Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/ovcRDmqDAZvk0b-GrNjiC036XGE.roa
File: ovcRDmqDAZvk0b-GrNjiC036XGE.roa (raw, json)
Hash identifier: zu0aRsJWBL4/zIk6uIp+hw8Q49FFKSAlHNtDjcnZux0=
Subject key identifier: A2:F7:11:0E:6A:83:01:9B:E4:D1:BF:86:AC:D8:E2:0B:4D:FA:5C:61
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 018A6056D2BF5F8D9FCEF53A9EDF81C752D8
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/ovcRDmqDAZvk0b-GrNjiC036XGE.roa
Signing time: Mon 04 Sep 2023 13:16:57 +0000
ROA not before: Mon 04 Sep 2023 13:16:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216361
IP address blocks: 194.104.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:56:d2:bf:5f:8d:9f:ce:f5:3a:9e:df:81:c7:52:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Sep 4 13:16:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2f7110e6a83019be4d1bf86acd8e20b4dfa5c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b9:25:3c:72:ec:ea:cb:50:28:a6:f7:67:30:
a5:0e:30:62:49:9c:d0:36:d6:e7:2e:cb:5f:1d:19:
3e:59:bb:88:3b:b1:09:d6:63:5e:a2:8a:12:5c:22:
0c:23:18:1c:88:ae:7b:f2:88:4d:99:a6:02:55:05:
93:98:48:ad:43:7f:e5:91:d1:cd:1f:af:c7:97:3c:
88:b0:56:77:c2:4d:06:35:23:8c:79:48:3b:4f:79:
29:28:a3:42:48:37:4a:5b:a5:be:0c:19:f5:32:fd:
cc:79:fe:c6:36:de:61:73:dc:1a:68:41:c4:1b:4c:
73:93:71:aa:6b:b1:27:93:1b:dd:ba:b6:76:18:a3:
53:61:cd:f1:4b:1f:e0:f5:c6:5e:03:8e:f8:0f:3c:
7e:a1:84:9d:9e:e1:01:54:4b:d5:35:32:db:9d:d6:
ff:09:ba:95:0a:6c:6f:af:e2:bb:25:0e:42:f3:24:
12:39:0f:b3:c9:5f:d1:02:82:dc:94:a7:ea:d7:9a:
47:ba:a5:45:f3:8f:d1:94:90:1f:41:62:c5:34:2a:
14:87:d3:8a:c7:72:03:22:e9:69:3e:cb:0a:c3:9b:
4b:d4:f3:c4:8f:b5:81:82:20:7a:5b:ff:4a:8c:f4:
25:3f:2b:76:48:de:df:f6:b5:cd:09:bc:e4:af:e7:
c0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F7:11:0E:6A:83:01:9B:E4:D1:BF:86:AC:D8:E2:0B:4D:FA:5C:61
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/ovcRDmqDAZvk0b-GrNjiC036XGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.138.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:a2:d6:86:80:a5:06:62:c4:40:66:fa:28:29:1f:e8:18:71:
25:54:43:f7:4e:d3:3a:6d:9d:97:89:4d:ce:7b:03:bb:27:db:
b8:71:09:1d:4a:13:65:19:12:27:92:1e:6f:86:57:f2:af:dc:
8c:c6:bc:dc:28:36:8c:50:70:e7:d3:27:9a:0f:41:9f:46:8f:
05:21:ea:ef:72:77:05:9a:8b:4d:fb:b8:44:f0:82:d4:17:0d:
54:80:f3:3d:4c:df:98:e3:c1:5d:99:6a:63:f1:7f:94:6d:2b:
a7:3f:a3:b9:eb:50:23:7c:4d:e7:34:a5:65:27:02:c4:5a:0f:
0e:b7:12:8d:53:28:c4:70:01:d1:28:bc:e2:fd:68:c2:0d:5a:
4e:fa:49:91:99:74:6e:e6:1a:3d:7f:09:ca:2d:00:18:fa:f7:
8d:69:ac:0a:e4:6e:5f:cd:f4:cf:cc:26:6c:9f:53:6b:78:17:
9b:1f:e3:72:e4:28:fc:15:e1:95:69:3b:73:d5:7f:42:88:d2:
3b:64:89:d2:83:0d:51:18:16:64:f7:f4:87:2f:d5:08:aa:79:
de:22:bd:c7:0e:f1:ab:7b:f1:69:80:1c:85:9d:9c:1e:a9:e8:
70:84:b8:8e:e1:a9:06:af:75:fa:c7:75:c4:b6:34:37:4a:7e:
37:51:a9:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpgVtK/X42fzvU6nt+Bx1LYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjMwOTA0MTMxNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmY3MTEwZTZhODMwMTliZTRkMWJmODZhY2Q4ZTIwYjRkZmE1YzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rklPHLs6stQKKb3ZzClDjBiSZzQ
NtbnLstfHRk+WbuIO7EJ1mNeoooSXCIMIxgciK578ohNmaYCVQWTmEitQ3/lkdHN
H6/HlzyIsFZ3wk0GNSOMeUg7T3kpKKNCSDdKW6W+DBn1Mv3Mef7GNt5hc9waaEHE
G0xzk3Gqa7EnkxvdurZ2GKNTYc3xSx/g9cZeA474Dzx+oYSdnuEBVEvVNTLbndb/
CbqVCmxvr+K7JQ5C8yQSOQ+zyV/RAoLclKfq15pHuqVF84/RlJAfQWLFNCoUh9OK
x3IDIulpPssKw5tL1PPEj7WBgiB6W/9KjPQlPyt2SN7f9rXNCbzkr+fAWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKL3EQ5qgwGb5NG/hqzY4gtN+lxhMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvb3ZjUkRtcURBWnZrMGItR3JOamlDMDM2WEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiKMA0G
CSqGSIb3DQEBCwUAA4IBAQArotaGgKUGYsRAZvooKR/oGHElVEP3TtM6bZ2XiU3O
ewO7J9u4cQkdShNlGRInkh5vhlfyr9yMxrzcKDaMUHDn0yeaD0GfRo8FIervcncF
motN+7hE8ILUFw1UgPM9TN+Y48FdmWpj8X+UbSunP6O561AjfE3nNKVlJwLEWg8O
txKNUyjEcAHRKLzi/WjCDVpO+kmRmXRu5ho9fwnKLQAY+veNaawK5G5fzfTPzCZs
n1NreBebH+Ny5Cj8FeGVaTtz1X9CiNI7ZInSgw1RGBZk9/SHL9UIqnneIr3HDvGr
e/FpgByFnZweqehwhLiO4akGr3X6x3XEtjQ3Sn43UalY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:38 2025 by rpki-client