Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/75211e-3619-425f-babd-79dc3d0bbed8/1/oiPZxwYMqYFvpyUktK9xaIX_4XU.roa
File: oiPZxwYMqYFvpyUktK9xaIX_4XU.roa (raw, json)
Hash identifier: kAmw9H3aQNmyICx9jKvSp17p41tVdcjhVtP34S4/NEY=
Subject key identifier: A2:23:D9:C7:06:0C:A9:81:6F:A7:25:24:B4:AF:71:68:85:FF:E1:75
Certificate issuer: /CN=218db28823f3708b255aa124ba6ef741d113eaf3
Certificate serial: 01857246CF033DAFB9A149452DE8106ABB36
Authority key identifier: 21:8D:B2:88:23:F3:70:8B:25:5A:A1:24:BA:6E:F7:41:D1:13:EA:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IY2yiCPzcIslWqEkum73QdET6vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/75211e-3619-425f-babd-79dc3d0bbed8/1/oiPZxwYMqYFvpyUktK9xaIX_4XU.roa
Signing time: Mon 02 Jan 2023 11:38:41 +0000
ROA not before: Mon 02 Jan 2023 11:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8245
IP address blocks: 194.48.184.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:cf:03:3d:af:b9:a1:49:45:2d:e8:10:6a:bb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218db28823f3708b255aa124ba6ef741d113eaf3
Validity
Not Before: Jan 2 11:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a223d9c7060ca9816fa72524b4af716885ffe175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:67:e0:16:ff:c8:71:04:1c:08:da:64:18:ba:
f5:5d:8b:54:cc:bf:e7:05:6a:a2:0d:17:5c:7d:00:
c1:49:8d:80:a3:16:c6:81:ec:b3:5e:7d:e3:e4:76:
b8:ac:40:cd:b7:42:87:38:ea:cd:e5:5d:71:c7:8e:
55:a6:71:dc:34:cf:4a:93:02:12:33:29:2e:aa:0e:
03:d2:a7:b5:66:13:70:75:5f:3c:1c:81:99:7b:ab:
0a:83:eb:84:73:ef:90:74:58:50:7e:e4:fb:75:a3:
b5:cd:2b:b3:77:4d:28:26:25:dd:ec:b4:17:d3:5d:
59:04:63:bc:91:46:0d:2d:1d:68:49:96:f5:63:3f:
c1:8a:16:19:a0:da:25:0a:fc:b1:44:da:02:e3:1f:
27:1e:20:6a:7f:06:82:ed:66:54:60:a4:2d:f3:f6:
28:a6:a3:24:ed:e7:fc:cb:30:8e:4d:3b:f5:7a:25:
94:76:99:95:4b:1f:ea:ac:0a:9a:f1:ef:cf:a6:bb:
68:16:66:07:9e:0d:09:f6:04:85:a1:84:7b:87:1c:
95:7b:18:05:29:81:fe:e1:d0:cb:75:44:26:f1:bd:
3d:5d:9f:b9:f7:ad:c3:e1:9e:7f:09:51:db:a8:31:
56:54:ba:9c:a8:94:8d:db:65:01:f5:74:ea:1f:b2:
1b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:23:D9:C7:06:0C:A9:81:6F:A7:25:24:B4:AF:71:68:85:FF:E1:75
X509v3 Authority Key Identifier:
keyid:21:8D:B2:88:23:F3:70:8B:25:5A:A1:24:BA:6E:F7:41:D1:13:EA:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IY2yiCPzcIslWqEkum73QdET6vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/75211e-3619-425f-babd-79dc3d0bbed8/1/oiPZxwYMqYFvpyUktK9xaIX_4XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/75211e-3619-425f-babd-79dc3d0bbed8/1/IY2yiCPzcIslWqEkum73QdET6vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.184.0/22
Signature Algorithm: sha256WithRSAEncryption
08:92:af:10:a9:3c:0a:76:a6:bd:1c:b3:b6:e2:06:59:9c:53:
ba:d4:b7:7c:53:27:1a:84:2f:c6:a9:dd:c4:e1:93:a4:86:fc:
13:dc:39:9b:b6:c7:8c:a4:a3:56:ac:3b:9e:b4:2b:29:fb:51:
f4:5e:08:0d:68:a7:99:bb:92:08:7a:92:40:f2:f4:25:85:25:
8e:6a:2d:4a:69:90:01:96:05:b6:3f:16:75:00:57:91:ea:5f:
96:75:aa:43:ec:35:3d:f7:db:e7:25:d3:8a:60:bc:db:85:65:
ad:88:e4:c7:f2:95:81:44:bb:5d:dc:c8:c0:6f:93:21:43:4a:
17:0f:21:32:77:b6:5f:5d:a7:9c:de:70:a2:25:0b:9f:0e:78:
d1:2a:78:5a:80:af:d2:43:9b:4c:ad:2b:8a:8e:42:06:6c:e3:
0d:bb:c9:35:bd:0e:41:44:b3:6c:b1:52:b7:f2:14:81:13:e2:
08:d6:63:f9:d8:65:6b:ed:b5:f3:28:44:11:fb:eb:0f:2e:37:
cc:b0:e8:b3:f0:34:af:3d:e6:cc:86:51:bf:de:9d:31:5f:c9:
75:3d:a3:6c:71:1c:36:16:6c:c7:e7:ea:63:16:ac:f1:35:4d:
ad:7c:b9:11:74:47:9b:d2:60:b2:bc:4f:7a:cc:c7:31:ea:b1:
81:fc:4e:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRs8DPa+5oUlFLegQars2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxOGRiMjg4MjNmMzcwOGIyNTVhYTEyNGJhNmVmNzQxZDEx
M2VhZjMwHhcNMjMwMTAyMTEzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjIzZDljNzA2MGNhOTgxNmZhNzI1MjRiNGFmNzE2ODg1ZmZlMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmfgFv/IcQQcCNpkGLr1XYtUzL/n
BWqiDRdcfQDBSY2AoxbGgeyzXn3j5Ha4rEDNt0KHOOrN5V1xx45VpnHcNM9KkwIS
Mykuqg4D0qe1ZhNwdV88HIGZe6sKg+uEc++QdFhQfuT7daO1zSuzd00oJiXd7LQX
011ZBGO8kUYNLR1oSZb1Yz/BihYZoNolCvyxRNoC4x8nHiBqfwaC7WZUYKQt8/Yo
pqMk7ef8yzCOTTv1eiWUdpmVSx/qrAqa8e/PprtoFmYHng0J9gSFoYR7hxyVexgF
KYH+4dDLdUQm8b09XZ+5963D4Z5/CVHbqDFWVLqcqJSN22UB9XTqH7IbSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKIj2ccGDKmBb6clJLSvcWiF/+F1MB8GA1UdIwQY
MBaAFCGNsogj83CLJVqhJLpu90HRE+rzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVkyeWlDUHpjSXNsV3FFa3VtNzNRZEVUNnZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83NTIxMWUtMzYxOS00MjVmLWJhYmQt
NzlkYzNkMGJiZWQ4LzEvb2lQWnh3WU1xWUZ2cHlVa3RLOXhhSVhfNFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83NTIxMWUtMzYxOS00MjVmLWJhYmQtNzlkYzNkMGJiZWQ4
LzEvSVkyeWlDUHpjSXNsV3FFa3VtNzNRZEVUNnZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjC4MA0G
CSqGSIb3DQEBCwUAA4IBAQAIkq8QqTwKdqa9HLO24gZZnFO61Ld8UycahC/Gqd3E
4ZOkhvwT3DmbtseMpKNWrDuetCsp+1H0XggNaKeZu5IIepJA8vQlhSWOai1KaZAB
lgW2PxZ1AFeR6l+WdapD7DU999vnJdOKYLzbhWWtiOTH8pWBRLtd3MjAb5MhQ0oX
DyEyd7ZfXaec3nCiJQufDnjRKnhagK/SQ5tMrSuKjkIGbOMNu8k1vQ5BRLNssVK3
8hSBE+II1mP52GVr7bXzKEQR++sPLjfMsOiz8DSvPebMhlG/3p0xX8l1PaNscRw2
FmzH5+pjFqzxNU2tfLkRdEeb0mCyvE96zMcx6rGB/E7E
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:18 2025 by rpki-client