Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/6387c8-c248-425f-ba40-cd6555fcd82e/1/ojanv-s4BEPGJ5e_4OfeVJP-mj4.roa
File: ojanv-s4BEPGJ5e_4OfeVJP-mj4.roa (raw, json)
Hash identifier: 25M+1rNpggzHMbRNTiuG3F0Q8hUpCLjBHQk43wdpmWw=
Subject key identifier: A2:36:A7:BF:EB:38:04:43:C6:27:97:BF:E0:E7:DE:54:93:FE:9A:3E
Certificate issuer: /CN=d5c65cda4b630f72bf640d16b41f72f5a0f9d751
Certificate serial: 01856B4A1406387E3698550B4259B9CACD98
Authority key identifier: D5:C6:5C:DA:4B:63:0F:72:BF:64:0D:16:B4:1F:72:F5:A0:F9:D7:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cZc2ktjD3K_ZA0WtB9y9aD511E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/6387c8-c248-425f-ba40-cd6555fcd82e/1/ojanv-s4BEPGJ5e_4OfeVJP-mj4.roa
Signing time: Sun 01 Jan 2023 03:04:54 +0000
ROA not before: Sun 01 Jan 2023 03:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34964
IP address blocks: 193.189.146.0/24 maxlen: 24
2001:67c:21f8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:14:06:38:7e:36:98:55:0b:42:59:b9:ca:cd:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c65cda4b630f72bf640d16b41f72f5a0f9d751
Validity
Not Before: Jan 1 03:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a236a7bfeb380443c62797bfe0e7de5493fe9a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:52:61:42:1b:aa:b7:d7:01:47:eb:89:77:e3:
5d:57:8b:a8:29:35:5a:da:05:4f:af:34:52:a1:68:
bc:43:0a:af:46:74:42:92:75:b3:3b:76:c1:be:bf:
ca:75:1f:ac:68:34:3d:80:ac:7b:2e:de:51:51:2d:
ad:ee:3e:1e:fc:1a:28:38:da:f8:80:d3:69:c1:8a:
90:bc:86:c5:f0:03:9f:8a:26:fb:05:ed:48:5b:92:
b8:28:2d:81:36:eb:c4:ff:11:6e:16:d7:73:fc:bf:
f1:65:a5:33:95:b5:a9:44:db:cb:cb:f7:d4:97:82:
e8:f7:6b:23:76:f4:6d:55:f0:46:ad:cd:39:c2:68:
f8:e4:78:87:f2:83:b5:4e:13:6c:30:17:30:dc:15:
39:d6:85:17:7f:5a:9e:14:9c:d4:9a:20:e4:ee:26:
77:20:14:9f:89:89:9c:4d:a4:04:ba:44:7c:c0:99:
95:4d:06:a5:ec:22:80:98:0c:4f:b9:ed:65:12:94:
88:a5:21:76:e1:da:84:9e:99:70:cc:f5:b8:49:fa:
52:c3:97:47:57:68:ec:37:81:d5:ce:fd:c7:38:f6:
c6:c8:45:2c:70:d7:35:34:ff:56:c1:4e:4d:e4:48:
35:c4:c7:d7:9c:e2:01:5c:0b:e0:ab:d8:15:a3:0d:
36:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:36:A7:BF:EB:38:04:43:C6:27:97:BF:E0:E7:DE:54:93:FE:9A:3E
X509v3 Authority Key Identifier:
keyid:D5:C6:5C:DA:4B:63:0F:72:BF:64:0D:16:B4:1F:72:F5:A0:F9:D7:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cZc2ktjD3K_ZA0WtB9y9aD511E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/6387c8-c248-425f-ba40-cd6555fcd82e/1/ojanv-s4BEPGJ5e_4OfeVJP-mj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/6387c8-c248-425f-ba40-cd6555fcd82e/1/1cZc2ktjD3K_ZA0WtB9y9aD511E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.146.0/24
IPv6:
2001:67c:21f8::/48
Signature Algorithm: sha256WithRSAEncryption
2b:4a:a0:52:ae:16:32:bb:74:c4:22:1c:aa:8c:9a:53:bf:a2:
be:75:0c:33:1e:04:43:a7:78:dc:9c:db:ef:7d:e9:a6:49:27:
28:70:4c:11:31:0a:70:25:59:20:87:1e:b8:a8:e2:28:95:de:
05:09:cc:f7:8c:66:ab:a8:4e:ac:6c:db:ec:2b:2b:e0:ab:df:
2e:9e:ca:34:9b:91:07:24:fe:2d:db:02:1d:2c:48:10:0e:12:
9a:21:0f:d3:3e:f6:08:99:a9:aa:d2:8f:fb:fe:df:1a:1b:8c:
af:43:fa:05:8f:63:82:4e:ab:25:27:0b:82:58:2b:fb:cc:0a:
a5:a9:0e:0b:b6:50:ba:e8:3e:47:4e:dc:a8:00:6f:20:f5:3d:
cb:fb:7b:41:12:5c:c5:a8:fd:77:d3:8a:d5:b4:1f:fb:6c:65:
fe:62:97:63:39:e3:39:01:55:60:ff:4f:44:cf:35:bc:2f:1e:
4e:67:c0:0a:2d:1b:81:25:5f:b1:f1:22:28:bc:54:96:0d:d9:
83:c3:60:f2:6d:b6:39:a2:7f:20:c8:c7:73:41:a6:31:da:2c:
9c:4d:9d:26:2b:68:5a:15:57:a5:ef:20:0e:25:6a:d8:34:74:
1b:2a:83:b6:9e:24:8f:f6:cc:3f:87:e0:30:fd:1d:b1:9e:5e:
9d:c2:7c:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrShQGOH42mFULQlm5ys2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YzY1Y2RhNGI2MzBmNzJiZjY0MGQxNmI0MWY3MmY1YTBm
OWQ3NTEwHhcNMjMwMTAxMDMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjM2YTdiZmViMzgwNDQzYzYyNzk3YmZlMGU3ZGU1NDkzZmU5YTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFJhQhuqt9cBR+uJd+NdV4uoKTVa
2gVPrzRSoWi8QwqvRnRCknWzO3bBvr/KdR+saDQ9gKx7Lt5RUS2t7j4e/BooONr4
gNNpwYqQvIbF8AOfiib7Be1IW5K4KC2BNuvE/xFuFtdz/L/xZaUzlbWpRNvLy/fU
l4Lo92sjdvRtVfBGrc05wmj45HiH8oO1ThNsMBcw3BU51oUXf1qeFJzUmiDk7iZ3
IBSfiYmcTaQEukR8wJmVTQal7CKAmAxPue1lEpSIpSF24dqEnplwzPW4SfpSw5dH
V2jsN4HVzv3HOPbGyEUscNc1NP9WwU5N5Eg1xMfXnOIBXAvgq9gVow02XQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKI2p7/rOARDxieXv+Dn3lST/po+MB8GA1UdIwQY
MBaAFNXGXNpLYw9yv2QNFrQfcvWg+ddRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWNaYzJrdGpEM0tfWkEwV3RCOXk5YUQ1MTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi82Mzg3YzgtYzI0OC00MjVmLWJhNDAt
Y2Q2NTU1ZmNkODJlLzEvb2phbnYtczRCRVBHSjVlXzRPZmVWSlAtbWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi82Mzg3YzgtYzI0OC00MjVmLWJhNDAtY2Q2NTU1ZmNkODJl
LzEvMWNaYzJrdGpEM0tfWkEwV3RCOXk5YUQ1MTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwb2SMA8E
AgACMAkDBwAgAQZ8IfgwDQYJKoZIhvcNAQELBQADggEBACtKoFKuFjK7dMQiHKqM
mlO/or51DDMeBEOneNyc2+996aZJJyhwTBExCnAlWSCHHrio4iiV3gUJzPeMZquo
Tqxs2+wrK+Cr3y6eyjSbkQck/i3bAh0sSBAOEpohD9M+9giZqarSj/v+3xobjK9D
+gWPY4JOqyUnC4JYK/vMCqWpDgu2ULroPkdO3KgAbyD1Pcv7e0ESXMWo/XfTitW0
H/tsZf5il2M54zkBVWD/T0TPNbwvHk5nwAotG4ElX7HxIii8VJYN2YPDYPJttjmi
fyDIx3NBpjHaLJxNnSYraFoVV6XvIA4latg0dBsqg7aeJI/2zD+H4DD9HbGeXp3C
fNQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:23 2025 by rpki-client