Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/OwFH-qwIcCwNg2b9HOAIrTSywDI.roa
File: OwFH-qwIcCwNg2b9HOAIrTSywDI.roa (raw, json)
Hash identifier: xEqLKUyYFZ/MNELtfYasq8fltM1WuOIKq5SHNDqeh1s=
Subject key identifier: 3B:01:47:FA:AC:08:70:2C:0D:83:66:FD:1C:E0:08:AD:34:B2:C0:32
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018571155C9D5FD9019B9C6FE7F683A5606A
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/OwFH-qwIcCwNg2b9HOAIrTSywDI.roa
Signing time: Mon 02 Jan 2023 06:05:03 +0000
ROA not before: Mon 02 Jan 2023 06:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204009
IP address blocks: 85.219.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:5c:9d:5f:d9:01:9b:9c:6f:e7:f6:83:a5:60:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b0147faac08702c0d8366fd1ce008ad34b2c032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3e:37:16:1b:56:0c:7a:be:62:d3:65:f0:a9:
88:e0:7e:be:30:87:82:24:c2:e3:57:ed:29:e2:e2:
a2:68:62:3a:c9:8d:50:05:4b:08:83:a2:27:7a:a0:
b6:cb:2a:ba:09:48:19:55:61:f9:c0:1a:08:d2:48:
c5:51:70:b7:f5:57:08:17:28:52:ea:2b:b2:20:f0:
cf:2b:6e:e7:3e:64:f5:a2:68:4e:aa:ed:d8:9f:73:
a8:77:50:3e:0d:e6:7e:c7:07:4f:06:97:c0:3d:97:
ac:f5:93:9a:d6:41:44:f3:9f:2a:76:9a:8c:17:fb:
99:43:80:c6:08:d9:4e:28:4c:fc:26:b9:14:40:0a:
9f:a2:16:3d:a1:43:9d:34:1e:50:bd:5d:45:81:af:
71:28:5b:5b:53:44:95:a7:26:71:c0:36:2e:3e:81:
1c:d1:4c:bc:62:2a:17:55:2b:10:90:42:62:1a:a8:
5e:be:70:ca:a1:e6:d1:3f:76:ea:94:91:78:57:11:
59:4f:17:cb:9b:da:f2:9f:ca:03:fb:94:b9:c7:b2:
b8:43:c5:9e:98:f1:4c:65:66:09:5b:42:d6:84:a7:
63:91:c9:f8:5c:83:56:71:66:30:9d:fe:cf:2f:1a:
9a:1a:a5:33:e3:2e:67:75:c8:c8:36:e9:70:33:4e:
32:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:01:47:FA:AC:08:70:2C:0D:83:66:FD:1C:E0:08:AD:34:B2:C0:32
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/OwFH-qwIcCwNg2b9HOAIrTSywDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.219.229.0/24
Signature Algorithm: sha256WithRSAEncryption
57:cc:f9:bd:a5:c6:22:21:51:36:0b:08:a8:2e:d2:d4:20:ef:
67:0b:00:80:c1:f6:c9:1d:d9:16:e6:48:46:e8:23:50:83:0d:
a4:fc:f8:19:e4:86:32:f9:fd:5a:ab:01:48:6e:c1:e5:29:f6:
ff:35:d2:64:e6:fe:28:27:69:b7:59:57:9e:6e:19:22:7c:f5:
22:2b:4b:b9:78:8e:c6:9b:0d:7f:10:a1:3d:87:d4:bc:47:7d:
3c:1f:22:da:9f:23:8d:5a:17:ce:40:7b:9a:64:56:6d:5b:16:
8d:0d:c2:65:d8:ff:3b:7f:f0:9b:5c:92:72:29:51:cb:e8:e3:
25:53:a3:3b:73:2a:ec:c6:e2:f1:a3:4c:78:c6:56:0d:0b:4f:
31:4b:71:76:5b:2e:a1:f0:6a:be:df:00:84:57:b9:32:a1:a0:
51:55:34:a8:cb:ef:cf:83:f6:e9:f2:e4:5f:a4:ef:1a:c9:3d:
e3:e0:7e:97:ab:70:b9:34:12:32:21:7a:17:37:b6:0b:00:17:
b1:cb:00:19:51:c6:1f:f9:f6:44:14:10:b2:c0:cf:4d:d2:23:
1c:c7:2a:47:64:21:1a:92:a7:05:1a:67:92:fa:d6:63:e2:f8:
52:ff:58:7d:a6:f7:19:1a:a2:9d:66:3a:db:f1:f3:cc:6f:a9:
83:1a:6a:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFVydX9kBm5xv5/aDpWBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjAxNDdmYWFjMDg3MDJjMGQ4MzY2ZmQxY2UwMDhhZDM0YjJjMDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgj43FhtWDHq+YtNl8KmI4H6+MIeC
JMLjV+0p4uKiaGI6yY1QBUsIg6IneqC2yyq6CUgZVWH5wBoI0kjFUXC39VcIFyhS
6iuyIPDPK27nPmT1omhOqu3Yn3Ood1A+DeZ+xwdPBpfAPZes9ZOa1kFE858qdpqM
F/uZQ4DGCNlOKEz8JrkUQAqfohY9oUOdNB5QvV1Fga9xKFtbU0SVpyZxwDYuPoEc
0Uy8YioXVSsQkEJiGqhevnDKoebRP3bqlJF4VxFZTxfLm9ryn8oD+5S5x7K4Q8We
mPFMZWYJW0LWhKdjkcn4XINWcWYwnf7PLxqaGqUz4y5ndcjINulwM04yMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsBR/qsCHAsDYNm/RzgCK00ssAyMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvT3dGSC1xd0ljQ3dOZzJiOUhPQUlyVFN5d0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdvlMA0G
CSqGSIb3DQEBCwUAA4IBAQBXzPm9pcYiIVE2CwioLtLUIO9nCwCAwfbJHdkW5khG
6CNQgw2k/PgZ5IYy+f1aqwFIbsHlKfb/NdJk5v4oJ2m3WVeebhkifPUiK0u5eI7G
mw1/EKE9h9S8R308HyLanyONWhfOQHuaZFZtWxaNDcJl2P87f/CbXJJyKVHL6OMl
U6M7cyrsxuLxo0x4xlYNC08xS3F2Wy6h8Gq+3wCEV7kyoaBRVTSoy+/Pg/bp8uRf
pO8ayT3j4H6Xq3C5NBIyIXoXN7YLABexywAZUcYf+fZEFBCywM9N0iMcxypHZCEa
kqcFGmeS+tZj4vhS/1h9pvcZGqKdZjrb8fPMb6mDGmqt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:26 2025 by rpki-client