd:f0:4a:75:31:1c:bd:26:3a:83:15:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ddc36414c991bfa8d92f6027e5308370b22b6a6
Validity
Not Before: Aug 24 12:43:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e8f8ea7d145fd65d32e045f71b3033ccc60ba7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6b:87:30:c0:74:a7:b5:ab:24:ae:8d:7e:f5:
87:c7:2f:00:b4:85:36:ca:e1:7f:c0:13:29:97:f7:
13:3b:d3:22:e6:04:d3:22:15:42:08:29:c6:05:65:
d0:71:e6:2a:e4:da:2b:a3:ac:f8:66:cc:c1:de:6d:
12:b4:aa:40:a4:49:52:cc:ec:3b:57:04:31:cc:a1:
5c:c6:e2:b3:ed:5d:5b:10:ec:b9:23:6b:86:e1:f9:
6e:e8:41:9b:29:6e:4e:8e:ba:5b:cf:5c:6f:54:0d:
af:ea:0c:7b:bb:e8:90:48:e6:72:71:84:1b:43:08:
4b:42:74:35:87:70:7e:74:44:bb:d9:f1:ec:cc:85:
07:6c:30:89:5a:ed:7e:07:ac:8a:4d:18:b0:00:78:
2c:e3:e4:ed:2a:07:be:36:68:be:f7:09:aa:e2:a2:
93:9b:3b:19:75:c8:24:02:70:74:d6:09:f7:94:12:
5e:26:ef:00:33:43:8e:d2:b7:32:69:53:00:d1:38:
5a:98:cb:0f:7c:37:87:b2:a3:af:a5:22:41:e2:c8:
9e:f0:11:1f:4b:be:ba:4b:8c:64:59:bc:cd:f5:1e:
26:c1:88:1d:e5:3b:da:d5:22:2f:01:1b:27:ea:03:
d9:66:f5:c2:c7:f8:4b:87:3e:19:2c:02:99:3b:74:
ac:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:8F:8E:A7:D1:45:FD:65:D3:2E:04:5F:71:B3:03:3C:CC:60:BA:7D
X509v3 Authority Key Identifier:
keyid:7D:DC:36:41:4C:99:1B:FA:8D:92:F6:02:7E:53:08:37:0B:22:B6:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fdw2QUyZG_qNkvYCflMINwsitqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/aacdcc-aa17-42f8-9ade-7c379a551c12/1/To-Op9FF_WXTLgRfcbMDPMxgun0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/aacdcc-aa17-42f8-9ade-7c379a551c12/1/fdw2QUyZG_qNkvYCflMINwsitqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.188.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:d7:21:58:9f:84:21:e3:11:69:e9:c5:a7:23:d0:c4:9f:ea:
a8:da:de:61:76:b4:c3:34:10:75:6d:81:6d:dd:0b:a8:51:1d:
54:c3:2f:15:cd:5d:e9:a8:b8:e2:da:f3:43:06:de:a7:f5:17:
63:fa:0e:01:99:bf:60:29:aa:80:ab:3c:67:a8:45:0b:97:13:
aa:a2:06:d9:87:a4:bf:84:c1:52:ff:85:a0:2b:2d:36:33:74:
7e:6e:06:64:48:b0:dd:84:9b:d8:31:d5:eb:65:2c:11:f9:38:
2f:32:38:37:bc:27:c6:10:3e:3c:ef:3c:e9:f2:40:66:1a:5e:
0a:b9:87:25:83:6e:f1:fd:64:77:46:ca:51:79:34:00:e3:74:
2b:99:91:17:55:ce:cc:d8:3b:34:89:1e:a8:3d:d7:52:f0:91:
60:a3:f1:36:4f:43:de:c1:f9:56:7d:4e:b2:a7:bd:87:f4:5f:
8a:f1:d5:16:f2:3b:61:f5:8a:3c:48:a8:40:8c:cf:39:db:f1:
e6:d8:82:c6:b4:03:9e:16:1e:04:f6:2e:b9:71:58:42:b4:57:
d3:5e:7f:7d:5f:f9:55:4f:64:60:76:f5:74:d6:74:5c:a9:3d:
5e:2b:f9:5d:22:0b:22:fd:71:ad:4f:31:e1:92:ed:6f:51:67:
3a:18:67:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYonkcum3fBKdTEcvSY6gxUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZGMzNjQxNGM5OTFiZmE4ZDkyZjYwMjdlNTMwODM3MGIy
MmI2YTYwHhcNMjMwODI0MTI0MzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZThmOGVhN2QxNDVmZDY1ZDMyZTA0NWY3MWIzMDMzY2NjNjBiYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGuHMMB0p7WrJK6NfvWHxy8AtIU2
yuF/wBMpl/cTO9Mi5gTTIhVCCCnGBWXQceYq5Noro6z4ZszB3m0StKpApElSzOw7
VwQxzKFcxuKz7V1bEOy5I2uG4flu6EGbKW5Ojrpbz1xvVA2v6gx7u+iQSOZycYQb
QwhLQnQ1h3B+dES72fHszIUHbDCJWu1+B6yKTRiwAHgs4+TtKge+Nmi+9wmq4qKT
mzsZdcgkAnB01gn3lBJeJu8AM0OO0rcyaVMA0ThamMsPfDeHsqOvpSJB4sie8BEf
S766S4xkWbzN9R4mwYgd5Tva1SIvARsn6gPZZvXCx/hLhz4ZLAKZO3SsEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6PjqfRRf1l0y4EX3GzAzzMYLp9MB8GA1UdIwQY
MBaAFH3cNkFMmRv6jZL2An5TCDcLIramMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmR3MlFVeVpHX3FOa3ZZQ2ZsTUlOd3NpdHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9hYWNkY2MtYWExNy00MmY4LTlhZGUt
N2MzNzlhNTUxYzEyLzEvVG8tT3A5RkZfV1hUTGdSZmNiTURQTXhndW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9hYWNkY2MtYWExNy00MmY4LTlhZGUtN2MzNzlhNTUxYzEy
LzEvZmR3MlFVeVpHX3FOa3ZZQ2ZsTUlOd3NpdHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXq8MA0G
CSqGSIb3DQEBCwUAA4IBAQC41yFYn4Qh4xFp6cWnI9DEn+qo2t5hdrTDNBB1bYFt
3QuoUR1Uwy8VzV3pqLji2vNDBt6n9Rdj+g4Bmb9gKaqAqzxnqEULlxOqogbZh6S/
hMFS/4WgKy02M3R+bgZkSLDdhJvYMdXrZSwR+TgvMjg3vCfGED487zzp8kBmGl4K
uYclg27x/WR3RspReTQA43QrmZEXVc7M2Ds0iR6oPddS8JFgo/E2T0PewflWfU6y
p72H9F+K8dUW8jth9Yo8SKhAjM852/Hm2ILGtAOeFh4E9i65cVhCtFfTXn99X/lV
T2RgdvV01nRcqT1eK/ldIgsi/XGtTzHhku1vUWc6GGfh
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:26 2025 by rpki-client