Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/a33b29-bef3-461d-8878-2155126b1643/1/OH_oMASML92fQSjQnFItfXRhJ0Q.roa
File: OH_oMASML92fQSjQnFItfXRhJ0Q.roa (raw, json)
Hash identifier: qxA8S9WnLoRdaIO/p/mSpCLBmRld6/T4bFkYfRnrG1I=
Subject key identifier: 38:7F:E8:30:04:8C:2F:DD:9F:41:28:D0:9C:52:2D:7D:74:61:27:44
Certificate issuer: /CN=9cfc62ecdc91d11979cc1d21a47c6ec378dfa436
Certificate serial: 01856CEF405B1CE6A0FDED2E904DE615F2FA
Authority key identifier: 9C:FC:62:EC:DC:91:D1:19:79:CC:1D:21:A4:7C:6E:C3:78:DF:A4:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nPxi7NyR0Rl5zB0hpHxuw3jfpDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/a33b29-bef3-461d-8878-2155126b1643/1/OH_oMASML92fQSjQnFItfXRhJ0Q.roa
Signing time: Sun 01 Jan 2023 10:44:56 +0000
ROA not before: Sun 01 Jan 2023 10:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41582
IP address blocks: 195.138.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:40:5b:1c:e6:a0:fd:ed:2e:90:4d:e6:15:f2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cfc62ecdc91d11979cc1d21a47c6ec378dfa436
Validity
Not Before: Jan 1 10:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=387fe830048c2fdd9f4128d09c522d7d74612744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fc:c6:74:e3:75:cc:4d:3f:90:7f:84:51:49:
ac:5a:a3:4d:e4:6f:4b:6a:b2:cf:c8:7c:ab:cf:07:
a6:ea:89:35:53:87:fd:2c:d8:33:ec:c9:35:ba:05:
88:62:ee:df:42:e3:24:e7:af:f5:c1:02:65:3a:d0:
8a:a8:68:96:5e:cf:1a:cd:95:4d:27:ac:a8:27:4a:
db:86:18:74:3d:eb:ef:ad:97:16:46:8f:3e:30:73:
21:02:d0:93:5c:fe:73:e9:36:3d:e8:c2:6a:72:10:
9b:17:56:51:62:f6:72:c0:c5:90:03:fa:09:cd:78:
bb:97:30:14:ca:06:2d:b9:32:50:88:3a:4e:cf:41:
f1:97:7d:53:19:d9:72:da:4b:2b:20:ef:b9:4c:a5:
34:87:ea:d3:27:e9:e5:93:30:b0:e8:ca:58:1f:22:
80:84:22:a9:89:37:de:54:5f:06:e2:6a:d7:36:19:
f6:70:2d:8a:2a:f5:8d:15:da:09:97:ab:f9:f2:c2:
a8:eb:31:75:91:55:32:5c:62:2a:3b:e1:ef:79:cc:
80:d9:cf:e9:55:a0:b1:ed:2c:ae:a5:f2:df:db:00:
51:32:66:2d:59:91:77:eb:30:e3:f2:3d:d2:0f:d2:
3c:55:41:19:69:94:d8:e1:e5:ef:f6:9e:50:7f:23:
70:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7F:E8:30:04:8C:2F:DD:9F:41:28:D0:9C:52:2D:7D:74:61:27:44
X509v3 Authority Key Identifier:
keyid:9C:FC:62:EC:DC:91:D1:19:79:CC:1D:21:A4:7C:6E:C3:78:DF:A4:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nPxi7NyR0Rl5zB0hpHxuw3jfpDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/a33b29-bef3-461d-8878-2155126b1643/1/OH_oMASML92fQSjQnFItfXRhJ0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/a33b29-bef3-461d-8878-2155126b1643/1/nPxi7NyR0Rl5zB0hpHxuw3jfpDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.201.0/24
Signature Algorithm: sha256WithRSAEncryption
79:44:0f:53:01:61:0e:29:c5:3e:63:ac:be:b7:08:9a:2b:21:
1f:87:b1:7e:f3:3c:66:6c:f1:65:92:ae:87:c1:b4:34:9b:31:
99:6f:cd:64:db:58:5e:12:19:e8:38:e3:e3:f4:59:ba:31:30:
11:84:de:4e:a2:5a:7e:49:f0:b1:3e:0a:4e:d4:89:75:62:f4:
19:37:11:b2:73:47:a7:f6:2d:5d:dd:d5:41:b2:f2:90:7e:98:
ac:93:a9:f1:4a:55:47:d2:e2:bf:b8:00:d2:5c:03:be:16:7d:
8b:21:cb:99:55:73:5f:c3:d6:bc:9b:bd:2c:9f:48:4f:96:85:
fa:7e:8a:6c:aa:48:1f:24:ed:f2:3c:85:07:85:45:c8:0f:11:
41:9a:5a:fb:ec:fe:97:d2:7b:40:2d:30:72:86:29:d2:6e:12:
05:13:d3:e0:79:b8:a3:88:80:ea:c5:c5:95:6b:d1:c0:5a:49:
7c:9e:f1:f1:97:56:03:2f:a3:2c:00:b7:42:81:28:8e:59:de:
10:41:3e:15:0e:27:57:c6:21:f7:23:6f:76:1d:7b:dd:34:7e:
4d:9e:33:95:24:1a:73:bb:3f:51:75:00:9b:d4:33:65:fb:20:
64:99:19:30:9d:60:99:78:49:18:06:e8:73:27:5f:b3:7a:6e:
c6:6d:d1:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs70BbHOag/e0ukE3mFfL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZmM2MmVjZGM5MWQxMTk3OWNjMWQyMWE0N2M2ZWMzNzhk
ZmE0MzYwHhcNMjMwMTAxMTA0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODdmZTgzMDA0OGMyZmRkOWY0MTI4ZDA5YzUyMmQ3ZDc0NjEyNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPzGdON1zE0/kH+EUUmsWqNN5G9L
arLPyHyrzwem6ok1U4f9LNgz7Mk1ugWIYu7fQuMk56/1wQJlOtCKqGiWXs8azZVN
J6yoJ0rbhhh0PevvrZcWRo8+MHMhAtCTXP5z6TY96MJqchCbF1ZRYvZywMWQA/oJ
zXi7lzAUygYtuTJQiDpOz0Hxl31TGdly2ksrIO+5TKU0h+rTJ+nlkzCw6MpYHyKA
hCKpiTfeVF8G4mrXNhn2cC2KKvWNFdoJl6v58sKo6zF1kVUyXGIqO+HvecyA2c/p
VaCx7SyupfLf2wBRMmYtWZF36zDj8j3SD9I8VUEZaZTY4eXv9p5QfyNwTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDh/6DAEjC/dn0Eo0JxSLX10YSdEMB8GA1UdIwQY
MBaAFJz8YuzckdEZecwdIaR8bsN436Q2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblB4aTdOeVIwUmw1ekIwaHBIeHV3M2pmcERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9hMzNiMjktYmVmMy00NjFkLTg4Nzgt
MjE1NTEyNmIxNjQzLzEvT0hfb01BU01MOTJmUVNqUW5GSXRmWFJoSjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9hMzNiMjktYmVmMy00NjFkLTg4NzgtMjE1NTEyNmIxNjQz
LzEvblB4aTdOeVIwUmw1ekIwaHBIeHV3M2pmcERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4rJMA0G
CSqGSIb3DQEBCwUAA4IBAQB5RA9TAWEOKcU+Y6y+twiaKyEfh7F+8zxmbPFlkq6H
wbQ0mzGZb81k21heEhnoOOPj9Fm6MTARhN5Oolp+SfCxPgpO1Il1YvQZNxGyc0en
9i1d3dVBsvKQfpisk6nxSlVH0uK/uADSXAO+Fn2LIcuZVXNfw9a8m70sn0hPloX6
fopsqkgfJO3yPIUHhUXIDxFBmlr77P6X0ntALTByhinSbhIFE9PgebijiIDqxcWV
a9HAWkl8nvHxl1YDL6MsALdCgSiOWd4QQT4VDidXxiH3I292HXvdNH5NnjOVJBpz
uz9RdQCb1DNl+yBkmRkwnWCZeEkYBuhzJ1+zem7GbdFy
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:04 2025 by rpki-client