Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/09482b-4d2a-4893-828d-96dc5ea0cc83/1/Ooq_3q2agzt5ciPRjaDtWpd0U9E.roa
File: Ooq_3q2agzt5ciPRjaDtWpd0U9E.roa (raw, json)
Hash identifier: SjNv2O3TTEipKncI0LOv2GGKTNgMW60jORqebfE+qcM=
Subject key identifier: 3A:8A:BF:DE:AD:9A:83:3B:79:72:23:D1:8D:A0:ED:5A:97:74:53:D1
Certificate issuer: /CN=4d73d94019a3c235877df6bc1b29c76a0b64c9d0
Certificate serial: 0188BF68EB9DD059B3AF74FB758256C70B73
Authority key identifier: 4D:73:D9:40:19:A3:C2:35:87:7D:F6:BC:1B:29:C7:6A:0B:64:C9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXPZQBmjwjWHffa8GynHagtkydA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/09482b-4d2a-4893-828d-96dc5ea0cc83/1/Ooq_3q2agzt5ciPRjaDtWpd0U9E.roa
Signing time: Thu 15 Jun 2023 14:15:04 +0000
ROA not before: Thu 15 Jun 2023 14:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200851
IP address blocks: 45.11.160.0/22 maxlen: 22
84.38.255.0/24 maxlen: 24
45.66.244.0/22 maxlen: 24
185.93.244.0/22 maxlen: 24
2a04:23c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:68:eb:9d:d0:59:b3:af:74:fb:75:82:56:c7:0b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d73d94019a3c235877df6bc1b29c76a0b64c9d0
Validity
Not Before: Jun 15 14:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a8abfdead9a833b797223d18da0ed5a977453d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f3:23:61:0f:88:98:7e:ec:89:26:79:2d:2d:
44:21:6c:90:3d:0d:c0:04:67:2e:a3:d5:4c:46:32:
50:c0:44:bd:ea:3e:91:7b:7c:5d:28:7d:3e:b5:34:
73:40:98:1e:b9:f3:ef:84:3d:c2:f7:17:51:3d:e1:
02:45:70:23:ad:36:9e:2e:14:22:17:64:c7:1c:22:
61:b3:0a:79:a1:d6:9d:24:cf:9a:ef:80:77:92:02:
a7:c8:7f:db:f8:43:96:2f:7c:47:72:ec:f6:86:6f:
64:74:90:ae:3c:32:d8:47:57:63:b3:0a:f9:57:84:
e3:23:d9:25:37:22:c0:f1:ac:9f:e9:fa:a9:1f:3d:
fa:9d:d1:11:9f:bd:65:56:bb:20:11:32:fd:9d:e5:
64:0b:4f:1b:51:13:0d:95:98:f4:aa:9f:79:a7:4a:
59:fc:87:e5:51:de:aa:a2:d9:09:a4:5e:e5:b2:a1:
a6:99:a6:94:ee:1e:45:9d:30:0b:8a:71:7f:45:d3:
a8:02:ee:d9:b6:0b:18:fc:ed:bf:41:1c:36:fe:a2:
08:7b:62:57:79:30:18:70:45:69:93:c0:35:be:36:
17:d6:2b:2b:c8:ce:7c:07:f4:93:2a:67:25:16:c5:
52:e7:15:6e:38:b6:de:8e:d6:fa:00:15:69:c7:09:
63:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8A:BF:DE:AD:9A:83:3B:79:72:23:D1:8D:A0:ED:5A:97:74:53:D1
X509v3 Authority Key Identifier:
keyid:4D:73:D9:40:19:A3:C2:35:87:7D:F6:BC:1B:29:C7:6A:0B:64:C9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXPZQBmjwjWHffa8GynHagtkydA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/09482b-4d2a-4893-828d-96dc5ea0cc83/1/Ooq_3q2agzt5ciPRjaDtWpd0U9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/09482b-4d2a-4893-828d-96dc5ea0cc83/1/TXPZQBmjwjWHffa8GynHagtkydA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.160.0/22
45.66.244.0/22
84.38.255.0/24
185.93.244.0/22
IPv6:
2a04:23c0::/29
Signature Algorithm: sha256WithRSAEncryption
38:7f:b5:5c:fb:9b:04:6c:cb:2f:64:1d:83:8a:02:f9:94:93:
3d:2b:1f:7a:5b:e6:dd:8a:2d:91:61:05:47:a6:8e:be:c2:4b:
9b:0f:db:42:a0:98:cd:fe:41:59:b2:1b:6b:d7:ff:fa:27:21:
06:ea:27:7a:40:ec:73:97:74:00:c4:64:6c:e2:46:41:19:76:
ea:13:f5:b4:84:59:4d:b0:43:ec:99:70:c2:5c:e5:17:0f:ee:
8b:3a:8f:25:6a:a9:7b:d3:e3:79:b6:ec:de:6e:03:5d:f0:9b:
c6:1c:61:27:60:43:16:7e:fc:9a:02:21:44:4c:96:3c:1f:f8:
9a:69:af:10:e0:df:d9:ca:52:9b:8c:01:8a:72:ca:e7:c4:85:
db:3a:10:37:b0:d8:04:a3:75:52:69:92:bd:74:92:c2:e4:ea:
28:51:be:14:15:64:15:b9:60:d1:d7:cb:89:64:18:70:5c:22:
32:d4:bb:00:51:21:33:3d:de:7f:ba:d5:40:bd:52:66:e8:12:
25:28:50:05:1f:1b:81:7a:95:2b:3b:0a:f5:69:4e:51:a0:2c:
df:52:78:35:c0:a5:ec:ad:0d:6a:cb:df:16:23:63:be:d0:61:
79:be:55:8e:50:d6:18:cb:b0:ab:ca:71:03:7d:d4:cd:5c:8e:
31:13:05:d8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYi/aOud0Fmzr3T7dYJWxwtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzNkOTQwMTlhM2MyMzU4NzdkZjZiYzFiMjljNzZhMGI2
NGM5ZDAwHhcNMjMwNjE1MTQxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYThhYmZkZWFkOWE4MzNiNzk3MjIzZDE4ZGEwZWQ1YTk3NzQ1M2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfMjYQ+ImH7siSZ5LS1EIWyQPQ3A
BGcuo9VMRjJQwES96j6Re3xdKH0+tTRzQJgeufPvhD3C9xdRPeECRXAjrTaeLhQi
F2THHCJhswp5odadJM+a74B3kgKnyH/b+EOWL3xHcuz2hm9kdJCuPDLYR1djswr5
V4TjI9klNyLA8ayf6fqpHz36ndERn71lVrsgETL9neVkC08bURMNlZj0qp95p0pZ
/IflUd6qotkJpF7lsqGmmaaU7h5FnTALinF/RdOoAu7ZtgsY/O2/QRw2/qIIe2JX
eTAYcEVpk8A1vjYX1isryM58B/STKmclFsVS5xVuOLbejtb6ABVpxwljBwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDqKv96tmoM7eXIj0Y2g7VqXdFPRMB8GA1UdIwQY
MBaAFE1z2UAZo8I1h332vBspx2oLZMnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhQWlFCbWp3aldIZmZhOEd5bkhhZ3RreWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wOTQ4MmItNGQyYS00ODkzLTgyOGQt
OTZkYzVlYTBjYzgzLzEvT29xXzNxMmFnenQ1Y2lQUmphRHRXcGQwVTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wOTQ4MmItNGQyYS00ODkzLTgyOGQtOTZkYzVlYTBjYzgz
LzEvVFhQWlFCbWp3aldIZmZhOEd5bkhhZ3RreWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLQugAwQC
LUL0AwQAVCb/AwQCuV30MA0EAgACMAcDBQMqBCPAMA0GCSqGSIb3DQEBCwUAA4IB
AQA4f7Vc+5sEbMsvZB2DigL5lJM9Kx96W+bdii2RYQVHpo6+wkubD9tCoJjN/kFZ
shtr1//6JyEG6id6QOxzl3QAxGRs4kZBGXbqE/W0hFlNsEPsmXDCXOUXD+6LOo8l
aql70+N5tuzebgNd8JvGHGEnYEMWfvyaAiFETJY8H/iaaa8Q4N/ZylKbjAGKcsrn
xIXbOhA3sNgEo3VSaZK9dJLC5OooUb4UFWQVuWDR18uJZBhwXCIy1LsAUSEzPd5/
utVAvVJm6BIlKFAFHxuBepUrOwr1aU5RoCzfUng1wKXsrQ1qy98WI2O+0GF5vlWO
UNYYy7CrynEDfdTNXI4xEwXY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:13 2025 by rpki-client