Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/Ore8F9-OhjLq_xpuhlGgsTKKdDk.roa
File: Ore8F9-OhjLq_xpuhlGgsTKKdDk.roa (raw, json)
Hash identifier: TqvllQkle/IwO1GQVgH1DiRL8XfILd9UYwNBQ6q6gT0=
Subject key identifier: 3A:B7:BC:17:DF:8E:86:32:EA:FF:1A:6E:86:51:A0:B1:32:8A:74:39
Certificate issuer: /CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Certificate serial: 018B93EBF3F25876B387B802B22F569A6B88
Authority key identifier: 9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/Ore8F9-OhjLq_xpuhlGgsTKKdDk.roa
Signing time: Fri 03 Nov 2023 06:43:16 +0000
ROA not before: Fri 03 Nov 2023 06:43:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207353
IP address blocks: 195.246.246.0/24 maxlen: 24
195.246.249.0/24 maxlen: 24
195.246.247.0/24 maxlen: 24
195.246.248.0/24 maxlen: 24
217.199.213.0/24 maxlen: 24
193.243.161.0/24 maxlen: 24
89.248.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:eb:f3:f2:58:76:b3:87:b8:02:b2:2f:56:9a:6b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Validity
Not Before: Nov 3 06:43:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ab7bc17df8e8632eaff1a6e8651a0b1328a7439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:53:d3:86:f1:b0:b4:75:20:ce:ac:be:29:b8:
59:7c:70:35:80:32:1c:20:83:3e:f5:40:93:a0:79:
ac:ca:b1:53:fb:b8:1e:3d:cb:9d:fa:cc:29:94:eb:
36:f8:83:ee:8c:f1:4c:79:81:5f:5b:4b:26:5f:fc:
c3:a6:5c:fa:a6:c6:10:7a:62:62:ff:67:f1:14:82:
8d:2e:9a:12:24:fe:20:c1:9e:17:4a:e6:61:74:2a:
c8:2a:e7:58:bd:41:7d:90:61:0a:87:53:44:8a:81:
bf:a8:a1:f4:a8:80:72:4b:40:3e:82:77:49:a9:3d:
f8:6e:5c:07:8e:4f:0e:b1:0b:cf:fd:f8:66:07:bd:
4d:b8:4d:37:0b:62:84:3c:b9:78:ab:77:43:a9:9f:
df:22:b0:ad:54:0d:a5:63:d3:d9:2a:7d:e4:8d:b5:
d4:04:86:07:37:95:9e:ed:70:1a:69:a4:ea:fa:f1:
03:97:9e:3d:2b:a0:e1:19:74:fc:5a:d0:fe:13:23:
8e:ff:77:6c:80:e7:c8:35:d5:d9:46:57:d7:f9:e6:
d1:48:31:9b:0c:1e:51:f7:6c:1c:6d:5c:60:70:26:
66:3f:5c:e7:b6:eb:67:a8:2d:6c:5f:a6:6d:16:5c:
65:05:32:a6:c0:48:ab:f3:14:1e:d1:06:1b:a4:ac:
a9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B7:BC:17:DF:8E:86:32:EA:FF:1A:6E:86:51:A0:B1:32:8A:74:39
X509v3 Authority Key Identifier:
keyid:9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/Ore8F9-OhjLq_xpuhlGgsTKKdDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.230.0/24
193.243.161.0/24
195.246.246.0-195.246.249.255
217.199.213.0/24
Signature Algorithm: sha256WithRSAEncryption
71:02:9e:36:c9:10:55:02:c0:e4:90:81:f5:2a:35:18:1d:c3:
18:2c:4e:ae:7c:7d:1e:65:0e:d5:db:9d:b6:c2:f6:ce:d3:ce:
dc:8a:56:ab:2c:44:dc:b5:cc:04:02:b3:cc:45:92:e4:4e:ad:
32:fb:0e:43:16:6e:02:86:1f:a3:82:43:89:a3:62:cf:10:9f:
3b:69:b4:9f:78:c4:f5:fd:f0:81:85:96:45:cb:c2:8d:ac:23:
a2:81:fb:b3:16:6e:22:80:dd:ff:ab:9c:45:ae:22:df:f9:f6:
10:96:8c:c9:c7:8b:e4:3b:b3:ff:e7:ea:a7:90:bf:e9:82:a6:
89:4b:12:5f:db:47:fe:66:c3:d3:6d:db:72:75:64:a5:a2:6b:
b8:d2:2d:92:e6:3c:0d:d3:99:b8:fa:ea:fb:67:e5:e2:15:a3:
10:4f:83:68:ac:49:9d:51:d0:6e:2b:60:24:f4:66:21:24:e9:
5d:a6:ae:49:66:b1:3f:d7:b0:76:db:04:c4:be:84:a6:3f:2d:
ce:a7:f9:b4:7b:24:10:31:59:5f:18:8e:79:2c:0a:0d:0f:ae:
32:f6:0a:4a:99:93:70:ef:4a:95:38:96:d1:90:d4:4d:b7:f4:
21:12:cd:b0:8d:ff:7c:3d:86:d5:27:db:8a:d9:71:be:da:3a:
69:22:f2:42
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYuT6/PyWHazh7gCsi9WmmuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzNkOTQ1M2ZiZWRmYjgwYzQ1NDNiYjUyOWZjMzMwYzFm
OGMxY2UwHhcNMjMxMTAzMDY0MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI3YmMxN2RmOGU4NjMyZWFmZjFhNmU4NjUxYTBiMTMyOGE3NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlPThvGwtHUgzqy+KbhZfHA1gDIc
IIM+9UCToHmsyrFT+7gePcud+swplOs2+IPujPFMeYFfW0smX/zDplz6psYQemJi
/2fxFIKNLpoSJP4gwZ4XSuZhdCrIKudYvUF9kGEKh1NEioG/qKH0qIByS0A+gndJ
qT34blwHjk8OsQvP/fhmB71NuE03C2KEPLl4q3dDqZ/fIrCtVA2lY9PZKn3kjbXU
BIYHN5We7XAaaaTq+vEDl549K6DhGXT8WtD+EyOO/3dsgOfINdXZRlfX+ebRSDGb
DB5R92wcbVxgcCZmP1zntutnqC1sX6ZtFlxlBTKmwEir8xQe0QYbpKyp1QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDq3vBffjoYy6v8aboZRoLEyinQ5MB8GA1UdIwQY
MBaAFJxz2UU/vt+4DEVDu1KfwzDB+MHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEt
YzQ3ZTE4ZGYwMzcxLzEvT3JlOEY5LU9oakxxX3hwdWhsR2dzVEtLZERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEtYzQ3ZTE4ZGYwMzcx
LzEvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWfjmAwQA
wfOhMAwDBAHD9vYDBAHD9vgDBADZx9UwDQYJKoZIhvcNAQELBQADggEBAHECnjbJ
EFUCwOSQgfUqNRgdwxgsTq58fR5lDtXbnbbC9s7TztyKVqssRNy1zAQCs8xFkuRO
rTL7DkMWbgKGH6OCQ4mjYs8QnztptJ94xPX98IGFlkXLwo2sI6KB+7MWbiKA3f+r
nEWuIt/59hCWjMnHi+Q7s//n6qeQv+mCpolLEl/bR/5mw9Nt23J1ZKWia7jSLZLm
PA3Tmbj66vtn5eIVoxBPg2isSZ1R0G4rYCT0ZiEk6V2mrklmsT/XsHbbBMS+hKY/
Lc6n+bR7JBAxWV8YjnksCg0PrjL2CkqZk3DvSpU4ltGQ1E239CESzbCN/3w9htUn
24rZcb7aOmki8kI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:35 2025 by rpki-client