Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/OvxA_nU-ErdHRO_I8nun38A01aw.roa
File: OvxA_nU-ErdHRO_I8nun38A01aw.roa (raw, json)
Hash identifier: CCCv90q3sksU1gQOBarxv3EdiGKCSRB2eyo7kmIXNYI=
Subject key identifier: 3A:FC:40:FE:75:3E:12:B7:47:44:EF:C8:F2:7B:A7:DF:C0:34:D5:AC
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 01856D01CE9D95ABC78633AC239C0A8A8D8E
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/OvxA_nU-ErdHRO_I8nun38A01aw.roa
Signing time: Sun 01 Jan 2023 11:05:12 +0000
ROA not before: Sun 01 Jan 2023 11:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204984
IP address blocks: 91.132.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:ce:9d:95:ab:c7:86:33:ac:23:9c:0a:8a:8d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 11:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3afc40fe753e12b74744efc8f27ba7dfc034d5ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8d:0b:c5:85:af:2b:13:d5:14:66:e7:27:53:
ec:92:ca:5c:31:40:c8:b8:4b:2b:5e:6b:84:05:13:
13:b1:4b:62:c6:96:b6:97:6e:c3:89:8a:7e:94:04:
ca:d4:e0:e9:a8:8c:bf:74:17:1e:7f:d7:43:8d:bf:
6e:20:c8:d1:f9:d6:46:13:fa:ca:7d:c3:78:f8:36:
65:17:8a:df:55:53:df:92:94:ea:4d:63:d0:54:c6:
17:61:1b:25:4d:b7:70:ea:c5:ed:76:73:c8:00:e4:
dd:57:a7:3d:42:95:4c:5f:8c:68:ff:a5:d4:f9:00:
76:3d:ac:5d:48:f6:cc:62:a4:c9:ac:05:05:ab:ea:
ca:e4:ed:e9:01:7e:75:61:b4:31:6b:75:ac:6d:16:
3c:60:02:4c:b6:1c:4a:72:f6:03:38:61:7c:00:53:
46:b9:e6:66:2e:2c:87:26:73:05:74:50:60:88:fe:
07:b5:ee:f1:36:15:1e:0f:a5:04:66:b3:4c:de:28:
c9:c8:4d:bc:0e:86:b7:11:82:74:28:42:13:e6:12:
63:49:45:a4:fc:e6:eb:89:d6:30:f3:15:36:ae:d9:
89:9f:94:b9:83:ee:59:67:dd:3a:df:11:4e:46:7d:
96:2a:8e:59:27:0e:39:17:28:2c:22:23:50:d9:8c:
4d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FC:40:FE:75:3E:12:B7:47:44:EF:C8:F2:7B:A7:DF:C0:34:D5:AC
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/OvxA_nU-ErdHRO_I8nun38A01aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.72.0/24
Signature Algorithm: sha256WithRSAEncryption
00:7b:e4:a8:4b:67:5b:1b:18:3b:dd:7d:29:8b:3d:d7:95:98:
65:7a:42:45:83:de:1e:60:d7:94:ac:ba:44:60:c1:27:1e:92:
fd:1a:06:75:f2:73:6a:16:be:24:8c:82:56:e4:d1:87:bb:99:
0b:71:cb:e8:9e:f2:d9:ef:28:a0:26:47:e0:5c:65:6d:41:6f:
18:88:9b:67:d6:09:ab:ba:db:18:c4:73:89:29:67:b1:77:9a:
70:71:99:d0:4e:cb:ac:21:6b:62:f4:3a:13:b9:8c:e4:86:06:
5c:fc:3e:40:45:89:ba:66:8f:12:f0:61:bf:83:f4:79:4d:9e:
5b:bd:11:6f:6c:84:e6:52:fc:c0:54:b5:91:d9:47:4b:dc:c3:
bd:d1:73:25:ed:75:ca:42:1d:54:ee:86:1a:e0:b9:72:90:1e:
b5:20:0b:5d:05:c3:ea:8e:f1:bd:91:59:ec:4d:b9:af:73:1f:
60:b9:69:99:da:40:9f:91:d5:d2:a9:2e:7c:15:4e:77:a7:ba:
68:cf:8f:c1:c7:36:cd:e1:b6:41:5a:e7:c3:7c:aa:19:78:1e:
3c:e8:bf:a4:f0:ff:ef:77:89:07:02:ea:51:3d:e2:10:c7:f9:
60:d9:e4:6e:7f:42:80:71:ba:a8:81:c5:03:f7:37:d2:c2:e4:
a6:5b:73:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAc6dlavHhjOsI5wKio2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjMwMTAxMTEwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWZjNDBmZTc1M2UxMmI3NDc0NGVmYzhmMjdiYTdkZmMwMzRkNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg40LxYWvKxPVFGbnJ1PskspcMUDI
uEsrXmuEBRMTsUtixpa2l27DiYp+lATK1ODpqIy/dBcef9dDjb9uIMjR+dZGE/rK
fcN4+DZlF4rfVVPfkpTqTWPQVMYXYRslTbdw6sXtdnPIAOTdV6c9QpVMX4xo/6XU
+QB2PaxdSPbMYqTJrAUFq+rK5O3pAX51YbQxa3WsbRY8YAJMthxKcvYDOGF8AFNG
ueZmLiyHJnMFdFBgiP4Hte7xNhUeD6UEZrNM3ijJyE28Doa3EYJ0KEIT5hJjSUWk
/ObridYw8xU2rtmJn5S5g+5ZZ9063xFORn2WKo5ZJw45FygsIiNQ2YxNMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDr8QP51PhK3R0TvyPJ7p9/ANNWsMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvT3Z4QV9uVS1FcmRIUk9fSThudW4zOEEwMWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW4RIMA0G
CSqGSIb3DQEBCwUAA4IBAQAAe+SoS2dbGxg73X0piz3XlZhlekJFg94eYNeUrLpE
YMEnHpL9GgZ18nNqFr4kjIJW5NGHu5kLccvonvLZ7yigJkfgXGVtQW8YiJtn1gmr
utsYxHOJKWexd5pwcZnQTsusIWti9DoTuYzkhgZc/D5ARYm6Zo8S8GG/g/R5TZ5b
vRFvbITmUvzAVLWR2UdL3MO90XMl7XXKQh1U7oYa4LlykB61IAtdBcPqjvG9kVns
Tbmvcx9guWmZ2kCfkdXSqS58FU53p7poz4/BxzbN4bZBWufDfKoZeB486L+k8P/v
d4kHAupRPeIQx/lg2eRuf0KAcbqogcUD9zfSwuSmW3PG
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:28:01 2025 by rpki-client