Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/28c90c-9a63-40b4-92cf-2d7b8570dd03/1/oHEb-_T20sXB2qb9zi15QMcnJac.roa
File: oHEb-_T20sXB2qb9zi15QMcnJac.roa (raw, json)
Hash identifier: ezenSKFRsRUziST7c8cKwYR/5reiweH9Qd+41uP39uM=
Subject key identifier: A0:71:1B:FB:F4:F6:D2:C5:C1:DA:A6:FD:CE:2D:79:40:C7:27:25:A7
Certificate issuer: /CN=cee4c15c8707dfbdfda83be3a693c35947f16d59
Certificate serial: 0187AACA5D780CDC7060DF4DFE09A4113482
Authority key identifier: CE:E4:C1:5C:87:07:DF:BD:FD:A8:3B:E3:A6:93:C3:59:47:F1:6D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zuTBXIcH3739qDvjppPDWUfxbVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/28c90c-9a63-40b4-92cf-2d7b8570dd03/1/oHEb-_T20sXB2qb9zi15QMcnJac.roa
Signing time: Sat 22 Apr 2023 21:06:41 +0000
ROA not before: Sat 22 Apr 2023 21:06:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205774
IP address blocks: 185.159.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:aa:ca:5d:78:0c:dc:70:60:df:4d:fe:09:a4:11:34:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cee4c15c8707dfbdfda83be3a693c35947f16d59
Validity
Not Before: Apr 22 21:06:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0711bfbf4f6d2c5c1daa6fdce2d7940c72725a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6b:9f:b3:22:5c:e9:0f:f8:96:a8:9c:f4:92:
97:27:f1:48:12:da:b7:c4:e3:a8:7c:17:2f:c1:0d:
b2:53:6b:d0:f0:07:32:37:c7:2f:96:a4:5b:c4:cc:
df:01:a3:a2:96:bd:32:c5:86:6d:31:9d:ba:4e:63:
45:83:5a:9b:78:4e:c9:5c:cf:ad:f7:19:30:ed:de:
13:a0:86:71:4e:74:0f:e7:28:9e:46:bd:0a:62:0a:
c0:a6:10:7b:12:4d:c9:a9:de:ac:af:f9:14:87:d5:
d7:69:92:98:de:ef:a2:32:fa:ea:40:5a:e7:33:97:
5f:3a:6c:74:6d:25:62:96:b5:12:c1:46:d0:bc:ea:
7a:7a:7c:0c:f7:1c:59:dc:31:91:a4:ce:9d:ed:55:
00:2a:ef:b0:d2:67:92:1f:79:84:3e:08:76:ce:2f:
1b:b0:2b:f6:00:ec:0f:eb:2d:7e:ac:bd:d3:db:f9:
b3:e0:a4:ef:78:53:e4:e7:ff:19:2d:cd:00:8d:aa:
e0:78:03:b3:3b:5d:1d:12:a1:79:3e:cd:57:70:14:
c4:b1:42:38:e1:ac:75:ef:be:be:e7:01:1c:cf:da:
b5:c5:c7:82:e9:17:cb:06:21:4a:4d:e8:8d:81:27:
a2:2b:81:9f:55:88:c7:0c:f1:46:5a:b3:1b:2d:17:
36:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:71:1B:FB:F4:F6:D2:C5:C1:DA:A6:FD:CE:2D:79:40:C7:27:25:A7
X509v3 Authority Key Identifier:
keyid:CE:E4:C1:5C:87:07:DF:BD:FD:A8:3B:E3:A6:93:C3:59:47:F1:6D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zuTBXIcH3739qDvjppPDWUfxbVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/28c90c-9a63-40b4-92cf-2d7b8570dd03/1/oHEb-_T20sXB2qb9zi15QMcnJac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/28c90c-9a63-40b4-92cf-2d7b8570dd03/1/zuTBXIcH3739qDvjppPDWUfxbVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.88.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:ac:c0:31:31:f8:7b:4d:08:45:ac:83:b3:ce:bf:1e:7a:ae:
47:18:6d:98:01:a6:22:ef:9d:16:56:31:d1:13:a8:6d:18:6d:
bb:20:be:0e:60:de:bd:ac:31:a6:67:63:92:dd:58:02:9f:36:
be:90:fc:d1:d7:48:f2:4a:c7:1b:22:24:d8:ea:6d:bc:38:cf:
66:72:81:5f:bc:09:bf:f2:1a:3e:99:c0:81:77:3b:11:ab:78:
1c:78:b0:10:aa:96:6b:d6:61:13:80:72:03:8c:81:42:87:f7:
d6:6a:af:a9:29:01:32:44:81:e4:be:06:f9:ac:e2:a7:c7:96:
21:dd:27:37:f7:90:04:4b:82:d1:97:6c:49:5d:07:78:df:5a:
dd:72:fe:2c:e0:12:54:5e:23:2f:15:b6:4b:75:88:7c:0c:89:
82:04:d3:79:67:d2:2f:22:36:5c:a9:fb:55:07:aa:c0:b3:9f:
ae:3c:a1:84:3d:33:80:ca:7f:29:c3:a8:31:aa:30:1e:9c:8d:
6c:38:14:fb:8b:c8:b1:f8:23:d8:77:03:7e:e2:a5:5d:f1:0b:
6e:17:44:a9:2a:39:fd:a4:2b:b5:55:4d:dc:70:08:61:e7:be:
06:76:01:ac:b3:31:1e:4d:eb:e6:0e:17:f1:3d:43:ee:e6:5c:
49:7c:0f:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeqyl14DNxwYN9N/gmkETSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZTRjMTVjODcwN2RmYmRmZGE4M2JlM2E2OTNjMzU5NDdm
MTZkNTkwHhcNMjMwNDIyMjEwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDcxMWJmYmY0ZjZkMmM1YzFkYWE2ZmRjZTJkNzk0MGM3MjcyNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2ufsyJc6Q/4lqic9JKXJ/FIEtq3
xOOofBcvwQ2yU2vQ8AcyN8cvlqRbxMzfAaOilr0yxYZtMZ26TmNFg1qbeE7JXM+t
9xkw7d4ToIZxTnQP5yieRr0KYgrAphB7Ek3Jqd6sr/kUh9XXaZKY3u+iMvrqQFrn
M5dfOmx0bSVilrUSwUbQvOp6enwM9xxZ3DGRpM6d7VUAKu+w0meSH3mEPgh2zi8b
sCv2AOwP6y1+rL3T2/mz4KTveFPk5/8ZLc0AjargeAOzO10dEqF5Ps1XcBTEsUI4
4ax1776+5wEcz9q1xceC6RfLBiFKTeiNgSeiK4GfVYjHDPFGWrMbLRc2tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBxG/v09tLFwdqm/c4teUDHJyWnMB8GA1UdIwQY
MBaAFM7kwVyHB9+9/ag746aTw1lH8W1ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenVUQlhJY0gzNzM5cUR2anBwUERXVWZ4YlZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8yOGM5MGMtOWE2My00MGI0LTkyY2Yt
MmQ3Yjg1NzBkZDAzLzEvb0hFYi1fVDIwc1hCMnFiOXppMTVRTWNuSmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8yOGM5MGMtOWE2My00MGI0LTkyY2YtMmQ3Yjg1NzBkZDAz
LzEvenVUQlhJY0gzNzM5cUR2anBwUERXVWZ4YlZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ9YMA0G
CSqGSIb3DQEBCwUAA4IBAQA+rMAxMfh7TQhFrIOzzr8eeq5HGG2YAaYi750WVjHR
E6htGG27IL4OYN69rDGmZ2OS3VgCnza+kPzR10jySscbIiTY6m28OM9mcoFfvAm/
8ho+mcCBdzsRq3gceLAQqpZr1mETgHIDjIFCh/fWaq+pKQEyRIHkvgb5rOKnx5Yh
3Sc395AES4LRl2xJXQd431rdcv4s4BJUXiMvFbZLdYh8DImCBNN5Z9IvIjZcqftV
B6rAs5+uPKGEPTOAyn8pw6gxqjAenI1sOBT7i8ix+CPYdwN+4qVd8QtuF0SpKjn9
pCu1VU3ccAhh574GdgGsszEeTevmDhfxPUPu5lxJfA9T
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:04 2025 by rpki-client