Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/oRKGn9X-tK7CaU7mAhfCm1JmMjA.roa
File: oRKGn9X-tK7CaU7mAhfCm1JmMjA.roa (raw, json)
Hash identifier: LIsKkCcxEgt/qjUfuEF4+b0ilBpyhsEzIgeBi1eYmnw=
Subject key identifier: A1:12:86:9F:D5:FE:B4:AE:C2:69:4E:E6:02:17:C2:9B:52:66:32:30
Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Certificate serial: 018572BA644B8E4915CB9BC1E425C574458B
Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/oRKGn9X-tK7CaU7mAhfCm1JmMjA.roa
Signing time: Mon 02 Jan 2023 13:44:56 +0000
ROA not before: Mon 02 Jan 2023 13:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58327
IP address blocks: 193.242.188.0/23 maxlen: 24
176.120.168.0/21 maxlen: 24
185.239.4.0/22 maxlen: 24
5.252.252.0/22 maxlen: 24
188.212.32.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:64:4b:8e:49:15:cb:9b:c1:e4:25:c5:74:45:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Validity
Not Before: Jan 2 13:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a112869fd5feb4aec2694ee60217c29b52663230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:22:a2:2e:a7:ea:59:22:d6:cc:4c:1f:51:84:
b3:ea:6a:61:9d:42:43:1e:f2:83:1f:99:ab:83:cd:
73:a9:80:59:14:97:8e:f4:f7:cb:ca:31:c1:26:d8:
b6:34:91:28:5b:bd:2e:e7:aa:18:9d:f7:2d:40:3c:
7a:a8:8a:8e:1d:33:df:44:0b:c8:05:8f:01:12:8f:
e1:ce:c8:91:53:03:44:eb:73:c4:66:35:84:8c:35:
e3:70:8c:54:ca:4c:02:17:f1:ba:5d:ec:19:5d:c9:
64:de:ac:27:15:c0:63:57:0d:ff:b1:e2:98:6c:77:
3f:58:a0:ca:fe:96:05:b2:9c:8c:10:3e:cb:83:98:
d1:49:f2:b1:43:d7:1f:f6:19:a9:07:f0:c7:9c:e7:
72:c3:55:a1:e9:a2:4f:dd:85:45:a9:a5:15:00:a7:
04:88:94:93:3d:55:15:4d:e0:d2:ee:ab:3e:aa:24:
62:cb:1b:cd:16:2f:2f:6a:ae:8e:3e:bf:f1:27:e8:
0f:57:5d:8d:cf:d8:2c:cd:70:5b:dc:e6:16:62:cd:
4f:8b:e1:78:59:93:8f:bb:35:47:1a:37:77:5b:f2:
8b:c0:22:c0:6e:ec:4d:5b:b3:57:f8:62:aa:08:97:
b5:80:7d:a5:de:ec:09:a5:02:54:2b:0f:7f:98:f7:
46:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:12:86:9F:D5:FE:B4:AE:C2:69:4E:E6:02:17:C2:9B:52:66:32:30
X509v3 Authority Key Identifier:
keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/oRKGn9X-tK7CaU7mAhfCm1JmMjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.252.0/22
176.120.168.0/21
185.239.4.0/22
188.212.32.0/23
193.242.188.0/23
Signature Algorithm: sha256WithRSAEncryption
57:eb:7b:6a:84:60:85:03:03:63:20:18:38:48:9d:78:6f:f9:
7f:bd:59:65:a2:93:c5:0f:86:55:5d:6e:6d:3b:e5:d0:7b:9d:
c0:62:25:00:4d:c4:2a:ea:75:59:4c:8c:34:af:b4:25:22:00:
da:a7:0a:66:58:69:d4:f1:76:e4:2a:b0:b0:65:e3:f4:fb:f9:
da:bd:24:5f:f4:b9:de:00:4f:17:f5:e3:3d:57:d8:a7:99:c4:
d1:77:84:d3:71:c7:43:e6:80:af:c2:8e:c0:9f:36:d9:9e:ba:
0f:f9:e3:6e:82:24:fb:31:7e:ff:2c:7f:e0:64:78:20:66:84:
38:51:74:bf:1c:c0:69:ff:40:2c:2b:7f:52:90:13:f2:0f:6b:
23:d9:ed:8c:ce:6e:c6:20:03:f9:90:26:cd:fe:86:cb:5a:1d:
51:7f:fc:c3:05:79:ed:43:5b:bf:53:03:66:3e:f3:35:60:43:
80:a1:7d:95:d5:50:d3:e3:6f:6d:9b:0b:68:18:e7:20:8f:1c:
a5:2d:e1:16:55:2c:60:a0:45:1e:e7:39:78:52:4f:6f:f5:81:
8d:3a:55:f5:64:01:94:2c:e7:2a:1c:d5:79:34:3f:7b:21:88:
03:d3:11:60:4d:ad:40:f1:db:c5:94:27:83:49:9c:9a:3d:bf:
51:65:e7:d2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVyumRLjkkVy5vB5CXFdEWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODNlNjRmNzJkZDU4ODlmYjEzZGMyMThjNjgzZjZlMmZh
Y2Y1YjIwHhcNMjMwMTAyMTM0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTEyODY5ZmQ1ZmViNGFlYzI2OTRlZTYwMjE3YzI5YjUyNjYzMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSKiLqfqWSLWzEwfUYSz6mphnUJD
HvKDH5mrg81zqYBZFJeO9PfLyjHBJti2NJEoW70u56oYnfctQDx6qIqOHTPfRAvI
BY8BEo/hzsiRUwNE63PEZjWEjDXjcIxUykwCF/G6XewZXclk3qwnFcBjVw3/seKY
bHc/WKDK/pYFspyMED7Lg5jRSfKxQ9cf9hmpB/DHnOdyw1Wh6aJP3YVFqaUVAKcE
iJSTPVUVTeDS7qs+qiRiyxvNFi8vaq6OPr/xJ+gPV12Nz9gszXBb3OYWYs1Pi+F4
WZOPuzVHGjd3W/KLwCLAbuxNW7NX+GKqCJe1gH2l3uwJpQJUKw9/mPdGrQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKEShp/V/rSuwmlO5gIXwptSZjIwMB8GA1UdIwQY
MBaAFKuD5k9y3ViJ+xPcIYxoP24vrPWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUt
NTQxZjQ4OTI0OTUyLzEvb1JLR245WC10SzdDYVU3bUFoZkNtMUptTWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUtNTQxZjQ4OTI0OTUy
LzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBfz8AwQD
sHioAwQCue8EAwQBvNQgAwQBwfK8MA0GCSqGSIb3DQEBCwUAA4IBAQBX63tqhGCF
AwNjIBg4SJ14b/l/vVllopPFD4ZVXW5tO+XQe53AYiUATcQq6nVZTIw0r7QlIgDa
pwpmWGnU8XbkKrCwZeP0+/navSRf9LneAE8X9eM9V9inmcTRd4TTccdD5oCvwo7A
nzbZnroP+eNugiT7MX7/LH/gZHggZoQ4UXS/HMBp/0AsK39SkBPyD2sj2e2Mzm7G
IAP5kCbN/obLWh1Rf/zDBXntQ1u/UwNmPvM1YEOAoX2V1VDT429tmwtoGOcgjxyl
LeEWVSxgoEUe5zl4Uk9v9YGNOlX1ZAGULOcqHNV5ND97IYgD0xFgTa1A8dvFlCeD
SZyaPb9RZefS
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:36 2025 by rpki-client