Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a17b93-cc89-4d08-a5b2-636d6fc0048f/1/OJt0R9RW3v1iMsJlD294hFkqBAM.roa
File: OJt0R9RW3v1iMsJlD294hFkqBAM.roa (raw, json)
Hash identifier: TLJa7FzXvG75pIU7IXdNdidw4ibjgJ5IX13SjSTpFKA=
Subject key identifier: 38:9B:74:47:D4:56:DE:FD:62:32:C2:65:0F:6F:78:84:59:2A:04:03
Certificate issuer: /CN=9f8a3c9a9edf644735a94eb09f01cab39855d278
Certificate serial: 01856CE5E2B9E87FF5E67433B4173C2141F0
Authority key identifier: 9F:8A:3C:9A:9E:DF:64:47:35:A9:4E:B0:9F:01:CA:B3:98:55:D2:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n4o8mp7fZEc1qU6wnwHKs5hV0ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a17b93-cc89-4d08-a5b2-636d6fc0048f/1/OJt0R9RW3v1iMsJlD294hFkqBAM.roa
Signing time: Sun 01 Jan 2023 10:34:43 +0000
ROA not before: Sun 01 Jan 2023 10:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31522
IP address blocks: 193.138.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e5:e2:b9:e8:7f:f5:e6:74:33:b4:17:3c:21:41:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f8a3c9a9edf644735a94eb09f01cab39855d278
Validity
Not Before: Jan 1 10:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=389b7447d456defd6232c2650f6f7884592a0403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:56:73:4f:39:d7:5f:a7:ff:27:0f:a7:b5:be:
62:cb:40:ab:3e:06:a9:19:e0:e8:82:f6:fc:31:a7:
0c:cb:7e:13:f3:d1:d2:63:56:64:18:0a:1b:36:9e:
ca:93:98:2b:00:a3:72:91:07:a4:75:8d:9d:37:fb:
a2:57:dd:4f:4f:d2:c9:3c:f8:c3:e5:ec:e8:f2:10:
c6:9c:57:ab:98:67:d1:01:50:5f:99:e9:5f:8d:2b:
0a:f4:f2:d7:cc:7c:7e:44:94:d0:dc:5f:62:00:0b:
35:bb:cb:9b:04:14:f7:fd:f8:63:6f:b3:8c:a0:9c:
c7:e5:dc:61:4d:5f:bd:56:eb:e4:b0:6c:15:f0:1d:
ad:ef:71:2b:a3:33:f3:2d:ab:ce:10:0c:5f:20:29:
83:4e:7f:58:4e:b4:7c:02:a3:f9:86:3f:97:33:c6:
13:1c:e3:29:1c:d3:4f:ea:64:a5:57:75:9f:8a:7e:
76:68:7b:5f:f7:88:38:f3:40:35:85:aa:47:60:05:
6f:58:62:80:a7:17:d2:6b:2d:f0:b9:de:e2:45:e7:
97:8b:a6:c3:88:e9:7c:9a:5c:c5:97:5a:db:08:6d:
65:db:d5:aa:fc:3c:1a:4a:17:b9:68:cc:05:db:38:
f9:33:70:f8:ae:ef:0f:4b:8c:1a:7c:65:e0:f5:4c:
32:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9B:74:47:D4:56:DE:FD:62:32:C2:65:0F:6F:78:84:59:2A:04:03
X509v3 Authority Key Identifier:
keyid:9F:8A:3C:9A:9E:DF:64:47:35:A9:4E:B0:9F:01:CA:B3:98:55:D2:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n4o8mp7fZEc1qU6wnwHKs5hV0ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a17b93-cc89-4d08-a5b2-636d6fc0048f/1/OJt0R9RW3v1iMsJlD294hFkqBAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a17b93-cc89-4d08-a5b2-636d6fc0048f/1/n4o8mp7fZEc1qU6wnwHKs5hV0ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.67.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ac:ad:eb:2b:0a:1d:41:ba:56:fd:62:73:1c:f5:83:d9:e6:
43:4e:37:5e:89:c4:42:e2:63:5a:90:00:a7:88:34:55:56:44:
84:8b:78:60:8f:48:a5:a3:c1:c3:6f:bc:b2:8a:42:a7:9e:c6:
1f:ed:7c:9e:66:b9:c0:30:be:eb:f2:3e:af:94:67:c6:e2:39:
df:6f:bd:0e:1a:47:fb:30:5b:08:86:26:1d:b0:01:12:f5:1d:
cf:09:ab:55:76:25:2d:36:5e:97:03:7e:95:46:71:42:cb:aa:
88:00:07:ca:43:65:8e:e2:5e:43:6f:81:b8:ee:19:ec:32:6b:
2d:23:46:9d:b2:67:34:16:b0:1c:1b:17:3c:15:dc:19:d3:5a:
9a:7d:98:1c:1d:94:cb:d5:6e:f8:a0:a3:0d:3c:3a:da:c8:80:
c3:16:04:22:dd:7b:93:03:3e:aa:08:c0:e7:84:8d:09:f5:37:
b9:36:4d:5c:bf:93:75:a5:50:01:10:66:69:f6:38:7e:14:f0:
b3:92:9a:2d:9b:bd:13:77:41:17:9b:e9:e4:2a:f4:a0:75:59:
95:f2:37:49:cf:2c:3d:7f:85:eb:f4:44:3b:d6:d6:96:48:17:
99:5c:b9:96:eb:6a:14:7a:ec:2c:5b:89:4c:8c:e7:0a:33:71:
93:09:40:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5eK56H/15nQztBc8IUHwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmOGEzYzlhOWVkZjY0NDczNWE5NGViMDlmMDFjYWIzOTg1
NWQyNzgwHhcNMjMwMTAxMTAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODliNzQ0N2Q0NTZkZWZkNjIzMmMyNjUwZjZmNzg4NDU5MmEwNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1ZzTznXX6f/Jw+ntb5iy0CrPgap
GeDogvb8MacMy34T89HSY1ZkGAobNp7Kk5grAKNykQekdY2dN/uiV91PT9LJPPjD
5ezo8hDGnFermGfRAVBfmelfjSsK9PLXzHx+RJTQ3F9iAAs1u8ubBBT3/fhjb7OM
oJzH5dxhTV+9VuvksGwV8B2t73ErozPzLavOEAxfICmDTn9YTrR8AqP5hj+XM8YT
HOMpHNNP6mSlV3Wfin52aHtf94g480A1hapHYAVvWGKApxfSay3wud7iReeXi6bD
iOl8mlzFl1rbCG1l29Wq/DwaShe5aMwF2zj5M3D4ru8PS4wafGXg9UwyUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDibdEfUVt79YjLCZQ9veIRZKgQDMB8GA1UdIwQY
MBaAFJ+KPJqe32RHNalOsJ8ByrOYVdJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjRvOG1wN2ZaRWMxcVU2d253SEtzNWhWMG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMTdiOTMtY2M4OS00ZDA4LWE1YjIt
NjM2ZDZmYzAwNDhmLzEvT0p0MFI5UlczdjFpTXNKbEQyOTRoRmtxQkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMTdiOTMtY2M4OS00ZDA4LWE1YjItNjM2ZDZmYzAwNDhm
LzEvbjRvOG1wN2ZaRWMxcVU2d253SEtzNWhWMG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYpDMA0G
CSqGSIb3DQEBCwUAA4IBAQCNrK3rKwodQbpW/WJzHPWD2eZDTjdeicRC4mNakACn
iDRVVkSEi3hgj0ilo8HDb7yyikKnnsYf7XyeZrnAML7r8j6vlGfG4jnfb70OGkf7
MFsIhiYdsAES9R3PCatVdiUtNl6XA36VRnFCy6qIAAfKQ2WO4l5Db4G47hnsMmst
I0adsmc0FrAcGxc8FdwZ01qafZgcHZTL1W74oKMNPDrayIDDFgQi3XuTAz6qCMDn
hI0J9Te5Nk1cv5N1pVABEGZp9jh+FPCzkpotm70Td0EXm+nkKvSgdVmV8jdJzyw9
f4Xr9EQ71taWSBeZXLmW62oUeuwsW4lMjOcKM3GTCUCr
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:47:19 2025 by rpki-client