Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/ovgz_gLw3Ro5k-_KNn_EDr3fAs0.roa
File: ovgz_gLw3Ro5k-_KNn_EDr3fAs0.roa (raw, json)
Hash identifier: 1X7d4Rsk5ACHKMuE9bQuVevcIU6sWXFtQ9xUbOc+1NY=
Subject key identifier: A2:F8:33:FE:02:F0:DD:1A:39:93:EF:CA:36:7F:C4:0E:BD:DF:02:CD
Certificate issuer: /CN=3558bb47de354e09e0fc2cb2c1fa14d71d926ee8
Certificate serial: 0184A3222A7575D891A34600BDC234F15549
Authority key identifier: 35:58:BB:47:DE:35:4E:09:E0:FC:2C:B2:C1:FA:14:D7:1D:92:6E:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/ovgz_gLw3Ro5k-_KNn_EDr3fAs0.roa
Signing time: Wed 23 Nov 2022 06:17:16 +0000
ROA not before: Wed 23 Nov 2022 06:17:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56548
IP address blocks: 185.199.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:22:2a:75:75:d8:91:a3:46:00:bd:c2:34:f1:55:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3558bb47de354e09e0fc2cb2c1fa14d71d926ee8
Validity
Not Before: Nov 23 06:17:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2f833fe02f0dd1a3993efca367fc40ebddf02cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:51:3e:81:58:ad:96:41:f3:a4:d1:12:bb:82:
72:07:19:77:38:01:a1:e6:05:95:fd:44:22:24:2f:
6c:05:cf:46:5a:b3:d4:f7:fb:56:be:e8:17:8f:ee:
6b:ea:19:29:78:15:96:12:b0:31:21:91:ba:d8:2d:
a0:32:73:e0:c1:39:2c:68:55:a9:5e:0f:35:79:44:
2d:07:2a:64:8e:d7:d5:cd:26:c9:41:fb:ec:c6:f7:
65:c2:89:bd:90:e2:9d:a1:cf:2f:d4:33:0a:d9:e8:
0c:4f:46:ab:2f:d2:0a:9e:b6:66:26:ea:1b:77:d2:
44:d0:bb:1a:e6:df:57:e8:bf:4c:f2:0e:05:19:db:
39:2f:b3:be:fc:f7:7d:3f:e6:9f:09:e5:28:b2:c5:
0b:36:b4:c3:c6:5d:1c:67:3f:14:a7:73:43:30:98:
fa:11:c9:30:fe:19:59:6c:5e:b1:a8:a5:65:26:9c:
c9:4e:fd:c6:f5:fb:18:ad:67:16:e7:0b:7a:cc:a9:
bd:2b:90:b5:73:8a:6a:44:93:3d:65:30:5b:59:e4:
f6:0b:16:5f:2a:50:4e:e0:d6:13:f4:65:e3:fe:34:
71:9d:c8:83:31:cc:61:12:f5:db:6d:2d:46:10:bc:
15:c1:24:6f:41:4a:8b:50:ac:a3:4b:81:32:47:b3:
26:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F8:33:FE:02:F0:DD:1A:39:93:EF:CA:36:7F:C4:0E:BD:DF:02:CD
X509v3 Authority Key Identifier:
keyid:35:58:BB:47:DE:35:4E:09:E0:FC:2C:B2:C1:FA:14:D7:1D:92:6E:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/ovgz_gLw3Ro5k-_KNn_EDr3fAs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/NVi7R941Tgng_CyywfoU1x2Sbug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.208.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:78:b5:67:f7:42:7d:71:27:9c:60:88:d5:d1:41:06:13:fb:
86:55:01:79:05:93:5b:0b:e9:de:8b:96:3e:24:a5:37:e6:76:
20:db:f2:2c:10:ad:2e:58:39:03:cf:98:e9:51:56:ae:29:0e:
12:cd:7d:7f:13:d7:fd:ec:c9:38:4d:50:0e:10:14:7a:cd:4a:
16:eb:02:18:e3:92:13:04:c9:03:8b:1c:aa:6f:cc:59:cb:23:
97:8f:13:b4:c7:3f:2d:03:cd:23:0b:d9:36:5f:57:f2:66:e4:
8a:90:ce:76:56:e4:bf:1d:01:ee:b9:41:8c:6c:1d:5d:04:c0:
0a:6c:dd:0b:02:b2:36:7c:f3:b2:8c:07:ef:98:61:ad:90:0b:
d2:aa:f2:61:a7:bc:af:30:41:31:05:64:3f:03:1d:58:fa:c8:
91:1b:29:ef:62:47:51:cd:c3:38:cc:9c:a6:1e:c8:4e:0b:ab:
91:8a:9c:54:2b:98:80:ce:17:d1:26:5c:ce:47:81:95:4c:cb:
02:0a:c3:6a:42:4f:3f:9d:b7:f9:8a:92:4c:85:3a:dc:4e:97:
66:cd:e6:44:ca:c0:51:36:5c:a1:11:6a:f4:dc:60:15:82:85:
1e:2c:83:ce:a8:9b:cc:ee:f4:5a:75:da:fe:c9:b9:dc:72:f2:
11:e1:7d:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSjIip1ddiRo0YAvcI08VVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NThiYjQ3ZGUzNTRlMDllMGZjMmNiMmMxZmExNGQ3MWQ5
MjZlZTgwHhcNMjIxMTIzMDYxNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmY4MzNmZTAyZjBkZDFhMzk5M2VmY2EzNjdmYzQwZWJkZGYwMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlE+gVitlkHzpNESu4JyBxl3OAGh
5gWV/UQiJC9sBc9GWrPU9/tWvugXj+5r6hkpeBWWErAxIZG62C2gMnPgwTksaFWp
Xg81eUQtBypkjtfVzSbJQfvsxvdlwom9kOKdoc8v1DMK2egMT0arL9IKnrZmJuob
d9JE0Lsa5t9X6L9M8g4FGds5L7O+/Pd9P+afCeUossULNrTDxl0cZz8Up3NDMJj6
Eckw/hlZbF6xqKVlJpzJTv3G9fsYrWcW5wt6zKm9K5C1c4pqRJM9ZTBbWeT2CxZf
KlBO4NYT9GXj/jRxnciDMcxhEvXbbS1GELwVwSRvQUqLUKyjS4EyR7MmUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKL4M/4C8N0aOZPvyjZ/xA693wLNMB8GA1UdIwQY
MBaAFDVYu0feNU4J4PwsssH6FNcdkm7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZpN1I5NDFUZ25nX0N5eXdmb1UxeDJTYnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hMGZhY2EtZGI3Zi00ZWQ4LWIxMWEt
ZWVjNDZjYTgyYTMzLzEvb3Znel9nTHczUm81ay1fS05uX0VEcjNmQXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hMGZhY2EtZGI3Zi00ZWQ4LWIxMWEtZWVjNDZjYTgyYTMz
LzEvTlZpN1I5NDFUZ25nX0N5eXdmb1UxeDJTYnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucfQMA0G
CSqGSIb3DQEBCwUAA4IBAQA7eLVn90J9cSecYIjV0UEGE/uGVQF5BZNbC+nei5Y+
JKU35nYg2/IsEK0uWDkDz5jpUVauKQ4SzX1/E9f97Mk4TVAOEBR6zUoW6wIY45IT
BMkDixyqb8xZyyOXjxO0xz8tA80jC9k2X1fyZuSKkM52VuS/HQHuuUGMbB1dBMAK
bN0LArI2fPOyjAfvmGGtkAvSqvJhp7yvMEExBWQ/Ax1Y+siRGynvYkdRzcM4zJym
HshOC6uRipxUK5iAzhfRJlzOR4GVTMsCCsNqQk8/nbf5ipJMhTrcTpdmzeZEysBR
NlyhEWr03GAVgoUeLIPOqJvM7vRaddr+ybnccvIR4X2U
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:44 2025 by rpki-client