Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/OtQa-WreSdmAhjI5XhTOHhxoEcw.roa
File: OtQa-WreSdmAhjI5XhTOHhxoEcw.roa (raw, json)
Hash identifier: FGrpwdJgCUv9gZaHSbRWAT2WbOZDMMgJlE/R+NUqqxU=
Subject key identifier: 3A:D4:1A:F9:6A:DE:49:D9:80:86:32:39:5E:14:CE:1E:1C:68:11:CC
Certificate issuer: /CN=ad8dd17a768e3b6fbfa7a7009a7007ebe65b45c8
Certificate serial: 01857246A43A869E25F7E1D9B8CA09ACB4D3
Authority key identifier: AD:8D:D1:7A:76:8E:3B:6F:BF:A7:A7:00:9A:70:07:EB:E6:5B:45:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY3RenaOO2-_p6cAmnAH6-ZbRcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/OtQa-WreSdmAhjI5XhTOHhxoEcw.roa
Signing time: Mon 02 Jan 2023 11:38:30 +0000
ROA not before: Mon 02 Jan 2023 11:38:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211385
IP address blocks: 192.109.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:a4:3a:86:9e:25:f7:e1:d9:b8:ca:09:ac:b4:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8dd17a768e3b6fbfa7a7009a7007ebe65b45c8
Validity
Not Before: Jan 2 11:38:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ad41af96ade49d9808632395e14ce1e1c6811cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f1:cf:5e:df:62:40:f7:e3:92:52:87:04:70:
16:f1:35:89:3c:7c:dc:f3:40:82:01:e3:54:3f:0e:
24:68:48:14:ca:74:c4:07:89:31:2a:3e:a7:0c:e4:
72:33:25:d5:35:c3:88:ec:7c:10:0e:e3:4b:24:83:
e6:8e:77:c5:f0:28:99:f2:d9:14:ca:99:cc:31:ae:
1b:db:26:2c:36:48:9e:f6:88:98:b9:28:d3:6d:c2:
be:7f:66:97:ed:51:e8:92:bd:76:a1:7a:ba:41:3d:
26:c6:15:39:b1:92:30:fc:06:84:ca:d9:f3:a8:5f:
90:3c:78:c3:aa:37:1a:93:04:8d:86:86:2f:49:8c:
1d:85:69:70:26:cc:26:c9:10:92:f7:2f:c0:a4:b2:
7f:9c:d4:74:2d:c8:f3:f1:55:c2:15:45:19:37:fb:
82:db:70:06:20:36:2a:3c:54:9a:97:8e:c7:a4:5f:
5d:f4:0a:5b:a1:26:13:0b:89:9a:da:72:7d:80:ca:
de:b7:7e:f8:5c:45:64:0d:9a:ad:bb:9c:96:71:a8:
29:fc:da:df:45:a6:d6:bc:d5:c4:72:ce:98:9f:a4:
65:e2:65:fb:12:7c:41:4c:89:8b:a4:49:95:0a:0c:
a3:10:dc:8f:a9:d9:58:f7:67:74:0f:1f:05:9a:e5:
71:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D4:1A:F9:6A:DE:49:D9:80:86:32:39:5E:14:CE:1E:1C:68:11:CC
X509v3 Authority Key Identifier:
keyid:AD:8D:D1:7A:76:8E:3B:6F:BF:A7:A7:00:9A:70:07:EB:E6:5B:45:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY3RenaOO2-_p6cAmnAH6-ZbRcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/OtQa-WreSdmAhjI5XhTOHhxoEcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/rY3RenaOO2-_p6cAmnAH6-ZbRcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.219.0/24
Signature Algorithm: sha256WithRSAEncryption
67:74:43:51:b1:18:43:bb:0d:ee:78:0a:d1:09:3c:6d:32:5b:
11:96:41:30:a8:a1:a2:68:0b:70:9f:e0:65:7a:51:98:f0:b6:
2b:85:e0:f2:a0:6b:e5:f9:e7:a5:90:60:6a:16:10:5a:ba:ab:
ea:72:06:76:e9:79:86:96:e7:b2:e6:0b:b9:00:7e:f8:d4:93:
76:1e:5f:7d:7a:93:4e:06:fc:43:89:29:45:90:58:ae:de:38:
27:42:40:f7:e4:9f:d5:4d:83:31:f1:ba:ed:d0:f5:72:81:30:
a6:4c:33:5e:ed:7e:5a:49:70:a4:bd:ca:0a:9a:8e:49:9c:ed:
d8:50:f0:9d:70:b3:23:e6:ae:8b:db:78:88:03:51:11:be:76:
69:59:ad:45:38:c8:0f:9c:05:fe:83:e2:30:c2:68:b0:4d:46:
0b:b0:19:83:1f:cc:01:90:6e:b5:9e:e1:a3:e6:7f:77:da:06:
77:98:ad:e5:ce:7d:aa:34:08:43:b4:16:1c:9b:30:22:6e:c3:
32:f3:f5:a5:b7:b6:2e:eb:f8:a3:26:4f:d7:70:72:ca:74:d1:
a7:49:f0:16:ef:1f:a0:42:96:10:ed:0c:80:4c:d8:e6:a1:6a:
7c:1c:13:07:ae:07:0b:30:2a:10:57:74:e8:8d:3f:07:ed:32:
f1:3c:4e:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRqQ6hp4l9+HZuMoJrLTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGRkMTdhNzY4ZTNiNmZiZmE3YTcwMDlhNzAwN2ViZTY1
YjQ1YzgwHhcNMjMwMTAyMTEzODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQ0MWFmOTZhZGU0OWQ5ODA4NjMyMzk1ZTE0Y2UxZTFjNjgxMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvHPXt9iQPfjklKHBHAW8TWJPHzc
80CCAeNUPw4kaEgUynTEB4kxKj6nDORyMyXVNcOI7HwQDuNLJIPmjnfF8CiZ8tkU
ypnMMa4b2yYsNkie9oiYuSjTbcK+f2aX7VHokr12oXq6QT0mxhU5sZIw/AaEytnz
qF+QPHjDqjcakwSNhoYvSYwdhWlwJswmyRCS9y/ApLJ/nNR0Lcjz8VXCFUUZN/uC
23AGIDYqPFSal47HpF9d9ApboSYTC4ma2nJ9gMret374XEVkDZqtu5yWcagp/Nrf
RabWvNXEcs6Yn6Rl4mX7EnxBTImLpEmVCgyjENyPqdlY92d0Dx8FmuVxbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrUGvlq3knZgIYyOV4Uzh4caBHMMB8GA1UdIwQY
MBaAFK2N0Xp2jjtvv6enAJpwB+vmW0XIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclkzUmVuYU9PMi1fcDZjQW1uQUg2LVpiUmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy85OGIzNWItOTQ1ZS00MGM1LWJiOTUt
OWVhZGQzNTFmYzc5LzEvT3RRYS1XcmVTZG1BaGpJNVhoVE9IaHhvRWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy85OGIzNWItOTQ1ZS00MGM1LWJiOTUtOWVhZGQzNTFmYzc5
LzEvclkzUmVuYU9PMi1fcDZjQW1uQUg2LVpiUmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3bMA0G
CSqGSIb3DQEBCwUAA4IBAQBndENRsRhDuw3ueArRCTxtMlsRlkEwqKGiaAtwn+Bl
elGY8LYrheDyoGvl+eelkGBqFhBauqvqcgZ26XmGluey5gu5AH741JN2Hl99epNO
BvxDiSlFkFiu3jgnQkD35J/VTYMx8brt0PVygTCmTDNe7X5aSXCkvcoKmo5JnO3Y
UPCdcLMj5q6L23iIA1ERvnZpWa1FOMgPnAX+g+IwwmiwTUYLsBmDH8wBkG61nuGj
5n932gZ3mK3lzn2qNAhDtBYcmzAibsMy8/Wlt7Yu6/ijJk/XcHLKdNGnSfAW7x+g
QpYQ7QyATNjmoWp8HBMHrgcLMCoQV3TojT8H7TLxPE7V
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:46 2025 by rpki-client