Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/35bee9-843f-4d38-9286-7aa49becf467/1/onLOdvoyaXIu8Bivv3AT-FRZJRs.roa
File: onLOdvoyaXIu8Bivv3AT-FRZJRs.roa (raw, json)
Hash identifier: 6QnhwAnBKB0Aqr4Z2BbbbmbVEzxywEGDqzs47B4eMRc=
Subject key identifier: A2:72:CE:76:FA:32:69:72:2E:F0:18:AF:BF:70:13:F8:54:59:25:1B
Certificate issuer: /CN=4ede4c65d735af79277ed14eb6c4cf5404c788d5
Certificate serial: 0188952AD45B1302632CD88FDCEE0E318400
Authority key identifier: 4E:DE:4C:65:D7:35:AF:79:27:7E:D1:4E:B6:C4:CF:54:04:C7:88:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tt5MZdc1r3knftFOtsTPVATHiNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/35bee9-843f-4d38-9286-7aa49becf467/1/onLOdvoyaXIu8Bivv3AT-FRZJRs.roa
Signing time: Wed 07 Jun 2023 09:23:12 +0000
ROA not before: Wed 07 Jun 2023 09:23:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49576
IP address blocks: 193.148.112.0/22 maxlen: 24
193.148.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:2a:d4:5b:13:02:63:2c:d8:8f:dc:ee:0e:31:84:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ede4c65d735af79277ed14eb6c4cf5404c788d5
Validity
Not Before: Jun 7 09:23:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a272ce76fa3269722ef018afbf7013f85459251b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7c:0b:25:3c:d3:bd:be:f3:3d:27:bc:41:0d:
17:13:a1:a6:ca:1a:f7:de:0c:80:3e:77:17:87:82:
9a:81:50:5a:8f:c1:57:2d:4c:cc:88:a8:7d:80:d6:
f4:22:eb:05:1f:88:00:c6:1a:ee:5a:f9:34:2a:37:
76:b2:6b:f4:83:e3:75:cc:85:ce:ba:ff:cb:51:b3:
ff:9f:3b:7e:af:6b:22:8d:23:c3:02:bd:c7:69:26:
72:37:2f:5f:ad:05:d1:b5:aa:2b:56:47:e4:5b:f3:
91:b9:c8:80:a6:36:18:77:5a:36:ab:8a:39:1e:b7:
49:11:46:e5:90:87:21:52:15:f5:03:26:1e:9c:e1:
a2:73:de:ac:c8:b7:a7:f3:5a:13:16:af:70:58:ec:
79:33:1a:35:df:3a:0e:52:0d:31:73:a5:3d:5e:6f:
ae:b7:4d:55:02:b5:fe:ab:e8:db:e9:de:19:94:4a:
c1:e6:77:ba:1d:b8:2a:97:a0:84:71:a2:13:2d:1c:
02:d5:48:ac:cf:d5:af:44:3b:d1:3f:ee:fb:28:99:
f5:11:3f:95:cb:08:ba:2d:e1:75:a8:78:fc:8a:fc:
48:6a:e4:e2:1a:14:37:e9:ce:83:e4:a1:66:6b:3b:
d4:a8:2a:e7:0b:ae:38:88:85:f5:e6:4c:6a:56:ae:
e9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:72:CE:76:FA:32:69:72:2E:F0:18:AF:BF:70:13:F8:54:59:25:1B
X509v3 Authority Key Identifier:
keyid:4E:DE:4C:65:D7:35:AF:79:27:7E:D1:4E:B6:C4:CF:54:04:C7:88:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tt5MZdc1r3knftFOtsTPVATHiNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/35bee9-843f-4d38-9286-7aa49becf467/1/onLOdvoyaXIu8Bivv3AT-FRZJRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/35bee9-843f-4d38-9286-7aa49becf467/1/Tt5MZdc1r3knftFOtsTPVATHiNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.99.0/24
193.148.112.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:14:df:f3:8f:28:92:35:77:19:19:24:be:19:65:20:1a:7f:
b5:2c:f4:2e:8f:1a:35:68:b4:9c:4d:43:84:b4:84:d6:6e:10:
4a:72:00:28:c7:0b:17:2c:d0:5a:72:77:54:9e:28:3f:89:f9:
f1:73:88:ca:03:35:c6:89:4a:4d:ea:96:3a:0d:24:5f:72:7c:
8f:b9:3e:d2:ea:fc:a2:58:44:31:a6:27:59:af:6b:32:70:75:
d9:cf:78:64:45:9e:28:07:c4:78:06:01:ce:a7:b0:dd:59:e5:
a5:fd:0a:b1:64:87:3b:24:c1:3f:27:b7:db:43:ec:6c:1a:d4:
64:69:ca:5b:c9:14:d3:71:6d:1e:eb:d0:59:ec:d2:3f:60:20:
76:84:3e:e3:64:b0:84:34:80:e6:c1:10:61:c6:2a:a1:17:80:
c0:48:6a:d8:f7:c2:24:8c:32:77:e5:90:1e:c4:49:e0:ba:ff:
48:e8:9f:cb:8f:ec:93:7a:d6:48:68:c6:84:fe:8b:9b:73:e3:
28:be:85:b2:99:d9:8e:f8:a7:3e:5f:db:52:d0:df:70:58:24:
68:03:af:6b:90:94:56:da:c8:90:0f:45:65:84:29:c4:4c:90:
66:06:16:d5:29:0e:c1:9f:20:98:f1:2d:9c:4b:c0:e4:3a:92:
72:1b:f5:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiVKtRbEwJjLNiP3O4OMYQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZGU0YzY1ZDczNWFmNzkyNzdlZDE0ZWI2YzRjZjU0MDRj
Nzg4ZDUwHhcNMjMwNjA3MDkyMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjcyY2U3NmZhMzI2OTcyMmVmMDE4YWZiZjcwMTNmODU0NTkyNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXwLJTzTvb7zPSe8QQ0XE6Gmyhr3
3gyAPncXh4KagVBaj8FXLUzMiKh9gNb0IusFH4gAxhruWvk0Kjd2smv0g+N1zIXO
uv/LUbP/nzt+r2sijSPDAr3HaSZyNy9frQXRtaorVkfkW/ORuciApjYYd1o2q4o5
HrdJEUblkIchUhX1AyYenOGic96syLen81oTFq9wWOx5Mxo13zoOUg0xc6U9Xm+u
t01VArX+q+jb6d4ZlErB5ne6Hbgql6CEcaITLRwC1Uisz9WvRDvRP+77KJn1ET+V
ywi6LeF1qHj8ivxIauTiGhQ36c6D5KFmazvUqCrnC644iIX15kxqVq7pnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKJyznb6MmlyLvAYr79wE/hUWSUbMB8GA1UdIwQY
MBaAFE7eTGXXNa95J37RTrbEz1QEx4jVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHQ1TVpkYzFyM2tuZnRGT3RzVFBWQVRIaU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zNWJlZTktODQzZi00ZDM4LTkyODYt
N2FhNDliZWNmNDY3LzEvb25MT2R2b3lhWEl1OEJpdnYzQVQtRlJaSlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8zNWJlZTktODQzZi00ZDM4LTkyODYtN2FhNDliZWNmNDY3
LzEvVHQ1TVpkYzFyM2tuZnRGT3RzVFBWQVRIaU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwZRjAwQC
wZRwMA0GCSqGSIb3DQEBCwUAA4IBAQAbFN/zjyiSNXcZGSS+GWUgGn+1LPQujxo1
aLScTUOEtITWbhBKcgAoxwsXLNBacndUnig/ifnxc4jKAzXGiUpN6pY6DSRfcnyP
uT7S6vyiWEQxpidZr2sycHXZz3hkRZ4oB8R4BgHOp7DdWeWl/QqxZIc7JME/J7fb
Q+xsGtRkacpbyRTTcW0e69BZ7NI/YCB2hD7jZLCENIDmwRBhxiqhF4DASGrY98Ik
jDJ35ZAexEnguv9I6J/Lj+yTetZIaMaE/oubc+MovoWymdmO+Kc+X9tS0N9wWCRo
A69rkJRW2siQD0VlhCnETJBmBhbVKQ7BnyCY8S2cS8DkOpJyG/Wz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:30 2025 by rpki-client