Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/d6e44d-89ab-460e-9379-95c50531d4d8/1/OXgMM_9VNJePOEw-oG6Swk9sshQ.roa
File: OXgMM_9VNJePOEw-oG6Swk9sshQ.roa (raw, json)
Hash identifier: CZCXL2zylpsao1+ichnDqpMqxgPH2B2bU2YIP38LDXw=
Subject key identifier: 39:78:0C:33:FF:55:34:97:8F:38:4C:3E:A0:6E:92:C2:4F:6C:B2:14
Certificate issuer: /CN=bbfb3671c9fc746a1ca63449546557ca9e9a7d6d
Certificate serial: 0204B020
Authority key identifier: BB:FB:36:71:C9:FC:74:6A:1C:A6:34:49:54:65:57:CA:9E:9A:7D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u_s2ccn8dGocpjRJVGVXyp6afW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/d6e44d-89ab-460e-9379-95c50531d4d8/1/OXgMM_9VNJePOEw-oG6Swk9sshQ.roa
Signing time: Sat 01 Jan 2022 11:56:05 +0000
ROA not before: Sat 01 Jan 2022 11:56:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34863
IP address blocks: 193.46.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33861664 (0x204b020)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbfb3671c9fc746a1ca63449546557ca9e9a7d6d
Validity
Not Before: Jan 1 11:56:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39780c33ff5534978f384c3ea06e92c24f6cb214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:42:a1:65:22:53:ff:18:f1:1f:3e:7b:1a:51:
65:a4:f3:01:9f:ac:b7:25:e6:72:59:1e:8a:1c:f2:
3b:fc:98:2b:2b:2e:49:72:3e:1f:07:ae:e2:3b:2b:
c7:03:dd:ad:d6:49:d9:4b:19:e2:f7:9e:72:a8:ac:
b2:bb:4e:e4:a9:68:7c:29:26:02:99:cc:8c:32:84:
93:f2:c8:fb:02:cb:bb:a0:11:b8:de:86:a1:07:a8:
43:1e:cc:9c:33:da:22:e1:ed:be:e8:05:71:f1:b0:
bc:73:eb:c5:36:dc:bc:28:78:26:28:1d:c4:3f:64:
47:bf:78:fc:16:54:61:78:de:03:ef:5e:c1:65:76:
27:29:73:f8:4a:6a:8f:69:d3:ad:5f:84:7a:61:ed:
57:f4:79:2f:b7:42:59:b9:46:f1:b7:33:f3:90:30:
1f:57:cd:68:84:2e:22:6b:1e:10:ea:88:b4:74:8e:
42:9a:7a:91:b7:c8:39:5c:17:e5:bd:89:42:78:1e:
17:1a:ca:21:7f:0c:c9:d1:79:ff:04:56:13:a8:58:
6d:0f:70:3d:f0:9c:15:da:87:7f:42:20:e8:5d:2f:
b9:a2:ca:50:39:f2:10:ca:70:f9:89:a4:a5:19:71:
dd:7e:ec:b0:60:ee:91:a4:de:8f:1e:ed:a4:0f:b7:
e7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:78:0C:33:FF:55:34:97:8F:38:4C:3E:A0:6E:92:C2:4F:6C:B2:14
X509v3 Authority Key Identifier:
keyid:BB:FB:36:71:C9:FC:74:6A:1C:A6:34:49:54:65:57:CA:9E:9A:7D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u_s2ccn8dGocpjRJVGVXyp6afW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/d6e44d-89ab-460e-9379-95c50531d4d8/1/OXgMM_9VNJePOEw-oG6Swk9sshQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/d6e44d-89ab-460e-9379-95c50531d4d8/1/u_s2ccn8dGocpjRJVGVXyp6afW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.85.0/24
Signature Algorithm: sha256WithRSAEncryption
35:4e:3a:42:96:58:cc:02:e6:2e:fc:87:82:73:05:c6:7a:9e:
cc:22:23:b3:21:8f:03:4e:51:5c:88:db:63:18:99:e2:46:6b:
12:39:77:85:08:11:72:ee:f4:37:75:bd:1f:b7:4c:73:0e:09:
5e:76:51:f3:d6:08:9c:e2:4b:d7:ea:88:bb:3f:16:a0:46:7a:
5b:72:83:3b:3b:19:f6:db:cc:c0:91:c0:57:25:c9:e3:9b:16:
f4:c0:19:08:5f:fb:76:b1:c6:ea:f9:df:83:65:09:3a:45:d5:
f8:56:0a:82:44:ce:00:62:54:0f:9d:c4:d4:25:5e:cd:8f:1a:
54:ed:0f:b8:e8:93:e5:92:a5:f3:ca:b8:79:f5:ef:6d:ad:32:
b9:5b:39:f7:25:ba:90:6e:a2:42:01:2f:92:73:5d:64:1c:3e:
0a:72:02:60:d2:c8:bb:f4:94:bc:ec:21:88:26:f6:e8:b3:93:
0b:fa:df:4e:02:5b:0a:92:b2:51:3e:d3:9c:9e:57:7a:67:5f:
ac:a4:ab:67:3f:12:52:4e:a2:a1:23:cd:9b:09:b1:14:f5:60:
81:76:9a:44:5a:81:36:28:76:02:f7:8e:22:79:c7:79:69:81:
67:27:8c:b9:7d:ab:4e:b3:7a:83:1a:5d:dc:70:f1:1b:a9:f2:
23:05:18:dd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAgSwIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmZiMzY3MWM5ZmM3NDZhMWNhNjM0NDk1NDY1NTdjYTllOWE3ZDZkMB4XDTIyMDEw
MTExNTYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk3ODBjMzNmZjU1
MzQ5NzhmMzg0YzNlYTA2ZTkyYzI0ZjZjYjIxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRCoWUiU/8Y8R8+expRZaTzAZ+styXmclkeihzyO/yYKysu
SXI+Hweu4jsrxwPdrdZJ2UsZ4veecqissrtO5KlofCkmApnMjDKEk/LI+wLLu6AR
uN6GoQeoQx7MnDPaIuHtvugFcfGwvHPrxTbcvCh4JigdxD9kR794/BZUYXjeA+9e
wWV2Jylz+Epqj2nTrV+EemHtV/R5L7dCWblG8bcz85AwH1fNaIQuImseEOqItHSO
Qpp6kbfIOVwX5b2JQngeFxrKIX8MydF5/wRWE6hYbQ9wPfCcFdqHf0Ig6F0vuaLK
UDnyEMpw+YmkpRlx3X7ssGDukaTejx7tpA+35w8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ5eAwz/1U0l484TD6gbpLCT2yyFDAfBgNVHSMEGDAWgBS7+zZxyfx0ahym
NElUZVfKnpp9bTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VfczJjY244ZEdvY3BqUkpWR1ZYeXA2YWZXMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvZDZlNDRkLTg5YWItNDYwZS05Mzc5LTk1YzUwNTMxZDRkOC8x
L09YZ01NXzlWTkplUE9Fdy1vRzZTd2s5c3NoUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
ZDZlNDRkLTg5YWItNDYwZS05Mzc5LTk1YzUwNTMxZDRkOC8xL3VfczJjY244ZEdv
Y3BqUkpWR1ZYeXA2YWZXMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEuVTANBgkqhkiG9w0BAQsFAAOC
AQEANU46QpZYzALmLvyHgnMFxnqezCIjsyGPA05RXIjbYxiZ4kZrEjl3hQgRcu70
N3W9H7dMcw4JXnZR89YInOJL1+qIuz8WoEZ6W3KDOzsZ9tvMwJHAVyXJ45sW9MAZ
CF/7drHG6vnfg2UJOkXV+FYKgkTOAGJUD53E1CVezY8aVO0PuOiT5ZKl88q4efXv
ba0yuVs59yW6kG6iQgEvknNdZBw+CnICYNLIu/SUvOwhiCb26LOTC/rfTgJbCpKy
UT7TnJ5XemdfrKSrZz8SUk6ioSPNmwmxFPVggXaaRFqBNih2AveOInnHeWmBZyeM
uX2rTrN6gxpd3HDxG6nyIwUY3Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:22:17 2025 by rpki-client