Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/OtY23X8W2I5OqhWPKyMpPndlqm4.roa
File: OtY23X8W2I5OqhWPKyMpPndlqm4.roa (raw, json)
Hash identifier: mqCUv6IJe42WmsBW3vjGqvLqQ2LsmzjlJktJC+gInnk=
Subject key identifier: 3A:D6:36:DD:7F:16:D8:8E:4E:AA:15:8F:2B:23:29:3E:77:65:AA:6E
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4EC509A18E4B3E44EB04417D28EA2
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/OtY23X8W2I5OqhWPKyMpPndlqm4.roa
Signing time: Sun 01 Jan 2023 19:35:25 +0000
ROA not before: Sun 01 Jan 2023 19:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47395
IP address blocks: 109.188.0.0/17 maxlen: 17
94.25.128.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:ec:50:9a:18:e4:b3:e4:4e:b0:44:17:d2:8e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ad636dd7f16d88e4eaa158f2b23293e7765aa6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1e:e6:16:c7:4b:30:01:95:ef:f2:6a:3c:ef:
21:72:23:73:9e:7e:a7:5d:17:48:ee:60:1e:70:0f:
01:13:46:14:10:12:a4:c7:01:eb:53:68:43:f2:44:
67:42:cb:80:f9:1d:dd:ca:b6:7d:3c:4e:19:10:6d:
d6:5b:40:3e:d8:b5:0b:ba:9d:02:4c:b1:74:ef:97:
c3:99:a1:3f:79:5b:c3:dd:53:7b:c0:05:ad:fa:29:
59:d1:64:ad:4d:93:e3:fc:94:5b:c4:19:12:f8:23:
c0:37:f3:53:eb:b1:bc:82:b2:75:03:a7:36:20:88:
53:0c:7c:db:6c:4f:e4:87:68:a9:dc:62:98:86:1c:
b2:15:02:01:6c:fc:e2:12:d0:56:0d:8a:68:72:8e:
86:b2:1b:93:11:f1:34:81:3e:56:34:ce:27:e6:12:
3c:e3:12:8c:96:39:50:4c:ea:07:4e:fe:94:1e:21:
e8:0c:b0:1e:75:04:af:45:7f:92:cc:9f:23:a6:c4:
9c:be:0d:1a:88:8d:15:73:e8:85:f8:c6:62:fd:09:
b2:50:9f:7e:13:a0:86:28:b5:db:88:c7:60:3e:5f:
51:e3:ee:72:71:5c:fd:2c:c4:94:ae:d7:f4:de:2a:
a9:bc:bc:2d:29:90:31:a4:62:50:96:33:1b:72:6b:
13:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D6:36:DD:7F:16:D8:8E:4E:AA:15:8F:2B:23:29:3E:77:65:AA:6E
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/OtY23X8W2I5OqhWPKyMpPndlqm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.25.128.0/18
109.188.0.0/17
Signature Algorithm: sha256WithRSAEncryption
5c:3c:4e:87:d9:0b:51:b0:be:92:a5:ce:60:63:ca:0d:bc:16:
6c:6f:c4:02:bf:8e:8a:6e:bc:20:af:49:bd:6c:68:f5:90:b5:
00:92:75:aa:41:e9:9e:45:37:64:8f:b8:e9:88:7c:39:54:e8:
8d:18:25:18:9d:bf:2e:aa:c2:72:9f:f8:1f:ef:f2:24:a1:51:
c5:11:d8:29:30:2a:61:37:18:2c:55:17:cb:ef:75:64:85:76:
84:99:9e:59:4f:07:a9:ab:2b:f4:57:89:83:e2:fd:47:5d:6f:
b8:ea:11:b0:a0:56:af:dd:d5:1d:c1:6a:80:a9:d0:ae:4e:be:
0c:f2:da:e9:17:07:05:e8:85:28:11:b3:b0:f4:a1:02:f1:7f:
2a:fe:44:cb:91:09:e3:fc:d3:69:9d:67:95:b3:51:e9:63:37:
4e:28:46:97:f3:eb:cb:b7:53:68:72:44:43:bd:75:97:29:51:
98:4a:ea:9a:ea:03:37:f7:d4:9a:18:36:1a:e9:86:1e:e5:2c:
28:14:28:a1:9b:4f:83:4e:4e:18:dc:8e:43:ad:95:37:bf:de:
cf:ed:ef:57:13:1c:00:e2:15:64:9e:da:ff:54:2e:9c:79:54:
4b:f3:ee:6a:32:25:59:f0:51:8b:88:27:88:9c:89:19:78:72:
6c:79:08:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu1OxQmhjks+ROsEQX0o6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQ2MzZkZDdmMTZkODhlNGVhYTE1OGYyYjIzMjkzZTc3NjVhYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh7mFsdLMAGV7/JqPO8hciNznn6n
XRdI7mAecA8BE0YUEBKkxwHrU2hD8kRnQsuA+R3dyrZ9PE4ZEG3WW0A+2LULup0C
TLF075fDmaE/eVvD3VN7wAWt+ilZ0WStTZPj/JRbxBkS+CPAN/NT67G8grJ1A6c2
IIhTDHzbbE/kh2ip3GKYhhyyFQIBbPziEtBWDYpoco6GshuTEfE0gT5WNM4n5hI8
4xKMljlQTOoHTv6UHiHoDLAedQSvRX+SzJ8jpsScvg0aiI0Vc+iF+MZi/QmyUJ9+
E6CGKLXbiMdgPl9R4+5ycVz9LMSUrtf03iqpvLwtKZAxpGJQljMbcmsTFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDrWNt1/FtiOTqoVjysjKT53ZapuMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvT3RZMjNYOFcySTVPcWhXUEt5TXBQbmRscW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGXhmAAwQH
bbwAMA0GCSqGSIb3DQEBCwUAA4IBAQBcPE6H2QtRsL6Spc5gY8oNvBZsb8QCv46K
brwgr0m9bGj1kLUAknWqQemeRTdkj7jpiHw5VOiNGCUYnb8uqsJyn/gf7/IkoVHF
EdgpMCphNxgsVRfL73VkhXaEmZ5ZTwepqyv0V4mD4v1HXW+46hGwoFav3dUdwWqA
qdCuTr4M8trpFwcF6IUoEbOw9KEC8X8q/kTLkQnj/NNpnWeVs1HpYzdOKEaX8+vL
t1NockRDvXWXKVGYSuqa6gM399SaGDYa6YYe5SwoFCihm0+DTk4Y3I5DrZU3v97P
7e9XExwA4hVkntr/VC6ceVRL8+5qMiVZ8FGLiCeInIkZeHJseQhW
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:38:33 2025 by rpki-client