Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/042951-54d8-469c-bba1-a6546cd9da94/1/ohV7LpumTN5VraW1p008cGPmo-g.roa
File: ohV7LpumTN5VraW1p008cGPmo-g.roa (raw, json)
Hash identifier: n4eACTAu0vtC/d1vH0NfCxcCsDuUaZGSblK8nXC/t4Y=
Subject key identifier: A2:15:7B:2E:9B:A6:4C:DE:55:AD:A5:B5:A7:4D:3C:70:63:E6:A3:E8
Certificate issuer: /CN=3dc410e3f09bea6abc9dd8c6ff4185651b0ab867
Certificate serial: 0185737179C9AFE4D16C5A6569F43A454254
Authority key identifier: 3D:C4:10:E3:F0:9B:EA:6A:BC:9D:D8:C6:FF:41:85:65:1B:0A:B8:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PcQQ4_Cb6mq8ndjG_0GFZRsKuGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/042951-54d8-469c-bba1-a6546cd9da94/1/ohV7LpumTN5VraW1p008cGPmo-g.roa
Signing time: Mon 02 Jan 2023 17:04:54 +0000
ROA not before: Mon 02 Jan 2023 17:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 193.149.8.0/21 maxlen: 21
134.30.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:79:c9:af:e4:d1:6c:5a:65:69:f4:3a:45:42:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3dc410e3f09bea6abc9dd8c6ff4185651b0ab867
Validity
Not Before: Jan 2 17:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2157b2e9ba64cde55ada5b5a74d3c7063e6a3e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:37:85:9e:a3:ca:55:07:40:c6:ce:d5:be:
04:b1:8f:a1:ab:bc:7b:3d:81:d3:d2:85:f6:11:f8:
0d:ed:7b:13:85:31:bf:fb:53:dc:9f:1a:83:77:e8:
3a:58:97:fa:9b:f8:ef:62:08:96:c4:0c:14:6c:ee:
44:08:9c:80:7c:5c:c4:41:14:d1:a7:a9:96:b7:45:
b9:11:61:e8:3d:71:a6:da:db:e5:80:fe:09:2e:e5:
4a:4f:e3:d1:bc:9c:2f:45:1a:d3:ef:cc:cf:4a:13:
40:cf:6e:23:f1:24:3b:49:a3:5e:45:1f:92:2d:72:
af:25:04:c6:ce:55:fc:61:41:dc:8b:67:97:d6:17:
94:f8:b2:91:98:b2:45:d3:0d:d7:ce:4d:71:f1:01:
99:0e:04:ba:a2:bb:92:9e:92:96:fa:0b:80:55:e5:
99:4b:85:c1:87:47:58:4a:4b:5f:02:73:29:b8:77:
02:ed:79:10:b2:0f:36:e7:19:30:37:11:6c:99:75:
40:0a:a7:62:3a:ba:be:a1:85:63:65:9d:56:fc:f7:
22:0e:2b:c3:10:ad:a5:69:a6:dc:ed:71:5c:68:3c:
19:4a:76:31:96:a8:37:49:d4:5b:06:13:fd:83:30:
2e:cc:41:aa:33:04:85:e1:5d:2f:c2:4c:55:68:ce:
77:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:15:7B:2E:9B:A6:4C:DE:55:AD:A5:B5:A7:4D:3C:70:63:E6:A3:E8
X509v3 Authority Key Identifier:
keyid:3D:C4:10:E3:F0:9B:EA:6A:BC:9D:D8:C6:FF:41:85:65:1B:0A:B8:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PcQQ4_Cb6mq8ndjG_0GFZRsKuGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/042951-54d8-469c-bba1-a6546cd9da94/1/ohV7LpumTN5VraW1p008cGPmo-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/042951-54d8-469c-bba1-a6546cd9da94/1/PcQQ4_Cb6mq8ndjG_0GFZRsKuGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.30.0.0/16
193.149.8.0/21
Signature Algorithm: sha256WithRSAEncryption
d9:44:37:8a:ce:61:29:ee:c7:6d:b3:2f:1c:ba:e3:c2:60:25:
03:10:75:c0:0c:e2:93:43:97:90:38:ae:d9:da:2a:c8:31:65:
73:0e:cf:f2:97:7f:7e:2f:ca:3c:43:76:06:9f:b2:69:dc:cf:
7d:5a:06:b8:58:58:6d:67:01:45:1f:5f:6d:f6:2d:bc:cc:d5:
59:90:88:de:b7:03:7a:35:bf:fa:37:18:8e:62:76:99:c7:3d:
9a:c3:52:eb:3c:63:6c:79:cb:34:0a:d1:32:ca:9d:d2:8d:7c:
f7:d1:ac:d4:28:0d:40:55:4e:1e:25:e4:f4:9f:3f:c8:f1:64:
f0:fb:52:48:e5:a7:f7:b2:80:01:92:b6:9d:f7:4c:8a:39:27:
94:4b:94:63:dd:c8:15:a4:38:1e:70:30:cd:db:0e:1d:1e:c6:
c9:a9:b9:c5:dd:de:80:82:7e:d5:97:43:a7:79:7c:f2:d7:d8:
d1:75:4e:db:ab:3e:50:e9:f4:41:ff:98:75:4b:26:03:e9:a2:
4e:8d:63:a2:62:c3:34:08:aa:44:3c:76:9e:61:0a:95:48:ab:
0c:47:0b:8c:0f:3a:94:9a:88:c7:32:0c:1e:3d:87:99:22:ac:
0b:f3:d4:d6:45:76:4b:40:1d:27:76:6d:35:7c:40:ef:2a:9d:
c5:54:ce:4d
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVzcXnJr+TRbFplafQ6RUJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYzQxMGUzZjA5YmVhNmFiYzlkZDhjNmZmNDE4NTY1MWIw
YWI4NjcwHhcNMjMwMTAyMTcwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjE1N2IyZTliYTY0Y2RlNTVhZGE1YjVhNzRkM2M3MDYzZTZhM2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2E3hZ6jylUHQMbO1b4EsY+hq7x7
PYHT0oX2EfgN7XsThTG/+1PcnxqDd+g6WJf6m/jvYgiWxAwUbO5ECJyAfFzEQRTR
p6mWt0W5EWHoPXGm2tvlgP4JLuVKT+PRvJwvRRrT78zPShNAz24j8SQ7SaNeRR+S
LXKvJQTGzlX8YUHci2eX1heU+LKRmLJF0w3Xzk1x8QGZDgS6oruSnpKW+guAVeWZ
S4XBh0dYSktfAnMpuHcC7XkQsg825xkwNxFsmXVACqdiOrq+oYVjZZ1W/PciDivD
EK2laabc7XFcaDwZSnYxlqg3SdRbBhP9gzAuzEGqMwSF4V0vwkxVaM53+wIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFKIVey6bpkzeVa2ltadNPHBj5qPoMB8GA1UdIwQY
MBaAFD3EEOPwm+pqvJ3Yxv9BhWUbCrhnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGNRUTRfQ2I2bXE4bmRqR18wR0ZaUnNLdUdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8wNDI5NTEtNTRkOC00NjljLWJiYTEt
YTY1NDZjZDlkYTk0LzEvb2hWN0xwdW1UTjVWcmFXMXAwMDhjR1Btby1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8wNDI5NTEtNTRkOC00NjljLWJiYTEtYTY1NDZjZDlkYTk0
LzEvUGNRUTRfQ2I2bXE4bmRqR18wR0ZaUnNLdUdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAhh4DBAPB
lQgwDQYJKoZIhvcNAQELBQADggEBANlEN4rOYSnux22zLxy648JgJQMQdcAM4pND
l5A4rtnaKsgxZXMOz/KXf34vyjxDdgafsmncz31aBrhYWG1nAUUfX232LbzM1VmQ
iN63A3o1v/o3GI5idpnHPZrDUus8Y2x5yzQK0TLKndKNfPfRrNQoDUBVTh4l5PSf
P8jxZPD7Ukjlp/eygAGStp33TIo5J5RLlGPdyBWkOB5wMM3bDh0exsmpucXd3oCC
ftWXQ6d5fPLX2NF1TturPlDp9EH/mHVLJgPpok6NY6JiwzQIqkQ8dp5hCpVIqwxH
C4wPOpSaiMcyDB49h5kirAvz1NZFdktAHSd2bTV8QO8qncVUzk0=
-----END CERTIFICATE-----
Generated at Mon Apr 14 07:30:09 2025 by rpki-client