Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/oS2ZWANy7POKI3JkL4AFe9Bx0fY.roa
File: oS2ZWANy7POKI3JkL4AFe9Bx0fY.roa (raw, json)
Hash identifier: kAwJalEQm3lTsK5D9J2S6qVMcN+XM0CmTg+IBS6C6Rg=
Subject key identifier: A1:2D:99:58:03:72:EC:F3:8A:23:72:64:2F:80:05:7B:D0:71:D1:F6
Certificate issuer: /CN=08af091858bb99651764399c6565df7a0834dbad
Certificate serial: 01879A77045865FFB3EFC7CD45F9A78D75FB
Authority key identifier: 08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/oS2ZWANy7POKI3JkL4AFe9Bx0fY.roa
Signing time: Wed 19 Apr 2023 17:01:43 +0000
ROA not before: Wed 19 Apr 2023 17:01:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212761
IP address blocks: 185.41.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9a:77:04:58:65:ff:b3:ef:c7:cd:45:f9:a7:8d:75:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08af091858bb99651764399c6565df7a0834dbad
Validity
Not Before: Apr 19 17:01:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a12d99580372ecf38a2372642f80057bd071d1f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f0:f6:86:45:1f:22:89:75:35:10:9e:2b:c9:
fd:07:73:0a:8f:be:92:f5:21:ac:f5:e4:0d:db:3b:
7d:d6:ce:6a:53:e5:d1:bd:71:72:bf:d8:92:04:79:
7a:09:98:f9:96:b2:9b:f7:4f:14:e3:54:74:b9:93:
22:ac:83:06:07:60:78:dd:0d:68:0e:5b:f9:0e:ff:
c8:25:08:ba:1c:4e:6a:04:d5:9e:6c:d6:1b:bf:ab:
1e:db:52:0f:d1:02:be:39:92:c3:70:aa:b2:f2:b9:
44:80:47:e7:41:ec:ff:ed:7b:0f:8f:60:57:75:d0:
58:ee:81:0e:b7:18:fd:3f:c5:e4:d8:8b:af:51:ff:
54:79:91:c0:e4:cb:82:55:ce:1b:1e:23:85:8d:99:
6a:c1:80:f0:10:76:35:c9:21:3d:9b:13:56:d7:2c:
b2:f2:da:4e:75:89:4f:4e:e4:5d:32:3b:31:05:6e:
8b:b9:7c:e5:fd:92:fd:04:74:ac:7c:32:89:df:29:
13:d1:97:12:2e:df:2d:72:65:7d:54:c1:94:cb:89:
dd:d2:6a:a1:92:6a:67:dd:0c:fc:5c:00:03:ba:f5:
c3:28:b8:bc:9c:75:b7:36:44:d7:02:d0:88:9f:c9:
c4:65:5a:aa:2d:50:ec:36:1c:89:e5:a0:f2:d3:ab:
31:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2D:99:58:03:72:EC:F3:8A:23:72:64:2F:80:05:7B:D0:71:D1:F6
X509v3 Authority Key Identifier:
keyid:08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/oS2ZWANy7POKI3JkL4AFe9Bx0fY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/CK8JGFi7mWUXZDmcZWXfegg0260.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.23.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:58:af:ec:06:06:29:74:2a:d4:d0:f5:1b:37:f1:f1:88:3b:
3a:4e:ce:59:6e:86:9f:e4:aa:8b:ee:46:38:cf:a9:6e:66:71:
6f:b9:ff:e3:80:a2:b0:7f:7d:1b:6b:89:70:83:66:c7:55:ee:
6c:26:76:53:20:b9:f4:a1:35:1f:03:21:31:f3:27:9f:ad:07:
e6:da:a6:13:da:98:55:9c:f7:39:3a:3e:22:69:6a:fa:73:c0:
80:e9:5d:6b:a7:db:17:00:7c:91:c8:10:af:fe:ea:dc:2e:83:
42:d2:00:df:a2:e8:fb:d0:aa:d7:1a:b5:93:88:e1:ab:2c:94:
7a:91:cf:99:a2:5d:2e:ed:73:76:13:c6:b9:06:f5:c9:87:b3:
d3:48:88:cf:b9:64:94:67:b0:07:6d:63:ef:e9:fa:56:e1:d7:
34:5b:1c:ec:8c:9c:9f:a0:81:ec:2a:e4:66:25:1f:a9:02:d6:
2e:b1:12:12:f7:be:90:ae:55:e7:d6:46:6a:57:f0:25:6c:ae:
43:fd:e4:56:28:53:f0:c9:b0:39:3d:98:ba:02:9f:15:69:3b:
51:77:cd:a0:cc:01:1f:7b:57:4c:23:94:c2:31:aa:56:d8:49:
e3:43:b7:d2:07:b4:a9:95:5b:50:7d:25:c2:e2:bd:61:23:f4:
f4:48:37:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeadwRYZf+z78fNRfmnjXX7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YWYwOTE4NThiYjk5NjUxNzY0Mzk5YzY1NjVkZjdhMDgz
NGRiYWQwHhcNMjMwNDE5MTcwMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTJkOTk1ODAzNzJlY2YzOGEyMzcyNjQyZjgwMDU3YmQwNzFkMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/D2hkUfIol1NRCeK8n9B3MKj76S
9SGs9eQN2zt91s5qU+XRvXFyv9iSBHl6CZj5lrKb908U41R0uZMirIMGB2B43Q1o
Dlv5Dv/IJQi6HE5qBNWebNYbv6se21IP0QK+OZLDcKqy8rlEgEfnQez/7XsPj2BX
ddBY7oEOtxj9P8Xk2IuvUf9UeZHA5MuCVc4bHiOFjZlqwYDwEHY1ySE9mxNW1yyy
8tpOdYlPTuRdMjsxBW6LuXzl/ZL9BHSsfDKJ3ykT0ZcSLt8tcmV9VMGUy4nd0mqh
kmpn3Qz8XAADuvXDKLi8nHW3NkTXAtCIn8nEZVqqLVDsNhyJ5aDy06sxgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKEtmVgDcuzziiNyZC+ABXvQcdH2MB8GA1UdIwQY
MBaAFAivCRhYu5llF2Q5nGVl33oINNutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYt
NTYxMjliN2RjMDE4LzEvb1MyWldBTnk3UE9LSTNKa0w0QUZlOUJ4MGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYtNTYxMjliN2RjMDE4
LzEvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSkXMA0G
CSqGSIb3DQEBCwUAA4IBAQDJWK/sBgYpdCrU0PUbN/HxiDs6Ts5Zboaf5KqL7kY4
z6luZnFvuf/jgKKwf30ba4lwg2bHVe5sJnZTILn0oTUfAyEx8yefrQfm2qYT2phV
nPc5Oj4iaWr6c8CA6V1rp9sXAHyRyBCv/urcLoNC0gDfouj70KrXGrWTiOGrLJR6
kc+Zol0u7XN2E8a5BvXJh7PTSIjPuWSUZ7AHbWPv6fpW4dc0WxzsjJyfoIHsKuRm
JR+pAtYusRIS976QrlXn1kZqV/AlbK5D/eRWKFPwybA5PZi6Ap8VaTtRd82gzAEf
e1dMI5TCMapW2EnjQ7fSB7SplVtQfSXC4r1hI/T0SDeH
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:07:41 2025 by rpki-client