Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/0Ocrgr4fOG-1dw_RB9F90ZhMEYE.roa
File: 0Ocrgr4fOG-1dw_RB9F90ZhMEYE.roa (raw, json)
Hash identifier: LcjnuoSTjDC0QStoiLYQEHdWwQq3rTGguUa4K9o6Zms=
Subject key identifier: D0:E7:2B:82:BE:1F:38:6F:B5:77:0F:D1:07:D1:7D:D1:98:4C:11:81
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 018A892D1E47E8A0090364C9B6AB7254797E
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/0Ocrgr4fOG-1dw_RB9F90ZhMEYE.roa
Signing time: Tue 12 Sep 2023 11:35:50 +0000
ROA not before: Tue 12 Sep 2023 11:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.104.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:2d:1e:47:e8:a0:09:03:64:c9:b6:ab:72:54:79:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Sep 12 11:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0e72b82be1f386fb5770fd107d17dd1984c1181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:a2:92:0d:19:08:b7:66:cc:87:5d:68:5c:49:
5d:11:5a:f9:b4:26:1c:2f:60:f2:6e:62:f5:31:a8:
0a:76:8d:ed:e3:18:b1:ac:b5:2b:72:97:fe:98:7e:
d8:ed:7d:4d:dd:ab:ec:8f:15:ff:40:ec:5a:eb:d8:
99:95:d3:ae:f0:b3:ff:5d:af:ea:d2:b3:7b:f3:d8:
4f:bc:54:e4:c6:36:34:b4:e9:35:26:a2:e7:50:f7:
de:dc:e1:b9:30:a1:42:68:9a:95:19:cd:e8:f1:6f:
03:8d:c9:61:da:67:02:70:da:fd:06:79:4f:66:e9:
18:15:f8:81:74:6b:a9:33:1f:05:47:49:ab:37:44:
98:92:f7:6d:f6:b0:20:22:a8:e2:27:0d:bf:13:28:
75:ad:46:ad:59:4d:a0:42:4e:53:0b:8a:60:e0:68:
af:8b:0b:c4:70:9a:25:98:f0:12:45:60:bf:c6:a1:
b6:69:65:25:0c:2b:e0:5c:ae:3d:a8:93:1a:a8:58:
d5:bf:8c:d7:6b:bf:60:f4:9c:e9:05:48:89:2f:6b:
04:a5:46:0e:d6:d3:df:60:3f:6a:a2:e2:f5:32:da:
8b:b0:a1:6c:ae:70:03:83:fd:cc:1d:91:0f:fa:e1:
ee:c1:ab:66:82:92:09:56:0d:bb:d4:1b:a4:f0:b1:
8a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E7:2B:82:BE:1F:38:6F:B5:77:0F:D1:07:D1:7D:D1:98:4C:11:81
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/0Ocrgr4fOG-1dw_RB9F90ZhMEYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.138.0/24
Signature Algorithm: sha256WithRSAEncryption
96:b3:88:58:4f:4b:59:19:02:6e:43:7b:ec:8a:5e:46:d6:5a:
b8:b3:0e:c7:03:52:22:75:7b:0a:dc:b2:b4:27:db:01:ff:45:
e9:fe:f6:9e:cb:1a:4e:0c:2a:4b:25:68:98:e7:6c:60:a9:ca:
13:51:fd:93:90:60:c8:1a:c1:07:3b:08:8c:ba:c4:da:43:6c:
d5:c9:3a:a5:de:2f:39:f3:fb:6b:1f:ee:6f:c4:97:e1:13:57:
67:79:b4:a8:68:e2:75:be:53:6e:96:8c:ad:ca:45:e8:88:db:
5d:8a:0f:5f:0a:6f:f8:3a:9b:a6:fa:0b:86:0f:aa:5d:8e:6d:
91:41:da:84:da:20:a9:e2:11:bd:22:2b:30:0c:32:d5:c3:32:
a1:4a:4a:b2:01:c5:39:bc:78:46:2d:b0:5c:25:47:a8:69:95:
4d:79:0f:20:48:92:e0:a0:ec:05:eb:60:d1:3f:0c:37:0b:b7:
1b:e7:85:54:cf:ac:97:25:64:bf:13:de:b2:dc:d3:c7:7e:0d:
62:d3:35:bf:b4:92:28:25:a1:1d:c2:f1:17:dd:ff:64:50:33:
30:3f:89:28:0d:a6:71:5d:4c:5e:0b:02:aa:ff:b3:8c:0e:82:
75:dd:ef:05:b9:d6:04:bd:7e:9d:7c:66:44:0f:dc:0e:38:5e:
ae:f5:88:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqJLR5H6KAJA2TJtqtyVHl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjMwOTEyMTEzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGU3MmI4MmJlMWYzODZmYjU3NzBmZDEwN2QxN2RkMTk4NGMxMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7KKSDRkIt2bMh11oXEldEVr5tCYc
L2DybmL1MagKdo3t4xixrLUrcpf+mH7Y7X1N3avsjxX/QOxa69iZldOu8LP/Xa/q
0rN789hPvFTkxjY0tOk1JqLnUPfe3OG5MKFCaJqVGc3o8W8Djclh2mcCcNr9BnlP
ZukYFfiBdGupMx8FR0mrN0SYkvdt9rAgIqjiJw2/Eyh1rUatWU2gQk5TC4pg4Giv
iwvEcJolmPASRWC/xqG2aWUlDCvgXK49qJMaqFjVv4zXa79g9JzpBUiJL2sEpUYO
1tPfYD9qouL1MtqLsKFsrnADg/3MHZEP+uHuwatmgpIJVg271Buk8LGKXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDnK4K+HzhvtXcP0QfRfdGYTBGBMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvME9jcmdyNGZPRy0xZHdfUkI5RjkwWmhNRVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiKMA0G
CSqGSIb3DQEBCwUAA4IBAQCWs4hYT0tZGQJuQ3vsil5G1lq4sw7HA1IidXsK3LK0
J9sB/0Xp/vaeyxpODCpLJWiY52xgqcoTUf2TkGDIGsEHOwiMusTaQ2zVyTql3i85
8/trH+5vxJfhE1dnebSoaOJ1vlNuloytykXoiNtdig9fCm/4Opum+guGD6pdjm2R
QdqE2iCp4hG9IiswDDLVwzKhSkqyAcU5vHhGLbBcJUeoaZVNeQ8gSJLgoOwF62DR
Pww3C7cb54VUz6yXJWS/E96y3NPHfg1i0zW/tJIoJaEdwvEX3f9kUDMwP4koDaZx
XUxeCwKq/7OMDoJ13e8FudYEvX6dfGZED9wOOF6u9Yh8
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:06 2025 by rpki-client