Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/OXUPBrYpPOG1cmKWlavAkaoKwBM.roa
File: OXUPBrYpPOG1cmKWlavAkaoKwBM.roa (raw, json)
Hash identifier: B5niJ9377kEjeqmsfQhnf3oFxutP4jsu0ylgYayTEDs=
Subject key identifier: 39:75:0F:06:B6:29:3C:E1:B5:72:62:96:95:AB:C0:91:AA:0A:C0:13
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 0187233FCC525109AAF610259CD532073996
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/OXUPBrYpPOG1cmKWlavAkaoKwBM.roa
Signing time: Mon 27 Mar 2023 13:26:36 +0000
ROA not before: Mon 27 Mar 2023 13:26:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 155.204.64.0/20 maxlen: 20
137.174.0.0/17 maxlen: 22
155.204.80.0/21 maxlen: 21
155.204.96.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:3f:cc:52:51:09:aa:f6:10:25:9c:d5:32:07:39:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Mar 27 13:26:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39750f06b6293ce1b572629695abc091aa0ac013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e2:f2:1e:c6:c9:2f:aa:9e:67:6d:c6:84:5b:
29:c4:26:61:03:58:4f:52:78:70:45:3e:15:53:d2:
8f:0e:cb:95:1d:23:b1:6c:6a:e7:06:f7:86:8b:90:
ba:bf:35:80:5d:fb:9e:07:24:b7:84:05:f7:54:cd:
af:93:d9:ed:75:ce:29:2a:66:b5:70:7b:17:81:df:
76:f6:6f:49:b0:34:f0:da:9d:3e:da:7f:c6:3e:2c:
36:fb:92:25:6a:d6:8f:5a:61:ce:fa:ee:84:04:cb:
d3:40:4c:da:12:0b:c8:58:c3:12:01:b7:42:dd:c9:
ec:93:23:bb:37:2d:81:04:01:84:4a:6d:fb:d7:0e:
56:4f:47:60:b7:b8:d6:c2:d6:9c:57:f6:35:84:ac:
ed:e0:70:03:3f:5b:02:97:98:d5:9e:ce:19:6e:9c:
6d:c3:94:3c:5c:ad:9f:d2:fa:00:c3:78:ea:6b:e8:
b6:3a:88:9b:f2:42:dc:18:f8:d2:52:91:fd:a5:36:
2f:9b:00:29:14:8d:e7:75:30:a8:75:1d:15:80:24:
7e:33:9c:31:e8:a7:4f:6a:23:03:10:28:ea:5f:e2:
ef:bc:3d:b0:38:75:4b:7e:7e:da:c7:a1:00:c8:c7:
b3:01:ef:d1:1b:86:8f:b6:d5:88:71:5f:a1:9d:8e:
56:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:75:0F:06:B6:29:3C:E1:B5:72:62:96:95:AB:C0:91:AA:0A:C0:13
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/OXUPBrYpPOG1cmKWlavAkaoKwBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.174.0.0/17
155.204.64.0-155.204.87.255
155.204.96.0/21
Signature Algorithm: sha256WithRSAEncryption
72:10:78:f1:10:5e:16:3f:ae:2d:7c:b2:79:25:b1:c8:40:b9:
35:10:83:1a:9e:fb:6a:07:87:86:bd:8c:e4:54:25:7b:ad:b1:
ac:33:c4:12:1e:18:e4:47:7f:8c:bc:ee:54:46:43:21:44:39:
c6:5a:98:47:2a:8c:79:b4:20:17:cf:04:f1:11:d8:6a:5e:30:
76:08:80:cb:54:43:84:8a:dd:c7:f7:80:b6:04:29:e7:f8:7d:
b6:1b:09:32:36:89:57:ce:83:0a:01:52:e0:35:1b:91:6a:c9:
9c:e1:8e:65:2a:c4:3f:e7:15:5f:3e:1f:d6:f1:85:d8:be:8d:
98:e1:d9:3c:7a:d4:6e:da:bb:17:6e:c3:d0:82:22:c1:f4:a1:
37:1e:3d:15:d8:06:82:a3:d6:96:83:01:20:31:d8:e4:48:ef:
53:ba:3d:2c:fe:f8:19:a4:f1:72:e1:b2:59:3e:42:aa:16:4f:
c2:8d:39:3c:62:48:27:11:1e:ac:7a:fb:82:2b:8c:22:91:61:
10:d0:c6:f3:9d:52:5a:2e:38:7c:00:ce:67:bb:ae:52:c4:b0:
16:6e:b7:97:5c:9f:ab:d4:fd:e8:4f:63:b5:07:8a:95:66:c0:
c4:b0:6b:a7:4d:38:a2:23:9b:bf:f4:bc:19:86:ee:26:55:a8:
85:c9:d9:33
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYcjP8xSUQmq9hAlnNUyBzmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjMwMzI3MTMyNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTc1MGYwNmI2MjkzY2UxYjU3MjYyOTY5NWFiYzA5MWFhMGFjMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuLyHsbJL6qeZ23GhFspxCZhA1hP
UnhwRT4VU9KPDsuVHSOxbGrnBveGi5C6vzWAXfueByS3hAX3VM2vk9ntdc4pKma1
cHsXgd929m9JsDTw2p0+2n/GPiw2+5IlataPWmHO+u6EBMvTQEzaEgvIWMMSAbdC
3cnskyO7Ny2BBAGESm371w5WT0dgt7jWwtacV/Y1hKzt4HADP1sCl5jVns4Zbpxt
w5Q8XK2f0voAw3jqa+i2Ooib8kLcGPjSUpH9pTYvmwApFI3ndTCodR0VgCR+M5wx
6KdPaiMDECjqX+LvvD2wOHVLfn7ax6EAyMezAe/RG4aPttWIcV+hnY5WGQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDl1Dwa2KTzhtXJilpWrwJGqCsATMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvT1hVUEJyWXBQT0cxY21LV2xhdkFrYW9Ld0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQHia4AMAwD
BAabzEADBAObzFADBAObzGAwDQYJKoZIhvcNAQELBQADggEBAHIQePEQXhY/ri18
snklschAuTUQgxqe+2oHh4a9jORUJXutsawzxBIeGORHf4y87lRGQyFEOcZamEcq
jHm0IBfPBPER2GpeMHYIgMtUQ4SK3cf3gLYEKef4fbYbCTI2iVfOgwoBUuA1G5Fq
yZzhjmUqxD/nFV8+H9bxhdi+jZjh2Tx61G7auxduw9CCIsH0oTcePRXYBoKj1paD
ASAx2ORI71O6PSz++Bmk8XLhslk+QqoWT8KNOTxiSCcRHqx6+4IrjCKRYRDQxvOd
UlouOHwAzme7rlLEsBZut5dcn6vU/ehPY7UHipVmwMSwa6dNOKIjm7/0vBmG7iZV
qIXJ2TM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:38 2025 by rpki-client