Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/9db4d3-f78d-4430-87c0-6cbd581d317c/1/obCIOIB4E6kL6iLifrTPqch0ezc.roa
File: obCIOIB4E6kL6iLifrTPqch0ezc.roa (raw, json)
Hash identifier: WEC/8sactDNBPQvB/6RpEf8LitxA+S163pr4UWit6Ts=
Subject key identifier: A1:B0:88:38:80:78:13:A9:0B:EA:22:E2:7E:B4:CF:A9:C8:74:7B:37
Certificate issuer: /CN=81bb78be41e48337997c8fe91d8e2f24f7b49eaf
Certificate serial: 01856F26C0DABF2FD9ED68B08F4ACD587EB1
Authority key identifier: 81:BB:78:BE:41:E4:83:37:99:7C:8F:E9:1D:8E:2F:24:F7:B4:9E:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gbt4vkHkgzeZfI_pHY4vJPe0nq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/9db4d3-f78d-4430-87c0-6cbd581d317c/1/obCIOIB4E6kL6iLifrTPqch0ezc.roa
Signing time: Sun 01 Jan 2023 21:04:48 +0000
ROA not before: Sun 01 Jan 2023 21:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44431
IP address blocks: 92.43.224.0/24 maxlen: 24
92.43.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:c0:da:bf:2f:d9:ed:68:b0:8f:4a:cd:58:7e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81bb78be41e48337997c8fe91d8e2f24f7b49eaf
Validity
Not Before: Jan 1 21:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1b08838807813a90bea22e27eb4cfa9c8747b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f5:ad:3f:bb:63:7d:08:4e:82:4c:db:a6:fb:
3a:5c:73:22:f3:2e:e9:99:14:d0:62:c4:a3:08:c3:
81:66:60:c3:81:d5:c2:19:41:af:55:39:d5:56:f6:
d0:02:30:f3:a5:45:9a:b6:90:91:68:c9:1b:51:6f:
ef:4d:6e:06:ee:da:8a:23:37:c2:18:cf:d1:35:86:
04:4b:e6:0f:b5:65:ea:a9:d0:e8:b6:c7:cc:71:94:
83:4a:ca:b8:ce:38:4c:1f:f8:73:2b:76:b8:56:75:
bf:89:0b:0a:e5:88:28:4b:84:11:87:86:03:75:52:
40:bb:f0:46:8b:59:00:1f:13:b1:4e:da:22:f7:89:
5b:b8:87:37:04:b9:b7:7d:82:ed:0f:7d:84:23:84:
8a:a0:3b:79:c6:33:5d:58:3a:0c:43:33:48:fa:69:
90:5c:06:c6:5e:e0:62:b4:2a:aa:fa:b9:3f:0d:e7:
c0:fb:4c:61:3d:25:10:f6:99:45:01:d6:81:6b:13:
15:14:96:6a:45:72:d3:e0:60:fc:7c:9e:d8:e1:b8:
3e:8f:31:7b:93:47:90:47:b8:93:d7:78:80:f0:d4:
f0:0c:85:d3:de:bb:d2:6b:11:ca:9d:7b:22:ee:6a:
8a:1c:df:bd:25:1f:5b:d1:09:88:13:11:f7:3a:3c:
98:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B0:88:38:80:78:13:A9:0B:EA:22:E2:7E:B4:CF:A9:C8:74:7B:37
X509v3 Authority Key Identifier:
keyid:81:BB:78:BE:41:E4:83:37:99:7C:8F:E9:1D:8E:2F:24:F7:B4:9E:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gbt4vkHkgzeZfI_pHY4vJPe0nq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/9db4d3-f78d-4430-87c0-6cbd581d317c/1/obCIOIB4E6kL6iLifrTPqch0ezc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/9db4d3-f78d-4430-87c0-6cbd581d317c/1/gbt4vkHkgzeZfI_pHY4vJPe0nq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.224.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:39:09:07:f1:b7:e8:2f:28:42:1d:10:2a:df:4b:bd:41:43:
b4:ae:7f:28:30:13:05:82:50:07:fb:dd:2a:4a:ae:69:f5:30:
12:6c:7f:8c:81:3d:78:20:ec:9b:e3:b1:4f:85:b2:92:3a:f3:
dd:de:78:98:2c:a1:71:85:66:61:6d:38:17:00:7a:28:30:f4:
98:69:06:fc:ec:b4:0a:91:67:26:e2:4a:3d:35:14:40:f1:08:
38:b6:14:af:01:70:53:bb:bc:b9:7e:79:27:18:39:3d:96:82:
7a:3b:54:92:fb:00:42:bb:b5:60:99:fb:a7:f4:ee:ba:05:f8:
b6:9d:b1:12:41:f3:c4:54:4a:31:b8:65:62:07:1d:13:d0:fa:
e7:c1:cf:9b:d4:79:1f:cd:db:b3:2f:f5:44:b3:7e:1d:83:db:
56:57:15:76:d4:15:ec:98:5d:5f:f8:73:32:a0:cc:82:f1:73:
08:d6:07:0a:43:ed:8f:29:fa:25:02:d7:b1:46:1c:9d:a3:27:
dd:9a:6b:cf:0a:dd:94:29:dd:c5:c3:eb:f4:75:f5:31:31:12:
e9:a1:d8:3a:7f:9f:69:3d:ff:cc:7f:f5:5a:c5:ef:47:f8:95:
44:42:88:bf:b3:fc:10:ca:29:f9:3a:3e:fb:7a:d2:b0:9b:58:
0d:96:93:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJsDavy/Z7Wiwj0rNWH6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYmI3OGJlNDFlNDgzMzc5OTdjOGZlOTFkOGUyZjI0Zjdi
NDllYWYwHhcNMjMwMTAxMjEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWIwODgzODgwNzgxM2E5MGJlYTIyZTI3ZWI0Y2ZhOWM4NzQ3YjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/WtP7tjfQhOgkzbpvs6XHMi8y7p
mRTQYsSjCMOBZmDDgdXCGUGvVTnVVvbQAjDzpUWatpCRaMkbUW/vTW4G7tqKIzfC
GM/RNYYES+YPtWXqqdDotsfMcZSDSsq4zjhMH/hzK3a4VnW/iQsK5YgoS4QRh4YD
dVJAu/BGi1kAHxOxTtoi94lbuIc3BLm3fYLtD32EI4SKoDt5xjNdWDoMQzNI+mmQ
XAbGXuBitCqq+rk/DefA+0xhPSUQ9plFAdaBaxMVFJZqRXLT4GD8fJ7Y4bg+jzF7
k0eQR7iT13iA8NTwDIXT3rvSaxHKnXsi7mqKHN+9JR9b0QmIExH3OjyYPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGwiDiAeBOpC+oi4n60z6nIdHs3MB8GA1UdIwQY
MBaAFIG7eL5B5IM3mXyP6R2OLyT3tJ6vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2J0NHZrSGtnemVaZklfcEhZNHZKUGUwbnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85ZGI0ZDMtZjc4ZC00NDMwLTg3YzAt
NmNiZDU4MWQzMTdjLzEvb2JDSU9JQjRFNmtMNmlMaWZyVFBxY2gwZXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85ZGI0ZDMtZjc4ZC00NDMwLTg3YzAtNmNiZDU4MWQzMTdj
LzEvZ2J0NHZrSGtnemVaZklfcEhZNHZKUGUwbnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXCvgMA0G
CSqGSIb3DQEBCwUAA4IBAQBrOQkH8bfoLyhCHRAq30u9QUO0rn8oMBMFglAH+90q
Sq5p9TASbH+MgT14IOyb47FPhbKSOvPd3niYLKFxhWZhbTgXAHooMPSYaQb87LQK
kWcm4ko9NRRA8Qg4thSvAXBTu7y5fnknGDk9loJ6O1SS+wBCu7Vgmfun9O66Bfi2
nbESQfPEVEoxuGViBx0T0Prnwc+b1HkfzduzL/VEs34dg9tWVxV21BXsmF1f+HMy
oMyC8XMI1gcKQ+2PKfolAtexRhydoyfdmmvPCt2UKd3Fw+v0dfUxMRLpodg6f59p
Pf/Mf/Vaxe9H+JVEQoi/s/wQyin5Oj77etKwm1gNlpNG
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:43:18 2025 by rpki-client