Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/OsoUAEOAYRUBAgIQ4liMyOE6eZY.roa
File: OsoUAEOAYRUBAgIQ4liMyOE6eZY.roa (raw, json)
Hash identifier: 6oL/j9YEjA2b/UUtUVmq2S8nkID+FKRkFaACubtYzKg=
Subject key identifier: 3A:CA:14:00:43:80:61:15:01:02:02:10:E2:58:8C:C8:E1:3A:79:96
Certificate issuer: /CN=78f29e87382159ca5e81387d7ee77e512fad1636
Certificate serial: 018C4369A2BA5A96C6F97ED60CBE449B82DA
Authority key identifier: 78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/OsoUAEOAYRUBAgIQ4liMyOE6eZY.roa
Signing time: Thu 07 Dec 2023 08:34:05 +0000
ROA not before: Thu 07 Dec 2023 08:34:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51505
IP address blocks: 194.154.32.0/19 maxlen: 19
2a14:6700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:69:a2:ba:5a:96:c6:f9:7e:d6:0c:be:44:9b:82:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78f29e87382159ca5e81387d7ee77e512fad1636
Validity
Not Before: Dec 7 08:34:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3aca14004380611501020210e2588cc8e13a7996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:05:95:06:18:a8:8f:52:10:09:61:7e:29:62:
a9:f7:18:24:bc:0f:14:33:0c:c8:2f:02:66:df:45:
7a:d5:e7:db:74:cf:27:ee:df:1a:d6:9a:d8:48:e6:
37:9b:9e:ed:c6:32:45:72:94:08:cb:44:a3:d3:30:
6d:7e:bb:be:12:8a:e1:1f:96:3e:06:74:28:77:04:
45:b5:cd:b7:4b:d1:92:d8:15:3c:cb:06:1b:a5:1a:
59:ef:9c:75:0f:70:fb:ce:eb:1c:00:26:5f:7a:58:
68:c8:2e:87:53:9b:c8:6e:e1:31:35:dc:1b:45:a0:
6e:0d:32:fd:37:6e:2e:21:11:65:bb:b0:1e:06:89:
b0:47:6c:fa:cb:6c:9d:a5:88:9b:d3:77:63:0a:16:
b2:6a:20:c2:6d:73:f1:6f:4e:7b:7e:58:0b:8f:01:
f9:77:c3:f1:bf:2b:35:d2:e2:70:6a:58:f9:de:ea:
e7:7a:54:4a:10:a0:8c:7e:aa:49:8b:53:45:59:88:
65:10:d8:31:b8:0f:83:d7:d8:91:5e:d5:87:c5:fe:
76:44:c6:3f:73:bf:74:d6:d9:02:a7:8b:92:29:fc:
72:14:fa:c0:bc:3c:c0:fd:cb:e6:84:33:19:7c:67:
7f:7e:f3:93:23:9a:de:9f:1f:45:eb:5f:40:de:a8:
31:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CA:14:00:43:80:61:15:01:02:02:10:E2:58:8C:C8:E1:3A:79:96
X509v3 Authority Key Identifier:
keyid:78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/OsoUAEOAYRUBAgIQ4liMyOE6eZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.154.32.0/19
IPv6:
2a14:6700::/29
Signature Algorithm: sha256WithRSAEncryption
67:4b:b8:b6:4c:67:e2:d5:ac:fe:5a:c6:3d:0f:f7:12:2f:f2:
4a:a0:bc:23:e3:79:9e:74:06:a3:d4:58:38:c8:4a:7b:58:b9:
b3:91:de:f7:c7:ed:0f:6c:89:a1:fb:2f:c7:99:23:8d:de:d6:
8f:f2:2f:cf:03:c6:30:bf:4c:82:15:43:bb:b4:fb:02:57:0f:
62:fd:c2:45:af:be:f6:58:70:39:d3:77:0f:cb:9e:ed:68:17:
b8:f4:8c:19:e3:73:65:bd:e5:47:06:e4:bd:80:9e:e6:80:34:
4d:d3:98:8d:8f:48:8b:11:da:95:44:2d:78:13:e7:96:fd:61:
7c:38:ea:4d:80:93:13:c3:22:b2:38:f2:5f:9c:8a:d6:82:d2:
b4:b9:1e:af:4d:bb:25:eb:b9:00:a1:17:64:a1:43:d6:e6:ad:
7f:84:04:b6:75:c7:eb:c1:da:af:f8:cd:48:00:07:78:09:8e:
72:c1:28:fe:ea:19:df:34:96:e0:ec:b7:52:22:31:c3:45:04:
bb:71:4a:a0:c7:d2:9e:b4:ee:b8:13:38:e8:b8:34:2c:8a:1c:
1f:3e:68:13:64:41:d1:15:6e:5e:ce:2d:e4:0e:64:1b:17:ac:
ef:01:43:c4:c9:b0:34:01:08:92:47:ba:94:83:a1:97:f6:5c:
9c:e4:83:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxDaaK6WpbG+X7WDL5Em4LaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZjI5ZTg3MzgyMTU5Y2E1ZTgxMzg3ZDdlZTc3ZTUxMmZh
ZDE2MzYwHhcNMjMxMjA3MDgzNDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWNhMTQwMDQzODA2MTE1MDEwMjAyMTBlMjU4OGNjOGUxM2E3OTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQWVBhioj1IQCWF+KWKp9xgkvA8U
MwzILwJm30V61efbdM8n7t8a1prYSOY3m57txjJFcpQIy0Sj0zBtfru+EorhH5Y+
BnQodwRFtc23S9GS2BU8ywYbpRpZ75x1D3D7zuscACZfelhoyC6HU5vIbuExNdwb
RaBuDTL9N24uIRFlu7AeBomwR2z6y2ydpYib03djChayaiDCbXPxb057flgLjwH5
d8Pxvys10uJwalj53urnelRKEKCMfqpJi1NFWYhlENgxuA+D19iRXtWHxf52RMY/
c7901tkCp4uSKfxyFPrAvDzA/cvmhDMZfGd/fvOTI5renx9F619A3qgxKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDrKFABDgGEVAQICEOJYjMjhOnmWMB8GA1UdIwQY
MBaAFHjynoc4IVnKXoE4fX7nflEvrRY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQt
ODJmODljYmEyNmQ4LzEvT3NvVUFFT0FZUlVCQWdJUTRsaU15T0U2ZVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQtODJmODljYmEyNmQ4
LzEvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwpogMA0E
AgACMAcDBQMqFGcAMA0GCSqGSIb3DQEBCwUAA4IBAQBnS7i2TGfi1az+WsY9D/cS
L/JKoLwj43medAaj1Fg4yEp7WLmzkd73x+0PbImh+y/HmSON3taP8i/PA8Ywv0yC
FUO7tPsCVw9i/cJFr772WHA503cPy57taBe49IwZ43NlveVHBuS9gJ7mgDRN05iN
j0iLEdqVRC14E+eW/WF8OOpNgJMTwyKyOPJfnIrWgtK0uR6vTbsl67kAoRdkoUPW
5q1/hAS2dcfrwdqv+M1IAAd4CY5ywSj+6hnfNJbg7LdSIjHDRQS7cUqgx9KetO64
EzjouDQsihwfPmgTZEHRFW5ezi3kDmQbF6zvAUPEybA0AQiSR7qUg6GX9lyc5IOp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:52 2025 by rpki-client