Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/d21e02-54b7-49de-b15f-729298212f54/1/oOlZt6Cb5Q3EPxfE8ArVJbYDnmE.roa
File: oOlZt6Cb5Q3EPxfE8ArVJbYDnmE.roa (raw, json)
Hash identifier: 64B6YWUsflRmqhmXwXhBRMoYh3dwOjUIWUOwGH6vRfM=
Subject key identifier: A0:E9:59:B7:A0:9B:E5:0D:C4:3F:17:C4:F0:0A:D5:25:B6:03:9E:61
Certificate issuer: /CN=9135be8ef0dce9d1e67071ab7cb07cf50d53f617
Certificate serial: 0187BF8DEA43177DC117129579EEE6A73459
Authority key identifier: 91:35:BE:8E:F0:DC:E9:D1:E6:70:71:AB:7C:B0:7C:F5:0D:53:F6:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTW-jvDc6dHmcHGrfLB89Q1T9hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/d21e02-54b7-49de-b15f-729298212f54/1/oOlZt6Cb5Q3EPxfE8ArVJbYDnmE.roa
Signing time: Wed 26 Apr 2023 21:52:41 +0000
ROA not before: Wed 26 Apr 2023 21:52:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42359
IP address blocks: 194.0.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bf:8d:ea:43:17:7d:c1:17:12:95:79:ee:e6:a7:34:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9135be8ef0dce9d1e67071ab7cb07cf50d53f617
Validity
Not Before: Apr 26 21:52:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0e959b7a09be50dc43f17c4f00ad525b6039e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:20:61:3c:d7:2b:c6:16:53:3e:2f:86:9e:41:
e5:d6:f7:ce:29:f7:49:97:ed:0c:5e:92:77:8b:ad:
96:e7:70:b3:95:fe:93:85:6d:bf:83:ce:a5:bd:a9:
30:92:a1:06:e2:f5:da:23:0a:7f:1d:88:ae:b1:88:
8c:2a:be:cd:f3:6d:56:4b:60:49:00:ee:61:47:ee:
f2:a3:d3:43:a2:53:5d:a5:f9:70:c1:4f:c1:ca:4c:
0c:b1:4e:33:fb:7b:d6:55:9d:9e:8e:a1:9b:f5:e6:
57:b5:55:aa:c4:f6:eb:f1:ac:a2:5d:68:e0:f6:52:
a2:ff:82:25:e1:b1:37:ec:8d:b7:b6:ef:26:82:4d:
8e:15:f6:9b:cf:00:6e:9a:7b:0f:6e:a5:f9:20:9c:
f9:d2:4b:bb:5e:42:54:af:3a:90:b6:14:ff:a9:67:
a5:9e:c5:32:75:f2:e8:e3:a6:36:a8:35:5c:08:ef:
9f:15:54:96:54:b6:bd:96:36:64:91:85:1a:ff:8f:
01:9b:ad:56:b1:39:10:cf:3a:1b:d9:4a:6c:91:13:
ae:7e:10:4e:0e:c1:23:ac:eb:f5:3a:8c:b3:50:e6:
90:aa:57:da:5a:01:f7:e4:fb:88:db:83:48:ff:e0:
80:62:f8:ae:22:10:19:9f:bd:13:23:7a:bf:db:a2:
a6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E9:59:B7:A0:9B:E5:0D:C4:3F:17:C4:F0:0A:D5:25:B6:03:9E:61
X509v3 Authority Key Identifier:
keyid:91:35:BE:8E:F0:DC:E9:D1:E6:70:71:AB:7C:B0:7C:F5:0D:53:F6:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTW-jvDc6dHmcHGrfLB89Q1T9hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d21e02-54b7-49de-b15f-729298212f54/1/oOlZt6Cb5Q3EPxfE8ArVJbYDnmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d21e02-54b7-49de-b15f-729298212f54/1/kTW-jvDc6dHmcHGrfLB89Q1T9hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.214.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:0c:d7:6f:21:84:19:3b:95:e2:ff:7b:50:40:02:b9:24:8d:
8f:a4:c8:df:97:8d:15:dc:13:3f:8a:86:a1:f9:cd:24:cf:02:
9e:b5:f1:05:a5:39:06:d8:95:47:cc:5d:04:21:87:b9:7d:ff:
da:5c:7d:c5:97:aa:2b:9a:57:52:a0:6c:2e:b9:03:f6:a7:6e:
be:6c:e2:19:a9:e7:a4:39:7c:68:e6:4e:1e:52:a9:85:12:18:
67:49:07:33:07:6d:1f:31:52:00:35:67:e9:9f:cf:c3:ed:51:
54:16:92:05:3c:f7:8e:b7:58:47:3f:69:78:69:75:3c:d3:fc:
7d:76:86:80:25:63:73:70:70:41:b6:49:dc:3d:98:74:09:ae:
76:29:a4:3b:d2:31:73:a9:d4:5e:7c:19:4a:e8:e2:9c:bb:10:
f4:83:e0:91:eb:26:c4:17:c4:c1:60:80:ab:68:31:42:48:98:
a7:a7:21:9a:25:26:fb:8d:46:51:a4:71:7b:1a:2a:df:26:be:
27:c5:72:71:e2:a0:3a:40:da:90:70:5c:b3:59:4d:f7:b6:74:
d3:a9:74:f1:f3:2e:08:69:6e:d4:b1:b6:6f:69:d6:a8:ce:29:
42:9b:99:75:5f:3a:95:f5:09:03:18:a9:18:08:e2:68:81:6d:
2c:aa:f6:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe/jepDF33BFxKVee7mpzRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzViZThlZjBkY2U5ZDFlNjcwNzFhYjdjYjA3Y2Y1MGQ1
M2Y2MTcwHhcNMjMwNDI2MjE1MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGU5NTliN2EwOWJlNTBkYzQzZjE3YzRmMDBhZDUyNWI2MDM5ZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiBhPNcrxhZTPi+GnkHl1vfOKfdJ
l+0MXpJ3i62W53Czlf6ThW2/g86lvakwkqEG4vXaIwp/HYiusYiMKr7N821WS2BJ
AO5hR+7yo9NDolNdpflwwU/BykwMsU4z+3vWVZ2ejqGb9eZXtVWqxPbr8ayiXWjg
9lKi/4Il4bE37I23tu8mgk2OFfabzwBumnsPbqX5IJz50ku7XkJUrzqQthT/qWel
nsUydfLo46Y2qDVcCO+fFVSWVLa9ljZkkYUa/48Bm61WsTkQzzob2UpskROufhBO
DsEjrOv1OoyzUOaQqlfaWgH35PuI24NI/+CAYviuIhAZn70TI3q/26Km7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDpWbegm+UNxD8XxPAK1SW2A55hMB8GA1UdIwQY
MBaAFJE1vo7w3OnR5nBxq3ywfPUNU/YXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RXLWp2RGM2ZEhtY0hHcmZMQjg5UTFUOWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9kMjFlMDItNTRiNy00OWRlLWIxNWYt
NzI5Mjk4MjEyZjU0LzEvb09sWnQ2Q2I1UTNFUHhmRThBclZKYllEbm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9kMjFlMDItNTRiNy00OWRlLWIxNWYtNzI5Mjk4MjEyZjU0
LzEva1RXLWp2RGM2ZEhtY0hHcmZMQjg5UTFUOWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDWMA0G
CSqGSIb3DQEBCwUAA4IBAQC7DNdvIYQZO5Xi/3tQQAK5JI2PpMjfl40V3BM/ioah
+c0kzwKetfEFpTkG2JVHzF0EIYe5ff/aXH3Fl6ormldSoGwuuQP2p26+bOIZqeek
OXxo5k4eUqmFEhhnSQczB20fMVIANWfpn8/D7VFUFpIFPPeOt1hHP2l4aXU80/x9
doaAJWNzcHBBtkncPZh0Ca52KaQ70jFzqdRefBlK6OKcuxD0g+CR6ybEF8TBYICr
aDFCSJinpyGaJSb7jUZRpHF7GirfJr4nxXJx4qA6QNqQcFyzWU33tnTTqXTx8y4I
aW7UsbZvadaozilCm5l1XzqV9QkDGKkYCOJogW0sqvag
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:12 2025 by rpki-client