Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/oW8NGPHyTJ4_mamR5Sjt-pYQCP0.roa
File: oW8NGPHyTJ4_mamR5Sjt-pYQCP0.roa (raw, json)
Hash identifier: xLXQSyrfAnEp6iYzwDzf1Uz3qtmQ22o6nZuC3/i949U=
Subject key identifier: A1:6F:0D:18:F1:F2:4C:9E:3F:99:A9:91:E5:28:ED:FA:96:10:08:FD
Certificate issuer: /CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Certificate serial: 018571B0F277B074867997F806215D56C60D
Authority key identifier: 42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/oW8NGPHyTJ4_mamR5Sjt-pYQCP0.roa
Signing time: Mon 02 Jan 2023 08:54:59 +0000
ROA not before: Mon 02 Jan 2023 08:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212388
IP address blocks: 185.206.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:f2:77:b0:74:86:79:97:f8:06:21:5d:56:c6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Validity
Not Before: Jan 2 08:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a16f0d18f1f24c9e3f99a991e528edfa961008fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c3:e4:5f:37:9d:15:f5:a9:7c:05:94:60:65:
c2:70:ce:7f:cd:41:d2:55:1d:e7:1f:ac:2a:d0:49:
3c:cc:35:74:9b:c2:90:ab:10:18:58:d0:ab:0b:df:
f1:16:56:8a:d5:62:bb:78:8f:07:df:69:e7:91:71:
4c:11:98:f1:e1:39:0b:65:53:b7:8e:44:8f:e4:64:
b7:75:7d:c9:d7:79:79:08:0a:fe:5d:20:08:ff:18:
ac:f1:87:48:87:11:39:e1:28:c4:1f:49:1a:ed:cc:
73:3e:8d:92:1a:cb:37:a6:5e:83:6b:49:42:97:88:
20:d3:e0:f4:5a:f9:84:8d:11:1f:83:99:b2:3c:92:
06:b5:65:15:5a:2c:26:4d:4a:b0:d3:df:0e:bb:76:
76:03:76:cd:05:38:a9:52:9d:a5:c7:78:04:9d:a7:
93:3f:e2:ab:11:93:76:4b:4d:65:91:77:07:dc:7d:
70:80:ef:a5:0d:de:9f:a3:e6:d0:73:c2:ed:5e:0e:
16:20:03:85:af:46:c2:bc:30:5c:c3:8e:b1:54:f9:
5b:74:de:80:55:21:90:01:e9:d6:6a:ae:a9:29:79:
94:e9:cb:0f:21:9a:76:bc:5c:54:3f:6b:df:2b:c8:
17:6d:51:2f:4b:74:ec:0c:29:b2:25:2e:40:9d:db:
56:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6F:0D:18:F1:F2:4C:9E:3F:99:A9:91:E5:28:ED:FA:96:10:08:FD
X509v3 Authority Key Identifier:
keyid:42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/oW8NGPHyTJ4_mamR5Sjt-pYQCP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.71.0/24
Signature Algorithm: sha256WithRSAEncryption
29:6c:88:7e:d7:0f:d2:92:e2:31:b3:7f:62:ef:94:75:df:8d:
b3:ce:fa:5d:54:b0:a5:87:74:14:77:6f:f0:dd:27:dc:99:8a:
4c:8e:83:82:be:8b:37:a0:30:5a:a7:bb:40:13:77:0b:28:33:
84:82:7b:61:0d:55:7a:ed:06:db:32:ee:be:6d:15:ff:2c:59:
f8:8e:96:76:1b:0e:ac:a1:c9:b1:d3:ba:f3:0a:89:d8:5e:a4:
69:43:cc:70:c8:82:ce:59:89:f0:ed:52:14:41:34:65:68:ab:
0a:ed:3b:53:44:b9:4b:43:62:1c:bf:8c:bd:e8:d5:62:e3:8b:
5c:94:b9:ae:05:65:4f:98:78:47:3d:f0:9a:c6:07:0f:c7:70:
51:2b:54:55:06:62:4c:c8:3e:8e:95:08:84:23:91:8e:3e:17:
64:c5:7c:d5:9c:72:49:e3:0b:9f:2b:8e:d2:6e:05:69:b6:7c:
a1:9f:b3:2e:26:db:8e:51:d6:86:a4:e3:da:aa:7f:2e:68:39:
15:11:3e:56:a6:45:47:51:0e:8f:66:88:d4:32:25:c5:74:5a:
e6:d7:ce:d9:ef:92:4d:db:f7:3f:1a:84:1a:d8:ce:38:f8:df:
6a:dc:06:ed:5f:25:e0:c7:70:17:0a:5e:7a:c8:36:56:9c:b4:
76:7a:16:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsPJ3sHSGeZf4BiFdVsYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzRjOTBlZDE2YWEyMGU0OTE3ODQyMGJmYzg0YTg4M2Mx
MmFjNjgwHhcNMjMwMTAyMDg1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTZmMGQxOGYxZjI0YzllM2Y5OWE5OTFlNTI4ZWRmYTk2MTAwOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8PkXzedFfWpfAWUYGXCcM5/zUHS
VR3nH6wq0Ek8zDV0m8KQqxAYWNCrC9/xFlaK1WK7eI8H32nnkXFMEZjx4TkLZVO3
jkSP5GS3dX3J13l5CAr+XSAI/xis8YdIhxE54SjEH0ka7cxzPo2SGss3pl6Da0lC
l4gg0+D0WvmEjREfg5myPJIGtWUVWiwmTUqw098Ou3Z2A3bNBTipUp2lx3gEnaeT
P+KrEZN2S01lkXcH3H1wgO+lDd6fo+bQc8LtXg4WIAOFr0bCvDBcw46xVPlbdN6A
VSGQAenWaq6pKXmU6csPIZp2vFxUP2vfK8gXbVEvS3TsDCmyJS5AndtWmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFvDRjx8kyeP5mpkeUo7fqWEAj9MB8GA1UdIwQY
MBaAFELEyQ7RaqIOSReEIL/ISog8EqxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYt
YThlNGU3MWJlZTUxLzEvb1c4TkdQSHlUSjRfbWFtUjVTanQtcFlRQ1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYtYThlNGU3MWJlZTUx
LzEvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc5HMA0G
CSqGSIb3DQEBCwUAA4IBAQApbIh+1w/SkuIxs39i75R1342zzvpdVLClh3QUd2/w
3SfcmYpMjoOCvos3oDBap7tAE3cLKDOEgnthDVV67QbbMu6+bRX/LFn4jpZ2Gw6s
ocmx07rzConYXqRpQ8xwyILOWYnw7VIUQTRlaKsK7TtTRLlLQ2Icv4y96NVi44tc
lLmuBWVPmHhHPfCaxgcPx3BRK1RVBmJMyD6OlQiEI5GOPhdkxXzVnHJJ4wufK47S
bgVptnyhn7MuJtuOUdaGpOPaqn8uaDkVET5WpkVHUQ6PZojUMiXFdFrm187Z75JN
2/c/GoQa2M44+N9q3AbtXyXgx3AXCl56yDZWnLR2ehYt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:49 2025 by rpki-client