Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/oXD0KKZ2ARc2k3XCAsJiaSoWmXU.roa
File: oXD0KKZ2ARc2k3XCAsJiaSoWmXU.roa (raw, json)
Hash identifier: +Ttdzf3Y3gygYcEfSVki4Mo2COa7WWPTpFzIzVSS/9I=
Subject key identifier: A1:70:F4:28:A6:76:01:17:36:93:75:C2:02:C2:62:69:2A:16:99:75
Certificate issuer: /CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Certificate serial: 01856B8A2DE5CB149CCF7686E6E82E41CEFC
Authority key identifier: D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/oXD0KKZ2ARc2k3XCAsJiaSoWmXU.roa
Signing time: Sun 01 Jan 2023 04:14:55 +0000
ROA not before: Sun 01 Jan 2023 04:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51487
IP address blocks: 185.160.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:2d:e5:cb:14:9c:cf:76:86:e6:e8:2e:41:ce:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Validity
Not Before: Jan 1 04:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a170f428a6760117369375c202c262692a169975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ef:3d:c0:8f:ff:43:57:73:1c:a7:7a:64:1e:
de:ae:4a:45:a5:eb:7c:bc:0c:d7:d3:3f:e7:c5:fc:
9c:e4:31:29:12:40:c2:70:84:5a:f1:e9:75:84:b9:
6b:34:da:c7:57:eb:c7:6c:69:cd:3e:4c:f4:fe:f2:
76:e1:90:bc:ba:8c:62:bd:26:62:09:5d:d8:88:92:
40:d7:41:e6:01:d5:33:2c:73:dc:b4:50:96:4d:e2:
9b:07:41:f7:d6:63:bf:7a:2d:ce:e9:23:c4:32:93:
96:1b:a0:4a:f8:23:df:a3:3d:91:c3:fd:78:e4:00:
8e:05:c7:bd:59:a2:02:a7:4c:88:70:13:fc:99:1d:
e4:26:c5:39:51:d8:27:c0:d8:e9:67:4e:a9:54:33:
1d:e9:2c:73:77:a5:a4:ae:ce:86:1d:c9:2d:26:9d:
51:b2:34:62:7a:18:ff:7e:6e:de:a1:d9:77:3a:43:
f1:61:5c:47:06:f8:5d:7a:c6:89:48:d6:9f:56:6c:
a4:e4:0f:64:75:7f:9a:84:9a:d5:da:b3:0b:64:d4:
c1:63:6d:f8:c5:1a:fd:83:88:6a:50:9c:9a:80:18:
74:95:8a:b8:db:71:3a:60:19:ab:62:ea:99:65:87:
81:bd:39:2a:ec:9f:96:72:62:c3:b4:6f:e3:fd:90:
a8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:70:F4:28:A6:76:01:17:36:93:75:C2:02:C2:62:69:2A:16:99:75
X509v3 Authority Key Identifier:
keyid:D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/oXD0KKZ2ARc2k3XCAsJiaSoWmXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/0YHQxAlRpPkA5NndnCDkhWNQkg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.154.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:15:e6:67:99:32:74:5f:d3:cb:d5:c1:3d:b4:2d:b3:c7:d7:
2d:5c:7e:e3:49:34:f3:2d:d6:87:df:4a:76:4c:eb:21:45:f7:
08:fc:c5:16:ed:df:9f:32:d6:07:49:a0:6a:b5:1e:ba:69:87:
f7:e8:67:49:d7:ef:d5:c9:51:5d:66:12:a6:4b:76:08:90:9f:
ce:50:5a:7b:69:d5:cc:a9:f5:82:12:59:b1:6f:12:06:10:40:
27:e7:9f:7e:f7:a1:71:a6:a2:0c:bc:70:e9:06:f2:f9:80:99:
6a:7f:9e:28:39:3f:ee:4b:94:be:94:2f:55:5f:10:6b:58:b4:
c0:33:bb:a9:59:28:45:f0:60:f0:93:49:fb:73:a2:d2:c3:ad:
16:de:f7:84:bd:2f:03:7f:1c:ba:f2:6c:98:e7:82:ba:4d:26:
03:5f:2a:09:30:46:1b:ea:04:97:4e:7a:e9:a2:76:31:46:73:
f2:c3:18:33:2a:7c:c8:12:5b:18:0e:32:e4:86:f0:c2:eb:92:
48:f7:35:e4:40:47:a3:2b:ce:09:39:d4:4c:86:ef:a1:e9:db:
1e:33:91:76:a8:5a:3b:bc:17:1c:50:7b:b4:d4:e6:97:b8:6a:
1d:6f:96:cb:22:05:e2:d9:1a:c3:29:ae:35:0c:dd:e8:ed:51:
36:ca:5c:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrii3lyxScz3aG5uguQc78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxODFkMGM0MDk1MWE0ZjkwMGU0ZDlkZDljMjBlNDg1NjM1
MDkyMGUwHhcNMjMwMTAxMDQxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTcwZjQyOGE2NzYwMTE3MzY5Mzc1YzIwMmMyNjI2OTJhMTY5OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+89wI//Q1dzHKd6ZB7erkpFpet8
vAzX0z/nxfyc5DEpEkDCcIRa8el1hLlrNNrHV+vHbGnNPkz0/vJ24ZC8uoxivSZi
CV3YiJJA10HmAdUzLHPctFCWTeKbB0H31mO/ei3O6SPEMpOWG6BK+CPfoz2Rw/14
5ACOBce9WaICp0yIcBP8mR3kJsU5UdgnwNjpZ06pVDMd6Sxzd6Wkrs6GHcktJp1R
sjRiehj/fm7eodl3OkPxYVxHBvhdesaJSNafVmyk5A9kdX+ahJrV2rMLZNTBY234
xRr9g4hqUJyagBh0lYq423E6YBmrYuqZZYeBvTkq7J+WcmLDtG/j/ZCobwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFw9CimdgEXNpN1wgLCYmkqFpl1MB8GA1UdIwQY
MBaAFNGB0MQJUaT5AOTZ3Zwg5IVjUJIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEt
Mzg4YjgxYzBjOTBjLzEvb1hEMEtLWjJBUmMyazNYQ0FzSmlhU29XbVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEtMzg4YjgxYzBjOTBj
LzEvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaCaMA0G
CSqGSIb3DQEBCwUAA4IBAQB+FeZnmTJ0X9PL1cE9tC2zx9ctXH7jSTTzLdaH30p2
TOshRfcI/MUW7d+fMtYHSaBqtR66aYf36GdJ1+/VyVFdZhKmS3YIkJ/OUFp7adXM
qfWCElmxbxIGEEAn559+96FxpqIMvHDpBvL5gJlqf54oOT/uS5S+lC9VXxBrWLTA
M7upWShF8GDwk0n7c6LSw60W3veEvS8Dfxy68myY54K6TSYDXyoJMEYb6gSXTnrp
onYxRnPywxgzKnzIElsYDjLkhvDC65JI9zXkQEejK84JOdRMhu+h6dseM5F2qFo7
vBccUHu01OaXuGodb5bLIgXi2RrDKa41DN3o7VE2ylyT
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:09 2025 by rpki-client