Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/owTfhrVFgCvYhzbUej3niGkMZK4.roa
File: owTfhrVFgCvYhzbUej3niGkMZK4.roa (raw, json)
Hash identifier: 5jqNojwPRuG1r2pqb24voei2cpHzoB/FS7tfYngVDiI=
Subject key identifier: A3:04:DF:86:B5:45:80:2B:D8:87:36:D4:7A:3D:E7:88:69:0C:64:AE
Certificate issuer: /CN=673b3a71cf772755a3df8ced5d73516f871c0a11
Certificate serial: 0185727A2BF33A59361F74097F2D108B5F49
Authority key identifier: 67:3B:3A:71:CF:77:27:55:A3:DF:8C:ED:5D:73:51:6F:87:1C:0A:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zzs6cc93J1Wj34ztXXNRb4ccChE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/owTfhrVFgCvYhzbUej3niGkMZK4.roa
Signing time: Mon 02 Jan 2023 12:34:47 +0000
ROA not before: Mon 02 Jan 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 170.102.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:2b:f3:3a:59:36:1f:74:09:7f:2d:10:8b:5f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=673b3a71cf772755a3df8ced5d73516f871c0a11
Validity
Not Before: Jan 2 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a304df86b545802bd88736d47a3de788690c64ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c4:7c:cf:0a:f4:e6:00:b6:e6:b7:f6:d7:53:
a8:61:d2:24:b0:d1:72:b9:a0:2c:11:49:bb:b5:13:
e5:32:e6:f3:10:79:1c:98:15:65:a9:a0:b1:2d:27:
36:ab:bc:1a:1b:92:5e:ff:d1:c3:51:e9:e5:c2:cd:
d4:95:52:09:3a:90:1e:f4:6c:02:4a:cf:2c:99:5b:
6e:b9:85:00:76:95:bf:93:f5:04:d6:fc:82:f5:98:
30:78:a9:99:0a:b3:3c:73:ce:51:f2:3d:ae:52:21:
93:95:e1:b5:cd:98:f1:7d:84:d7:0f:6e:bf:d1:05:
83:91:27:df:9e:eb:bd:fe:5c:6a:f6:4f:41:45:df:
26:78:21:bf:7e:a8:bb:6a:30:40:f2:f4:40:cb:bc:
4b:d1:7b:8b:fa:59:25:d5:b3:65:07:c6:50:3c:70:
68:32:68:6c:ab:31:2c:86:4e:4c:82:cd:01:cb:14:
c2:4b:a4:19:f3:e3:d2:91:39:2a:b8:6e:c5:65:96:
8e:38:64:66:12:bf:a5:63:19:85:7e:ad:75:fa:97:
c7:b3:53:9b:0e:4d:7f:76:64:9a:4b:b6:28:f5:26:
2e:62:e1:5e:3c:77:5a:73:ac:72:ba:96:af:d9:c5:
6a:a3:26:f9:3a:1c:e5:d8:90:04:30:3a:10:5e:aa:
c8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:04:DF:86:B5:45:80:2B:D8:87:36:D4:7A:3D:E7:88:69:0C:64:AE
X509v3 Authority Key Identifier:
keyid:67:3B:3A:71:CF:77:27:55:A3:DF:8C:ED:5D:73:51:6F:87:1C:0A:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zzs6cc93J1Wj34ztXXNRb4ccChE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/owTfhrVFgCvYhzbUej3niGkMZK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/Zzs6cc93J1Wj34ztXXNRb4ccChE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.102.196.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:e1:f1:bb:12:c7:bc:af:c5:6e:17:cc:0f:6c:32:b8:a6:83:
4f:c2:e5:00:85:28:5e:92:13:bd:47:fc:e4:a5:9b:77:58:6d:
bc:2e:9b:fb:50:f3:f1:9e:5f:16:51:97:43:ce:f1:50:5f:6c:
a1:e8:05:53:04:bb:1a:80:c1:77:dd:d3:fa:ca:a2:ec:22:69:
f0:58:a9:e5:76:e9:da:16:93:8b:27:d1:02:1b:ad:52:9a:91:
b9:e1:5b:8b:af:df:fa:c6:0b:35:97:a2:27:00:0e:07:b7:08:
15:0c:66:58:35:93:f4:98:6e:da:58:0f:69:a9:65:82:79:f9:
65:80:d7:d5:81:f2:70:32:cf:7e:16:ed:ad:37:1d:90:4d:9c:
68:85:f8:9f:86:14:da:e4:cd:eb:2e:f5:dd:2e:ab:e2:5a:41:
b3:30:3b:22:6b:b4:6d:65:9b:ba:07:50:2c:99:84:57:a9:b8:
98:be:b0:b4:3c:ca:a7:83:9d:8a:20:ec:b2:aa:9a:86:41:aa:
f6:67:0a:72:a7:da:2c:2f:0b:cd:9e:1e:65:69:c3:38:d5:6b:
47:b1:a9:ba:05:7c:ee:d0:e8:15:52:73:6b:e6:cc:34:5e:cb:
08:b8:d1:d1:4f:1c:0a:da:8f:a0:20:65:20:6f:6d:ea:53:9a:
83:34:18:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyeivzOlk2H3QJfy0Qi19JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3M2IzYTcxY2Y3NzI3NTVhM2RmOGNlZDVkNzM1MTZmODcx
YzBhMTEwHhcNMjMwMTAyMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzA0ZGY4NmI1NDU4MDJiZDg4NzM2ZDQ3YTNkZTc4ODY5MGM2NGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMR8zwr05gC25rf211OoYdIksNFy
uaAsEUm7tRPlMubzEHkcmBVlqaCxLSc2q7waG5Je/9HDUenlws3UlVIJOpAe9GwC
Ss8smVtuuYUAdpW/k/UE1vyC9ZgweKmZCrM8c85R8j2uUiGTleG1zZjxfYTXD26/
0QWDkSffnuu9/lxq9k9BRd8meCG/fqi7ajBA8vRAy7xL0XuL+lkl1bNlB8ZQPHBo
MmhsqzEshk5Mgs0ByxTCS6QZ8+PSkTkquG7FZZaOOGRmEr+lYxmFfq11+pfHs1Ob
Dk1/dmSaS7Yo9SYuYuFePHdac6xyupav2cVqoyb5Ohzl2JAEMDoQXqrIAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKME34a1RYAr2Ic21Ho954hpDGSuMB8GA1UdIwQY
MBaAFGc7OnHPdydVo9+M7V1zUW+HHAoRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnpzNmNjOTNKMVdqMzR6dFhYTlJiNGNjQ2hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9jOTQ4NTUtNWIxYS00Zjk2LWI3YTEt
NmZlMWYyOTRlNjI3LzEvb3dUZmhyVkZnQ3ZZaHpiVWVqM25pR2tNWks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9jOTQ4NTUtNWIxYS00Zjk2LWI3YTEtNmZlMWYyOTRlNjI3
LzEvWnpzNmNjOTNKMVdqMzR6dFhYTlJiNGNjQ2hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqmbEMA0G
CSqGSIb3DQEBCwUAA4IBAQAr4fG7Ese8r8VuF8wPbDK4poNPwuUAhShekhO9R/zk
pZt3WG28Lpv7UPPxnl8WUZdDzvFQX2yh6AVTBLsagMF33dP6yqLsImnwWKnlduna
FpOLJ9ECG61SmpG54VuLr9/6xgs1l6InAA4HtwgVDGZYNZP0mG7aWA9pqWWCefll
gNfVgfJwMs9+Fu2tNx2QTZxohfifhhTa5M3rLvXdLqviWkGzMDsia7RtZZu6B1As
mYRXqbiYvrC0PMqng52KIOyyqpqGQar2Zwpyp9osLwvNnh5lacM41WtHsam6BXzu
0OgVUnNr5sw0XssIuNHRTxwK2o+gIGUgb23qU5qDNBig
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:08 2025 by rpki-client