Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/offcSMCnWQdW2nMCa7Fx-ryrQO8.roa
File: offcSMCnWQdW2nMCa7Fx-ryrQO8.roa (raw, json)
Hash identifier: Psf7FJEKAkSKkPAnarKBydw6clVK+0HFp1UlzKYgNcw=
Subject key identifier: A1:F7:DC:48:C0:A7:59:07:56:DA:73:02:6B:B1:71:FA:BC:AB:40:EF
Certificate issuer: /CN=0e856801bef8ed3ae810e7e67a31fd012b44d30c
Certificate serial: 01857246B92F9D69D4E48EB6A68C7313A542
Authority key identifier: 0E:85:68:01:BE:F8:ED:3A:E8:10:E7:E6:7A:31:FD:01:2B:44:D3:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoVoAb747TroEOfmejH9AStE0ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/offcSMCnWQdW2nMCa7Fx-ryrQO8.roa
Signing time: Mon 02 Jan 2023 11:38:35 +0000
ROA not before: Mon 02 Jan 2023 11:38:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13127
IP address blocks: 176.117.57.0/24 maxlen: 24
2001:67c:17ec::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:b9:2f:9d:69:d4:e4:8e:b6:a6:8c:73:13:a5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e856801bef8ed3ae810e7e67a31fd012b44d30c
Validity
Not Before: Jan 2 11:38:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1f7dc48c0a7590756da73026bb171fabcab40ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:67:01:9d:dd:bd:c1:db:14:13:f4:13:2b:46:
94:62:65:9d:e2:f2:0b:cb:2b:94:69:ca:0f:ab:74:
ed:5c:ce:8b:c9:0b:58:1d:b3:1d:cd:f1:2e:8f:20:
bf:a0:5f:22:a3:3e:65:d3:1a:cf:ec:ad:f0:d8:d0:
fc:f0:a2:b6:ee:06:5d:e4:a8:f5:d6:42:83:eb:d9:
0c:10:c5:c6:1e:d8:29:c5:8a:5d:73:79:36:fb:60:
79:65:37:f2:9c:7a:bb:dd:4d:58:76:94:3a:99:61:
92:67:ce:c2:95:00:52:14:bb:23:db:71:60:b5:73:
1f:71:b2:b8:80:ec:0b:f3:3b:3f:be:67:8c:aa:11:
49:75:b8:0b:28:05:52:fa:90:47:82:59:06:80:70:
79:52:f8:1e:80:8a:34:b3:87:2a:8f:52:34:e4:91:
10:9c:9d:92:a3:f2:c0:60:42:59:3c:b5:fb:04:aa:
03:cc:ec:5d:88:72:bd:38:18:b0:f5:05:ab:88:d8:
44:38:92:70:59:69:4a:46:86:93:42:f3:ca:13:66:
45:d8:ea:e1:28:15:cd:00:ad:59:f4:f0:5f:89:76:
f8:1e:fd:a6:79:d9:ac:df:48:17:52:b4:13:95:56:
89:f0:5e:f0:d6:29:79:fb:f4:b8:f2:73:f7:54:4e:
25:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F7:DC:48:C0:A7:59:07:56:DA:73:02:6B:B1:71:FA:BC:AB:40:EF
X509v3 Authority Key Identifier:
keyid:0E:85:68:01:BE:F8:ED:3A:E8:10:E7:E6:7A:31:FD:01:2B:44:D3:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoVoAb747TroEOfmejH9AStE0ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/offcSMCnWQdW2nMCa7Fx-ryrQO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/DoVoAb747TroEOfmejH9AStE0ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.57.0/24
IPv6:
2001:67c:17ec::/48
Signature Algorithm: sha256WithRSAEncryption
0f:75:7a:79:cb:40:c9:a9:22:d2:cf:f4:71:77:d8:e5:5a:c3:
4b:4e:db:11:72:c5:b0:34:54:d2:7a:82:d0:2e:8f:5c:3f:d9:
ab:99:ac:ae:a9:eb:01:cb:c6:1b:64:37:c6:d1:05:9d:e6:35:
76:8d:40:00:87:0a:2d:ff:2b:8b:1d:bd:92:a4:3c:f8:a9:4b:
60:7f:7b:7a:42:bc:14:53:55:cb:4a:b4:7b:6d:e3:dc:c6:46:
06:90:d6:21:2c:fc:e5:7c:5e:d6:17:2b:27:fd:aa:0b:54:90:
43:d7:a3:64:71:4d:ed:98:8d:9d:e9:28:65:53:1b:a8:05:68:
b7:2c:28:d7:4e:c7:da:93:31:1f:2d:e5:61:76:07:37:70:91:
9c:78:c2:ee:0e:ca:b4:99:2d:44:3d:fe:72:c4:92:dc:5d:dc:
43:2f:44:de:d2:a2:bc:2d:8e:f6:49:72:23:ed:1a:1d:8b:cc:
ac:64:de:62:52:6e:c6:34:cf:88:73:1d:47:e9:36:d7:85:77:
e3:9a:50:a0:e8:c7:a4:70:37:87:9d:d0:ee:ba:77:e7:a5:f5:
3e:44:f7:1b:99:91:52:2c:e8:5a:1a:73:dc:fa:0d:5f:b8:26:
c3:8a:73:e9:ca:74:00:20:1d:08:da:cd:b3:90:66:dd:ae:1a:
0e:d5:8c:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyRrkvnWnU5I62poxzE6VCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODU2ODAxYmVmOGVkM2FlODEwZTdlNjdhMzFmZDAxMmI0
NGQzMGMwHhcNMjMwMTAyMTEzODM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWY3ZGM0OGMwYTc1OTA3NTZkYTczMDI2YmIxNzFmYWJjYWI0MGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimcBnd29wdsUE/QTK0aUYmWd4vIL
yyuUacoPq3TtXM6LyQtYHbMdzfEujyC/oF8ioz5l0xrP7K3w2ND88KK27gZd5Kj1
1kKD69kMEMXGHtgpxYpdc3k2+2B5ZTfynHq73U1YdpQ6mWGSZ87ClQBSFLsj23Fg
tXMfcbK4gOwL8zs/vmeMqhFJdbgLKAVS+pBHglkGgHB5UvgegIo0s4cqj1I05JEQ
nJ2So/LAYEJZPLX7BKoDzOxdiHK9OBiw9QWriNhEOJJwWWlKRoaTQvPKE2ZF2Orh
KBXNAK1Z9PBfiXb4Hv2medms30gXUrQTlVaJ8F7w1il5+/S48nP3VE4lowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKH33EjAp1kHVtpzAmuxcfq8q0DvMB8GA1UdIwQY
MBaAFA6FaAG++O066BDn5nox/QErRNMMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9Wb0FiNzQ3VHJvRU9mbWVqSDlBU3RFMHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC81NDE0MzQtODc5ZC00ZTU1LWE0N2Yt
MTkwYjA2ZGVlNGRjLzEvb2ZmY1NNQ25XUWRXMm5NQ2E3RngtcnlyUU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC81NDE0MzQtODc5ZC00ZTU1LWE0N2YtMTkwYjA2ZGVlNGRj
LzEvRG9Wb0FiNzQ3VHJvRU9mbWVqSDlBU3RFMHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsHU5MA8E
AgACMAkDBwAgAQZ8F+wwDQYJKoZIhvcNAQELBQADggEBAA91ennLQMmpItLP9HF3
2OVaw0tO2xFyxbA0VNJ6gtAuj1w/2auZrK6p6wHLxhtkN8bRBZ3mNXaNQACHCi3/
K4sdvZKkPPipS2B/e3pCvBRTVctKtHtt49zGRgaQ1iEs/OV8XtYXKyf9qgtUkEPX
o2RxTe2YjZ3pKGVTG6gFaLcsKNdOx9qTMR8t5WF2BzdwkZx4wu4OyrSZLUQ9/nLE
ktxd3EMvRN7SorwtjvZJciPtGh2LzKxk3mJSbsY0z4hzHUfpNteFd+OaUKDox6Rw
N4ed0O66d+el9T5E9xuZkVIs6Foac9z6DV+4JsOKc+nKdAAgHQjazbOQZt2uGg7V
jAo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:19:39 2025 by rpki-client