Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/obaVeRXsXEvop7kAVXteM1NNPLw.roa
File: obaVeRXsXEvop7kAVXteM1NNPLw.roa (raw, json)
Hash identifier: J9WIFneFDiUuqd34CJXis3qVsEJKMNbUypuJG2Vls2M=
Subject key identifier: A1:B6:95:79:15:EC:5C:4B:E8:A7:B9:00:55:7B:5E:33:53:4D:3C:BC
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018572BA865819183FBD4D503F4FCE8509C0
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/obaVeRXsXEvop7kAVXteM1NNPLw.roa
Signing time: Mon 02 Jan 2023 13:45:04 +0000
ROA not before: Mon 02 Jan 2023 13:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200094
IP address blocks: 77.79.252.0/22 maxlen: 22
77.79.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:86:58:19:18:3f:bd:4d:50:3f:4f:ce:85:09:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 13:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1b6957915ec5c4be8a7b900557b5e33534d3cbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2d:9e:f9:ec:0a:95:98:e0:da:69:9e:bb:8c:
f3:06:25:bd:84:3d:ce:9a:8c:32:ad:62:24:e6:a2:
5a:29:13:6a:71:a3:e4:d1:9f:ad:63:6a:92:e9:44:
30:b9:22:8f:e6:4d:03:d6:5b:65:74:40:ff:11:77:
8d:69:79:4d:ac:76:4e:af:c8:9e:57:98:7c:1d:74:
bf:6a:57:a2:f3:27:1b:1a:54:5e:8b:1f:9b:48:81:
2a:bb:8e:fc:92:aa:51:7d:be:ee:7a:d1:3b:c1:f1:
75:1e:14:52:19:e6:90:27:aa:26:a8:f9:4d:92:cd:
f6:f1:1f:9f:5a:69:0c:19:fc:f3:6a:44:bf:f4:1c:
43:1d:af:39:d3:1f:ff:b6:80:c4:1f:97:5d:4d:f1:
a7:a7:ff:54:78:29:72:91:25:3c:5b:ff:f3:02:47:
1f:fd:f7:4f:d5:70:12:6a:11:62:30:34:90:b7:5d:
15:d8:a8:86:96:35:07:3a:ee:4c:a3:0a:53:fb:e7:
57:48:fd:8b:1c:0e:57:bc:32:59:16:dc:96:d1:e9:
e4:bd:4d:b9:d0:8b:1e:81:fc:ee:6d:a6:04:3f:39:
44:c2:2d:6b:bc:5e:07:7a:e4:35:18:b0:a8:0c:00:
31:d7:5a:03:b3:ea:33:70:bc:f6:da:ae:e0:1a:dd:
4e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B6:95:79:15:EC:5C:4B:E8:A7:B9:00:55:7B:5E:33:53:4D:3C:BC
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/obaVeRXsXEvop7kAVXteM1NNPLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.79.252.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:a5:5e:71:11:86:69:2d:36:15:05:98:66:16:0e:00:8d:59:
97:ce:bb:93:df:1b:1a:c2:31:27:02:84:bd:6b:81:24:31:6e:
55:3f:18:9a:ba:38:35:40:27:a0:bd:38:02:1c:5d:40:5a:6f:
91:5f:d3:f4:44:08:a7:06:3a:96:f5:6e:52:a4:4c:7c:ea:bc:
31:8c:a7:b9:6f:73:56:a5:52:ff:a1:99:63:f2:b2:41:f6:a5:
a4:a2:a0:f9:82:12:53:19:2d:c5:90:b8:d8:23:eb:ae:10:be:
60:f9:8f:44:c4:f1:d7:e8:96:5e:38:63:9d:05:01:46:c0:63:
ac:5f:31:5b:22:e0:fa:09:62:c7:13:a4:c3:9b:3e:70:51:5a:
a0:a0:f5:35:9a:ee:7d:15:26:e5:15:fc:41:8a:10:e1:4e:e2:
8c:cb:2d:a2:07:94:8d:59:67:71:61:17:f8:f5:fd:14:9a:a9:
4b:95:b7:ab:c9:ec:ab:f5:ab:7d:91:1f:e2:78:20:40:aa:d9:
5e:dc:7d:a0:a3:94:9d:e1:31:ef:43:e5:86:f2:b2:63:3e:e4:
9d:b4:5f:4c:ec:04:2a:41:9e:53:aa:94:e7:70:69:ec:af:65:
e5:6c:4d:7b:1a:66:64:8a:5e:f7:7f:5d:08:a3:82:05:70:f2:
5f:b0:1b:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyuoZYGRg/vU1QP0/OhQnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTAyMTM0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWI2OTU3OTE1ZWM1YzRiZThhN2I5MDA1NTdiNWUzMzUzNGQzY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC2e+ewKlZjg2mmeu4zzBiW9hD3O
mowyrWIk5qJaKRNqcaPk0Z+tY2qS6UQwuSKP5k0D1ltldED/EXeNaXlNrHZOr8ie
V5h8HXS/alei8ycbGlReix+bSIEqu478kqpRfb7uetE7wfF1HhRSGeaQJ6omqPlN
ks328R+fWmkMGfzzakS/9BxDHa850x//toDEH5ddTfGnp/9UeClykSU8W//zAkcf
/fdP1XASahFiMDSQt10V2KiGljUHOu5MowpT++dXSP2LHA5XvDJZFtyW0enkvU25
0IsegfzubaYEPzlEwi1rvF4HeuQ1GLCoDAAx11oDs+ozcLz22q7gGt1OqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKG2lXkV7FxL6Ke5AFV7XjNTTTy8MB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvb2JhVmVSWHNYRXZvcDdrQVZYdGVNMU5OUEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTU/8MA0G
CSqGSIb3DQEBCwUAA4IBAQC0pV5xEYZpLTYVBZhmFg4AjVmXzruT3xsawjEnAoS9
a4EkMW5VPxiaujg1QCegvTgCHF1AWm+RX9P0RAinBjqW9W5SpEx86rwxjKe5b3NW
pVL/oZlj8rJB9qWkoqD5ghJTGS3FkLjYI+uuEL5g+Y9ExPHX6JZeOGOdBQFGwGOs
XzFbIuD6CWLHE6TDmz5wUVqgoPU1mu59FSblFfxBihDhTuKMyy2iB5SNWWdxYRf4
9f0UmqlLlberyeyr9at9kR/ieCBAqtle3H2go5Sd4THvQ+WG8rJjPuSdtF9M7AQq
QZ5TqpTncGnsr2XlbE17GmZkil73f10Io4IFcPJfsBty
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:35 2025 by rpki-client