Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/OTai27inwFynD2KbPsqizs_FpJw.roa
File: OTai27inwFynD2KbPsqizs_FpJw.roa (raw, json)
Hash identifier: imAKVF4FNuszrVxABQT9z8f6sWc8NO7nb1jYPKDUgaE=
Subject key identifier: 39:36:A2:DB:B8:A7:C0:5C:A7:0F:62:9B:3E:CA:A2:CE:CF:C5:A4:9C
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 01856F796B0D0F9AAB78759C193B52699923
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/OTai27inwFynD2KbPsqizs_FpJw.roa
Signing time: Sun 01 Jan 2023 22:35:06 +0000
ROA not before: Sun 01 Jan 2023 22:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50710
IP address blocks: 78.109.237.0/24 maxlen: 24
78.109.236.0/24 maxlen: 24
78.109.238.0/24 maxlen: 24
185.52.100.0/24 maxlen: 24
185.52.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:6b:0d:0f:9a:ab:78:75:9c:19:3b:52:69:99:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Jan 1 22:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3936a2dbb8a7c05ca70f629b3ecaa2cecfc5a49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:55:c0:0e:e7:de:24:f1:16:6f:e5:9e:68:69:
92:f3:07:7d:8d:8b:93:68:96:ae:dd:f1:03:36:b0:
70:53:9a:d7:ae:77:94:26:e1:0f:45:13:f6:e5:7a:
e7:5d:83:1b:62:64:dc:1f:35:d6:85:f3:8b:fa:fd:
b1:69:57:d4:49:fb:7b:cc:97:16:16:91:e3:fa:e4:
df:33:8c:af:af:f9:49:fd:3c:ac:2a:9d:e4:da:3c:
e5:3c:62:a9:35:c7:34:ab:7c:5e:35:12:07:02:77:
a1:1a:12:e2:6e:6e:cb:46:11:75:4f:89:11:81:15:
76:8d:b9:2a:93:58:6a:08:7d:dd:cd:49:93:30:43:
54:ad:d4:c4:25:45:a8:00:85:6c:47:9b:f7:3c:1e:
1b:0f:36:dc:78:7b:06:89:99:02:f6:b5:81:c8:51:
ed:43:8e:3d:b0:b3:4a:5d:94:b7:83:34:ea:35:93:
47:66:50:dc:0d:07:62:69:be:8b:8f:20:e6:08:fb:
ba:fa:af:71:1d:4b:2c:b6:4f:23:78:aa:f5:f9:0a:
58:ad:6e:6c:81:29:dc:fa:0c:e8:17:1d:c0:8e:07:
e5:d6:6f:cb:ec:0f:3f:07:e2:0c:eb:a6:a6:18:7f:
87:88:7e:25:1b:ca:90:d5:a6:7a:8d:78:63:9f:53:
1e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:36:A2:DB:B8:A7:C0:5C:A7:0F:62:9B:3E:CA:A2:CE:CF:C5:A4:9C
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/OTai27inwFynD2KbPsqizs_FpJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.236.0-78.109.238.255
185.52.100.0/23
Signature Algorithm: sha256WithRSAEncryption
83:10:82:5f:5f:39:a2:c3:8f:66:f0:6e:f4:b6:30:56:80:32:
0e:85:a9:18:35:73:46:f5:ac:2a:df:19:22:fa:f2:bb:51:2e:
9c:47:bb:64:6c:e5:3f:6d:f5:83:03:9f:2c:fb:e8:2e:9c:b6:
16:4e:63:91:2d:ad:9d:6a:5e:9b:24:ac:be:b9:d5:c3:e5:43:
0b:1b:fe:bc:0e:84:6e:5e:67:6d:60:9e:14:b9:f4:4a:45:a1:
82:2f:cb:c9:a2:09:f6:9e:23:93:7b:81:9f:23:80:37:a0:12:
5d:ea:b0:93:0b:4f:b9:f2:3d:74:8b:87:07:c9:1c:a5:01:84:
d5:bf:82:29:fd:fd:29:dd:e1:40:93:fe:8a:01:d4:fd:b3:51:
29:2c:ca:ee:fe:1f:ca:16:a3:2b:c9:fb:ee:c4:0b:46:47:0b:
4b:e0:b4:07:46:b7:75:fc:b1:ac:08:42:42:6c:81:a8:90:8d:
d2:c6:cd:22:92:da:3b:6a:cc:52:39:6f:4c:0a:9e:c5:19:a8:
bb:8c:4f:ad:e9:ad:27:48:7e:fc:0e:c8:f1:d3:67:86:00:ee:
46:71:1c:e6:db:f8:b8:43:99:30:30:43:8e:9f:9e:81:f0:3c:
42:bb:af:cb:78:31:e0:ee:5d:d1:45:a6:59:9f:4a:93:21:e2:
22:7c:96:9d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVveWsND5qreHWcGTtSaZkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjMwMTAxMjIzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTM2YTJkYmI4YTdjMDVjYTcwZjYyOWIzZWNhYTJjZWNmYzVhNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolXADufeJPEWb+WeaGmS8wd9jYuT
aJau3fEDNrBwU5rXrneUJuEPRRP25XrnXYMbYmTcHzXWhfOL+v2xaVfUSft7zJcW
FpHj+uTfM4yvr/lJ/TysKp3k2jzlPGKpNcc0q3xeNRIHAnehGhLibm7LRhF1T4kR
gRV2jbkqk1hqCH3dzUmTMENUrdTEJUWoAIVsR5v3PB4bDzbceHsGiZkC9rWByFHt
Q449sLNKXZS3gzTqNZNHZlDcDQdiab6LjyDmCPu6+q9xHUsstk8jeKr1+QpYrW5s
gSnc+gzoFx3Ajgfl1m/L7A8/B+IM66amGH+HiH4lG8qQ1aZ6jXhjn1Me/QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDk2otu4p8Bcpw9imz7Kos7PxaScMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL09UYWkyN2lud0Z5bkQyS2JQc3FpenNfRnBKdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEAk5t
7AMEAE5t7gMEAbk0ZDANBgkqhkiG9w0BAQsFAAOCAQEAgxCCX185osOPZvBu9LYw
VoAyDoWpGDVzRvWsKt8ZIvryu1EunEe7ZGzlP231gwOfLPvoLpy2Fk5jkS2tnWpe
mySsvrnVw+VDCxv+vA6Ebl5nbWCeFLn0SkWhgi/LyaIJ9p4jk3uBnyOAN6ASXeqw
kwtPufI9dIuHB8kcpQGE1b+CKf39Kd3hQJP+igHU/bNRKSzK7v4fyhajK8n77sQL
RkcLS+C0B0a3dfyxrAhCQmyBqJCN0sbNIpLaO2rMUjlvTAqexRmou4xPremtJ0h+
/A7I8dNnhgDuRnEc5tv4uEOZMDBDjp+egfA8Qruvy3gx4O5d0UWmWZ9KkyHiInyW
nQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:59:48 2025 by rpki-client