Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/OsMfTM-bHqhklsZRZi5GahMGmeQ.roa
File: OsMfTM-bHqhklsZRZi5GahMGmeQ.roa (raw, json)
Hash identifier: 44u8SjoTD92uRFydr4iui+wQxJtEalkyTbmS6TF0lN4=
Subject key identifier: 3A:C3:1F:4C:CF:9B:1E:A8:64:96:C6:51:66:2E:46:6A:13:06:99:E4
Certificate issuer: /CN=1fa795167d2d9fb420941f17287bdf3c5eed8df9
Certificate serial: 018AACE93BD164216086E82879FE2E622396
Authority key identifier: 1F:A7:95:16:7D:2D:9F:B4:20:94:1F:17:28:7B:DF:3C:5E:ED:8D:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6eVFn0tn7QglB8XKHvfPF7tjfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/OsMfTM-bHqhklsZRZi5GahMGmeQ.roa
Signing time: Tue 19 Sep 2023 10:08:00 +0000
ROA not before: Tue 19 Sep 2023 10:08:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44735
IP address blocks: 178.19.48.0/20 maxlen: 24
149.126.80.0/21 maxlen: 24
185.152.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:e9:3b:d1:64:21:60:86:e8:28:79:fe:2e:62:23:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fa795167d2d9fb420941f17287bdf3c5eed8df9
Validity
Not Before: Sep 19 10:08:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ac31f4ccf9b1ea86496c651662e466a130699e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7a:ee:be:75:91:1d:47:de:36:e9:52:6c:dd:
fc:1c:14:4d:80:6a:01:2e:3b:2f:1b:53:1e:d4:1a:
c3:e1:cc:57:43:e5:23:01:6b:b1:a9:b6:f8:42:f6:
6d:59:67:2d:eb:12:23:95:cb:12:4a:bb:96:57:a1:
5b:5f:a2:2d:dd:ae:e4:7f:4e:0b:99:07:c2:b7:19:
ac:f4:45:b5:75:f4:da:e0:07:54:2a:fe:4c:3b:26:
b2:a0:db:03:03:21:0f:3e:ab:d1:fa:36:ff:82:19:
8b:3d:27:82:74:64:81:a1:bf:e8:60:0d:cc:3c:ff:
51:75:18:c2:11:95:a9:a3:62:18:51:04:b4:50:b5:
44:5d:79:25:5d:10:cf:ff:78:c0:78:5e:f8:29:32:
24:ab:a5:4b:d4:59:82:f7:23:3f:83:9e:09:12:cd:
a3:60:38:e4:50:52:57:40:ce:b2:19:f1:21:96:0f:
07:ba:46:6c:12:d9:5f:46:1f:85:0e:e9:cc:30:71:
04:02:0e:a4:5a:ca:fc:dc:0d:22:a0:f4:fd:cc:5c:
c5:c4:c6:7b:bb:5c:f2:d4:67:78:2d:5d:b7:ff:78:
08:11:bd:a9:a6:8c:78:ef:3b:a2:da:07:0b:fb:d4:
cc:32:7c:d5:a6:01:ae:b8:46:9e:a6:b2:18:fe:2f:
18:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C3:1F:4C:CF:9B:1E:A8:64:96:C6:51:66:2E:46:6A:13:06:99:E4
X509v3 Authority Key Identifier:
keyid:1F:A7:95:16:7D:2D:9F:B4:20:94:1F:17:28:7B:DF:3C:5E:ED:8D:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6eVFn0tn7QglB8XKHvfPF7tjfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/OsMfTM-bHqhklsZRZi5GahMGmeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/H6eVFn0tn7QglB8XKHvfPF7tjfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.126.80.0/21
178.19.48.0/20
185.152.116.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:9e:5c:c1:04:1a:4e:a6:c7:ea:82:bb:79:14:13:c3:a6:cc:
d2:05:94:b9:27:f5:6e:2c:24:4b:9f:91:34:ff:7e:5c:cd:e6:
13:1d:00:38:2f:66:8d:5f:40:d3:b4:0a:60:4c:56:29:62:d4:
c2:59:0c:6f:5e:54:ca:ad:d5:29:cb:fa:aa:91:75:77:0e:9a:
71:5d:1c:e4:c4:51:78:25:ce:20:45:0f:32:1e:e1:6b:73:c2:
e0:78:d3:02:8f:c7:dd:2c:b4:ba:0d:e2:c4:7a:72:f3:fb:96:
2d:b3:06:17:5f:79:cb:42:e0:64:5f:24:09:56:f9:2f:19:a7:
2a:36:89:5c:73:53:36:af:ee:9c:31:90:97:52:18:cc:57:69:
33:7c:71:c3:9b:bc:2b:71:95:c0:96:55:99:a0:db:76:1c:57:
78:ac:18:48:0e:bd:47:6b:e4:f7:b1:19:e0:f3:ae:0c:2d:01:
09:21:31:53:4c:7b:e5:60:4c:4c:91:35:35:1d:30:23:50:50:
16:aa:a6:73:d1:62:32:b8:25:75:00:0a:f1:50:44:4f:e3:e5:
ba:96:bf:2b:25:49:8b:e2:e4:72:08:5f:01:7b:12:28:da:18:
d2:96:d6:d9:a1:d7:4f:f7:d0:fe:94:37:f2:dd:b1:c5:d2:27:
01:1c:e5:72
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqs6TvRZCFghugoef4uYiOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYTc5NTE2N2QyZDlmYjQyMDk0MWYxNzI4N2JkZjNjNWVl
ZDhkZjkwHhcNMjMwOTE5MTAwODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWMzMWY0Y2NmOWIxZWE4NjQ5NmM2NTE2NjJlNDY2YTEzMDY5OWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHruvnWRHUfeNulSbN38HBRNgGoB
LjsvG1Me1BrD4cxXQ+UjAWuxqbb4QvZtWWct6xIjlcsSSruWV6FbX6It3a7kf04L
mQfCtxms9EW1dfTa4AdUKv5MOyayoNsDAyEPPqvR+jb/ghmLPSeCdGSBob/oYA3M
PP9RdRjCEZWpo2IYUQS0ULVEXXklXRDP/3jAeF74KTIkq6VL1FmC9yM/g54JEs2j
YDjkUFJXQM6yGfEhlg8HukZsEtlfRh+FDunMMHEEAg6kWsr83A0ioPT9zFzFxMZ7
u1zy1Gd4LV23/3gIEb2ppox47zui2gcL+9TMMnzVpgGuuEaeprIY/i8Y2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDrDH0zPmx6oZJbGUWYuRmoTBpnkMB8GA1UdIwQY
MBaAFB+nlRZ9LZ+0IJQfFyh73zxe7Y35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZlVkZuMHRuN1FnbEI4WEtIdmZQRjd0amZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84MzUzNWEtZTFiZC00ZmI3LTlmMDkt
N2I3ZTk3NmM4NDEyLzEvT3NNZlRNLWJIcWhrbHNaUlppNUdhaE1HbWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84MzUzNWEtZTFiZC00ZmI3LTlmMDktN2I3ZTk3NmM4NDEy
LzEvSDZlVkZuMHRuN1FnbEI4WEtIdmZQRjd0amZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDlX5QAwQE
shMwAwQCuZh0MA0GCSqGSIb3DQEBCwUAA4IBAQDCnlzBBBpOpsfqgrt5FBPDpszS
BZS5J/VuLCRLn5E0/35czeYTHQA4L2aNX0DTtApgTFYpYtTCWQxvXlTKrdUpy/qq
kXV3DppxXRzkxFF4Jc4gRQ8yHuFrc8LgeNMCj8fdLLS6DeLEenLz+5YtswYXX3nL
QuBkXyQJVvkvGacqNolcc1M2r+6cMZCXUhjMV2kzfHHDm7wrcZXAllWZoNt2HFd4
rBhIDr1Ha+T3sRng864MLQEJITFTTHvlYExMkTU1HTAjUFAWqqZz0WIyuCV1AArx
UERP4+W6lr8rJUmL4uRyCF8BexIo2hjSltbZoddP99D+lDfy3bHF0icBHOVy
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:35:30 2025 by rpki-client