Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/ouw0N8AyMDyWIKzBlJKBaPkUKgE.roa
File: ouw0N8AyMDyWIKzBlJKBaPkUKgE.roa (raw, json)
Hash identifier: 9ogqUSl+9BBPQuFnlO/j/4ZgJ597yHcARIU7XQKP+D8=
Subject key identifier: A2:EC:34:37:C0:32:30:3C:96:20:AC:C1:94:92:81:68:F9:14:2A:01
Certificate issuer: /CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Certificate serial: 01872CD8F7DAEC4618176407D2CF7D265513
Authority key identifier: 70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/ouw0N8AyMDyWIKzBlJKBaPkUKgE.roa
Signing time: Wed 29 Mar 2023 10:10:29 +0000
ROA not before: Wed 29 Mar 2023 10:10:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49825
IP address blocks: 195.211.76.0/22 maxlen: 24
194.165.1.0/24 maxlen: 24
193.19.82.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:d8:f7:da:ec:46:18:17:64:07:d2:cf:7d:26:55:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Validity
Not Before: Mar 29 10:10:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2ec3437c032303c9620acc194928168f9142a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e5:5a:65:55:8c:4c:07:e9:5f:c1:cf:c2:8d:
ff:1e:9d:db:43:b6:8e:1b:d7:42:87:46:1f:b3:9e:
0d:08:4b:c3:80:b9:b5:ac:3a:19:e3:76:c6:f5:ec:
5a:9a:e1:05:67:c0:46:33:94:aa:4a:29:31:94:ef:
5e:b4:ce:79:51:a9:89:41:e6:5a:68:60:b9:f7:c1:
3a:9b:ef:e9:ab:de:c9:dc:96:bc:b7:18:f7:a3:0c:
80:c7:75:b3:eb:d1:25:b7:34:c8:9f:ec:93:22:cd:
97:e1:0a:8a:20:68:3c:ff:fa:56:a6:7b:46:38:31:
7a:18:d7:ce:7b:8e:b0:29:25:1b:70:77:c7:97:3b:
08:21:0f:49:85:0e:6f:aa:a8:40:78:bb:cf:97:bd:
48:c7:eb:16:87:2f:29:03:6b:e7:b5:34:23:dc:49:
0d:39:ae:bb:0b:de:92:37:53:c2:f8:e3:c2:ab:ec:
89:82:43:ca:d6:b8:71:56:5d:2e:19:e8:f1:6d:0b:
dd:fa:28:37:c8:50:4b:da:ac:15:d7:f9:f1:24:9f:
8a:74:4e:14:c2:0d:e9:10:0a:a5:92:f6:d6:1e:b1:
03:de:4a:38:7d:b6:df:de:72:b6:8a:13:3e:01:06:
a7:70:11:31:90:14:e6:dc:1b:55:a8:8a:2d:bf:86:
e8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:EC:34:37:C0:32:30:3C:96:20:AC:C1:94:92:81:68:F9:14:2A:01
X509v3 Authority Key Identifier:
keyid:70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/ouw0N8AyMDyWIKzBlJKBaPkUKgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/cJ626qpJ3WtIPgSxQ05NrHntnTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.82.0/23
194.165.1.0/24
195.211.76.0/22
Signature Algorithm: sha256WithRSAEncryption
09:f0:3d:a3:16:a6:9d:a5:80:bb:d3:13:51:55:bb:81:e6:0c:
6f:81:96:c2:4a:ca:33:17:a0:bc:ee:19:69:93:69:07:a2:f6:
e1:94:b9:fd:06:1e:0f:38:9d:01:84:d5:c8:26:39:f1:e1:10:
4e:33:cd:5c:4a:a2:4f:f4:98:0a:fe:fb:06:6f:6a:a8:f7:2e:
e3:d6:47:e4:fb:4f:67:73:44:5f:75:f2:c3:fd:ee:5e:be:7d:
1f:1a:fd:0c:80:6a:da:aa:3d:9d:4c:3c:4f:19:f4:ea:04:c2:
ad:bd:d9:9c:99:36:be:de:80:fe:89:f8:67:c8:2e:ab:78:6c:
b1:6d:c8:c9:e1:81:8e:ce:23:01:95:ab:a3:c6:56:90:14:af:
a8:c8:e6:72:3c:e4:02:a7:99:62:ac:45:32:75:0b:bb:ae:7b:
80:b0:dd:58:11:68:13:57:8d:f8:3f:88:cb:20:04:68:d9:40:
68:1c:25:1f:c0:b3:00:af:21:62:85:1d:1b:e9:b9:1e:4c:55:
1f:fe:5a:c3:c3:64:52:c0:08:70:85:80:5e:db:0a:dd:21:7e:
94:80:44:10:39:e5:c3:f0:19:1e:0f:17:01:79:a8:11:95:28:
56:03:29:e3:52:67:01:e7:53:b9:f6:06:9f:07:32:45:c6:34:
11:8b:3b:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcs2Pfa7EYYF2QH0s99JlUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWViNmVhYWE0OWRkNmI0ODNlMDRiMTQzNGU0ZGFjNzll
ZDlkMzEwHhcNMjMwMzI5MTAxMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmVjMzQzN2MwMzIzMDNjOTYyMGFjYzE5NDkyODE2OGY5MTQyYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuVaZVWMTAfpX8HPwo3/Hp3bQ7aO
G9dCh0Yfs54NCEvDgLm1rDoZ43bG9examuEFZ8BGM5SqSikxlO9etM55UamJQeZa
aGC598E6m+/pq97J3Ja8txj3owyAx3Wz69EltzTIn+yTIs2X4QqKIGg8//pWpntG
ODF6GNfOe46wKSUbcHfHlzsIIQ9JhQ5vqqhAeLvPl71Ix+sWhy8pA2vntTQj3EkN
Oa67C96SN1PC+OPCq+yJgkPK1rhxVl0uGejxbQvd+ig3yFBL2qwV1/nxJJ+KdE4U
wg3pEAqlkvbWHrED3ko4fbbf3nK2ihM+AQancBExkBTm3BtVqIotv4boaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKLsNDfAMjA8liCswZSSgWj5FCoBMB8GA1UdIwQY
MBaAFHCetuqqSd1rSD4EsUNOTax57Z0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAt
OWY2ZmEwZTFhNWE1LzEvb3V3ME44QXlNRHlXSUt6QmxKS0JhUGtVS2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAtOWY2ZmEwZTFhNWE1
LzEvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwRNSAwQA
wqUBAwQCw9NMMA0GCSqGSIb3DQEBCwUAA4IBAQAJ8D2jFqadpYC70xNRVbuB5gxv
gZbCSsozF6C87hlpk2kHovbhlLn9Bh4POJ0BhNXIJjnx4RBOM81cSqJP9JgK/vsG
b2qo9y7j1kfk+09nc0RfdfLD/e5evn0fGv0MgGraqj2dTDxPGfTqBMKtvdmcmTa+
3oD+ifhnyC6reGyxbcjJ4YGOziMBlaujxlaQFK+oyOZyPOQCp5lirEUydQu7rnuA
sN1YEWgTV434P4jLIARo2UBoHCUfwLMAryFihR0b6bkeTFUf/lrDw2RSwAhwhYBe
2wrdIX6UgEQQOeXD8BkeDxcBeagRlShWAynjUmcB51O59gafBzJFxjQRizvq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:09 2025 by rpki-client