Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/0oTySnsnDgQHBuGqQfnswork6ak.roa
File: 0oTySnsnDgQHBuGqQfnswork6ak.roa (raw, json)
Hash identifier: pmkriEiAoKsYjzANV40OD2fbuf3+9CgaUgMLiqbNP3c=
Subject key identifier: D2:84:F2:4A:7B:27:0E:04:07:06:E1:AA:41:F9:EC:C2:8A:E4:E9:A9
Certificate issuer: /CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Certificate serial: 0B2202B5
Authority key identifier: 29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/0oTySnsnDgQHBuGqQfnswork6ak.roa
Signing time: Sat 01 Jan 2022 08:00:35 +0000
ROA not before: Sat 01 Jan 2022 08:00:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203902
IP address blocks: 198.52.44.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186778293 (0xb2202b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Validity
Not Before: Jan 1 08:00:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d284f24a7b270e040706e1aa41f9ecc28ae4e9a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:35:95:fc:4e:3e:71:b4:de:bf:de:59:ae:01:
c6:59:01:8f:59:d7:a8:b9:90:98:32:0b:60:2a:ea:
70:57:8c:e9:35:c4:1e:a4:d4:95:f9:71:53:17:c4:
56:50:95:9e:c8:be:81:8e:f7:fa:07:d2:0f:d7:4e:
e1:c0:a5:58:44:67:48:8a:a9:75:88:cd:7b:c8:a0:
6c:6b:da:39:7e:f6:1d:87:e2:bd:05:e3:05:6b:da:
f4:76:c4:af:98:73:10:51:01:fd:84:e3:55:f6:ed:
51:fe:2a:46:a3:9f:23:f1:74:59:4a:bd:1a:f8:e0:
99:a2:2e:37:da:fe:32:c4:08:ca:f3:73:74:ff:94:
1a:7d:c0:cf:b4:be:ec:76:6c:b7:54:96:2d:cc:2b:
7e:2a:b0:68:95:0d:e1:9d:0d:c0:57:a1:e0:44:0e:
1a:17:e0:a7:d1:a7:ed:43:f3:89:45:d1:2b:12:79:
3b:8c:17:32:90:d2:5e:70:89:6f:2d:eb:54:e9:c8:
a0:d4:b7:c8:be:f6:9a:cd:70:32:10:34:bb:b3:57:
17:52:f3:5c:18:2e:6d:40:7c:01:08:33:f8:ba:bb:
be:bc:60:d2:ed:47:b6:c0:a0:42:06:79:18:a7:66:
13:20:6d:e8:d5:79:14:dd:d1:fb:6b:48:6b:2b:f7:
cc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:84:F2:4A:7B:27:0E:04:07:06:E1:AA:41:F9:EC:C2:8A:E4:E9:A9
X509v3 Authority Key Identifier:
keyid:29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/0oTySnsnDgQHBuGqQfnswork6ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.52.44.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:36:96:ce:76:ed:a7:80:de:ba:71:37:6f:c3:50:18:fd:d2:
27:f0:80:55:d8:02:6d:41:4e:f0:f8:01:8f:a0:1b:34:19:c9:
de:37:35:0a:b6:8b:50:00:8c:bb:42:fa:7e:a9:72:a2:4f:72:
92:07:aa:c5:e8:65:59:61:56:48:74:bc:75:9d:b1:45:96:b6:
72:37:2f:4f:e4:67:50:18:26:23:33:24:86:48:2b:f7:1b:11:
86:3b:98:a4:4f:8b:64:9d:6c:ce:d9:c0:26:79:a7:e2:31:49:
e6:2a:d0:19:b1:5d:6d:54:4d:16:1e:d0:ce:cc:d8:50:18:95:
58:ae:6d:e0:1b:ad:6c:0a:c1:c2:22:8d:a5:78:5d:19:50:4b:
ff:f8:0a:77:8e:84:62:5b:25:5f:17:32:88:ef:13:f5:7a:f8:
3c:40:1c:c1:8e:71:18:95:7c:86:4d:a3:dd:17:95:a9:c1:34:
0d:2b:6c:bd:37:9a:a9:f8:5a:dd:45:74:7d:6a:7e:46:0f:cc:
9d:17:dd:37:8a:df:b3:39:3c:61:ca:42:49:f8:c1:01:4b:6a:
bf:45:fa:44:a5:2c:5b:9b:ca:a3:c7:8f:32:e6:22:2e:0d:8b:
7d:47:17:ca:3d:13:97:64:5b:0b:df:00:19:07:07:ed:26:ff:
01:b1:f4:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECyICtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTFmMGI3M2U2N2Q2M2M1YTRjOTA0NjgxNDE2NmE5ZTIxNjI1ZjI4MB4XDTIyMDEw
MTA4MDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI4NGYyNGE3YjI3
MGUwNDA3MDZlMWFhNDFmOWVjYzI4YWU0ZTlhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM81lfxOPnG03r/eWa4BxlkBj1nXqLmQmDILYCrqcFeM6TXE
HqTUlflxUxfEVlCVnsi+gY73+gfSD9dO4cClWERnSIqpdYjNe8igbGvaOX72HYfi
vQXjBWva9HbEr5hzEFEB/YTjVfbtUf4qRqOfI/F0WUq9GvjgmaIuN9r+MsQIyvNz
dP+UGn3Az7S+7HZst1SWLcwrfiqwaJUN4Z0NwFeh4EQOGhfgp9Gn7UPziUXRKxJ5
O4wXMpDSXnCJby3rVOnIoNS3yL72ms1wMhA0u7NXF1LzXBgubUB8AQgz+Lq7vrxg
0u1HtsCgQgZ5GKdmEyBt6NV5FN3R+2tIayv3zC8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTShPJKeycOBAcG4apB+ezCiuTpqTAfBgNVHSMEGDAWgBQpHwtz5n1jxaTJ
BGgUFmqeIWJfKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tSOExjLVo5WThXa3lRUm9GQlpxbmlGaVh5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvNDhkNjA5LTA4OGQtNDFlNC1iZWM0LTM4ZWU4ZmQ2NGU3ZC8x
LzBvVHlTbnNuRGdRSEJ1R3FRZm5zd29yazZhay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
NDhkNjA5LTA4OGQtNDFlNC1iZWM0LTM4ZWU4ZmQ2NGU3ZC8xL0tSOExjLVo5WThX
a3lRUm9GQlpxbmlGaVh5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMY0LDANBgkqhkiG9w0BAQsFAAOC
AQEAKjaWznbtp4DeunE3b8NQGP3SJ/CAVdgCbUFO8PgBj6AbNBnJ3jc1CraLUACM
u0L6fqlyok9ykgeqxehlWWFWSHS8dZ2xRZa2cjcvT+RnUBgmIzMkhkgr9xsRhjuY
pE+LZJ1sztnAJnmn4jFJ5irQGbFdbVRNFh7QzszYUBiVWK5t4ButbArBwiKNpXhd
GVBL//gKd46EYlslXxcyiO8T9Xr4PEAcwY5xGJV8hk2j3ReVqcE0DStsvTeaqfha
3UV0fWp+Rg/MnRfdN4rfszk8YcpCSfjBAUtqv0X6RKUsW5vKo8ePMuYiLg2LfUcX
yj0Tl2RbC98AGQcH7Sb/AbH0oA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:50 2025 by rpki-client