Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/79d860-09ec-47bc-92f4-2a6a06060b09/1/Okf30MPNTaRSwyGiJHSx1BRzE_s.roa
File: Okf30MPNTaRSwyGiJHSx1BRzE_s.roa (raw, json)
Hash identifier: V/lS3Bv5M2a5Pa8PB914t9lZfyt+gsic+J1b17mArzc=
Subject key identifier: 3A:47:F7:D0:C3:CD:4D:A4:52:C3:21:A2:24:74:B1:D4:14:73:13:FB
Certificate issuer: /CN=f34ae9ff58c936bb4b621bd13fa87c576dd873fb
Certificate serial: 1345A44D
Authority key identifier: F3:4A:E9:FF:58:C9:36:BB:4B:62:1B:D1:3F:A8:7C:57:6D:D8:73:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/80rp_1jJNrtLYhvRP6h8V23Yc_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/79d860-09ec-47bc-92f4-2a6a06060b09/1/Okf30MPNTaRSwyGiJHSx1BRzE_s.roa
Signing time: Sat 01 Jan 2022 13:04:41 +0000
ROA not before: Sat 01 Jan 2022 13:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47663
IP address blocks: 93.187.240.0/22 maxlen: 22
93.187.240.0/24 maxlen: 24
93.187.244.0/24 maxlen: 24
93.187.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 323331149 (0x1345a44d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f34ae9ff58c936bb4b621bd13fa87c576dd873fb
Validity
Not Before: Jan 1 13:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a47f7d0c3cd4da452c321a22474b1d4147313fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5b:40:9b:c6:61:62:04:32:1b:d3:cc:e1:a7:
b3:ca:aa:4e:e3:2d:11:50:a4:0d:62:d2:a3:ca:d5:
76:02:e8:e0:e3:53:f2:f4:94:fc:46:fc:ea:71:11:
bc:ad:2a:a1:cf:ce:e5:13:ab:8f:2e:ea:2b:e5:ac:
c0:1e:a1:07:b6:6e:1d:87:bc:27:75:3d:c6:af:f9:
76:65:9a:68:4e:af:3f:4e:47:d8:e5:87:e2:91:01:
38:89:27:21:b2:1b:2f:8b:8a:03:8f:77:a8:74:24:
ab:0f:e3:3b:40:44:4b:b8:f7:a9:24:85:9e:87:c1:
61:82:c7:f8:98:8d:a0:9c:63:ff:b9:3b:7f:5b:3e:
6e:55:5f:14:56:2d:c8:21:0b:2b:f3:43:a7:2f:d5:
7c:b7:c4:87:db:8f:16:91:f1:23:62:65:ed:b1:6b:
5a:3b:a9:36:c2:dd:f6:92:59:5e:bf:eb:77:06:1e:
98:f3:5e:9e:30:8a:a6:73:10:6b:74:3f:e9:d7:e2:
f0:b9:a6:e7:89:a8:45:15:53:60:80:27:af:54:3e:
91:6c:17:64:91:ef:93:24:c7:72:7b:ae:a6:72:10:
eb:73:b6:d9:04:a6:51:33:1b:37:4e:18:be:dd:5b:
4c:03:87:2a:48:7f:fe:83:53:4a:ad:9f:29:56:7c:
ae:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:47:F7:D0:C3:CD:4D:A4:52:C3:21:A2:24:74:B1:D4:14:73:13:FB
X509v3 Authority Key Identifier:
keyid:F3:4A:E9:FF:58:C9:36:BB:4B:62:1B:D1:3F:A8:7C:57:6D:D8:73:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80rp_1jJNrtLYhvRP6h8V23Yc_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/79d860-09ec-47bc-92f4-2a6a06060b09/1/Okf30MPNTaRSwyGiJHSx1BRzE_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/79d860-09ec-47bc-92f4-2a6a06060b09/1/80rp_1jJNrtLYhvRP6h8V23Yc_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.240.0-93.187.244.255
93.187.247.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:36:fc:16:55:10:55:8f:87:9f:80:1e:c7:ea:ff:ec:39:f1:
38:17:2d:e3:7e:7c:7e:7e:13:5d:01:51:eb:03:98:f9:f8:ae:
9f:2e:ac:90:31:9e:b6:8b:41:8c:49:20:f8:d8:33:b9:d8:ef:
14:11:80:78:de:0c:a1:db:e5:cf:c8:ac:33:0d:79:7b:8c:8b:
5f:3b:79:1a:14:93:be:2d:d5:18:0a:c4:d7:21:d7:84:1e:4c:
93:dc:51:1b:34:9a:87:da:d7:68:fb:d7:05:48:76:17:d6:b8:
a9:43:cb:61:c1:22:3c:45:af:40:43:fa:39:b1:2c:8b:6a:83:
9a:ba:75:d8:7d:b4:60:b9:bb:2f:1a:45:ce:d2:b7:fb:f4:af:
39:3e:8a:44:cd:ec:d9:49:d7:f4:de:0f:8f:0c:01:5f:06:a8:
2f:c0:c6:a9:f2:43:f9:d8:b3:a0:6a:10:db:71:56:b5:3e:1b:
4d:e9:55:6b:63:d6:21:c6:72:37:96:b9:db:da:81:bf:cd:cd:
94:a3:fd:79:fe:35:e5:b9:ae:09:b8:04:e3:7a:dc:25:28:49:
45:f5:4b:0e:7f:00:76:fd:fa:15:76:0f:ad:80:37:8c:95:b9:
ca:9b:26:67:1b:b0:83:c4:df:78:5e:5f:3c:4e:a3:bb:11:bf:
b1:14:4e:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEE0WkTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MzRhZTlmZjU4YzkzNmJiNGI2MjFiZDEzZmE4N2M1NzZkZDg3M2ZiMB4XDTIyMDEw
MTEzMDQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E0N2Y3ZDBjM2Nk
NGRhNDUyYzMyMWEyMjQ3NGIxZDQxNDczMTNmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRbQJvGYWIEMhvTzOGns8qqTuMtEVCkDWLSo8rVdgLo4ONT
8vSU/Eb86nERvK0qoc/O5ROrjy7qK+WswB6hB7ZuHYe8J3U9xq/5dmWaaE6vP05H
2OWH4pEBOIknIbIbL4uKA493qHQkqw/jO0BES7j3qSSFnofBYYLH+JiNoJxj/7k7
f1s+blVfFFYtyCELK/NDpy/VfLfEh9uPFpHxI2Jl7bFrWjupNsLd9pJZXr/rdwYe
mPNenjCKpnMQa3Q/6dfi8Lmm54moRRVTYIAnr1Q+kWwXZJHvkyTHcnuupnIQ63O2
2QSmUTMbN04Yvt1bTAOHKkh//oNTSq2fKVZ8rg0CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQ6R/fQw81NpFLDIaIkdLHUFHMT+zAfBgNVHSMEGDAWgBTzSun/WMk2u0ti
G9E/qHxXbdhz+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzgwcnBfMWpKTnJ0TFlodlJQNmg4VjIzWWNfcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvNzlkODYwLTA5ZWMtNDdiYy05MmY0LTJhNmEwNjA2MGIwOS8x
L09rZjMwTVBOVGFSU3d5R2lKSFN4MUJSekVfcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
NzlkODYwLTA5ZWMtNDdiYy05MmY0LTJhNmEwNjA2MGIwOS8xLzgwcnBfMWpKTnJ0
TFlodlJQNmg4VjIzWWNfcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQEXbvwAwQAXbv0AwQAXbv3MA0G
CSqGSIb3DQEBCwUAA4IBAQB/NvwWVRBVj4efgB7H6v/sOfE4Fy3jfnx+fhNdAVHr
A5j5+K6fLqyQMZ62i0GMSSD42DO52O8UEYB43gyh2+XPyKwzDXl7jItfO3kaFJO+
LdUYCsTXIdeEHkyT3FEbNJqH2tdo+9cFSHYX1ripQ8thwSI8Ra9AQ/o5sSyLaoOa
unXYfbRgubsvGkXO0rf79K85PopEzezZSdf03g+PDAFfBqgvwMap8kP52LOgahDb
cVa1PhtN6VVrY9YhxnI3lrnb2oG/zc2Uo/15/jXlua4JuATjetwlKElF9UsOfwB2
/foVdg+tgDeMlbnKmyZnG7CDxN94Xl88TqO7Eb+xFE7v
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:19:45 2025 by rpki-client