Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/7ee981-0d7c-4a53-ada1-ce1a8dc94048/1/2oaMRs_4ABUj1hkxt0DiTI2GdAU.roa
File: 2oaMRs_4ABUj1hkxt0DiTI2GdAU.roa (raw, json)
Hash identifier: xsNCNrcgznVayX5s4hkiAaURDJnaL8IBaay+Zdxn1lo=
Subject key identifier: DA:86:8C:46:CF:F8:00:15:23:D6:19:31:B7:40:E2:4C:8D:86:74:05
Certificate issuer: /CN=11fe3900e141c3b169a3cccb3557bccef2895e85
Certificate serial: 01856EC1F8FBCDB28349B3FC7B6BBED23ECC
Authority key identifier: 11:FE:39:00:E1:41:C3:B1:69:A3:CC:CB:35:57:BC:CE:F2:89:5E:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ef45AOFBw7Fpo8zLNVe8zvKJXoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/7ee981-0d7c-4a53-ada1-ce1a8dc94048/1/2oaMRs_4ABUj1hkxt0DiTI2GdAU.roa
Signing time: Sun 01 Jan 2023 19:14:44 +0000
ROA not before: Sun 01 Jan 2023 19:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48152
IP address blocks: 193.143.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:f8:fb:cd:b2:83:49:b3:fc:7b:6b:be:d2:3e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11fe3900e141c3b169a3cccb3557bccef2895e85
Validity
Not Before: Jan 1 19:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da868c46cff8001523d61931b740e24c8d867405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:49:42:69:5a:02:14:bd:85:25:17:95:14:c9:
82:76:72:98:ec:e5:cc:c6:12:d9:b1:af:00:9a:ca:
f0:8f:01:80:d7:59:ba:79:40:d2:43:9f:6c:1b:40:
0a:e8:e6:c1:d6:76:92:00:3b:4a:c3:7b:cd:8b:6b:
a0:ed:53:08:ab:5b:4e:8d:e4:0e:30:26:f2:93:89:
32:c6:5d:bb:0b:7a:31:92:ff:b4:86:4d:9a:37:0c:
1a:0f:70:65:d7:6d:eb:ff:7b:56:e7:45:57:5e:2a:
0b:f7:ff:7a:7c:eb:e6:90:27:c8:26:80:5a:97:75:
1c:71:9a:2b:6b:43:2e:ec:8a:ee:54:af:b8:45:91:
83:12:97:4b:80:f8:7a:d5:bd:75:e8:45:dd:47:28:
1b:d1:74:6f:0e:88:03:16:35:6a:f7:1d:2d:f5:59:
3c:92:99:a9:c4:59:34:c3:7c:e5:dc:78:a7:da:d8:
ae:8c:9e:3c:24:b3:3b:4c:83:4c:6c:3b:a2:73:e7:
27:3b:97:2c:82:d1:b2:ad:fa:c8:55:84:51:e6:3d:
74:ac:1e:8e:22:d7:28:2b:2c:d6:f1:5f:d8:40:7e:
6e:70:ff:e6:a3:db:a9:a4:d5:f0:39:b5:24:3c:16:
b5:b8:a4:5c:1c:fd:fe:57:02:ef:a6:7d:a2:74:79:
0d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:86:8C:46:CF:F8:00:15:23:D6:19:31:B7:40:E2:4C:8D:86:74:05
X509v3 Authority Key Identifier:
keyid:11:FE:39:00:E1:41:C3:B1:69:A3:CC:CB:35:57:BC:CE:F2:89:5E:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ef45AOFBw7Fpo8zLNVe8zvKJXoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7ee981-0d7c-4a53-ada1-ce1a8dc94048/1/2oaMRs_4ABUj1hkxt0DiTI2GdAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7ee981-0d7c-4a53-ada1-ce1a8dc94048/1/Ef45AOFBw7Fpo8zLNVe8zvKJXoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.122.0/24
Signature Algorithm: sha256WithRSAEncryption
70:f0:52:d2:c8:be:5e:ae:54:74:26:11:73:86:23:f7:12:41:
a3:38:45:9d:f3:4e:37:4e:f3:85:76:f0:be:2a:9a:e1:a2:ef:
10:88:0f:8c:44:71:a5:14:6c:42:c6:9b:60:2d:f6:f4:50:45:
d1:19:1f:1d:09:90:42:3c:5b:61:6f:95:ce:d3:3e:bd:5e:8d:
81:e4:3b:6f:c8:40:3c:b6:09:75:30:73:2f:0b:8d:83:27:36:
16:b4:82:ab:10:95:4e:06:c9:b3:a9:98:21:09:bd:ab:d9:50:
76:71:c9:ae:06:1f:55:9c:b5:62:e8:1f:cb:dd:36:36:c9:56:
4d:ac:78:b9:1a:b4:6c:65:f5:54:87:c3:12:63:e0:89:5e:d0:
2a:6a:3f:f7:ce:62:52:24:38:a2:03:45:49:e8:aa:46:2c:15:
de:82:5e:c4:23:75:c9:12:b8:90:45:b9:c8:cd:4e:de:52:28:
87:95:b8:d7:3b:0e:91:fd:3b:1c:15:bc:44:24:1d:49:93:ee:
4f:a3:9a:b4:91:cb:c2:29:fe:62:1f:12:c1:9c:44:8e:bf:e9:
27:f3:f6:e2:fa:2e:b6:46:b4:7d:1a:2e:a5:a8:10:f2:9a:6b:
b5:57:c3:78:73:f5:b0:5a:3f:46:0a:98:1f:96:4f:b1:1b:f8:
1c:70:81:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwfj7zbKDSbP8e2u+0j7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZmUzOTAwZTE0MWMzYjE2OWEzY2NjYjM1NTdiY2NlZjI4
OTVlODUwHhcNMjMwMTAxMTkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg2OGM0NmNmZjgwMDE1MjNkNjE5MzFiNzQwZTI0YzhkODY3NDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArklCaVoCFL2FJReVFMmCdnKY7OXM
xhLZsa8AmsrwjwGA11m6eUDSQ59sG0AK6ObB1naSADtKw3vNi2ug7VMIq1tOjeQO
MCbyk4kyxl27C3oxkv+0hk2aNwwaD3Bl123r/3tW50VXXioL9/96fOvmkCfIJoBa
l3UccZora0Mu7IruVK+4RZGDEpdLgPh61b116EXdRygb0XRvDogDFjVq9x0t9Vk8
kpmpxFk0w3zl3Hin2tiujJ48JLM7TINMbDuic+cnO5csgtGyrfrIVYRR5j10rB6O
ItcoKyzW8V/YQH5ucP/mo9uppNXwObUkPBa1uKRcHP3+VwLvpn2idHkNbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqGjEbP+AAVI9YZMbdA4kyNhnQFMB8GA1UdIwQY
MBaAFBH+OQDhQcOxaaPMyzVXvM7yiV6FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWY0NUFPRkJ3N0Zwbzh6TE5WZTh6dktKWG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83ZWU5ODEtMGQ3Yy00YTUzLWFkYTEt
Y2UxYThkYzk0MDQ4LzEvMm9hTVJzXzRBQlVqMWhreHQwRGlUSTJHZEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83ZWU5ODEtMGQ3Yy00YTUzLWFkYTEtY2UxYThkYzk0MDQ4
LzEvRWY0NUFPRkJ3N0Zwbzh6TE5WZTh6dktKWG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY96MA0G
CSqGSIb3DQEBCwUAA4IBAQBw8FLSyL5erlR0JhFzhiP3EkGjOEWd8043TvOFdvC+
Kprhou8QiA+MRHGlFGxCxptgLfb0UEXRGR8dCZBCPFthb5XO0z69Xo2B5DtvyEA8
tgl1MHMvC42DJzYWtIKrEJVOBsmzqZghCb2r2VB2ccmuBh9VnLVi6B/L3TY2yVZN
rHi5GrRsZfVUh8MSY+CJXtAqaj/3zmJSJDiiA0VJ6KpGLBXegl7EI3XJEriQRbnI
zU7eUiiHlbjXOw6R/TscFbxEJB1Jk+5Po5q0kcvCKf5iHxLBnESOv+kn8/bi+i62
RrR9Gi6lqBDymmu1V8N4c/WwWj9GCpgflk+xG/gccIGm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:40 2025 by rpki-client