Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/oePp4N6f888ESVlxWQA1lqO46H4.roa
File: oePp4N6f888ESVlxWQA1lqO46H4.roa (raw, json)
Hash identifier: nynPSP43x5btPdAbNr/FYcDBelGphwdPsliG190Ky54=
Subject key identifier: A1:E3:E9:E0:DE:9F:F3:CF:04:49:59:71:59:00:35:96:A3:B8:E8:7E
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 0185108114E0E4B9DC5C9E67D1CF82C44855
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/oePp4N6f888ESVlxWQA1lqO46H4.roa
Signing time: Wed 14 Dec 2022 11:59:33 +0000
ROA not before: Wed 14 Dec 2022 11:59:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43073
IP address blocks: 195.136.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:10:81:14:e0:e4:b9:dc:5c:9e:67:d1:cf:82:c4:48:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Dec 14 11:59:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1e3e9e0de9ff3cf0449597159003596a3b8e87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b6:cb:61:ef:e5:50:47:79:34:96:60:2b:98:
3b:1c:3d:a2:2d:6f:c0:08:ac:cf:ca:86:84:cd:a8:
51:39:0a:56:83:a4:3d:be:36:e2:29:bd:08:33:8e:
3c:78:26:d2:bc:6a:82:78:f3:96:fe:d6:76:33:6c:
9d:b6:58:06:18:3d:ae:92:52:76:f6:31:49:d9:6d:
97:35:e8:be:16:c5:c2:4e:42:90:eb:b9:fd:a9:8d:
01:1c:b4:4e:cd:48:4a:2e:bf:24:07:3c:07:1d:58:
6b:7c:94:4c:2e:5a:59:78:fd:d5:8d:a0:96:5e:a7:
72:aa:b9:9f:38:cd:2e:b1:53:2e:a8:23:5e:28:57:
12:a5:93:9f:4b:c2:9d:de:7f:24:79:71:93:28:40:
9a:35:ec:56:1e:b3:40:47:d3:14:c5:24:08:d0:38:
72:a3:c2:51:68:e0:55:cf:d7:ba:d6:00:27:3d:c1:
75:62:a7:e6:2a:a6:1a:e7:ff:f1:f9:25:b2:8f:84:
1e:8a:75:71:20:b2:f1:08:e5:57:f9:0c:50:ae:4f:
73:42:8c:cf:e5:d4:9e:11:c4:5e:3d:b1:61:0c:5e:
44:f8:a6:0f:8d:bc:a7:aa:ae:3c:bb:a9:73:20:e6:
26:7b:2e:9c:fe:87:2c:fd:af:1a:70:53:86:98:9b:
2b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E3:E9:E0:DE:9F:F3:CF:04:49:59:71:59:00:35:96:A3:B8:E8:7E
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/oePp4N6f888ESVlxWQA1lqO46H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.104.0/24
Signature Algorithm: sha256WithRSAEncryption
53:fb:d7:cc:b2:15:65:ce:8e:f1:0e:e5:c8:e1:df:bf:1b:28:
06:fe:c9:81:0f:c0:a7:d8:48:03:a9:77:01:78:df:19:9d:b1:
12:e6:4d:74:9c:5e:a8:6c:e6:b7:c3:4d:7a:f4:61:ba:88:b2:
8e:f3:e4:72:18:97:0b:a4:07:d4:11:d2:cc:a1:9f:ec:df:7f:
4e:fe:d8:6b:dd:3d:dc:9b:71:79:5d:65:6b:12:19:01:10:33:
94:e3:01:b6:84:d1:0a:72:bf:c2:52:d9:1c:ec:8d:2f:f2:5c:
fe:bb:fe:59:23:27:4c:77:28:ca:f4:33:41:10:8e:3d:12:99:
d4:a1:62:74:0b:98:7b:55:dc:6f:a6:60:77:ed:22:cc:79:cb:
c2:ec:0b:38:ab:19:a6:9c:18:3f:01:2f:10:ff:8c:05:26:b6:
c2:29:37:3a:cd:16:47:54:b1:59:e6:44:05:52:5f:09:08:43:
e3:08:86:44:3d:f0:ed:87:a2:3b:4c:39:e8:1b:61:74:06:00:
e5:f0:4e:56:63:77:b1:5e:1c:94:65:bf:30:09:cd:2d:89:ce:
e1:b7:c7:48:dd:f5:fc:77:44:e9:56:f9:ac:5c:ef:15:a9:7d:
c5:c9:87:57:c8:0d:c9:31:97:6a:99:77:be:0f:21:e1:4e:63:
dc:dd:56:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUQgRTg5LncXJ5n0c+CxEhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjIxMjE0MTE1OTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWUzZTllMGRlOWZmM2NmMDQ0OTU5NzE1OTAwMzU5NmEzYjhlODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7bLYe/lUEd5NJZgK5g7HD2iLW/A
CKzPyoaEzahROQpWg6Q9vjbiKb0IM448eCbSvGqCePOW/tZ2M2ydtlgGGD2uklJ2
9jFJ2W2XNei+FsXCTkKQ67n9qY0BHLROzUhKLr8kBzwHHVhrfJRMLlpZeP3VjaCW
XqdyqrmfOM0usVMuqCNeKFcSpZOfS8Kd3n8keXGTKECaNexWHrNAR9MUxSQI0Dhy
o8JRaOBVz9e61gAnPcF1YqfmKqYa5//x+SWyj4QeinVxILLxCOVX+QxQrk9zQozP
5dSeEcRePbFhDF5E+KYPjbynqq48u6lzIOYmey6c/ocs/a8acFOGmJsrpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHj6eDen/PPBElZcVkANZajuOh+MB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvb2VQcDRONmY4ODhFU1ZseFdRQTFscU80Nkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4hoMA0G
CSqGSIb3DQEBCwUAA4IBAQBT+9fMshVlzo7xDuXI4d+/GygG/smBD8Cn2EgDqXcB
eN8ZnbES5k10nF6obOa3w0169GG6iLKO8+RyGJcLpAfUEdLMoZ/s339O/thr3T3c
m3F5XWVrEhkBEDOU4wG2hNEKcr/CUtkc7I0v8lz+u/5ZIydMdyjK9DNBEI49EpnU
oWJ0C5h7VdxvpmB37SLMecvC7As4qxmmnBg/AS8Q/4wFJrbCKTc6zRZHVLFZ5kQF
Ul8JCEPjCIZEPfDth6I7TDnoG2F0BgDl8E5WY3exXhyUZb8wCc0tic7ht8dI3fX8
d0TpVvmsXO8VqX3FyYdXyA3JMZdqmXe+DyHhTmPc3Vaa
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:42 2025 by rpki-client