Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/oBgsXsigSqdYCOKgpFWrwnlMubE.roa
File: oBgsXsigSqdYCOKgpFWrwnlMubE.roa (raw, json)
Hash identifier: PUrMHKZzjops3XdauAKdJY9CFMjO2XhdW1qnXWmVoFA=
Subject key identifier: A0:18:2C:5E:C8:A0:4A:A7:58:08:E2:A0:A4:55:AB:C2:79:4C:B9:B1
Certificate issuer: /CN=0c05ca111c0093b56514215be467b515dda56c06
Certificate serial: 01865F9F5CB0DC5084BE5F87D43AF3BED919
Authority key identifier: 0C:05:CA:11:1C:00:93:B5:65:14:21:5B:E4:67:B5:15:DD:A5:6C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/oBgsXsigSqdYCOKgpFWrwnlMubE.roa
Signing time: Fri 17 Feb 2023 13:45:24 +0000
ROA not before: Fri 17 Feb 2023 13:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29278
IP address blocks: 217.113.55.0/24 maxlen: 24
217.113.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:9f:5c:b0:dc:50:84:be:5f:87:d4:3a:f3:be:d9:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c05ca111c0093b56514215be467b515dda56c06
Validity
Not Before: Feb 17 13:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0182c5ec8a04aa75808e2a0a455abc2794cb9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:66:83:ae:f0:3e:43:93:20:be:8b:51:18:14:
bc:6f:61:28:ab:2a:d1:30:aa:02:ef:20:b6:14:17:
99:e5:5d:f4:ff:35:11:ff:ba:7f:b5:7a:59:aa:fa:
cf:fb:ec:d1:11:cd:b0:d3:eb:3d:f0:fd:05:5e:76:
3f:8c:5c:24:7c:09:15:35:87:ee:1a:0e:b8:8e:f2:
b8:f6:63:27:fc:46:60:df:57:4d:a2:86:1f:92:b9:
e0:f7:e6:89:be:dd:ac:63:7f:5e:89:6b:48:2d:01:
58:5f:75:22:b8:bd:69:c5:a2:f5:33:0d:6a:98:fe:
a9:18:59:5b:8d:4e:24:75:18:23:40:3a:de:82:1a:
60:be:ed:36:dc:4d:9e:9f:2e:eb:fd:fc:a7:bf:a2:
8e:f3:01:59:89:51:20:31:c4:97:39:c1:e8:14:cf:
f9:0b:90:85:0e:1a:4e:46:15:5e:78:ff:60:2c:a0:
5c:cb:99:64:64:03:34:61:8e:43:b4:ca:46:1c:ca:
dc:fa:df:39:45:e3:47:66:1d:8f:56:4d:c9:a7:df:
da:f0:0a:26:76:cb:f0:27:f3:65:93:87:8d:46:9d:
3a:b5:01:48:e8:c1:1e:5d:aa:1a:29:45:71:6d:ea:
61:e4:d7:c4:78:78:2e:6a:f8:00:a7:52:2e:09:de:
78:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:18:2C:5E:C8:A0:4A:A7:58:08:E2:A0:A4:55:AB:C2:79:4C:B9:B1
X509v3 Authority Key Identifier:
keyid:0C:05:CA:11:1C:00:93:B5:65:14:21:5B:E4:67:B5:15:DD:A5:6C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/oBgsXsigSqdYCOKgpFWrwnlMubE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.54.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:ba:68:7a:dc:7a:e2:a9:87:9a:8f:fa:b4:3c:18:26:45:73:
f6:e1:eb:94:c2:d9:dc:82:02:cc:5d:7c:05:91:27:f9:12:be:
49:36:2c:8b:9c:6f:00:c7:a9:36:20:e8:a4:60:ac:6f:f4:d0:
a9:98:34:43:0b:db:e1:3e:e0:38:af:a8:2a:59:24:f7:f8:9b:
77:ee:8a:17:27:79:48:9d:2a:b6:aa:79:b9:19:89:24:11:e7:
10:9a:aa:39:61:df:b4:f7:b2:3d:f6:ce:92:0b:84:39:c4:12:
57:bd:4b:e6:13:81:8a:c5:24:6f:be:35:2f:5c:93:c9:da:70:
29:d7:9f:40:a2:f1:4f:5f:89:d9:65:b4:99:2a:9d:54:eb:b5:
9e:91:5a:44:51:3f:83:72:5c:6a:12:26:fa:f9:c7:e0:c6:00:
91:a1:e7:4a:07:b6:c3:ad:21:28:2a:25:8a:3f:bb:e8:4c:43:
2d:d0:67:a1:5f:36:16:47:4c:51:a4:97:94:f7:42:ae:06:a7:
36:a8:a3:8c:6c:59:f2:15:c3:60:22:ba:55:e0:59:32:a8:d1:
38:6e:ef:71:cd:2c:df:51:42:d0:50:8b:d5:27:6e:77:ce:07:
17:33:8c:93:44:fe:f0:1e:fb:3a:84:02:7d:66:33:1c:49:b4:
b7:82:a7:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZfn1yw3FCEvl+H1DrzvtkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDVjYTExMWMwMDkzYjU2NTE0MjE1YmU0NjdiNTE1ZGRh
NTZjMDYwHhcNMjMwMjE3MTM0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDE4MmM1ZWM4YTA0YWE3NTgwOGUyYTBhNDU1YWJjMjc5NGNiOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWaDrvA+Q5MgvotRGBS8b2EoqyrR
MKoC7yC2FBeZ5V30/zUR/7p/tXpZqvrP++zREc2w0+s98P0FXnY/jFwkfAkVNYfu
Gg64jvK49mMn/EZg31dNooYfkrng9+aJvt2sY39eiWtILQFYX3UiuL1pxaL1Mw1q
mP6pGFlbjU4kdRgjQDreghpgvu023E2eny7r/fynv6KO8wFZiVEgMcSXOcHoFM/5
C5CFDhpORhVeeP9gLKBcy5lkZAM0YY5DtMpGHMrc+t85ReNHZh2PVk3Jp9/a8Aom
dsvwJ/Nlk4eNRp06tQFI6MEeXaoaKUVxbeph5NfEeHguavgAp1IuCd54pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKAYLF7IoEqnWAjioKRVq8J5TLmxMB8GA1UdIwQY
MBaAFAwFyhEcAJO1ZRQhW+RntRXdpWwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFYS0VSd0FrN1ZsRkNGYjVHZTFGZDJsYkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wZmJmNDgtNWRiNy00OWZlLWJmNDQt
NmEzNjcwNWJiYTZmLzEvb0Jnc1hzaWdTcWRZQ09LZ3BGV3J3bmxNdWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wZmJmNDgtNWRiNy00OWZlLWJmNDQtNmEzNjcwNWJiYTZm
LzEvREFYS0VSd0FrN1ZsRkNGYjVHZTFGZDJsYkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2XE2MA0G
CSqGSIb3DQEBCwUAA4IBAQBqumh63HriqYeaj/q0PBgmRXP24euUwtncggLMXXwF
kSf5Er5JNiyLnG8Ax6k2IOikYKxv9NCpmDRDC9vhPuA4r6gqWST3+Jt37ooXJ3lI
nSq2qnm5GYkkEecQmqo5Yd+097I99s6SC4Q5xBJXvUvmE4GKxSRvvjUvXJPJ2nAp
159AovFPX4nZZbSZKp1U67WekVpEUT+DclxqEib6+cfgxgCRoedKB7bDrSEoKiWK
P7voTEMt0GehXzYWR0xRpJeU90KuBqc2qKOMbFnyFcNgIrpV4FkyqNE4bu9xzSzf
UULQUIvVJ253zgcXM4yTRP7wHvs6hAJ9ZjMcSbS3gqcp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:14 2025 by rpki-client