Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/oMhSnB36jGNGQ4h6Cs5yw-oIpzE.roa
File: oMhSnB36jGNGQ4h6Cs5yw-oIpzE.roa (raw, json)
Hash identifier: yILanWIZU6pkswLIxx6KuFFhKmRATaHDQlTdRVn8q4k=
Subject key identifier: A0:C8:52:9C:1D:FA:8C:63:46:43:88:7A:0A:CE:72:C3:EA:08:A7:31
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018BC836823C57B774C09A33A0554F3322D1
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/oMhSnB36jGNGQ4h6Cs5yw-oIpzE.roa
Signing time: Mon 13 Nov 2023 10:24:57 +0000
ROA not before: Mon 13 Nov 2023 10:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201769
IP address blocks: 185.114.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:36:82:3c:57:b7:74:c0:9a:33:a0:55:4f:33:22:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Nov 13 10:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0c8529c1dfa8c634643887a0ace72c3ea08a731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:00:05:48:62:71:38:b0:71:00:e4:f7:73:6a:
98:11:e6:d1:64:6f:ca:03:73:0e:0c:86:9f:21:cc:
a0:81:84:33:09:ec:93:65:54:5c:bf:38:80:f7:ce:
bd:68:95:db:d8:93:38:95:03:2f:52:d8:91:c3:7c:
92:02:69:82:3f:07:50:a8:56:3a:1d:99:cf:77:30:
ef:b7:ac:a0:a9:4d:2c:ae:d5:3d:6c:ba:db:40:e6:
3e:52:47:e0:f2:8b:cc:06:4f:6f:92:6f:33:5f:aa:
82:38:c0:f6:70:c2:84:98:bd:f5:0f:13:2e:c7:d8:
66:60:58:39:a7:13:39:13:c5:df:eb:6c:62:65:b4:
8f:31:ea:8c:c2:31:1d:2b:3b:0b:a1:2f:e2:db:c6:
00:f5:21:a3:d3:68:ff:3c:28:c5:59:a6:2a:6d:24:
07:95:ec:7e:07:ed:59:d8:3b:d8:f5:c5:de:29:b4:
30:dc:ab:1b:25:18:ad:84:b9:6f:25:34:b8:9e:63:
97:99:c2:1b:0f:a6:c8:34:1a:aa:79:87:b9:0f:98:
6d:81:ee:21:e2:57:fb:5f:7e:bb:46:43:41:ad:fb:
4b:43:aa:d2:db:1d:d4:d8:f7:85:b6:fd:87:7c:89:
0c:c9:c5:b8:f7:71:fc:a2:5a:65:94:8d:20:1c:8e:
93:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C8:52:9C:1D:FA:8C:63:46:43:88:7A:0A:CE:72:C3:EA:08:A7:31
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/oMhSnB36jGNGQ4h6Cs5yw-oIpzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.68.0/24
Signature Algorithm: sha256WithRSAEncryption
69:95:5e:b7:ae:62:7a:dc:6d:47:0f:47:2d:5f:54:40:8a:a2:
f4:0f:1b:11:12:2e:a7:96:50:33:30:b2:c5:80:5f:72:bd:54:
7b:20:f0:d3:8c:ba:5e:bd:ae:31:ce:6d:c5:a3:3e:de:3c:a8:
c6:d8:56:a7:c0:cd:ae:a4:97:2f:ca:cc:91:51:d2:e0:25:b3:
02:25:16:09:25:62:82:5a:78:34:4d:bb:50:60:fc:2b:31:61:
b5:02:41:c9:3f:78:4d:7f:f1:cb:7e:c1:22:07:e8:84:29:34:
b8:5e:b0:92:2b:f0:e7:7b:f2:4b:b6:85:75:7c:80:db:4a:d6:
c2:70:61:82:87:f2:f8:35:57:04:84:e6:68:d9:cb:de:bf:cb:
1d:6f:b8:b3:2d:a4:be:b3:4d:1d:37:3b:e8:68:07:f8:29:93:
64:8f:fc:05:7c:2a:97:f6:5c:36:d9:2c:f1:ea:d6:7e:63:95:
48:61:ae:9d:eb:24:bf:1d:db:98:e9:a8:1a:34:ab:bd:ca:ed:
da:ae:71:a9:4c:50:80:6c:79:89:b6:7a:aa:43:ea:a1:c8:0d:
44:b9:db:28:f0:14:0c:89:71:5f:2b:e1:ba:8d:96:f4:8f:74:
2f:e7:2c:aa:51:26:fc:50:97:9e:94:22:47:ec:ab:3a:52:e0:
4b:4f:12:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvINoI8V7d0wJozoFVPMyLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjMxMTEzMTAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGM4NTI5YzFkZmE4YzYzNDY0Mzg4N2EwYWNlNzJjM2VhMDhhNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgAFSGJxOLBxAOT3c2qYEebRZG/K
A3MODIafIcyggYQzCeyTZVRcvziA9869aJXb2JM4lQMvUtiRw3ySAmmCPwdQqFY6
HZnPdzDvt6ygqU0srtU9bLrbQOY+Ukfg8ovMBk9vkm8zX6qCOMD2cMKEmL31DxMu
x9hmYFg5pxM5E8Xf62xiZbSPMeqMwjEdKzsLoS/i28YA9SGj02j/PCjFWaYqbSQH
lex+B+1Z2DvY9cXeKbQw3KsbJRithLlvJTS4nmOXmcIbD6bINBqqeYe5D5htge4h
4lf7X367RkNBrftLQ6rS2x3U2PeFtv2HfIkMycW493H8olpllI0gHI6TZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDIUpwd+oxjRkOIegrOcsPqCKcxMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvb01oU25CMzZqR05HUTRoNkNzNXl3LW9JcHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXJEMA0G
CSqGSIb3DQEBCwUAA4IBAQBplV63rmJ63G1HD0ctX1RAiqL0DxsREi6nllAzMLLF
gF9yvVR7IPDTjLpeva4xzm3Foz7ePKjG2FanwM2upJcvysyRUdLgJbMCJRYJJWKC
Wng0TbtQYPwrMWG1AkHJP3hNf/HLfsEiB+iEKTS4XrCSK/Dne/JLtoV1fIDbStbC
cGGCh/L4NVcEhOZo2cvev8sdb7izLaS+s00dNzvoaAf4KZNkj/wFfCqX9lw22Szx
6tZ+Y5VIYa6d6yS/HduY6agaNKu9yu3arnGpTFCAbHmJtnqqQ+qhyA1Eudso8BQM
iXFfK+G6jZb0j3Qv5yyqUSb8UJeelCJH7Ks6UuBLTxKr
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:33:28 2025 by rpki-client