Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/e8b95d-c4f9-462e-8274-799f7f456160/1/ovDqJ2Cyv75ayzeUH8wDvyhDCRQ.roa
File: ovDqJ2Cyv75ayzeUH8wDvyhDCRQ.roa (raw, json)
Hash identifier: PrRPHYHAvubTLQv5WnC1qWjKesfw/Wb78MT5WXe0Ams=
Subject key identifier: A2:F0:EA:27:60:B2:BF:BE:5A:CB:37:94:1F:CC:03:BF:28:43:09:14
Certificate issuer: /CN=0bb1d0f2c3d21e54c4d18127604435a90f24db51
Certificate serial: 0187BE8729AD2191000DF917397DE072CD20
Authority key identifier: 0B:B1:D0:F2:C3:D2:1E:54:C4:D1:81:27:60:44:35:A9:0F:24:DB:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7HQ8sPSHlTE0YEnYEQ1qQ8k21E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/e8b95d-c4f9-462e-8274-799f7f456160/1/ovDqJ2Cyv75ayzeUH8wDvyhDCRQ.roa
Signing time: Wed 26 Apr 2023 17:05:41 +0000
ROA not before: Wed 26 Apr 2023 17:05:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49868
IP address blocks: 193.201.124.0/24 maxlen: 24
193.201.124.0/23 maxlen: 23
193.201.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:be:87:29:ad:21:91:00:0d:f9:17:39:7d:e0:72:cd:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb1d0f2c3d21e54c4d18127604435a90f24db51
Validity
Not Before: Apr 26 17:05:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2f0ea2760b2bfbe5acb37941fcc03bf28430914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:71:f6:19:be:66:9d:68:67:8d:7f:9a:80:75:
8a:3c:37:c1:46:9e:7a:06:3f:a6:4b:82:f4:e1:e2:
f1:5c:e0:72:7e:06:3f:2f:20:76:14:12:55:d8:32:
95:45:86:30:25:75:25:23:1a:a4:5d:25:e1:62:8c:
fd:59:76:fa:1b:fe:38:78:2f:ff:50:87:8f:9a:c5:
fa:ce:5e:3e:7c:e1:c5:e4:ba:db:f9:81:68:41:54:
32:b7:6c:16:aa:5d:63:b6:3d:25:de:e7:f4:0f:60:
8a:cc:a1:22:da:03:e7:80:7e:02:cc:04:03:1a:ec:
99:98:56:53:2d:bd:3c:ed:9a:72:e3:78:90:bc:68:
f1:dc:c1:c0:60:d9:30:12:56:57:df:f8:69:4d:c0:
ae:e1:8a:53:1c:09:38:40:66:9c:3e:14:ef:08:50:
d8:82:fc:11:b0:37:ce:45:6b:a5:47:09:5e:98:f5:
1a:c9:9f:28:25:df:16:b9:a0:e0:bf:e9:09:af:0f:
5b:db:14:5c:cf:69:49:37:d6:fb:7b:e5:aa:11:87:
5e:fa:b0:0c:69:f4:72:fb:b7:aa:11:93:61:28:5a:
d0:7e:5a:db:a5:aa:79:da:7b:7e:37:05:45:99:5f:
15:ea:40:98:22:71:bf:cd:1e:20:d7:a0:be:75:01:
d5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F0:EA:27:60:B2:BF:BE:5A:CB:37:94:1F:CC:03:BF:28:43:09:14
X509v3 Authority Key Identifier:
keyid:0B:B1:D0:F2:C3:D2:1E:54:C4:D1:81:27:60:44:35:A9:0F:24:DB:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7HQ8sPSHlTE0YEnYEQ1qQ8k21E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/e8b95d-c4f9-462e-8274-799f7f456160/1/ovDqJ2Cyv75ayzeUH8wDvyhDCRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/e8b95d-c4f9-462e-8274-799f7f456160/1/C7HQ8sPSHlTE0YEnYEQ1qQ8k21E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.124.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:2e:b4:f1:98:ff:bb:6b:b3:15:0e:07:ca:e4:34:c1:1d:80:
11:91:6b:9d:c2:64:50:5e:b9:0e:1a:72:60:22:ad:83:63:37:
f8:68:eb:67:ae:87:d2:5d:59:a6:5f:3f:48:d4:df:96:64:05:
78:39:28:f9:fd:2d:cd:db:0c:6b:3d:38:6e:91:2c:b9:8e:b9:
40:b6:ff:69:fd:5d:7a:90:ed:70:17:82:be:bd:ba:a7:15:a3:
e8:0a:03:6f:0c:3f:ab:f0:37:e7:f4:16:8e:a1:a4:f6:7c:7c:
21:bf:e9:a8:8b:d6:55:08:87:01:06:74:08:4c:c4:31:9a:de:
e6:d1:c8:76:b3:df:73:5f:db:fb:9e:9e:af:31:94:7d:8e:3a:
0f:7d:eb:40:6c:31:58:0a:76:7b:8a:24:61:a0:84:76:40:3e:
e4:58:d2:b1:f8:11:09:52:c9:07:dc:7d:fc:81:e2:11:90:22:
75:3c:b5:a5:59:fd:93:b9:2c:e6:1b:6c:d9:7a:69:ee:53:94:
fe:0f:c7:8c:ac:fc:a8:55:8d:1b:f6:87:c2:54:a8:8e:cb:0d:
35:eb:ff:d2:75:33:29:23:11:d4:bc:6b:07:e3:42:9c:fb:18:
21:c1:cd:45:1c:cd:09:0a:68:8b:a2:db:76:a6:b7:14:f9:2c:
5b:fc:8b:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe+hymtIZEADfkXOX3gcs0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjFkMGYyYzNkMjFlNTRjNGQxODEyNzYwNDQzNWE5MGYy
NGRiNTEwHhcNMjMwNDI2MTcwNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmYwZWEyNzYwYjJiZmJlNWFjYjM3OTQxZmNjMDNiZjI4NDMwOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3H2Gb5mnWhnjX+agHWKPDfBRp56
Bj+mS4L04eLxXOByfgY/LyB2FBJV2DKVRYYwJXUlIxqkXSXhYoz9WXb6G/44eC//
UIePmsX6zl4+fOHF5Lrb+YFoQVQyt2wWql1jtj0l3uf0D2CKzKEi2gPngH4CzAQD
GuyZmFZTLb087Zpy43iQvGjx3MHAYNkwElZX3/hpTcCu4YpTHAk4QGacPhTvCFDY
gvwRsDfORWulRwlemPUayZ8oJd8WuaDgv+kJrw9b2xRcz2lJN9b7e+WqEYde+rAM
afRy+7eqEZNhKFrQflrbpap52nt+NwVFmV8V6kCYInG/zR4g16C+dQHVjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLw6idgsr++Wss3lB/MA78oQwkUMB8GA1UdIwQY
MBaAFAux0PLD0h5UxNGBJ2BENakPJNtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdIUThzUFNIbFRFMFlFbllFUTFxUThrMjFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9lOGI5NWQtYzRmOS00NjJlLTgyNzQt
Nzk5ZjdmNDU2MTYwLzEvb3ZEcUoyQ3l2NzVheXplVUg4d0R2eWhEQ1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9lOGI5NWQtYzRmOS00NjJlLTgyNzQtNzk5ZjdmNDU2MTYw
LzEvQzdIUThzUFNIbFRFMFlFbllFUTFxUThrMjFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwcl8MA0G
CSqGSIb3DQEBCwUAA4IBAQAsLrTxmP+7a7MVDgfK5DTBHYARkWudwmRQXrkOGnJg
Iq2DYzf4aOtnrofSXVmmXz9I1N+WZAV4OSj5/S3N2wxrPThukSy5jrlAtv9p/V16
kO1wF4K+vbqnFaPoCgNvDD+r8Dfn9BaOoaT2fHwhv+moi9ZVCIcBBnQITMQxmt7m
0ch2s99zX9v7np6vMZR9jjoPfetAbDFYCnZ7iiRhoIR2QD7kWNKx+BEJUskH3H38
geIRkCJ1PLWlWf2TuSzmG2zZemnuU5T+D8eMrPyoVY0b9ofCVKiOyw016//SdTMp
IxHUvGsH40Kc+xghwc1FHM0JCmiLott2prcU+Sxb/ItB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:41 2025 by rpki-client