Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/4f08a5-432f-48fc-bd8b-fb71bd4545b0/1/OaqMtub30UwiSjQ3pVSSo4Qjcgk.roa
File: OaqMtub30UwiSjQ3pVSSo4Qjcgk.roa (raw, json)
Hash identifier: qDChTTGW9IpKCVGkWj6RU7z3uo0TFelqRFj13i++qTY=
Subject key identifier: 39:AA:8C:B6:E6:F7:D1:4C:22:4A:34:37:A5:54:92:A3:84:23:72:09
Certificate issuer: /CN=c098914cb0a945440f84deaf3f3d97fc77fd26ce
Certificate serial: 018572B41836A2A6D9AEB09F2BC86F69AF26
Authority key identifier: C0:98:91:4C:B0:A9:45:44:0F:84:DE:AF:3F:3D:97:FC:77:FD:26:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJiRTLCpRUQPhN6vPz2X_Hf9Js4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/4f08a5-432f-48fc-bd8b-fb71bd4545b0/1/OaqMtub30UwiSjQ3pVSSo4Qjcgk.roa
Signing time: Mon 02 Jan 2023 13:38:03 +0000
ROA not before: Mon 02 Jan 2023 13:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 193.25.16.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:18:36:a2:a6:d9:ae:b0:9f:2b:c8:6f:69:af:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c098914cb0a945440f84deaf3f3d97fc77fd26ce
Validity
Not Before: Jan 2 13:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39aa8cb6e6f7d14c224a3437a55492a384237209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f8:05:55:44:44:4a:4d:3b:d9:a2:b4:a7:f1:
fe:52:a4:bc:62:8b:04:67:ce:eb:75:71:34:8b:26:
27:0c:45:37:1d:6c:60:52:36:ef:00:20:b1:c9:c7:
28:51:7a:89:45:57:35:f7:73:95:a9:89:8f:09:de:
15:dc:3a:e7:5a:44:f7:a9:3b:c6:8c:a7:9d:fb:69:
83:09:31:29:a0:2b:2e:c5:0c:8f:79:35:12:f6:60:
53:a9:e6:bc:a0:50:a3:12:08:3b:bf:c3:ea:b4:d5:
b5:0d:1f:3f:72:79:00:cc:ff:0d:cd:3f:4c:be:b4:
5c:fd:cc:fd:b8:84:79:f7:be:47:03:2e:2f:8c:c6:
06:90:64:94:a7:fc:c4:c0:d3:b2:07:71:e0:e9:8a:
0c:cd:36:ff:2c:d0:28:c7:40:f6:26:d1:b2:36:73:
f0:f8:43:dc:13:8f:a6:0a:6d:16:36:d6:ab:a2:8d:
0d:63:e0:47:e5:63:3f:cf:68:bd:32:80:e7:c7:e2:
1d:5d:9f:6d:41:17:b6:81:ab:98:e4:8a:23:71:cb:
49:c9:c9:f4:d3:84:1b:a0:b0:2f:1a:01:47:43:58:
fb:34:d5:b5:2d:ae:8c:8a:24:f4:f2:25:a1:20:f6:
cc:66:66:39:f9:f3:06:10:25:1d:00:bf:14:e8:d1:
fa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:AA:8C:B6:E6:F7:D1:4C:22:4A:34:37:A5:54:92:A3:84:23:72:09
X509v3 Authority Key Identifier:
keyid:C0:98:91:4C:B0:A9:45:44:0F:84:DE:AF:3F:3D:97:FC:77:FD:26:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJiRTLCpRUQPhN6vPz2X_Hf9Js4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/4f08a5-432f-48fc-bd8b-fb71bd4545b0/1/OaqMtub30UwiSjQ3pVSSo4Qjcgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/4f08a5-432f-48fc-bd8b-fb71bd4545b0/1/wJiRTLCpRUQPhN6vPz2X_Hf9Js4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.16.0/20
Signature Algorithm: sha256WithRSAEncryption
aa:27:5d:33:44:89:d8:2c:e3:17:73:db:34:79:c9:80:f3:7f:
17:ec:69:3c:8e:dc:c7:b0:bc:62:c6:e3:c0:2c:09:e5:b7:49:
a6:de:03:72:28:fc:96:36:2f:32:d3:0c:96:03:98:ba:2e:a2:
7e:7b:2e:da:8c:0a:e0:25:b4:38:14:dc:6a:68:09:06:ba:03:
54:f6:c4:3c:03:fa:9a:ea:4f:33:93:36:5e:72:d5:e9:3b:6d:
d1:71:49:44:ea:51:35:cf:99:e4:d8:d0:31:a1:45:ba:71:2f:
9e:db:ef:45:0c:35:66:64:3c:dc:e6:5f:df:67:d3:ee:a2:1b:
d4:ce:59:66:2e:21:7c:cd:62:40:ad:dd:6a:9f:ce:25:9c:c5:
41:2f:9a:7f:16:8e:25:42:d0:ec:cc:b7:9e:89:62:c5:de:14:
cb:fc:c6:25:e0:94:18:92:59:96:20:bc:c2:4c:f0:d9:99:51:
8d:51:f2:ef:f5:e8:d0:6d:d2:60:2f:d5:16:40:46:27:1b:2f:
df:80:f3:3b:25:c0:41:7f:65:a1:92:ef:d3:a9:09:65:c3:1e:
da:52:1f:58:2d:52:46:72:12:e1:49:57:48:17:61:dd:d1:f1:
1a:8b:ec:e0:f3:1b:af:78:5c:8f:e3:26:8a:ad:00:9d:c4:33:
ae:8d:1e:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytBg2oqbZrrCfK8hvaa8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTg5MTRjYjBhOTQ1NDQwZjg0ZGVhZjNmM2Q5N2ZjNzdm
ZDI2Y2UwHhcNMjMwMTAyMTMzODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWFhOGNiNmU2ZjdkMTRjMjI0YTM0MzdhNTU0OTJhMzg0MjM3MjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvgFVURESk072aK0p/H+UqS8YosE
Z87rdXE0iyYnDEU3HWxgUjbvACCxyccoUXqJRVc193OVqYmPCd4V3DrnWkT3qTvG
jKed+2mDCTEpoCsuxQyPeTUS9mBTqea8oFCjEgg7v8PqtNW1DR8/cnkAzP8NzT9M
vrRc/cz9uIR5975HAy4vjMYGkGSUp/zEwNOyB3Hg6YoMzTb/LNAox0D2JtGyNnPw
+EPcE4+mCm0WNtaroo0NY+BH5WM/z2i9MoDnx+IdXZ9tQRe2gauY5IojcctJycn0
04QboLAvGgFHQ1j7NNW1La6MiiT08iWhIPbMZmY5+fMGECUdAL8U6NH6qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmqjLbm99FMIko0N6VUkqOEI3IJMB8GA1UdIwQY
MBaAFMCYkUywqUVED4Terz89l/x3/SbOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0ppUlRMQ3BSVVFQaE42dlB6MlhfSGY5SnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80ZjA4YTUtNDMyZi00OGZjLWJkOGIt
ZmI3MWJkNDU0NWIwLzEvT2FxTXR1YjMwVXdpU2pRM3BWU1NvNFFqY2drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80ZjA4YTUtNDMyZi00OGZjLWJkOGItZmI3MWJkNDU0NWIw
LzEvd0ppUlRMQ3BSVVFQaE42dlB6MlhfSGY5SnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwRkQMA0G
CSqGSIb3DQEBCwUAA4IBAQCqJ10zRInYLOMXc9s0ecmA838X7Gk8jtzHsLxixuPA
LAnlt0mm3gNyKPyWNi8y0wyWA5i6LqJ+ey7ajArgJbQ4FNxqaAkGugNU9sQ8A/qa
6k8zkzZectXpO23RcUlE6lE1z5nk2NAxoUW6cS+e2+9FDDVmZDzc5l/fZ9PuohvU
zllmLiF8zWJArd1qn84lnMVBL5p/Fo4lQtDszLeeiWLF3hTL/MYl4JQYklmWILzC
TPDZmVGNUfLv9ejQbdJgL9UWQEYnGy/fgPM7JcBBf2Whku/TqQllwx7aUh9YLVJG
chLhSVdIF2Hd0fEai+zg8xuveFyP4yaKrQCdxDOujR60
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:36:32 2025 by rpki-client