Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a2d47e-d114-43a1-bdca-59005b2981d3/1/1ohlLn-m2d71IvBju1QNHH3h4ps.roa
File: 1ohlLn-m2d71IvBju1QNHH3h4ps.roa (raw, json)
Hash identifier: 1eerA7zi1gkFEcPN8Z/bvMMeykQ7YLkUnpCPaPpinkI=
Subject key identifier: D6:88:65:2E:7F:A6:D9:DE:F5:22:F0:63:BB:54:0D:1C:7D:E1:E2:9B
Certificate issuer: /CN=375fc21163596a51472c0ff184a64991dc83a6c1
Certificate serial: 01856CE5F55061387F26C1D85B2D5D7BDE02
Authority key identifier: 37:5F:C2:11:63:59:6A:51:47:2C:0F:F1:84:A6:49:91:DC:83:A6:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1_CEWNZalFHLA_xhKZJkdyDpsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a2d47e-d114-43a1-bdca-59005b2981d3/1/1ohlLn-m2d71IvBju1QNHH3h4ps.roa
Signing time: Sun 01 Jan 2023 10:34:47 +0000
ROA not before: Sun 01 Jan 2023 10:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58169
IP address blocks: 193.0.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e5:f5:50:61:38:7f:26:c1:d8:5b:2d:5d:7b:de:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=375fc21163596a51472c0ff184a64991dc83a6c1
Validity
Not Before: Jan 1 10:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d688652e7fa6d9def522f063bb540d1c7de1e29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:36:a1:73:15:13:67:37:8f:c2:18:11:4a:82:
df:9e:a8:f1:d6:7e:b0:9c:fc:b6:6e:46:b3:08:57:
67:3b:49:04:1c:bf:4e:19:bb:6d:40:a4:bf:a8:7d:
96:5f:f1:32:5b:7f:09:bb:6b:67:54:86:1b:c1:87:
f4:ea:0f:9a:36:76:b7:94:c0:cb:44:98:d5:1a:cb:
89:a6:d7:0a:73:cf:02:9a:6a:95:01:a5:03:45:74:
a7:7d:6a:d9:90:f5:cd:69:eb:b8:ef:c6:cd:1a:20:
7a:f9:32:74:47:72:e2:7f:66:cf:2a:43:cf:c6:3b:
f5:b7:cc:cd:13:6a:4c:56:1f:53:e5:37:4e:71:03:
6f:90:02:38:30:80:2f:f4:b6:43:c0:40:6b:be:8f:
8a:0d:19:bb:b6:bd:7b:95:25:ab:1d:27:53:ea:7a:
f6:89:0e:a1:e6:45:fb:28:7a:c0:37:56:04:0d:6e:
2e:37:d6:07:56:c1:61:f4:01:b9:96:ff:77:85:15:
11:81:07:b8:eb:1d:58:87:c0:a8:71:25:6c:7a:ee:
ca:d2:8e:49:57:1f:b0:46:36:21:c1:28:68:8e:0c:
99:c3:75:49:16:53:7b:2a:16:0d:23:b8:0e:6a:95:
a2:42:3d:f6:4a:3d:e1:e5:35:4e:30:cb:18:cc:92:
54:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:88:65:2E:7F:A6:D9:DE:F5:22:F0:63:BB:54:0D:1C:7D:E1:E2:9B
X509v3 Authority Key Identifier:
keyid:37:5F:C2:11:63:59:6A:51:47:2C:0F:F1:84:A6:49:91:DC:83:A6:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1_CEWNZalFHLA_xhKZJkdyDpsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a2d47e-d114-43a1-bdca-59005b2981d3/1/1ohlLn-m2d71IvBju1QNHH3h4ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a2d47e-d114-43a1-bdca-59005b2981d3/1/N1_CEWNZalFHLA_xhKZJkdyDpsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.156.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:de:df:09:c5:03:37:b7:59:81:d0:e2:21:0c:c1:6e:37:7a:
66:f7:ee:d4:af:31:56:1e:d5:e6:35:cd:7e:3f:84:2e:48:43:
06:96:89:75:93:ee:a8:46:b9:82:b3:99:5e:a6:88:db:2c:ba:
e4:5f:9e:cd:66:ab:33:73:a9:75:28:1d:27:92:0a:71:eb:15:
51:5f:03:cc:58:41:7c:26:7a:93:9f:c1:c6:58:27:7e:9e:a3:
64:b8:e5:a5:eb:7b:6f:ae:1d:59:62:d4:70:79:43:9d:9a:56:
9d:dc:7d:58:80:ef:ed:ef:bc:e0:f2:f5:e9:91:08:7b:30:74:
8c:61:e9:32:e0:df:0a:38:6a:6e:9f:47:c3:ba:5f:8e:93:15:
78:48:0a:d8:a4:d5:93:80:ab:5c:5a:45:5d:18:c5:79:96:78:
4d:89:0e:98:d9:d2:4e:ad:4f:37:c3:0a:73:3f:c6:f8:aa:f1:
3d:5b:b8:1a:17:b3:d9:fa:2b:62:98:10:de:fc:3f:35:64:c2:
bb:96:de:ba:96:a5:71:ec:33:68:bd:a7:ea:3f:64:ff:96:3f:
3e:54:33:30:77:32:80:88:10:b1:62:e2:e4:80:ff:ff:e6:db:
2c:fb:61:ef:d3:1d:0f:dd:95:1e:03:c8:84:4c:86:a8:e2:8a:
20:34:b6:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5fVQYTh/JsHYWy1de94CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NWZjMjExNjM1OTZhNTE0NzJjMGZmMTg0YTY0OTkxZGM4
M2E2YzEwHhcNMjMwMTAxMTAzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjg4NjUyZTdmYTZkOWRlZjUyMmYwNjNiYjU0MGQxYzdkZTFlMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjahcxUTZzePwhgRSoLfnqjx1n6w
nPy2bkazCFdnO0kEHL9OGbttQKS/qH2WX/EyW38Ju2tnVIYbwYf06g+aNna3lMDL
RJjVGsuJptcKc88CmmqVAaUDRXSnfWrZkPXNaeu478bNGiB6+TJ0R3Lif2bPKkPP
xjv1t8zNE2pMVh9T5TdOcQNvkAI4MIAv9LZDwEBrvo+KDRm7tr17lSWrHSdT6nr2
iQ6h5kX7KHrAN1YEDW4uN9YHVsFh9AG5lv93hRURgQe46x1Yh8CocSVseu7K0o5J
Vx+wRjYhwShojgyZw3VJFlN7KhYNI7gOapWiQj32Sj3h5TVOMMsYzJJUhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNaIZS5/ptne9SLwY7tUDRx94eKbMB8GA1UdIwQY
MBaAFDdfwhFjWWpRRywP8YSmSZHcg6bBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFfQ0VXTlphbEZITEFfeGhLWkprZHlEcHNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hMmQ0N2UtZDExNC00M2ExLWJkY2Et
NTkwMDViMjk4MWQzLzEvMW9obExuLW0yZDcxSXZCanUxUU5ISDNoNHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hMmQ0N2UtZDExNC00M2ExLWJkY2EtNTkwMDViMjk4MWQz
LzEvTjFfQ0VXTlphbEZITEFfeGhLWkprZHlEcHNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQCcMA0G
CSqGSIb3DQEBCwUAA4IBAQCz3t8JxQM3t1mB0OIhDMFuN3pm9+7UrzFWHtXmNc1+
P4QuSEMGlol1k+6oRrmCs5lepojbLLrkX57NZqszc6l1KB0nkgpx6xVRXwPMWEF8
JnqTn8HGWCd+nqNkuOWl63tvrh1ZYtRweUOdmlad3H1YgO/t77zg8vXpkQh7MHSM
Yeky4N8KOGpun0fDul+OkxV4SArYpNWTgKtcWkVdGMV5lnhNiQ6Y2dJOrU83wwpz
P8b4qvE9W7gaF7PZ+itimBDe/D81ZMK7lt66lqVx7DNovafqP2T/lj8+VDMwdzKA
iBCxYuLkgP//5tss+2Hv0x0P3ZUeA8iETIao4oogNLbb
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:08 2025 by rpki-client