Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/1OcC3ALOSOfT285YprE-BScSyzA.roa
File: 1OcC3ALOSOfT285YprE-BScSyzA.roa (raw, json)
Hash identifier: zsvuTJoX4I6QTZAYLIa+dC7UHi/L4ETS/zFbR88iSpM=
Subject key identifier: D4:E7:02:DC:02:CE:48:E7:D3:DB:CE:58:A6:B1:3E:05:27:12:CB:30
Certificate issuer: /CN=7aef069e7e3ed5bf70f682ce40c5810ff3e5e378
Certificate serial: 0186B87B1A451E5171A16BF0D913D89625B0
Authority key identifier: 7A:EF:06:9E:7E:3E:D5:BF:70:F6:82:CE:40:C5:81:0F:F3:E5:E3:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/1OcC3ALOSOfT285YprE-BScSyzA.roa
Signing time: Mon 06 Mar 2023 19:52:00 +0000
ROA not before: Mon 06 Mar 2023 19:52:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42637
IP address blocks: 86.106.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:7b:1a:45:1e:51:71:a1:6b:f0:d9:13:d8:96:25:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7aef069e7e3ed5bf70f682ce40c5810ff3e5e378
Validity
Not Before: Mar 6 19:52:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4e702dc02ce48e7d3dbce58a6b13e052712cb30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1a:19:9e:a2:af:7c:26:e6:c9:80:1e:43:b0:
d6:b7:55:ba:c5:55:6d:b2:7e:6a:10:77:bc:a2:3e:
c1:93:80:75:b8:0e:13:3a:d4:19:c3:b4:a0:d3:ec:
a1:43:76:74:20:2e:53:06:2c:b5:cb:72:90:2b:92:
c8:91:95:df:c5:70:24:f4:a0:71:c1:71:eb:aa:5b:
8a:e4:8c:ec:50:5a:9c:b6:c1:2e:1e:3b:fc:ff:7f:
73:3b:0d:a4:ca:06:1d:35:d4:72:3f:81:f8:71:5a:
f7:4e:53:37:f5:fc:72:cb:96:52:4d:69:56:41:7a:
aa:d0:33:62:4a:1b:0a:64:bb:06:6c:e1:3c:b0:fd:
64:01:ca:b8:04:e1:72:eb:ce:a5:e3:aa:4d:11:ea:
2f:03:d2:7d:09:bb:38:cd:78:58:2f:d2:09:60:06:
ba:e0:5c:85:c3:15:b5:be:ed:f4:97:fb:6c:b7:4d:
a8:f2:dd:7c:3f:07:09:c0:39:96:dc:a6:07:78:80:
c9:0c:bc:ae:4b:54:94:d0:76:e4:e1:bf:44:29:02:
d1:a0:62:a0:55:f0:ce:00:c7:5f:56:26:63:0a:f6:
7d:b0:97:8a:9b:71:c5:78:d6:47:c1:ae:d5:16:4a:
72:50:fd:ff:d9:89:ed:ba:d3:e3:6c:86:54:42:d4:
24:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E7:02:DC:02:CE:48:E7:D3:DB:CE:58:A6:B1:3E:05:27:12:CB:30
X509v3 Authority Key Identifier:
keyid:7A:EF:06:9E:7E:3E:D5:BF:70:F6:82:CE:40:C5:81:0F:F3:E5:E3:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/1OcC3ALOSOfT285YprE-BScSyzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.133.0/24
Signature Algorithm: sha256WithRSAEncryption
48:af:d7:f3:94:20:a8:50:c1:e4:52:c6:14:d0:db:71:32:2b:
ae:44:cc:18:0c:c8:8f:a5:89:c6:a7:65:2a:4d:11:1e:fe:dc:
0b:c5:30:b8:4f:37:6b:ac:6c:49:13:7e:fd:31:51:a8:4e:8a:
76:53:ff:62:ce:5a:b0:de:56:a8:3a:cf:03:09:74:f2:0d:65:
e8:18:21:47:26:85:07:72:0d:08:af:bf:4e:3b:d0:2a:5e:3c:
80:83:bd:03:26:b5:e0:c3:c9:1d:bb:5d:90:24:00:03:15:85:
01:27:10:25:0c:13:84:58:a2:76:91:de:6e:c0:1c:7a:8a:1a:
cc:54:27:21:74:d5:51:92:28:2a:6e:95:bb:9c:b3:d6:9f:bf:
e0:db:59:55:17:9a:71:36:4d:ae:d9:d4:dd:f2:53:07:d4:cd:
cc:cc:84:6c:7f:46:b3:b9:f4:41:ce:10:b9:fb:d2:49:bb:e1:
99:dd:55:33:2e:12:da:3f:6c:75:51:e9:6e:64:1b:c8:39:ac:
0c:c0:b8:80:f1:90:33:3e:a8:b3:81:94:ea:01:b5:8e:dc:93:
ac:ed:c0:08:10:00:0e:cc:76:64:34:66:84:59:ca:b5:d4:60:
bd:d8:a6:7d:aa:bf:c5:60:0b:ef:76:5f:ce:8e:fd:e3:59:08:
89:d5:32:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa4expFHlFxoWvw2RPYliWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZWYwNjllN2UzZWQ1YmY3MGY2ODJjZTQwYzU4MTBmZjNl
NWUzNzgwHhcNMjMwMzA2MTk1MjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU3MDJkYzAyY2U0OGU3ZDNkYmNlNThhNmIxM2UwNTI3MTJjYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRoZnqKvfCbmyYAeQ7DWt1W6xVVt
sn5qEHe8oj7Bk4B1uA4TOtQZw7Sg0+yhQ3Z0IC5TBiy1y3KQK5LIkZXfxXAk9KBx
wXHrqluK5IzsUFqctsEuHjv8/39zOw2kygYdNdRyP4H4cVr3TlM39fxyy5ZSTWlW
QXqq0DNiShsKZLsGbOE8sP1kAcq4BOFy686l46pNEeovA9J9Cbs4zXhYL9IJYAa6
4FyFwxW1vu30l/tst02o8t18PwcJwDmW3KYHeIDJDLyuS1SU0Hbk4b9EKQLRoGKg
VfDOAMdfViZjCvZ9sJeKm3HFeNZHwa7VFkpyUP3/2YntutPjbIZUQtQkmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTnAtwCzkjn09vOWKaxPgUnEsswMB8GA1UdIwQY
MBaAFHrvBp5+PtW/cPaCzkDFgQ/z5eN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXU4R25uNC0xYjl3OW9MT1FNV0JEX1BsNDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jMGJiNTItNzBkZS00YWYwLWE5ZmIt
OTAwMDM0ZjAwZDllLzEvMU9jQzNBTE9TT2ZUMjg1WXByRS1CU2NTeXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jMGJiNTItNzBkZS00YWYwLWE5ZmItOTAwMDM0ZjAwZDll
LzEvZXU4R25uNC0xYjl3OW9MT1FNV0JEX1BsNDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmqFMA0G
CSqGSIb3DQEBCwUAA4IBAQBIr9fzlCCoUMHkUsYU0NtxMiuuRMwYDMiPpYnGp2Uq
TREe/twLxTC4TzdrrGxJE379MVGoTop2U/9izlqw3laoOs8DCXTyDWXoGCFHJoUH
cg0Ir79OO9AqXjyAg70DJrXgw8kdu12QJAADFYUBJxAlDBOEWKJ2kd5uwBx6ihrM
VCchdNVRkigqbpW7nLPWn7/g21lVF5pxNk2u2dTd8lMH1M3MzIRsf0azufRBzhC5
+9JJu+GZ3VUzLhLaP2x1UeluZBvIOawMwLiA8ZAzPqizgZTqAbWO3JOs7cAIEAAO
zHZkNGaEWcq11GC92KZ9qr/FYAvvdl/Ojv3jWQiJ1TIQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:48:20 2025 by rpki-client