Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/o0wZXdoTsNqlyDTDEf0ePb__mQQ.roa
File: o0wZXdoTsNqlyDTDEf0ePb__mQQ.roa (raw, json)
Hash identifier: vK18CCGzyr1GRjujONKKrXy6fTJ0C5s3D/6qr99fU9k=
Subject key identifier: A3:4C:19:5D:DA:13:B0:DA:A5:C8:34:C3:11:FD:1E:3D:BF:FF:99:04
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 0186835FBDC35B4FBA98AB1E5AF3DD560566
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/o0wZXdoTsNqlyDTDEf0ePb__mQQ.roa
Signing time: Fri 24 Feb 2023 12:22:15 +0000
ROA not before: Fri 24 Feb 2023 12:22:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44398
IP address blocks: 192.66.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:83:5f:bd:c3:5b:4f:ba:98:ab:1e:5a:f3:dd:56:05:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Feb 24 12:22:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a34c195dda13b0daa5c834c311fd1e3dbfff9904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bf:49:5d:95:08:65:28:f9:fb:40:ae:29:39:
8c:cc:2e:a2:e4:a1:18:e1:f6:0a:ab:f6:f7:51:e9:
dd:f0:f2:6b:b6:8a:16:f6:94:34:de:1c:a7:62:c9:
1b:6f:d1:49:c1:4c:1b:d0:93:b2:ba:42:c5:1a:64:
4d:d5:36:b9:38:60:c2:e2:31:a8:91:f6:4f:89:64:
d5:ec:a2:e1:2e:b4:25:df:57:c1:29:c4:9f:59:c9:
8c:ed:5e:b3:12:c4:a7:03:cd:cb:84:72:19:ec:51:
da:17:74:65:92:ef:2b:f4:42:25:8e:70:49:6e:50:
ca:b7:87:06:bf:c8:b4:ee:3c:1b:b8:4d:d6:09:88:
51:48:c3:a5:b8:a7:e0:77:a1:01:b2:05:bf:da:76:
2a:e6:ae:a4:a0:3e:61:27:a3:7d:19:64:1a:d8:d9:
cf:d5:63:7e:2a:d2:fe:4b:2d:0d:43:a0:3a:7b:c1:
39:8b:de:91:e6:48:b7:26:88:6e:03:3f:7f:d0:dd:
65:30:ec:9b:7b:51:02:83:09:91:bf:64:8c:7b:59:
4a:49:a4:22:c7:cf:b2:d2:7c:f0:ea:ef:3a:4c:d5:
42:dd:49:13:6d:03:84:15:dc:11:5b:08:fd:2c:15:
98:98:90:55:d9:19:cc:bf:a3:fc:d8:d7:a5:e1:36:
d8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:4C:19:5D:DA:13:B0:DA:A5:C8:34:C3:11:FD:1E:3D:BF:FF:99:04
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/o0wZXdoTsNqlyDTDEf0ePb__mQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.66.172.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:82:94:37:9e:eb:b3:4e:de:fe:ab:ab:ab:e7:0f:29:b5:1b:
31:03:a5:5e:fb:06:c4:51:a0:6c:4a:ce:f0:a1:47:6e:68:7f:
4a:21:fc:ce:84:fd:09:78:d2:01:27:64:a4:cc:b3:96:db:ca:
93:b7:b8:c9:8a:f4:c2:7a:94:45:25:60:1e:48:07:c7:7a:4c:
7d:64:3e:b8:09:06:93:c7:f9:1b:03:90:ea:94:5f:77:2a:db:
56:27:da:91:41:b1:6f:2a:d1:46:31:6b:e4:e3:23:13:59:ce:
ba:2f:f9:4c:cd:ab:70:0e:fa:b7:89:b9:1e:c2:d8:65:18:74:
c7:d5:6c:bf:01:ef:32:2c:a7:70:5b:e4:5d:a8:58:0f:80:ca:
db:7a:9d:67:db:8e:9e:09:29:16:ba:dc:bb:36:28:ea:98:a7:
5e:78:03:a6:02:28:d0:6e:33:66:63:b8:42:54:85:1a:5b:9a:
e4:38:77:6c:b7:e2:f4:79:fb:27:39:b3:bd:66:92:47:d0:16:
ad:87:d0:f4:ce:bc:56:b6:ab:75:34:bb:33:4d:40:61:e6:0a:
aa:66:5d:47:c9:af:9e:55:66:6d:e1:57:1b:2a:32:7e:40:35:
b8:52:a2:e5:14:62:51:6c:57:5d:9c:07:d0:bf:ae:72:6f:1f:
20:83:10:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaDX73DW0+6mKseWvPdVgVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGIyNGM3NmFkODdhNmMxZmVkZmZhZjA4ZDliMTdiNDUy
NDk5OTEwHhcNMjMwMjI0MTIyMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzRjMTk1ZGRhMTNiMGRhYTVjODM0YzMxMWZkMWUzZGJmZmY5OTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL9JXZUIZSj5+0CuKTmMzC6i5KEY
4fYKq/b3Uend8PJrtooW9pQ03hynYskbb9FJwUwb0JOyukLFGmRN1Ta5OGDC4jGo
kfZPiWTV7KLhLrQl31fBKcSfWcmM7V6zEsSnA83LhHIZ7FHaF3Rlku8r9EIljnBJ
blDKt4cGv8i07jwbuE3WCYhRSMOluKfgd6EBsgW/2nYq5q6koD5hJ6N9GWQa2NnP
1WN+KtL+Sy0NQ6A6e8E5i96R5ki3JohuAz9/0N1lMOybe1ECgwmRv2SMe1lKSaQi
x8+y0nzw6u86TNVC3UkTbQOEFdwRWwj9LBWYmJBV2RnMv6P82Nel4TbYAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNMGV3aE7Dapcg0wxH9Hj2//5kEMB8GA1UdIwQY
MBaAFC6LJMdq2HpsH+3/rwjZsXtFJJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAt
OTExOTBhMDJkYjcwLzEvbzB3Wlhkb1RzTnFseURUREVmMGVQYl9fbVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAtOTExOTBhMDJkYjcw
LzEvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEKsMA0G
CSqGSIb3DQEBCwUAA4IBAQBugpQ3nuuzTt7+q6ur5w8ptRsxA6Ve+wbEUaBsSs7w
oUduaH9KIfzOhP0JeNIBJ2SkzLOW28qTt7jJivTCepRFJWAeSAfHekx9ZD64CQaT
x/kbA5DqlF93KttWJ9qRQbFvKtFGMWvk4yMTWc66L/lMzatwDvq3ibkewthlGHTH
1Wy/Ae8yLKdwW+RdqFgPgMrbep1n246eCSkWuty7NijqmKdeeAOmAijQbjNmY7hC
VIUaW5rkOHdst+L0efsnObO9ZpJH0Bath9D0zrxWtqt1NLszTUBh5gqqZl1Hya+e
VWZt4VcbKjJ+QDW4UqLlFGJRbFddnAfQv65ybx8ggxAB
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:50:08 2025 by rpki-client