Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/oz8-EmJz0lyvFvFy2o4en_o971k.roa
File: oz8-EmJz0lyvFvFy2o4en_o971k.roa (raw, json)
Hash identifier: Ia2SrXA59wDzkiHT1qO9PbVJ5+GcrsZGtxDSXAx92rA=
Subject key identifier: A3:3F:3E:12:62:73:D2:5C:AF:16:F1:72:DA:8E:1E:9F:FA:3D:EF:59
Certificate issuer: /CN=76ee9f7d8e5d18c50884f83378ae48ba2fcda6e2
Certificate serial: 026715F1
Authority key identifier: 76:EE:9F:7D:8E:5D:18:C5:08:84:F8:33:78:AE:48:BA:2F:CD:A6:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/du6ffY5dGMUIhPgzeK5Iui_NpuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/oz8-EmJz0lyvFvFy2o4en_o971k.roa
Signing time: Sat 01 Jan 2022 07:56:24 +0000
ROA not before: Sat 01 Jan 2022 07:56:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211566
IP address blocks: 193.3.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40310257 (0x26715f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76ee9f7d8e5d18c50884f83378ae48ba2fcda6e2
Validity
Not Before: Jan 1 07:56:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a33f3e126273d25caf16f172da8e1e9ffa3def59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e6:99:ec:6b:17:00:cc:40:85:05:65:2d:a0:
4d:a2:a8:16:48:c3:fb:2f:2a:70:c3:c6:60:28:58:
4e:54:b8:51:ec:3b:20:ab:c8:e0:48:4a:0c:55:5a:
5b:5a:7c:59:fd:83:9e:ac:c6:42:5b:84:0b:79:3b:
62:fa:c4:ec:0c:07:e5:98:73:39:d5:13:34:82:b5:
fc:34:fe:5c:65:d9:0f:07:07:11:92:9d:cd:99:86:
3a:87:72:1e:50:40:6c:e7:32:18:f1:19:9b:88:7c:
a5:04:bf:89:ce:f7:82:4b:78:41:7c:12:b4:fd:2a:
20:8b:10:50:d6:20:89:cb:32:2c:52:a4:8e:5d:8a:
e7:0a:e7:3d:c8:f2:24:e2:7c:9f:05:b9:d2:19:32:
71:aa:0d:00:14:0c:65:db:5c:9f:c3:54:2f:30:75:
0c:c4:cd:99:b0:91:7a:24:63:f4:ce:62:2f:c5:d5:
89:92:3a:d1:cc:91:00:c7:ca:83:e7:85:70:f7:a0:
18:2c:fd:3f:a2:15:68:11:bb:00:83:a6:71:ea:d8:
91:09:13:66:f6:d7:89:10:67:f2:83:9b:17:5a:bc:
c0:65:99:42:b7:1d:d2:4a:33:71:7a:ee:a4:b5:bd:
97:a2:80:af:56:c7:f5:ee:05:60:1f:ee:59:9d:cd:
08:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3F:3E:12:62:73:D2:5C:AF:16:F1:72:DA:8E:1E:9F:FA:3D:EF:59
X509v3 Authority Key Identifier:
keyid:76:EE:9F:7D:8E:5D:18:C5:08:84:F8:33:78:AE:48:BA:2F:CD:A6:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/du6ffY5dGMUIhPgzeK5Iui_NpuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/oz8-EmJz0lyvFvFy2o4en_o971k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/du6ffY5dGMUIhPgzeK5Iui_NpuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.33.0/24
Signature Algorithm: sha256WithRSAEncryption
51:38:65:6d:ae:3e:c6:fa:5e:e5:00:ae:91:ff:a0:c1:17:a2:
2d:84:70:c9:dd:9f:3e:1d:dd:b5:12:ff:19:fa:25:76:95:2a:
17:85:e0:44:85:b8:79:26:98:04:f7:e1:bc:fe:ea:08:11:ba:
39:9d:34:21:ee:f9:4e:98:10:f3:18:56:14:1e:72:c2:2f:d3:
1f:66:1a:11:ab:fb:ab:ec:2c:48:b9:5d:94:9e:7d:b1:a5:02:
e7:e5:95:11:c6:db:1f:36:fa:f7:93:9b:c1:01:0d:ee:a9:a9:
ef:0b:cf:30:b9:9a:69:8e:43:bd:ff:95:b7:a2:af:42:83:10:
cf:8c:5a:fa:42:5e:bf:49:27:38:d8:81:c0:bc:16:09:3f:4b:
ad:cf:23:c4:f8:55:53:c2:fc:0d:f5:6d:62:0a:01:7a:f3:27:
36:be:e1:75:a9:a6:03:4e:af:b5:37:8d:30:09:f3:97:ee:61:
88:d2:99:af:8e:07:60:f7:f8:06:47:ec:36:cb:01:fc:89:79:
53:d0:95:eb:ea:48:1a:3f:5c:5e:28:3e:51:0e:95:86:5f:05:
c6:c8:fb:44:41:ae:c7:a3:82:2d:3d:1d:ea:b3:b0:d2:7b:c6:
7b:ce:98:53:26:74:0e:94:ba:f0:06:12:f9:f4:90:76:96:3e:
7c:85:47:22
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmcV8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmVlOWY3ZDhlNWQxOGM1MDg4NGY4MzM3OGFlNDhiYTJmY2RhNmUyMB4XDTIyMDEw
MTA3NTYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTMzZjNlMTI2Mjcz
ZDI1Y2FmMTZmMTcyZGE4ZTFlOWZmYTNkZWY1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIbmmexrFwDMQIUFZS2gTaKoFkjD+y8qcMPGYChYTlS4Uew7
IKvI4EhKDFVaW1p8Wf2DnqzGQluEC3k7YvrE7AwH5ZhzOdUTNIK1/DT+XGXZDwcH
EZKdzZmGOodyHlBAbOcyGPEZm4h8pQS/ic73gkt4QXwStP0qIIsQUNYgicsyLFKk
jl2K5wrnPcjyJOJ8nwW50hkycaoNABQMZdtcn8NULzB1DMTNmbCReiRj9M5iL8XV
iZI60cyRAMfKg+eFcPegGCz9P6IVaBG7AIOmcerYkQkTZvbXiRBn8oObF1q8wGWZ
Qrcd0kozcXrupLW9l6KAr1bH9e4FYB/uWZ3NCI8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSjPz4SYnPSXK8W8XLajh6f+j3vWTAfBgNVHSMEGDAWgBR27p99jl0YxQiE
+DN4rki6L82m4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2R1NmZmWTVkR01VSWhQZ3plSzVJdWlfTnB1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvYWEzYjQyLWI2MDEtNDBiNC1iMjk5LWJmOGU5NjBmZTBhZC8x
L296OC1FbUp6MGx5dkZ2RnkybzRlbl9vOTcxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
YWEzYjQyLWI2MDEtNDBiNC1iMjk5LWJmOGU5NjBmZTBhZC8xL2R1NmZmWTVkR01V
SWhQZ3plSzVJdWlfTnB1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEDITANBgkqhkiG9w0BAQsFAAOC
AQEAUThlba4+xvpe5QCukf+gwReiLYRwyd2fPh3dtRL/GfoldpUqF4XgRIW4eSaY
BPfhvP7qCBG6OZ00Ie75TpgQ8xhWFB5ywi/TH2YaEav7q+wsSLldlJ59saUC5+WV
EcbbHzb695ObwQEN7qmp7wvPMLmaaY5Dvf+Vt6KvQoMQz4xa+kJev0knONiBwLwW
CT9Lrc8jxPhVU8L8DfVtYgoBevMnNr7hdammA06vtTeNMAnzl+5hiNKZr44HYPf4
BkfsNssB/Il5U9CV6+pIGj9cXig+UQ6Vhl8Fxsj7REGux6OCLT0d6rOw0nvGe86Y
UyZ0DpS68AYS+fSQdpY+fIVHIg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:37 2025 by rpki-client