Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a59ee9-33cd-47df-8403-b9472a2c5b3e/1/Ou2mcyjjBr2NBFKgaQ3LRo3ryIQ.roa
File: Ou2mcyjjBr2NBFKgaQ3LRo3ryIQ.roa (raw, json)
Hash identifier: vGZScC3IdQo8EU5dn3XN1uK1+twWpeRVrAKss410jsQ=
Subject key identifier: 3A:ED:A6:73:28:E3:06:BD:8D:04:52:A0:69:0D:CB:46:8D:EB:C8:84
Certificate issuer: /CN=4fbb63df06de00c843da63977349595471e51a26
Certificate serial: 018572B411FE6689B4B2186367AC083AED1C
Authority key identifier: 4F:BB:63:DF:06:DE:00:C8:43:DA:63:97:73:49:59:54:71:E5:1A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7tj3wbeAMhD2mOXc0lZVHHlGiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a59ee9-33cd-47df-8403-b9472a2c5b3e/1/Ou2mcyjjBr2NBFKgaQ3LRo3ryIQ.roa
Signing time: Mon 02 Jan 2023 13:38:01 +0000
ROA not before: Mon 02 Jan 2023 13:38:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199490
IP address blocks: 185.14.232.0/22 maxlen: 22
2a02:f000::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:11:fe:66:89:b4:b2:18:63:67:ac:08:3a:ed:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbb63df06de00c843da63977349595471e51a26
Validity
Not Before: Jan 2 13:38:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3aeda67328e306bd8d0452a0690dcb468debc884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:31:00:ce:16:3c:5a:f8:66:40:1b:79:85:7e:
b5:67:cc:ca:64:dd:80:58:11:82:fb:6f:16:37:c7:
d7:9f:88:03:fe:ec:85:f7:a5:e9:53:72:80:8e:c7:
09:db:c6:c5:c8:3b:22:e8:b9:f7:95:a2:66:94:b7:
bf:3e:df:f6:26:2c:4b:a7:ba:af:91:5b:d4:a8:61:
37:80:2f:d3:1e:e9:d7:a5:1d:5b:02:cd:ce:65:3a:
b1:51:76:58:d9:4e:8c:38:45:b8:2b:12:ea:83:50:
a5:79:d1:a2:e9:40:8f:7a:c4:82:55:a4:62:7a:e4:
c2:aa:f9:27:fa:fd:46:2c:54:04:40:c4:66:ed:7d:
26:06:02:b9:f5:7d:74:d0:79:60:27:27:d4:18:43:
e3:97:a8:3d:34:f7:81:74:5a:b3:67:2f:d7:b0:56:
57:a7:ad:a7:c9:5c:a4:23:8d:ea:c2:08:14:41:18:
d1:f9:21:c4:6a:b5:5e:e9:f9:da:e2:2a:51:33:67:
23:42:9c:5f:94:b4:17:1d:1f:e1:f2:5f:69:4f:7c:
00:4c:55:59:c9:e8:39:ad:ae:65:51:d7:15:67:ec:
a5:70:17:b5:96:a3:91:81:5f:cd:b5:a0:99:2c:3c:
e3:8f:1c:60:42:45:aa:ad:df:af:8e:da:3d:fd:7c:
dc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:ED:A6:73:28:E3:06:BD:8D:04:52:A0:69:0D:CB:46:8D:EB:C8:84
X509v3 Authority Key Identifier:
keyid:4F:BB:63:DF:06:DE:00:C8:43:DA:63:97:73:49:59:54:71:E5:1A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7tj3wbeAMhD2mOXc0lZVHHlGiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a59ee9-33cd-47df-8403-b9472a2c5b3e/1/Ou2mcyjjBr2NBFKgaQ3LRo3ryIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a59ee9-33cd-47df-8403-b9472a2c5b3e/1/T7tj3wbeAMhD2mOXc0lZVHHlGiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.232.0/22
IPv6:
2a02:f000::/32
Signature Algorithm: sha256WithRSAEncryption
11:bd:b8:68:2a:92:b8:2b:a3:15:05:d3:89:ec:cd:a3:a3:13:
84:39:46:49:3c:8b:e5:17:ff:0d:f5:b4:46:ba:90:cb:cf:da:
9e:64:89:b6:77:0d:50:d9:39:ef:34:8c:cc:3f:28:e4:d6:09:
9e:e4:69:ab:89:3b:6b:34:a8:be:e8:09:54:dd:8c:26:04:3b:
58:04:d0:5d:0c:97:77:66:04:64:31:2c:6e:36:03:cc:b2:28:
39:4b:4f:a8:90:6b:d6:ed:f4:e8:5d:1f:60:ed:60:f1:06:4f:
d1:6f:59:35:2b:75:0a:ac:46:5a:eb:b0:e0:ff:38:c8:78:55:
ca:42:b2:7e:21:b4:80:11:e4:60:a7:6b:b0:c7:bb:1c:60:66:
61:54:4c:e7:61:33:97:ea:62:1e:a9:51:70:b9:11:58:0d:aa:
a3:12:57:1f:12:e2:5c:c5:3d:d3:f7:fa:2b:53:bd:9d:48:4a:
ee:bc:42:cc:65:4f:f3:9c:1a:12:dd:0f:61:b1:54:9b:d7:75:
68:b0:e8:20:ef:ad:4b:02:90:a4:21:60:3f:85:cd:db:a7:8f:
cc:87:17:81:99:f0:d9:3f:03:5b:5c:01:73:e5:22:79:61:70:
d1:c8:ab:61:5b:20:be:70:52:64:41:2b:4e:4f:05:9a:b0:98:
20:48:7c:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVytBH+Zom0shhjZ6wIOu0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmI2M2RmMDZkZTAwYzg0M2RhNjM5NzczNDk1OTU0NzFl
NTFhMjYwHhcNMjMwMTAyMTMzODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWVkYTY3MzI4ZTMwNmJkOGQwNDUyYTA2OTBkY2I0NjhkZWJjODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DEAzhY8WvhmQBt5hX61Z8zKZN2A
WBGC+28WN8fXn4gD/uyF96XpU3KAjscJ28bFyDsi6Ln3laJmlLe/Pt/2JixLp7qv
kVvUqGE3gC/THunXpR1bAs3OZTqxUXZY2U6MOEW4KxLqg1CledGi6UCPesSCVaRi
euTCqvkn+v1GLFQEQMRm7X0mBgK59X100HlgJyfUGEPjl6g9NPeBdFqzZy/XsFZX
p62nyVykI43qwggUQRjR+SHEarVe6fna4ipRM2cjQpxflLQXHR/h8l9pT3wATFVZ
yeg5ra5lUdcVZ+ylcBe1lqORgV/NtaCZLDzjjxxgQkWqrd+vjto9/XzcZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDrtpnMo4wa9jQRSoGkNy0aN68iEMB8GA1UdIwQY
MBaAFE+7Y98G3gDIQ9pjl3NJWVRx5RomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDd0ajN3YmVBTWhEMm1PWGMwbFpWSEhsR2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hNTllZTktMzNjZC00N2RmLTg0MDMt
Yjk0NzJhMmM1YjNlLzEvT3UybWN5ampCcjJOQkZLZ2FRM0xSbzNyeUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hNTllZTktMzNjZC00N2RmLTg0MDMtYjk0NzJhMmM1YjNl
LzEvVDd0ajN3YmVBTWhEMm1PWGMwbFpWSEhsR2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ7oMA0E
AgACMAcDBQAqAvAAMA0GCSqGSIb3DQEBCwUAA4IBAQARvbhoKpK4K6MVBdOJ7M2j
oxOEOUZJPIvlF/8N9bRGupDLz9qeZIm2dw1Q2TnvNIzMPyjk1gme5GmriTtrNKi+
6AlU3YwmBDtYBNBdDJd3ZgRkMSxuNgPMsig5S0+okGvW7fToXR9g7WDxBk/Rb1k1
K3UKrEZa67Dg/zjIeFXKQrJ+IbSAEeRgp2uwx7scYGZhVEznYTOX6mIeqVFwuRFY
DaqjElcfEuJcxT3T9/orU72dSEruvELMZU/znBoS3Q9hsVSb13VosOgg761LApCk
IWA/hc3bp4/MhxeBmfDZPwNbXAFz5SJ5YXDRyKthWyC+cFJkQStOTwWasJggSHw9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:15 2025 by rpki-client