Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/Owsq3Y-3jG2eOWD7a3U2Gp7vBEM.roa
File: Owsq3Y-3jG2eOWD7a3U2Gp7vBEM.roa (raw, json)
Hash identifier: /e9DZYuRSzaLrAvnBQsCdUWUaKMZkJRtFj5EYEW7YeA=
Subject key identifier: 3B:0B:2A:DD:8F:B7:8C:6D:9E:39:60:FB:6B:75:36:1A:9E:EF:04:43
Certificate issuer: /CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Certificate serial: 0185708CBF04E2594FAB9CCDFF79AF6C1878
Authority key identifier: D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/Owsq3Y-3jG2eOWD7a3U2Gp7vBEM.roa
Signing time: Mon 02 Jan 2023 03:35:50 +0000
ROA not before: Mon 02 Jan 2023 03:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29601
IP address blocks: 193.24.64.0/24 maxlen: 24
193.24.67.0/24 maxlen: 24
193.24.71.0/24 maxlen: 24
193.24.70.0/24 maxlen: 24
139.123.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:bf:04:e2:59:4f:ab:9c:cd:ff:79:af:6c:18:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Validity
Not Before: Jan 2 03:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b0b2add8fb78c6d9e3960fb6b75361a9eef0443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bc:03:f4:9f:38:20:87:3c:d1:83:c0:40:89:
77:d3:8d:55:83:fe:f4:81:7f:0a:9a:ae:8b:0b:76:
d2:43:8e:1e:81:6d:e1:26:3f:98:98:89:68:bd:b7:
02:65:6e:d7:0e:af:ba:d4:a8:ef:70:c0:08:7f:6f:
ed:8d:cb:4a:fb:61:a1:f3:33:7a:d5:7a:1c:0c:b3:
ab:e3:ce:2b:72:16:b4:60:bf:f7:a8:44:b8:ff:f3:
aa:23:bb:b3:67:60:d7:21:c4:a3:cb:ad:91:85:1d:
34:a2:31:cc:b9:fd:f5:42:9c:01:97:11:ff:fb:86:
16:77:07:04:5e:c6:d6:b6:c1:e2:fb:d2:04:35:f2:
91:ca:9f:1f:f2:3a:b2:10:9c:1e:f2:a4:a8:68:40:
9f:c5:96:fb:37:c6:68:a0:eb:8b:43:52:0c:36:12:
ed:2d:7c:d6:d8:55:68:02:c4:c2:b9:c3:8c:5e:5a:
97:a8:de:aa:b0:95:76:29:74:cb:d3:e4:c4:bf:b1:
cc:68:fe:43:fb:aa:48:50:fd:1e:84:c5:63:e1:ba:
b9:2a:c4:4c:1a:6a:ae:6f:49:fb:f1:a9:22:d9:99:
98:b9:48:8c:cc:be:3e:19:43:be:b1:7d:27:8e:18:
82:59:26:2c:68:04:49:ad:61:90:f8:2e:af:23:8e:
49:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0B:2A:DD:8F:B7:8C:6D:9E:39:60:FB:6B:75:36:1A:9E:EF:04:43
X509v3 Authority Key Identifier:
keyid:D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/Owsq3Y-3jG2eOWD7a3U2Gp7vBEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/2HcqrBtiuH1rAdV6GgCmpyuKfaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.123.224.0/24
193.24.64.0/24
193.24.67.0/24
193.24.70.0/23
Signature Algorithm: sha256WithRSAEncryption
33:2d:e2:70:15:27:06:10:c6:d6:27:6e:8b:da:84:59:69:3e:
f2:bd:b2:3f:0d:9c:46:b1:4a:5d:5e:ff:c8:8d:ad:97:d5:a0:
3d:a3:28:9c:a9:5a:64:87:bb:88:42:8d:be:34:a4:cb:be:28:
5d:b7:76:13:aa:47:67:96:7a:3a:47:2c:ab:f6:a7:20:56:a4:
46:25:d5:b0:1a:23:83:ec:5e:c2:80:45:3e:66:ee:7a:46:50:
7b:5e:41:ee:ad:c1:04:49:c9:d5:07:34:3a:ca:d0:c6:af:96:
17:ee:9c:2f:f7:f1:8b:ee:38:b3:99:cc:26:5d:2a:d4:1b:13:
a7:1e:78:97:95:b6:e3:ce:d2:72:96:3c:25:68:b0:e4:50:21:
23:5f:7f:85:97:2a:60:a2:df:1a:a5:7e:63:90:04:67:ac:a1:
c9:ce:87:5d:6c:9e:aa:90:a7:68:b1:f9:96:15:c8:b0:80:02:
df:80:ba:49:b1:6d:df:af:b4:9f:00:03:2f:96:d2:13:21:80:
84:ad:02:73:f4:d1:46:c5:99:64:b8:89:fd:5f:5f:f5:50:c3:
01:5d:49:ab:b0:cf:82:c5:fb:30:9d:13:ed:f0:ef:ad:e4:23:
b8:ea:a3:95:52:91:a7:64:4e:08:1c:cc:37:1e:19:c2:d8:05:
7d:2a:4f:6a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwjL8E4llPq5zN/3mvbBh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzcyYWFjMWI2MmI4N2Q2YjAxZDU3YTFhMDBhNmE3MmI4
YTdkYTYwHhcNMjMwMTAyMDMzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjBiMmFkZDhmYjc4YzZkOWUzOTYwZmI2Yjc1MzYxYTllZWYwNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbwD9J84IIc80YPAQIl3041Vg/70
gX8Kmq6LC3bSQ44egW3hJj+YmIlovbcCZW7XDq+61KjvcMAIf2/tjctK+2Gh8zN6
1XocDLOr484rcha0YL/3qES4//OqI7uzZ2DXIcSjy62RhR00ojHMuf31QpwBlxH/
+4YWdwcEXsbWtsHi+9IENfKRyp8f8jqyEJwe8qSoaECfxZb7N8ZooOuLQ1IMNhLt
LXzW2FVoAsTCucOMXlqXqN6qsJV2KXTL0+TEv7HMaP5D+6pIUP0ehMVj4bq5KsRM
Gmqub0n78aki2ZmYuUiMzL4+GUO+sX0njhiCWSYsaARJrWGQ+C6vI45JjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDsLKt2Pt4xtnjlg+2t1Nhqe7wRDMB8GA1UdIwQY
MBaAFNh3KqwbYrh9awHVehoApqcrin2mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhjcXJCdGl1SDFyQWRWNkdnQ21weXVLZmFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82MTZhNTgtNTM0Mi00MzJjLWE5YzUt
MzMzYmVlY2ZmNmY0LzEvT3dzcTNZLTNqRzJlT1dEN2EzVTJHcDd2QkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82MTZhNTgtNTM0Mi00MzJjLWE5YzUtMzMzYmVlY2ZmNmY0
LzEvMkhjcXJCdGl1SDFyQWRWNkdnQ21weXVLZmFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAi3vgAwQA
wRhAAwQAwRhDAwQBwRhGMA0GCSqGSIb3DQEBCwUAA4IBAQAzLeJwFScGEMbWJ26L
2oRZaT7yvbI/DZxGsUpdXv/Ija2X1aA9oyicqVpkh7uIQo2+NKTLvihdt3YTqkdn
lno6Ryyr9qcgVqRGJdWwGiOD7F7CgEU+Zu56RlB7XkHurcEEScnVBzQ6ytDGr5YX
7pwv9/GL7jizmcwmXSrUGxOnHniXlbbjztJyljwlaLDkUCEjX3+Flypgot8apX5j
kARnrKHJzoddbJ6qkKdosfmWFciwgALfgLpJsW3fr7SfAAMvltITIYCErQJz9NFG
xZlkuIn9X1/1UMMBXUmrsM+CxfswnRPt8O+t5CO46qOVUpGnZE4IHMw3HhnC2AV9
Kk9q
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:05 2025 by rpki-client