Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/OsQIZadal-klf040UDnqwNm7xas.roa
File: OsQIZadal-klf040UDnqwNm7xas.roa (raw, json)
Hash identifier: EOiLjBmY2i1H+i2qFuWf5wVQBzrk3aCoRu4X/toF13M=
Subject key identifier: 3A:C4:08:65:A7:5A:97:E9:25:7F:4E:34:50:39:EA:C0:D9:BB:C5:AB
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 018917C5A4390E5AC2D08BCE81934E4D8299
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/OsQIZadal-klf040UDnqwNm7xas.roa
Signing time: Sun 02 Jul 2023 18:02:55 +0000
ROA not before: Sun 02 Jul 2023 18:02:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 217.113.22.0/23 maxlen: 23
217.113.18.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:17:c5:a4:39:0e:5a:c2:d0:8b:ce:81:93:4e:4d:82:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Jul 2 18:02:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ac40865a75a97e9257f4e345039eac0d9bbc5ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:80:97:ad:23:08:3f:33:a6:dc:25:d3:7d:da:
60:09:9d:58:7d:1d:cc:c7:a2:12:c5:34:79:bc:08:
e3:c2:cc:32:38:b2:1c:80:b8:84:e4:0d:f6:79:5a:
f5:26:5e:5d:af:07:e5:31:a5:15:5d:15:8f:6b:3e:
6c:57:f9:ad:b3:53:fb:cf:1e:69:56:90:a1:60:68:
c9:ef:04:68:e6:2f:09:a6:9a:b5:ec:8a:e0:40:b0:
71:3d:d5:5f:c0:5b:da:74:77:a3:33:b9:b3:75:08:
4b:5d:c6:59:c5:9f:c3:ae:f1:40:3f:7a:ac:17:f0:
03:5d:0e:fb:54:f6:fa:b3:f4:81:66:10:fe:28:67:
bd:d6:6c:87:65:c2:ff:c9:b7:e4:a8:f8:b3:f1:ca:
ca:0a:c0:1c:5c:3c:7c:0c:66:a4:02:84:a4:2a:ee:
74:d7:6f:0b:34:c8:04:2e:57:31:19:ed:cf:6b:36:
26:fa:ad:86:6b:c1:21:8d:bf:dc:8e:52:b0:93:26:
6c:38:65:e0:9a:01:ff:8c:d5:d7:af:08:1a:0c:1b:
9d:85:f0:e3:e5:01:94:5c:7e:fb:4c:0c:7a:95:aa:
36:4e:bf:4f:7f:8d:7e:86:89:2a:0b:19:04:35:97:
62:ee:0d:ae:9c:0d:86:42:07:85:f9:8c:10:ab:10:
72:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C4:08:65:A7:5A:97:E9:25:7F:4E:34:50:39:EA:C0:D9:BB:C5:AB
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/OsQIZadal-klf040UDnqwNm7xas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.18.0/23
217.113.22.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:ea:87:a5:a1:c0:c4:7f:fc:fd:22:4d:a8:00:f3:c9:3c:c2:
61:3c:74:9b:8b:c9:55:58:c1:f3:3b:f9:1a:8b:48:f7:93:45:
b7:ce:63:af:e5:4f:89:19:f0:bf:67:40:96:f7:5f:2c:38:09:
06:51:2b:2c:2e:2b:f5:82:76:47:62:7c:e1:49:cd:2f:69:f0:
a4:de:fa:9e:ab:9b:bc:0f:a7:f0:9d:ef:bf:81:67:53:62:01:
f7:06:d0:cc:22:e8:4a:a2:6d:d4:2a:5c:71:a8:ee:e3:56:d8:
0e:ce:66:7b:e8:bf:a2:2c:81:73:d8:7e:a6:64:ba:b6:e9:72:
8e:b9:53:93:1f:f7:22:60:6d:46:17:68:88:b4:40:bb:d1:62:
76:05:e2:85:c0:43:0b:04:ff:2a:1f:6f:3f:57:e5:02:8f:52:
af:d9:d1:d5:11:17:b7:3c:a6:5d:16:9e:58:16:a9:9d:8e:f7:
cb:2a:65:cd:a0:1b:dd:a8:0e:60:3c:48:46:e9:64:1e:38:10:
97:7c:4c:ac:96:67:ca:df:13:97:9e:e1:82:97:89:80:e9:86:
1e:03:40:78:b0:ac:25:06:50:68:90:75:98:c1:e3:de:11:b6:
3a:30:77:c9:a7:3e:63:c4:3f:6b:77:b0:ad:1c:e7:34:46:42:
6b:19:c2:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkXxaQ5DlrC0IvOgZNOTYKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjMwNzAyMTgwMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWM0MDg2NWE3NWE5N2U5MjU3ZjRlMzQ1MDM5ZWFjMGQ5YmJjNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhICXrSMIPzOm3CXTfdpgCZ1YfR3M
x6ISxTR5vAjjwswyOLIcgLiE5A32eVr1Jl5drwflMaUVXRWPaz5sV/mts1P7zx5p
VpChYGjJ7wRo5i8Jppq17IrgQLBxPdVfwFvadHejM7mzdQhLXcZZxZ/DrvFAP3qs
F/ADXQ77VPb6s/SBZhD+KGe91myHZcL/ybfkqPiz8crKCsAcXDx8DGakAoSkKu50
128LNMgELlcxGe3PazYm+q2Ga8Ehjb/cjlKwkyZsOGXgmgH/jNXXrwgaDBudhfDj
5QGUXH77TAx6lao2Tr9Pf41+hokqCxkENZdi7g2unA2GQgeF+YwQqxByaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDrECGWnWpfpJX9ONFA56sDZu8WrMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvT3NRSVphZGFsLWtsZjA0MFVEbnF3Tm03eGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB2XESAwQB
2XEWMA0GCSqGSIb3DQEBCwUAA4IBAQCy6oelocDEf/z9Ik2oAPPJPMJhPHSbi8lV
WMHzO/kai0j3k0W3zmOv5U+JGfC/Z0CW918sOAkGUSssLiv1gnZHYnzhSc0vafCk
3vqeq5u8D6fwne+/gWdTYgH3BtDMIuhKom3UKlxxqO7jVtgOzmZ76L+iLIFz2H6m
ZLq26XKOuVOTH/ciYG1GF2iItEC70WJ2BeKFwEMLBP8qH28/V+UCj1Kv2dHVERe3
PKZdFp5YFqmdjvfLKmXNoBvdqA5gPEhG6WQeOBCXfEyslmfK3xOXnuGCl4mA6YYe
A0B4sKwlBlBokHWYwePeEbY6MHfJpz5jxD9rd7CtHOc0RkJrGcLh
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:58:14 2025 by rpki-client