Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/OWrFdSMr1Rekimga4zpzMJv5sH4.roa
File: OWrFdSMr1Rekimga4zpzMJv5sH4.roa (raw, json)
Hash identifier: kJ/fDwOY4/FriPOHU7cQU7OVaoLpy/TYb1MHf3G6uZ4=
Subject key identifier: 39:6A:C5:75:23:2B:D5:17:A4:8A:68:1A:E3:3A:73:30:9B:F9:B0:7E
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 098A0A44
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/OWrFdSMr1Rekimga4zpzMJv5sH4.roa
Signing time: Sat 01 Jan 2022 04:03:19 +0000
ROA not before: Sat 01 Jan 2022 04:03:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9020
IP address blocks: 153.96.134.0/23 maxlen: 23
153.96.135.0/24 maxlen: 24
153.96.133.0/24 maxlen: 24
2a03:db80:3810::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160041540 (0x98a0a44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 04:03:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=396ac575232bd517a48a681ae33a73309bf9b07e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7e:1f:35:05:21:32:1c:0f:a5:de:36:a3:cc:
7a:fe:51:d6:4a:99:4e:6c:1b:89:01:cc:3a:ae:fc:
d1:7c:03:3c:40:9d:60:24:0c:f2:5b:49:15:07:db:
78:5a:f7:f2:6a:83:71:ea:96:40:dc:ed:3b:c4:cf:
62:78:4c:b0:44:c2:ad:b4:32:db:7c:38:8c:a5:25:
42:4e:9f:e7:78:b4:79:02:af:13:6e:8a:b0:f5:ed:
ef:19:fe:13:c1:a2:bd:72:32:15:31:b7:0e:88:06:
32:a9:af:66:49:2f:5e:a2:f6:f7:7c:50:a1:72:d7:
ae:91:0c:e7:e6:95:93:3a:9e:c2:e7:2a:fd:88:2a:
2c:c7:69:e4:cb:00:51:8c:06:2f:c1:80:6f:14:6d:
ec:b4:51:67:4b:f5:c5:e3:be:5c:aa:c6:99:a8:52:
55:a4:8b:e7:5f:af:59:68:3a:eb:d6:5c:58:71:31:
7f:ac:f3:c8:dd:3e:8a:42:c2:e3:bb:93:ba:ab:4d:
5d:53:3d:1c:a2:6e:82:64:65:a6:24:ed:69:96:a1:
15:97:f9:21:02:8c:73:65:e3:b8:7d:63:34:8a:e5:
e3:c4:ea:b1:51:f0:e1:c3:79:d2:b8:87:3e:b6:2e:
70:eb:f1:72:70:ec:8a:23:70:5c:bf:87:a5:5c:5c:
ef:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6A:C5:75:23:2B:D5:17:A4:8A:68:1A:E3:3A:73:30:9B:F9:B0:7E
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/OWrFdSMr1Rekimga4zpzMJv5sH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.96.133.0-153.96.135.255
IPv6:
2a03:db80:3810::/48
Signature Algorithm: sha256WithRSAEncryption
03:2b:12:5c:eb:a8:55:e2:9a:18:6e:73:53:da:87:e9:ac:10:
65:3a:c8:fb:17:ac:5e:38:84:bf:04:3e:73:1e:d5:2f:e3:25:
03:c2:79:9b:3a:af:7d:75:59:90:53:f4:f4:b1:1e:a7:af:53:
bf:21:5d:09:42:ef:f4:08:a0:8a:78:7d:e5:c1:6d:d0:df:5e:
89:ab:83:13:50:fc:ba:7a:58:4c:04:83:17:b8:15:68:a6:a6:
89:98:61:54:24:99:0b:e3:90:3b:3c:af:7b:52:78:ca:35:65:
21:5a:b1:b9:7e:dc:17:7f:76:e0:c6:2e:1f:cf:ae:b2:19:2b:
89:40:4b:5c:4d:b8:5b:45:a3:ce:c4:6c:d6:9e:82:92:80:bb:
69:f0:4a:e5:5b:64:38:ca:36:6c:84:9b:1c:ab:db:98:f3:56:
fc:5a:41:1c:78:6d:a8:7e:a2:27:56:0b:f6:6a:df:38:2e:25:
9d:35:ad:cc:09:6b:86:8a:7e:01:cb:98:c4:a5:1a:ac:02:33:
be:13:e1:6e:2c:19:1f:ec:6e:20:69:9d:08:87:3a:5d:8d:c9:
b2:8d:a2:f2:24:83:46:be:8d:7e:45:4e:f2:15:cd:55:2c:a8:
fa:c0:2e:ef:6f:f0:bd:c2:3e:c8:bf:c0:d1:61:79:8f:cf:96:
95:2c:3e:c6
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIECYoKRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmE3NTgyNmU5OTEyMjVhNDI5ZmY4YTFlN2ZmZGM4MDQ2NjQyMGRmMB4XDTIyMDEw
MTA0MDMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk2YWM1NzUyMzJi
ZDUxN2E0OGE2ODFhZTMzYTczMzA5YmY5YjA3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANd+HzUFITIcD6XeNqPMev5R1kqZTmwbiQHMOq780XwDPECd
YCQM8ltJFQfbeFr38mqDceqWQNztO8TPYnhMsETCrbQy23w4jKUlQk6f53i0eQKv
E26KsPXt7xn+E8GivXIyFTG3DogGMqmvZkkvXqL293xQoXLXrpEM5+aVkzqewucq
/YgqLMdp5MsAUYwGL8GAbxRt7LRRZ0v1xeO+XKrGmahSVaSL51+vWWg669ZcWHEx
f6zzyN0+ikLC47uTuqtNXVM9HKJugmRlpiTtaZahFZf5IQKMc2XjuH1jNIrl48Tq
sVHw4cN50riHPrYucOvxcnDsiiNwXL+HpVxc72MCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBQ5asV1IyvVF6SKaBrjOnMwm/mwfjAfBgNVHSMEGDAWgBR2p1gm6ZEiWkKf
+KHn/9yARmQg3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RxZFlKdW1SSWxwQ25faWg1X19jZ0Vaa0lOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8x
L09XckZkU01yMVJla2ltZ2E0enB6TUp2NXNINC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8xL2RxZFlKdW1SSWxw
Q25faWg1X19jZ0Vaa0lOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwFAQCAAEwDjAMAwQAmWCFAwQDmWCAMA8EAgACMAkD
BwAqA9uAOBAwDQYJKoZIhvcNAQELBQADggEBAAMrElzrqFXimhhuc1Pah+msEGU6
yPsXrF44hL8EPnMe1S/jJQPCeZs6r311WZBT9PSxHqevU78hXQlC7/QIoIp4feXB
bdDfXomrgxNQ/Lp6WEwEgxe4FWimpomYYVQkmQvjkDs8r3tSeMo1ZSFasbl+3Bd/
duDGLh/PrrIZK4lAS1xNuFtFo87EbNaegpKAu2nwSuVbZDjKNmyEmxyr25jzVvxa
QRx4bah+oidWC/Zq3zguJZ01rcwJa4aKfgHLmMSlGqwCM74T4W4sGR/sbiBpnQiH
Ol2NybKNovIkg0a+jX5FTvIVzVUsqPrALu9v8L3CPsi/wNFheY/PlpUsPsY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:30 2025 by rpki-client