Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/306330-11d2-443f-8342-ea5870653076/1/olriKTqhxQrEGzOgt6S5Nt9oZjA.roa
File: olriKTqhxQrEGzOgt6S5Nt9oZjA.roa (raw, json)
Hash identifier: AtsYbkcr7KUO5oDMzazscXDnXVRAfBbuuTvJOShU5cE=
Subject key identifier: A2:5A:E2:29:3A:A1:C5:0A:C4:1B:33:A0:B7:A4:B9:36:DF:68:66:30
Certificate issuer: /CN=c172c5aef33c06c4aef2dac8f0503fcbdd9a7287
Certificate serial: 09458FEA
Authority key identifier: C1:72:C5:AE:F3:3C:06:C4:AE:F2:DA:C8:F0:50:3F:CB:DD:9A:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wXLFrvM8BsSu8trI8FA_y92acoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/306330-11d2-443f-8342-ea5870653076/1/olriKTqhxQrEGzOgt6S5Nt9oZjA.roa
Signing time: Sat 01 Jan 2022 15:59:06 +0000
ROA not before: Sat 01 Jan 2022 15:59:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210292
IP address blocks: 160.238.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155553770 (0x9458fea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c172c5aef33c06c4aef2dac8f0503fcbdd9a7287
Validity
Not Before: Jan 1 15:59:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a25ae2293aa1c50ac41b33a0b7a4b936df686630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:97:f3:39:fc:03:0c:09:7a:8d:26:d2:cb:17:
d1:d7:62:c2:44:2d:7d:45:fa:48:97:52:d3:30:0a:
fb:3e:7e:55:fb:85:9b:c0:90:65:c5:a0:7f:fa:c8:
4c:6d:7b:26:7e:08:f1:e7:7b:49:3e:d8:bf:31:56:
5d:dd:c7:4b:8a:e9:ee:fb:04:04:d8:d3:7a:63:d5:
70:01:06:18:92:0b:65:bd:b0:39:95:a4:57:10:89:
ae:77:2d:7d:af:5c:15:79:18:ab:e9:2c:be:aa:cf:
33:6a:76:6b:61:44:b0:3d:07:95:49:eb:83:1b:3f:
5e:ff:6b:7a:6d:fb:68:c0:b7:c8:be:d1:ed:09:7c:
53:da:b1:16:da:f1:e6:25:3c:ef:90:c5:54:15:c7:
01:84:ab:a8:b5:47:76:67:12:de:31:18:d7:69:2d:
ba:ef:35:7f:58:7c:76:ba:7c:bd:17:7e:7e:db:df:
cf:f8:43:73:4d:f3:4e:7d:2c:04:c5:59:ed:d0:fd:
5c:54:56:c0:5b:9b:d7:bc:27:5b:be:21:80:de:3e:
bb:92:b3:af:3d:50:3e:5c:1a:8f:d9:db:d9:7c:a3:
31:01:c4:70:3f:64:50:07:73:31:68:0d:7a:95:b3:
f8:16:f2:fc:50:40:e0:17:33:3b:06:76:f5:0f:8b:
73:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:5A:E2:29:3A:A1:C5:0A:C4:1B:33:A0:B7:A4:B9:36:DF:68:66:30
X509v3 Authority Key Identifier:
keyid:C1:72:C5:AE:F3:3C:06:C4:AE:F2:DA:C8:F0:50:3F:CB:DD:9A:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wXLFrvM8BsSu8trI8FA_y92acoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/306330-11d2-443f-8342-ea5870653076/1/olriKTqhxQrEGzOgt6S5Nt9oZjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/306330-11d2-443f-8342-ea5870653076/1/wXLFrvM8BsSu8trI8FA_y92acoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.238.121.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a3:ca:f4:1b:19:ed:17:2a:31:e9:4e:2a:6c:df:6e:a9:30:
15:3f:53:78:7f:68:1b:a4:4c:7f:06:e8:50:08:71:2c:13:53:
f8:db:16:f8:44:0c:c5:65:79:96:f0:44:63:37:75:3b:05:76:
99:cb:8e:d3:0e:f0:7f:d7:58:59:f4:5c:49:b4:dd:f3:eb:cf:
f0:b6:33:c9:a2:bf:c3:38:b2:66:86:fe:00:da:b7:cd:94:29:
4f:ad:c3:3e:e1:c3:e1:20:93:b0:a2:ab:ce:ca:e0:1e:2c:f5:
a5:fd:1a:cb:f8:13:33:fa:58:d1:21:01:8e:25:76:dc:66:42:
ec:e2:30:79:9f:ec:dd:3e:95:ec:db:71:82:14:01:bf:c1:16:
84:e9:de:3d:92:67:06:2f:e9:70:0b:15:b9:b9:de:84:73:d7:
0b:a8:4a:54:61:74:bb:3e:d4:88:57:bf:01:a2:12:4c:72:b1:
78:19:b5:f6:e3:88:3b:43:f7:e1:99:5b:d4:1c:49:76:ed:fe:
fc:f4:5c:72:fb:f8:b1:ff:9c:ef:48:3d:0c:7b:ff:7a:7c:3f:
69:5e:3f:61:3f:f4:18:b8:58:8f:3e:e9:cf:dc:92:f2:c8:8e:
b0:57:02:79:c0:2a:00:93:fd:cf:b7:97:14:9d:b7:eb:24:f6:
c6:08:ad:3d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECUWP6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MTcyYzVhZWYzM2MwNmM0YWVmMmRhYzhmMDUwM2ZjYmRkOWE3Mjg3MB4XDTIyMDEw
MTE1NTkwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI1YWUyMjkzYWEx
YzUwYWM0MWIzM2EwYjdhNGI5MzZkZjY4NjYzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuX8zn8AwwJeo0m0ssX0ddiwkQtfUX6SJdS0zAK+z5+VfuF
m8CQZcWgf/rITG17Jn4I8ed7ST7YvzFWXd3HS4rp7vsEBNjTemPVcAEGGJILZb2w
OZWkVxCJrnctfa9cFXkYq+ksvqrPM2p2a2FEsD0HlUnrgxs/Xv9rem37aMC3yL7R
7Ql8U9qxFtrx5iU875DFVBXHAYSrqLVHdmcS3jEY12ktuu81f1h8drp8vRd+ftvf
z/hDc03zTn0sBMVZ7dD9XFRWwFub17wnW74hgN4+u5Kzrz1QPlwaj9nb2XyjMQHE
cD9kUAdzMWgNepWz+Bby/FBA4BczOwZ29Q+Lc/8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSiWuIpOqHFCsQbM6C3pLk232hmMDAfBgNVHSMEGDAWgBTBcsWu8zwGxK7y
2sjwUD/L3ZpyhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dYTEZydk04QnNTdTh0ckk4RkFfeTkyYWNvYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvMzA2MzMwLTExZDItNDQzZi04MzQyLWVhNTg3MDY1MzA3Ni8x
L29scmlLVHFoeFFyRUd6T2d0NlM1TnQ5b1pqQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
MzA2MzMwLTExZDItNDQzZi04MzQyLWVhNTg3MDY1MzA3Ni8xL3dYTEZydk04QnNT
dTh0ckk4RkFfeTkyYWNvYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKDueTANBgkqhkiG9w0BAQsFAAOC
AQEAFqPK9BsZ7RcqMelOKmzfbqkwFT9TeH9oG6RMfwboUAhxLBNT+NsW+EQMxWV5
lvBEYzd1OwV2mcuO0w7wf9dYWfRcSbTd8+vP8LYzyaK/wziyZob+ANq3zZQpT63D
PuHD4SCTsKKrzsrgHiz1pf0ay/gTM/pY0SEBjiV23GZC7OIweZ/s3T6V7NtxghQB
v8EWhOnePZJnBi/pcAsVubnehHPXC6hKVGF0uz7UiFe/AaISTHKxeBm19uOIO0P3
4Zlb1BxJdu3+/PRccvv4sf+c70g9DHv/enw/aV4/YT/0GLhYjz7pz9yS8siOsFcC
ecAqAJP9z7eXFJ236yT2xgitPQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:28 2025 by rpki-client