Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ohF6JgzVgQbNyQABfHbOgCBXDVk.roa
File: ohF6JgzVgQbNyQABfHbOgCBXDVk.roa (raw, json)
Hash identifier: GhmdCSGHVb7A0BkOF+vHpOEWTJM/XH8lrVHkqg/yRlo=
Subject key identifier: A2:11:7A:26:0C:D5:81:06:CD:C9:00:01:7C:76:CE:80:20:57:0D:59
Certificate issuer: /CN=89e21a2b8a25b971bdb741a0aae325992304194e
Certificate serial: 01856C0131D233D772A4E9958F22A0DA9F0A
Authority key identifier: 89:E2:1A:2B:8A:25:B9:71:BD:B7:41:A0:AA:E3:25:99:23:04:19:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ieIaK4oluXG9t0GgquMlmSMEGU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ohF6JgzVgQbNyQABfHbOgCBXDVk.roa
Signing time: Sun 01 Jan 2023 06:24:55 +0000
ROA not before: Sun 01 Jan 2023 06:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207590
IP address blocks: 193.25.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:31:d2:33:d7:72:a4:e9:95:8f:22:a0:da:9f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89e21a2b8a25b971bdb741a0aae325992304194e
Validity
Not Before: Jan 1 06:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2117a260cd58106cdc900017c76ce8020570d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f2:8c:3f:b5:59:6a:4c:82:00:1e:f3:3d:cc:
dc:bc:da:f5:be:ec:7f:c9:5f:c1:26:e0:d7:c8:ac:
7e:bf:0e:22:73:5b:76:1a:83:d2:13:83:f8:69:59:
b5:24:1f:97:4b:5c:4a:30:5c:67:d7:31:09:cb:3f:
44:45:6e:3e:4c:01:e6:17:b7:75:6a:a3:51:29:bc:
8e:ed:9c:0e:14:af:5a:3b:23:8b:91:ac:2b:43:62:
61:32:f3:a4:63:46:db:eb:3d:bc:f6:dc:63:8a:87:
41:a5:db:b5:d0:b9:21:08:4b:91:93:74:34:e3:32:
f8:f3:8b:68:fb:35:00:6c:32:fc:97:05:4e:51:4b:
94:9b:57:2b:be:d5:a7:8e:89:20:08:49:d9:d1:dc:
14:f5:0f:98:fd:9f:12:19:c1:f7:05:22:9c:71:01:
e9:05:56:b6:bd:4b:b9:a9:7d:21:2c:f4:2b:d9:48:
32:48:06:4e:70:23:ba:89:ed:36:47:e6:aa:ea:4c:
56:7f:d4:80:8d:9c:fb:1a:55:81:4f:80:d3:5e:1e:
ee:e9:97:13:34:e5:2e:eb:85:9d:e0:f4:18:32:01:
12:5e:3a:c6:15:38:1c:92:4d:b3:f8:0c:e6:61:48:
5f:3c:f9:ca:01:b7:2c:54:bf:cf:df:b5:a4:a0:1b:
71:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:11:7A:26:0C:D5:81:06:CD:C9:00:01:7C:76:CE:80:20:57:0D:59
X509v3 Authority Key Identifier:
keyid:89:E2:1A:2B:8A:25:B9:71:BD:B7:41:A0:AA:E3:25:99:23:04:19:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ieIaK4oluXG9t0GgquMlmSMEGU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ohF6JgzVgQbNyQABfHbOgCBXDVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ieIaK4oluXG9t0GgquMlmSMEGU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.252.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:c0:fa:95:84:81:21:85:34:0f:2e:45:2b:68:ff:14:f8:0e:
6f:b4:c0:fa:de:11:e2:d5:71:8d:61:3e:c1:ae:ab:ac:70:f6:
85:1a:d1:97:46:82:9f:54:7b:60:fd:82:09:01:32:f2:94:3b:
fa:ec:2c:4d:a7:a2:c0:4c:ab:5f:7e:96:b9:65:f5:95:e3:39:
87:8e:47:42:79:fe:a1:4d:c6:34:02:48:f5:c3:ed:a1:f8:03:
4d:33:e4:36:77:69:a0:73:1d:ae:06:2c:bd:0d:50:04:8c:c7:
47:7c:dd:4d:44:80:b2:d3:37:92:b0:80:36:15:c2:0b:82:63:
76:f1:6b:0f:d0:ed:42:49:a6:e0:5c:dd:5f:dd:32:5b:2d:91:
e1:89:15:2e:65:8d:20:c0:dc:d9:e2:f5:65:87:6f:2f:6b:8f:
21:6f:e7:30:46:8b:e6:3f:85:55:a1:af:49:cd:67:31:c5:cc:
47:ab:36:ef:2b:87:4e:3d:16:75:ee:be:fa:bc:67:6a:09:82:
e2:9e:fd:b7:ec:35:63:99:da:2f:6f:df:a2:dc:ae:c6:b6:23:
07:6a:23:77:c8:6e:18:9d:38:45:8d:c6:83:79:ef:63:4a:ac:
fd:c5:63:bd:58:8e:b5:d0:6d:41:81:b9:b2:fd:90:7b:84:c8:
1d:f6:3f:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsATHSM9dypOmVjyKg2p8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZTIxYTJiOGEyNWI5NzFiZGI3NDFhMGFhZTMyNTk5MjMw
NDE5NGUwHhcNMjMwMTAxMDYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjExN2EyNjBjZDU4MTA2Y2RjOTAwMDE3Yzc2Y2U4MDIwNTcwZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/KMP7VZakyCAB7zPczcvNr1vux/
yV/BJuDXyKx+vw4ic1t2GoPSE4P4aVm1JB+XS1xKMFxn1zEJyz9ERW4+TAHmF7d1
aqNRKbyO7ZwOFK9aOyOLkawrQ2JhMvOkY0bb6z289txjiodBpdu10LkhCEuRk3Q0
4zL484to+zUAbDL8lwVOUUuUm1crvtWnjokgCEnZ0dwU9Q+Y/Z8SGcH3BSKccQHp
BVa2vUu5qX0hLPQr2UgySAZOcCO6ie02R+aq6kxWf9SAjZz7GlWBT4DTXh7u6ZcT
NOUu64Wd4PQYMgESXjrGFTgckk2z+AzmYUhfPPnKAbcsVL/P37WkoBtx6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKIReiYM1YEGzckAAXx2zoAgVw1ZMB8GA1UdIwQY
MBaAFIniGiuKJblxvbdBoKrjJZkjBBlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWVJYUs0b2x1WEc5dDBHZ3F1TWxtU01FR1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80MDY5OTEtNWJlMy00YTA1LWFjYjIt
MWFkNDdjY2QyZDlhLzEvb2hGNkpnelZnUWJOeVFBQmZIYk9nQ0JYRFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80MDY5OTEtNWJlMy00YTA1LWFjYjItMWFkNDdjY2QyZDlh
LzEvaWVJYUs0b2x1WEc5dDBHZ3F1TWxtU01FR1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRn8MA0G
CSqGSIb3DQEBCwUAA4IBAQBvwPqVhIEhhTQPLkUraP8U+A5vtMD63hHi1XGNYT7B
rquscPaFGtGXRoKfVHtg/YIJATLylDv67CxNp6LATKtffpa5ZfWV4zmHjkdCef6h
TcY0Akj1w+2h+ANNM+Q2d2mgcx2uBiy9DVAEjMdHfN1NRICy0zeSsIA2FcILgmN2
8WsP0O1CSabgXN1f3TJbLZHhiRUuZY0gwNzZ4vVlh28va48hb+cwRovmP4VVoa9J
zWcxxcxHqzbvK4dOPRZ17r76vGdqCYLinv237DVjmdovb9+i3K7GtiMHaiN3yG4Y
nThFjcaDee9jSqz9xWO9WI610G1Bgbmy/ZB7hMgd9j87
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:31:47 2025 by rpki-client