Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/o3b-QWpi8TS6xNc4kDfUnis36yA.roa
File: o3b-QWpi8TS6xNc4kDfUnis36yA.roa (raw, json)
Hash identifier: i8BiFyCrQkAbqQaYhPk737bFFuRe88w7a6Kn5OzQSlg=
Subject key identifier: A3:76:FE:41:6A:62:F1:34:BA:C4:D7:38:90:37:D4:9E:2B:37:EB:20
Certificate issuer: /CN=5e9b9bed8f8d3d579bb0552e4fc4b81986861e64
Certificate serial: 0185713088B801551422B0D688E01787565B
Authority key identifier: 5E:9B:9B:ED:8F:8D:3D:57:9B:B0:55:2E:4F:C4:B8:19:86:86:1E:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xpub7Y-NPVebsFUuT8S4GYaGHmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/o3b-QWpi8TS6xNc4kDfUnis36yA.roa
Signing time: Mon 02 Jan 2023 06:34:44 +0000
ROA not before: Mon 02 Jan 2023 06:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24836
IP address blocks: 193.111.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:88:b8:01:55:14:22:b0:d6:88:e0:17:87:56:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e9b9bed8f8d3d579bb0552e4fc4b81986861e64
Validity
Not Before: Jan 2 06:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a376fe416a62f134bac4d7389037d49e2b37eb20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4f:c2:31:ad:19:41:bc:a5:32:b3:c7:b4:3f:
61:c3:4a:d3:38:a8:f5:d7:b6:05:92:49:59:ff:47:
f6:0f:11:43:25:4c:69:d0:62:b2:4c:33:4c:e2:89:
8c:f8:4c:bd:b1:cd:d4:09:5f:60:42:8e:63:af:20:
7a:e3:e2:da:3f:0f:ac:f2:57:16:45:6f:bb:28:09:
34:40:e2:27:47:24:17:e1:63:09:41:e8:0c:5e:ce:
d6:c5:40:46:95:ce:01:f1:b7:5b:15:89:e5:b4:fa:
d6:95:e1:c1:d2:39:34:06:7d:cc:93:c7:06:0e:1a:
78:1e:33:b9:48:44:84:5a:e8:ef:f1:53:85:06:cf:
7a:4e:14:88:c1:d5:6a:72:b4:2d:49:d9:4c:95:e5:
6e:df:06:3d:db:8c:16:69:7e:96:b2:45:a8:8b:4c:
6e:2b:cf:47:5d:3b:b0:ad:51:b4:58:26:1c:24:a4:
44:1c:3a:73:42:72:df:3c:9e:33:b6:ce:8b:3c:37:
3e:72:70:7a:11:bd:0f:a1:ce:8d:03:09:a0:d9:98:
84:71:8a:78:32:a0:a1:29:e5:40:ce:ce:71:a7:a9:
87:60:99:b2:18:e3:dd:85:c4:18:08:d7:d4:14:4b:
38:14:f5:13:10:80:11:b6:1d:64:6c:3b:4e:10:02:
33:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:76:FE:41:6A:62:F1:34:BA:C4:D7:38:90:37:D4:9E:2B:37:EB:20
X509v3 Authority Key Identifier:
keyid:5E:9B:9B:ED:8F:8D:3D:57:9B:B0:55:2E:4F:C4:B8:19:86:86:1E:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xpub7Y-NPVebsFUuT8S4GYaGHmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/o3b-QWpi8TS6xNc4kDfUnis36yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/Xpub7Y-NPVebsFUuT8S4GYaGHmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.163.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:b9:31:d8:25:92:2a:c5:ee:ee:6a:6f:c1:b7:13:58:63:52:
8e:45:95:c2:81:1f:4c:a8:02:60:b7:c2:0c:a6:d2:eb:8e:3a:
54:d7:89:a5:c4:a5:e6:fd:e5:33:03:08:a8:50:d3:27:48:89:
89:3f:4e:c6:e4:68:80:fd:49:c0:fc:1b:85:fa:fb:8b:3c:83:
a1:1e:e3:5f:4b:63:dc:25:c7:46:ef:e7:b0:b2:8b:71:70:dc:
33:45:35:6f:05:21:6e:d3:26:31:78:ab:da:e6:2a:21:6a:1c:
84:ae:16:bc:34:59:20:f1:3d:b4:55:33:a2:23:63:d8:84:35:
ce:a2:58:a1:9a:93:a7:8c:87:9b:b1:9e:07:fc:c0:66:ec:f2:
a2:78:09:23:20:ed:85:e5:ce:67:ba:43:4d:22:2d:55:14:66:
30:a8:f9:ea:b7:50:af:2e:97:54:00:16:26:db:55:b0:21:90:
f7:d1:f1:58:52:91:cd:89:67:c7:6c:30:5e:d6:d0:2a:62:26:
33:cf:33:f7:7e:b0:a3:06:8f:84:4b:2a:20:50:af:45:cc:be:
ac:08:b9:5f:02:b4:d3:e8:6c:15:2c:5c:fa:f9:58:e2:76:63:
64:2b:7f:17:69:07:76:f0:d7:3b:e2:91:3b:19:ab:f6:4a:a2:
93:1f:d7:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMIi4AVUUIrDWiOAXh1ZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOWI5YmVkOGY4ZDNkNTc5YmIwNTUyZTRmYzRiODE5ODY4
NjFlNjQwHhcNMjMwMTAyMDYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc2ZmU0MTZhNjJmMTM0YmFjNGQ3Mzg5MDM3ZDQ5ZTJiMzdlYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU/CMa0ZQbylMrPHtD9hw0rTOKj1
17YFkklZ/0f2DxFDJUxp0GKyTDNM4omM+Ey9sc3UCV9gQo5jryB64+LaPw+s8lcW
RW+7KAk0QOInRyQX4WMJQegMXs7WxUBGlc4B8bdbFYnltPrWleHB0jk0Bn3Mk8cG
Dhp4HjO5SESEWujv8VOFBs96ThSIwdVqcrQtSdlMleVu3wY924wWaX6WskWoi0xu
K89HXTuwrVG0WCYcJKREHDpzQnLfPJ4zts6LPDc+cnB6Eb0Poc6NAwmg2ZiEcYp4
MqChKeVAzs5xp6mHYJmyGOPdhcQYCNfUFEs4FPUTEIARth1kbDtOEAIzywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKN2/kFqYvE0usTXOJA31J4rN+sgMB8GA1UdIwQY
MBaAFF6bm+2PjT1Xm7BVLk/EuBmGhh5kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHB1YjdZLU5QVmVic0ZVdVQ4UzRHWWFHSG1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80NDhjODUtYTk2Ni00ZGYyLTk4ZTQt
YTVhNWFkMDZlYjQzLzEvbzNiLVFXcGk4VFM2eE5jNGtEZlVuaXMzNnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80NDhjODUtYTk2Ni00ZGYyLTk4ZTQtYTVhNWFkMDZlYjQz
LzEvWHB1YjdZLU5QVmVic0ZVdVQ4UzRHWWFHSG1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW+jMA0G
CSqGSIb3DQEBCwUAA4IBAQDRuTHYJZIqxe7uam/BtxNYY1KORZXCgR9MqAJgt8IM
ptLrjjpU14mlxKXm/eUzAwioUNMnSImJP07G5GiA/UnA/BuF+vuLPIOhHuNfS2Pc
JcdG7+ewsotxcNwzRTVvBSFu0yYxeKva5iohahyErha8NFkg8T20VTOiI2PYhDXO
olihmpOnjIebsZ4H/MBm7PKieAkjIO2F5c5nukNNIi1VFGYwqPnqt1CvLpdUABYm
21WwIZD30fFYUpHNiWfHbDBe1tAqYiYzzzP3frCjBo+ESyogUK9FzL6sCLlfArTT
6GwVLFz6+VjidmNkK38XaQd28Nc74pE7Gav2SqKTH9d4
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:10:11 2025 by rpki-client