Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/oBCcYBUe_cOzN7KOBogMqk7CZmw.roa
File: oBCcYBUe_cOzN7KOBogMqk7CZmw.roa (raw, json)
Hash identifier: BIKdd/1df8Bd40sIbpQK9UMuyKJ/nKRdJm8sl3ITbGE=
Subject key identifier: A0:10:9C:60:15:1E:FD:C3:B3:37:B2:8E:06:88:0C:AA:4E:C2:66:6C
Certificate issuer: /CN=e4cc76e3b5477ffd42a0fe4b8c783aad2f96fe70
Certificate serial: 018706C290A58DE2E9113A94F7EC94A94E35
Authority key identifier: E4:CC:76:E3:B5:47:7F:FD:42:A0:FE:4B:8C:78:3A:AD:2F:96:FE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mx247VHf_1CoP5LjHg6rS-W_nA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/oBCcYBUe_cOzN7KOBogMqk7CZmw.roa
Signing time: Wed 22 Mar 2023 00:40:26 +0000
ROA not before: Wed 22 Mar 2023 00:40:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 185.149.194.0/24 maxlen: 24
2a0b:9080:2::/48 maxlen: 48
2a0b:9080::/48 maxlen: 48
2a0b:9080:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:06:c2:90:a5:8d:e2:e9:11:3a:94:f7:ec:94:a9:4e:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4cc76e3b5477ffd42a0fe4b8c783aad2f96fe70
Validity
Not Before: Mar 22 00:40:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0109c60151efdc3b337b28e06880caa4ec2666c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:23:a7:f1:55:f9:d0:f2:9f:12:74:5c:88:5d:
ee:e7:bf:32:df:3f:00:41:69:60:5a:6c:14:ac:6a:
ce:f3:06:60:c2:1c:0a:b3:e0:9d:eb:3d:2f:3b:1b:
a5:62:f3:2a:a1:ff:8c:0b:7f:c5:4b:10:cb:b0:4d:
54:3d:72:91:4a:73:c3:5c:43:83:80:86:9c:8d:1c:
ce:7c:16:34:02:af:bc:da:cd:9c:82:7a:22:bc:47:
ed:9a:24:c5:fd:52:82:cc:36:fe:2c:c3:07:be:8c:
ac:1f:a5:7a:27:12:84:b1:ed:96:c4:ed:4f:17:ac:
64:75:c2:83:ba:eb:14:4f:22:d0:41:6f:d1:2b:a6:
67:f9:35:b6:c6:66:78:7d:24:15:3b:f1:10:8b:6d:
2f:8e:a8:e1:2b:66:da:f3:ac:f9:7c:8b:e1:fe:81:
42:b6:22:03:97:32:74:e4:4d:20:b9:9a:3c:9b:cd:
fa:34:e0:86:62:9b:54:f1:aa:5e:fe:ae:d8:19:37:
c6:42:ab:9b:d0:ff:a5:07:fc:b6:a8:97:19:aa:87:
2b:e2:89:2b:c7:33:1b:05:45:8b:1c:9f:a9:c2:07:
32:91:19:06:3f:c9:51:18:85:4e:25:0f:b2:95:51:
81:8e:bd:c0:97:47:35:48:cc:65:fd:64:be:d0:46:
d6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:10:9C:60:15:1E:FD:C3:B3:37:B2:8E:06:88:0C:AA:4E:C2:66:6C
X509v3 Authority Key Identifier:
keyid:E4:CC:76:E3:B5:47:7F:FD:42:A0:FE:4B:8C:78:3A:AD:2F:96:FE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mx247VHf_1CoP5LjHg6rS-W_nA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/oBCcYBUe_cOzN7KOBogMqk7CZmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/5Mx247VHf_1CoP5LjHg6rS-W_nA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.194.0/24
IPv6:
2a0b:9080::-2a0b:9080:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
20:6b:00:9c:9a:88:53:98:12:d3:f9:1e:b8:5d:20:68:ef:92:
27:a9:d2:3d:52:36:61:5c:ca:9b:0b:b7:a1:59:36:5e:13:37:
1a:5b:54:0f:ef:65:fb:aa:9a:cb:9c:0d:60:b1:95:38:e1:76:
dd:2e:ca:43:07:04:79:e8:67:40:23:93:9d:46:02:5f:c5:3d:
81:6f:73:b5:78:7e:fc:4e:5f:90:08:c7:76:1d:65:04:5d:d7:
8f:ca:cd:a2:27:e4:59:30:1e:4e:72:89:84:c3:b1:90:a4:68:
34:7b:21:a3:b2:d3:bd:59:32:a6:2a:32:b4:89:4c:46:32:21:
d7:fd:18:13:31:96:f0:08:63:e2:c9:a4:ec:f6:c8:4c:79:5f:
15:7d:98:9b:1a:25:59:66:2c:9a:ed:e6:4f:76:27:78:34:34:
d9:2f:75:4e:d4:c0:b4:bf:b3:27:1c:b7:01:46:44:76:3e:eb:
8c:48:33:9e:78:bf:e2:d7:ae:cb:da:a2:42:40:98:91:0f:65:
4b:d2:fd:c6:89:3f:9b:df:54:44:de:47:0f:bf:37:d6:aa:e8:
76:26:ea:b4:c2:08:f8:67:df:65:a9:5a:56:a2:33:bf:f1:57:
2c:a3:79:fb:25:8a:5b:fe:40:6d:cd:75:5a:ca:b6:c4:18:2c:
e5:fe:f5:d6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYcGwpCljeLpETqU9+yUqU41MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Y2M3NmUzYjU0NzdmZmQ0MmEwZmU0YjhjNzgzYWFkMmY5
NmZlNzAwHhcNMjMwMzIyMDA0MDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDEwOWM2MDE1MWVmZGMzYjMzN2IyOGUwNjg4MGNhYTRlYzI2NjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyOn8VX50PKfEnRciF3u578y3z8A
QWlgWmwUrGrO8wZgwhwKs+Cd6z0vOxulYvMqof+MC3/FSxDLsE1UPXKRSnPDXEOD
gIacjRzOfBY0Aq+82s2cgnoivEftmiTF/VKCzDb+LMMHvoysH6V6JxKEse2WxO1P
F6xkdcKDuusUTyLQQW/RK6Zn+TW2xmZ4fSQVO/EQi20vjqjhK2ba86z5fIvh/oFC
tiIDlzJ05E0guZo8m836NOCGYptU8ape/q7YGTfGQqub0P+lB/y2qJcZqocr4okr
xzMbBUWLHJ+pwgcykRkGP8lRGIVOJQ+ylVGBjr3Al0c1SMxl/WS+0EbWkwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKAQnGAVHv3DszeyjgaIDKpOwmZsMB8GA1UdIwQY
MBaAFOTMduO1R3/9QqD+S4x4Oq0vlv5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU14MjQ3VkhmXzFDb1A1TGpIZzZyUy1XX25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81Zjg4ODEtOGE0NC00ODQyLTgwMDkt
MTE2NWQxZDE1NjRmLzEvb0JDY1lCVWVfY096TjdLT0JvZ01xazdDWm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81Zjg4ODEtOGE0NC00ODQyLTgwMDktMTE2NWQxZDE1NjRm
LzEvNU14MjQ3VkhmXzFDb1A1TGpIZzZyUy1XX25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuZXCMBgE
AgACMBIwEAMFByoLkIADBwAqC5CAAAIwDQYJKoZIhvcNAQELBQADggEBACBrAJya
iFOYEtP5HrhdIGjvkiep0j1SNmFcypsLt6FZNl4TNxpbVA/vZfuqmsucDWCxlTjh
dt0uykMHBHnoZ0Ajk51GAl/FPYFvc7V4fvxOX5AIx3YdZQRd14/KzaIn5FkwHk5y
iYTDsZCkaDR7IaOy071ZMqYqMrSJTEYyIdf9GBMxlvAIY+LJpOz2yEx5XxV9mJsa
JVlmLJrt5k92J3g0NNkvdU7UwLS/sycctwFGRHY+64xIM554v+LXrsvaokJAmJEP
ZUvS/caJP5vfVETeRw+/N9aq6HYm6rTCCPhn32WpWlaiM7/xVyyjefslilv+QG3N
dVrKtsQYLOX+9dY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:56 2025 by rpki-client