Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/o1tExWEIPhvRIKTiHVh0PKyHK-I.roa
File: o1tExWEIPhvRIKTiHVh0PKyHK-I.roa (raw, json)
Hash identifier: iHQ1rS4TEQB+PfrzrL4Mw5qXe3j99w9CB651kxuVQOA=
Subject key identifier: A3:5B:44:C5:61:08:3E:1B:D1:20:A4:E2:1D:58:74:3C:AC:87:2B:E2
Certificate issuer: /CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Certificate serial: 045023D6
Authority key identifier: 28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/o1tExWEIPhvRIKTiHVh0PKyHK-I.roa
Signing time: Sat 01 Jan 2022 15:00:54 +0000
ROA not before: Sat 01 Jan 2022 15:00:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60819
IP address blocks: 188.241.145.0/24 maxlen: 24
2a00:a900:7afe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72360918 (0x45023d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Validity
Not Before: Jan 1 15:00:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a35b44c561083e1bd120a4e21d58743cac872be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c0:63:b7:3f:b2:d6:06:93:70:88:8a:e6:f7:
85:b1:11:8d:80:aa:29:d2:c8:71:ba:78:26:8c:1d:
6d:42:20:6b:38:ea:74:5d:ed:01:9d:be:a0:b1:b1:
0e:9d:f6:3b:45:f6:aa:12:82:68:23:d2:7d:66:6c:
eb:c6:b8:f8:fe:53:38:db:a3:ff:75:ec:17:41:81:
a7:9c:82:a8:2f:82:2c:a4:6d:63:de:aa:0d:bd:b1:
e3:90:d4:31:92:8f:70:28:74:5f:f1:53:fb:5e:b1:
e3:82:cf:e8:39:b4:90:98:c8:9d:3b:6a:a2:48:dd:
ce:34:86:14:54:96:b5:30:a5:02:6b:c5:b8:68:a3:
27:6d:7c:86:80:b4:3c:7e:a5:cc:03:52:c5:ec:c2:
ed:21:91:a2:d3:01:f5:e9:cf:3c:14:7c:77:3c:d1:
14:bc:9a:f1:34:1f:8b:8d:25:d6:09:09:95:17:31:
53:ab:c2:c9:34:2e:70:9b:12:a7:3b:76:21:aa:34:
4f:28:de:c2:70:b4:bd:10:9f:9b:a7:7f:72:80:d3:
42:71:01:3e:b3:d9:2c:55:61:de:f5:94:10:30:20:
78:b2:18:72:5a:ba:1b:1c:67:7a:e5:7e:48:4d:59:
35:4d:da:33:f8:b7:3b:ed:86:d3:d9:fa:c2:ca:d8:
c3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5B:44:C5:61:08:3E:1B:D1:20:A4:E2:1D:58:74:3C:AC:87:2B:E2
X509v3 Authority Key Identifier:
keyid:28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/o1tExWEIPhvRIKTiHVh0PKyHK-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/KIUcb8brOBbhFsikqFHQ0XjJDzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.145.0/24
IPv6:
2a00:a900:7afe::/48
Signature Algorithm: sha256WithRSAEncryption
76:32:56:dd:62:2b:56:8c:21:1c:5d:15:e1:e0:64:be:7e:35:
90:80:83:12:b6:a9:3b:ef:00:f4:53:08:04:79:17:49:f2:c9:
eb:00:e4:09:4c:25:ce:c0:7a:27:85:d5:79:eb:55:4b:51:80:
e1:ad:82:e9:be:eb:49:94:eb:eb:12:f2:1b:d1:3c:a5:1f:31:
d3:e3:aa:74:21:6f:c6:56:d6:70:ea:a8:45:09:d5:be:e5:ee:
b7:96:04:30:79:46:72:20:d7:ef:d8:3d:e9:dd:a2:88:0f:13:
27:34:c2:b1:bc:88:2c:f4:e2:13:ae:e4:8f:0d:25:f9:88:4f:
83:e7:68:da:1b:29:36:1a:d3:e8:cc:1c:fd:7f:e6:97:d9:71:
80:61:66:72:30:bb:19:ed:67:27:ab:1f:26:e1:16:2b:73:af:
50:25:0f:45:e7:1e:04:a6:b5:b1:e2:a6:e0:2f:a1:74:a8:eb:
f6:40:2b:5a:2a:16:f8:cc:c4:35:5c:b7:2f:20:36:5a:45:85:
5f:67:1b:83:2b:aa:35:3e:4b:14:5c:01:b9:e3:2f:93:1b:99:
fe:5b:ae:c7:cd:3d:92:53:30:f5:89:e1:01:6e:53:54:e6:cc:
bf:3f:86:5f:d0:09:6b:88:fb:c5:70:f6:5b:2e:26:85:45:5e:
5b:64:e4:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBFAj1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODg1MWM2ZmM2ZWIzODE2ZTExNmM4YTRhODUxZDBkMTc4YzkwZjMxMB4XDTIyMDEw
MTE1MDA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM1YjQ0YzU2MTA4
M2UxYmQxMjBhNGUyMWQ1ODc0M2NhYzg3MmJlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/AY7c/stYGk3CIiub3hbERjYCqKdLIcbp4JowdbUIgazjq
dF3tAZ2+oLGxDp32O0X2qhKCaCPSfWZs68a4+P5TONuj/3XsF0GBp5yCqC+CLKRt
Y96qDb2x45DUMZKPcCh0X/FT+16x44LP6Dm0kJjInTtqokjdzjSGFFSWtTClAmvF
uGijJ218hoC0PH6lzANSxezC7SGRotMB9enPPBR8dzzRFLya8TQfi40l1gkJlRcx
U6vCyTQucJsSpzt2Iao0TyjewnC0vRCfm6d/coDTQnEBPrPZLFVh3vWUEDAgeLIY
clq6GxxneuV+SE1ZNU3aM/i3O+2G09n6wsrYwzkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSjW0TFYQg+G9EgpOIdWHQ8rIcr4jAfBgNVHSMEGDAWgBQohRxvxus4FuEW
yKSoUdDReMkPMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tJVWNiOGJyT0JiaEZzaWtxRkhRMFhqSkR6RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvYjllNmRmLWRhOGYtNDQ5MS04ZmU0LTUyNDViMTM1MjIxYi8x
L28xdEV4V0VJUGh2UklLVGlIVmgwUEt5SEstSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
YjllNmRmLWRhOGYtNDQ5MS04ZmU0LTUyNDViMTM1MjIxYi8xL0tJVWNiOGJyT0Ji
aEZzaWtxRkhRMFhqSkR6RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALzxkTAPBAIAAjAJAwcAKgCpAHr+
MA0GCSqGSIb3DQEBCwUAA4IBAQB2MlbdYitWjCEcXRXh4GS+fjWQgIMStqk77wD0
UwgEeRdJ8snrAOQJTCXOwHonhdV561VLUYDhrYLpvutJlOvrEvIb0TylHzHT46p0
IW/GVtZw6qhFCdW+5e63lgQweUZyINfv2D3p3aKIDxMnNMKxvIgs9OITruSPDSX5
iE+D52jaGyk2GtPozBz9f+aX2XGAYWZyMLsZ7Wcnqx8m4RYrc69QJQ9F5x4EprWx
4qbgL6F0qOv2QCtaKhb4zMQ1XLcvIDZaRYVfZxuDK6o1PksUXAG54y+TG5n+W67H
zT2SUzD1ieEBblNU5sy/P4Zf0AlriPvFcPZbLiaFRV5bZORm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:26 2025 by rpki-client