Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/101bcf-d1df-47c4-a2eb-2161ff47881c/1/oo7mDtFWW0TRdpVajM147GBA1UY.roa
File: oo7mDtFWW0TRdpVajM147GBA1UY.roa (raw, json)
Hash identifier: OM4m/XW7oVp20dU99RIoF1Exm5jKy6fB8v/v8osDUb0=
Subject key identifier: A2:8E:E6:0E:D1:56:5B:44:D1:76:95:5A:8C:CD:78:EC:60:40:D5:46
Certificate issuer: /CN=fdd7002bf3a2eacfc881d5e1a0211098c669956c
Certificate serial: 01856D8AFC7FE22ECB9F755866FC1F49A9C0
Authority key identifier: FD:D7:00:2B:F3:A2:EA:CF:C8:81:D5:E1:A0:21:10:98:C6:69:95:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dcAK_Oi6s_IgdXhoCEQmMZplWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/101bcf-d1df-47c4-a2eb-2161ff47881c/1/oo7mDtFWW0TRdpVajM147GBA1UY.roa
Signing time: Sun 01 Jan 2023 13:35:03 +0000
ROA not before: Sun 01 Jan 2023 13:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29273
IP address blocks: 193.41.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:fc:7f:e2:2e:cb:9f:75:58:66:fc:1f:49:a9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd7002bf3a2eacfc881d5e1a0211098c669956c
Validity
Not Before: Jan 1 13:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a28ee60ed1565b44d176955a8ccd78ec6040d546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5a:a6:ca:c8:bc:47:ae:27:59:f5:b3:37:c6:
37:2c:2a:81:5e:fd:30:27:64:f4:42:cd:03:6f:31:
fc:a4:ba:a7:70:d9:ca:88:19:6a:c2:06:85:45:e6:
a4:4c:e6:77:9b:ea:9a:95:39:02:e9:66:4d:ff:cc:
d3:80:74:78:06:db:7c:76:dd:49:28:86:2a:cb:4f:
c1:f0:9b:f6:f3:76:40:4a:c7:d2:80:d3:97:b7:0b:
5b:a0:f9:f0:b3:ff:3e:d3:a7:0b:f2:08:eb:2a:7a:
06:0b:3f:5e:e7:14:e1:af:20:86:21:4d:2d:7a:09:
26:cf:bc:46:c5:11:95:72:26:58:dc:c5:24:54:55:
b1:a5:d3:88:e7:67:4a:74:b7:b5:ca:7f:69:e6:2e:
0f:d4:04:2c:56:d3:44:7f:ac:93:96:c4:98:79:bf:
79:2f:e1:39:63:6d:86:e8:5e:9a:df:5e:f3:39:6a:
d4:64:74:b7:b4:b9:35:58:f1:90:f4:03:d8:9e:1f:
6c:d3:81:67:33:c9:0d:b6:51:b4:2f:76:31:ce:1f:
10:52:4f:78:ef:e3:c1:2d:2b:87:a1:70:09:b2:99:
81:9c:02:0a:23:81:dc:f3:7c:aa:90:be:b4:f6:6b:
a2:75:9b:7e:41:58:9f:76:f2:7d:8b:2e:86:00:94:
8d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:8E:E6:0E:D1:56:5B:44:D1:76:95:5A:8C:CD:78:EC:60:40:D5:46
X509v3 Authority Key Identifier:
keyid:FD:D7:00:2B:F3:A2:EA:CF:C8:81:D5:E1:A0:21:10:98:C6:69:95:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dcAK_Oi6s_IgdXhoCEQmMZplWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/101bcf-d1df-47c4-a2eb-2161ff47881c/1/oo7mDtFWW0TRdpVajM147GBA1UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/101bcf-d1df-47c4-a2eb-2161ff47881c/1/_dcAK_Oi6s_IgdXhoCEQmMZplWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.36.0/24
Signature Algorithm: sha256WithRSAEncryption
96:cb:7d:05:97:77:77:25:4f:98:ac:43:9e:5d:b3:49:d4:cf:
9a:02:92:84:d0:88:43:12:f9:76:86:19:e4:40:69:f1:4d:4f:
27:dd:91:51:0e:3e:ae:b0:4d:83:49:36:2d:45:1d:5a:85:84:
1e:21:e5:e0:8a:4e:11:22:a2:62:c1:9c:e5:c9:61:98:7e:c1:
c2:06:6d:49:7c:bf:0f:3c:a7:70:8d:b2:9b:cc:d0:7b:0b:b2:
86:c3:17:03:c0:b4:b7:cb:d9:57:c5:9c:ff:12:a7:39:04:b8:
59:0e:44:d3:52:7a:85:b4:22:77:fd:7e:1e:ff:49:44:2a:e7:
4e:2f:b5:27:db:43:ca:6a:58:8b:7e:42:40:4d:98:a6:b2:e3:
d6:2a:59:0a:60:0b:93:6b:60:7a:55:fd:d6:c0:d6:6d:f6:45:
b6:79:d0:04:cf:be:9b:75:30:36:06:ac:c1:2f:5d:ca:7c:9f:
11:0c:03:b6:7b:2b:fe:ac:ff:3d:0f:63:86:83:89:dc:cd:42:
1c:d3:27:33:7d:ef:88:9d:5e:8f:12:37:52:8f:42:58:68:83:
ec:da:a8:27:49:15:7d:f7:fc:13:81:63:3a:1d:9d:37:92:94:
be:d5:ad:03:b4:8d:ec:92:72:24:ce:39:6f:b7:c8:08:e8:07:
a5:6a:b0:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtivx/4i7Ln3VYZvwfSanAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDcwMDJiZjNhMmVhY2ZjODgxZDVlMWEwMjExMDk4YzY2
OTk1NmMwHhcNMjMwMTAxMTMzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjhlZTYwZWQxNTY1YjQ0ZDE3Njk1NWE4Y2NkNzhlYzYwNDBkNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVqmysi8R64nWfWzN8Y3LCqBXv0w
J2T0Qs0DbzH8pLqncNnKiBlqwgaFReakTOZ3m+qalTkC6WZN/8zTgHR4Btt8dt1J
KIYqy0/B8Jv283ZASsfSgNOXtwtboPnws/8+06cL8gjrKnoGCz9e5xThryCGIU0t
egkmz7xGxRGVciZY3MUkVFWxpdOI52dKdLe1yn9p5i4P1AQsVtNEf6yTlsSYeb95
L+E5Y22G6F6a317zOWrUZHS3tLk1WPGQ9APYnh9s04FnM8kNtlG0L3Yxzh8QUk94
7+PBLSuHoXAJspmBnAIKI4Hc83yqkL609muidZt+QVifdvJ9iy6GAJSNIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKO5g7RVltE0XaVWozNeOxgQNVGMB8GA1UdIwQY
MBaAFP3XACvzourPyIHV4aAhEJjGaZVsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RjQUtfT2k2c19JZ2RYaG9DRVFtTVpwbFd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xMDFiY2YtZDFkZi00N2M0LWEyZWIt
MjE2MWZmNDc4ODFjLzEvb283bUR0RldXMFRSZHBWYWpNMTQ3R0JBMVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xMDFiY2YtZDFkZi00N2M0LWEyZWItMjE2MWZmNDc4ODFj
LzEvX2RjQUtfT2k2c19JZ2RYaG9DRVFtTVpwbFd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSkkMA0G
CSqGSIb3DQEBCwUAA4IBAQCWy30Fl3d3JU+YrEOeXbNJ1M+aApKE0IhDEvl2hhnk
QGnxTU8n3ZFRDj6usE2DSTYtRR1ahYQeIeXgik4RIqJiwZzlyWGYfsHCBm1JfL8P
PKdwjbKbzNB7C7KGwxcDwLS3y9lXxZz/Eqc5BLhZDkTTUnqFtCJ3/X4e/0lEKudO
L7Un20PKaliLfkJATZimsuPWKlkKYAuTa2B6Vf3WwNZt9kW2edAEz76bdTA2BqzB
L13KfJ8RDAO2eyv+rP89D2OGg4nczUIc0yczfe+InV6PEjdSj0JYaIPs2qgnSRV9
9/wTgWM6HZ03kpS+1a0DtI3sknIkzjlvt8gI6AelarD8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:34 2025 by rpki-client