Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/oPPdNklcfjNlRRfleysKXq16cvg.roa
File: oPPdNklcfjNlRRfleysKXq16cvg.roa (raw, json)
Hash identifier: 7AxfKeOJwHevIs5tdzFuix0VR+peMQi37a1IdDHB7Zs=
Subject key identifier: A0:F3:DD:36:49:5C:7E:33:65:45:17:E5:7B:2B:0A:5E:AD:7A:72:F8
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018AD9CD557F93DA5DA05C8D81C1D5FEC38F
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/oPPdNklcfjNlRRfleysKXq16cvg.roa
Signing time: Thu 28 Sep 2023 03:20:27 +0000
ROA not before: Thu 28 Sep 2023 03:20:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199599
IP address blocks: 212.67.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d9:cd:55:7f:93:da:5d:a0:5c:8d:81:c1:d5:fe:c3:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 28 03:20:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0f3dd36495c7e33654517e57b2b0a5ead7a72f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c4:d9:a6:23:c3:e2:be:54:27:2d:c7:28:b9:
50:58:89:23:02:07:35:cc:c0:9f:a0:21:51:93:5d:
7a:6d:50:8e:d2:20:93:b3:e0:94:d4:9f:b3:7d:e0:
fb:ba:89:9e:2e:b8:c4:2b:cd:4e:8f:20:f8:7a:5e:
5f:1e:af:17:23:02:23:fb:3d:9b:9e:e8:88:24:00:
22:8a:5a:ac:d7:0e:19:73:89:83:e1:ed:63:e3:65:
2e:c4:d7:b5:6a:9d:bc:c1:ff:5d:9b:d7:9c:55:07:
92:02:1a:9a:fe:14:b5:8c:fb:ec:dd:9e:5b:77:01:
a1:f7:0c:60:fe:1b:4c:0c:61:62:c6:07:cb:3e:e7:
4b:ed:97:9d:c5:a1:ec:df:d1:ee:26:b7:3f:7b:e9:
d6:76:25:11:b3:1d:f2:70:b7:38:5d:3c:37:d0:71:
80:fb:85:c5:17:eb:d5:53:2a:02:79:0b:4c:e0:1b:
73:19:35:4b:ff:11:5c:01:2f:d1:ac:30:e8:e2:46:
6e:21:89:05:bb:3c:99:aa:08:38:c5:d3:00:3c:09:
86:9c:3b:ef:9e:05:86:3e:6f:77:e7:48:91:07:22:
da:d3:b5:de:67:ec:98:eb:ec:9b:5f:2c:a6:63:3d:
5e:80:ed:b1:4d:b0:cd:f7:a5:b8:12:fd:8f:02:84:
3c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F3:DD:36:49:5C:7E:33:65:45:17:E5:7B:2B:0A:5E:AD:7A:72:F8
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/oPPdNklcfjNlRRfleysKXq16cvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.67.18.0/24
Signature Algorithm: sha256WithRSAEncryption
46:87:5d:e5:98:fe:3c:c7:ac:d5:a4:53:44:97:ed:67:6f:04:
45:c2:2a:18:d4:11:b2:66:eb:f5:d8:2b:91:eb:15:42:b3:6e:
c3:bd:96:58:02:cb:3a:85:46:77:29:2d:31:88:30:1b:44:88:
8a:86:19:32:19:aa:2f:b9:7c:88:91:f8:e1:52:50:bd:ac:1a:
05:dc:60:c1:29:b8:65:b4:27:37:02:f4:4f:16:65:d8:ff:28:
6a:79:8a:ee:81:53:6c:ea:0a:97:61:6b:1c:84:51:d6:8f:b4:
06:b2:64:7f:d7:8a:d8:35:53:ea:78:87:4b:99:08:4a:0d:e8:
14:c9:da:be:a4:ef:55:6b:87:5c:88:31:88:8b:c6:b0:7e:e8:
f9:3a:d4:53:44:df:f0:72:e7:d0:68:4d:d8:b9:7e:37:a9:57:
79:71:96:35:bd:56:c7:a9:c5:a1:65:ed:24:67:54:cd:cd:f2:
05:cf:fb:47:7b:b4:5a:d7:39:c6:65:1a:7e:43:47:14:6f:1e:
93:f3:cd:2b:91:e1:2b:ec:b7:af:19:92:e0:3f:2b:68:94:af:
2f:25:07:c2:34:e3:3d:99:ef:74:cf:81:2d:ea:da:f8:c9:95:
81:79:4a:17:d8:25:45:82:62:12:89:2d:5d:1e:48:4e:83:c6:
cc:7b:b0:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrZzVV/k9pdoFyNgcHV/sOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwOTI4MDMyMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGYzZGQzNjQ5NWM3ZTMzNjU0NTE3ZTU3YjJiMGE1ZWFkN2E3MmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMTZpiPD4r5UJy3HKLlQWIkjAgc1
zMCfoCFRk116bVCO0iCTs+CU1J+zfeD7uomeLrjEK81OjyD4el5fHq8XIwIj+z2b
nuiIJAAiilqs1w4Zc4mD4e1j42UuxNe1ap28wf9dm9ecVQeSAhqa/hS1jPvs3Z5b
dwGh9wxg/htMDGFixgfLPudL7ZedxaHs39HuJrc/e+nWdiURsx3ycLc4XTw30HGA
+4XFF+vVUyoCeQtM4BtzGTVL/xFcAS/RrDDo4kZuIYkFuzyZqgg4xdMAPAmGnDvv
ngWGPm9350iRByLa07XeZ+yY6+ybXyymYz1egO2xTbDN96W4Ev2PAoQ8zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDz3TZJXH4zZUUX5XsrCl6tenL4MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvb1BQZE5rbGNmak5sUlJmbGV5c0tYcTE2Y3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EMSMA0G
CSqGSIb3DQEBCwUAA4IBAQBGh13lmP48x6zVpFNEl+1nbwRFwioY1BGyZuv12CuR
6xVCs27DvZZYAss6hUZ3KS0xiDAbRIiKhhkyGaovuXyIkfjhUlC9rBoF3GDBKbhl
tCc3AvRPFmXY/yhqeYrugVNs6gqXYWschFHWj7QGsmR/14rYNVPqeIdLmQhKDegU
ydq+pO9Va4dciDGIi8awfuj5OtRTRN/wcufQaE3YuX43qVd5cZY1vVbHqcWhZe0k
Z1TNzfIFz/tHe7Ra1znGZRp+Q0cUbx6T880rkeEr7LevGZLgPytolK8vJQfCNOM9
me90z4Et6tr4yZWBeUoX2CVFgmISiS1dHkhOg8bMe7Ag
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:11:06 2025 by rpki-client