Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/o8qWhH8U-_t1GI0aRgCdouKJNT8.roa
File: o8qWhH8U-_t1GI0aRgCdouKJNT8.roa (raw, json)
Hash identifier: 67axU+zLZsBa+KcVO2mmM8w3FFVVCymKWl7O156dgOo=
Subject key identifier: A3:CA:96:84:7F:14:FB:FB:75:18:8D:1A:46:00:9D:A2:E2:89:35:3F
Certificate issuer: /CN=a2e3c4ec7b36112fce521f5bef2873c7b4cc88d1
Certificate serial: 01856DE667F4C7ED637B1836D8A4997392B1
Authority key identifier: A2:E3:C4:EC:7B:36:11:2F:CE:52:1F:5B:EF:28:73:C7:B4:CC:88:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ouPE7Hs2ES_OUh9b7yhzx7TMiNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/o8qWhH8U-_t1GI0aRgCdouKJNT8.roa
Signing time: Sun 01 Jan 2023 15:14:54 +0000
ROA not before: Sun 01 Jan 2023 15:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200750
IP address blocks: 194.180.108.0/23 maxlen: 23
91.227.63.0/24 maxlen: 24
91.227.64.0/22 maxlen: 22
194.180.170.0/23 maxlen: 23
2a0f:4640::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:67:f4:c7:ed:63:7b:18:36:d8:a4:99:73:92:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2e3c4ec7b36112fce521f5bef2873c7b4cc88d1
Validity
Not Before: Jan 1 15:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3ca96847f14fbfb75188d1a46009da2e289353f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d5:a4:84:af:88:77:42:fc:21:74:c7:53:5f:
77:23:e7:55:a1:c1:f3:ad:22:2c:1f:19:4a:6b:6d:
1b:a3:25:e8:86:52:53:c7:7a:4c:88:04:2f:a8:5c:
40:a6:ca:51:c9:c0:6f:21:95:5e:e9:65:8d:62:be:
89:eb:ba:62:89:a7:bd:49:a4:48:5e:d7:5f:84:66:
a0:8e:99:2d:a0:7f:e1:6b:30:3f:89:df:11:61:19:
44:a3:b3:e9:ba:75:17:3b:b4:d6:07:76:f5:54:2c:
0e:d7:bd:88:da:de:b9:dc:15:09:ba:6f:bb:89:cb:
8a:cf:39:03:bd:0b:e2:c0:91:24:52:ac:16:2d:03:
26:77:63:74:02:b4:91:4a:ca:7b:0b:e4:f5:02:da:
69:cf:5d:07:a6:c4:2e:f8:87:11:8e:60:3d:44:6b:
f8:42:91:d9:81:02:eb:25:21:01:40:01:a7:9a:2a:
7c:4a:ab:81:4d:0e:f5:f0:75:74:39:8c:ea:42:22:
50:66:53:97:e9:97:4a:35:39:21:8a:21:3b:44:69:
78:ee:aa:c3:39:c9:dc:b5:39:3e:b8:e2:c2:cd:75:
63:5d:94:d4:e5:fd:a4:86:15:9b:62:63:c5:05:f1:
31:f8:47:4a:be:31:bb:2b:5b:b0:d3:0f:bf:5b:44:
9b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CA:96:84:7F:14:FB:FB:75:18:8D:1A:46:00:9D:A2:E2:89:35:3F
X509v3 Authority Key Identifier:
keyid:A2:E3:C4:EC:7B:36:11:2F:CE:52:1F:5B:EF:28:73:C7:B4:CC:88:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ouPE7Hs2ES_OUh9b7yhzx7TMiNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/o8qWhH8U-_t1GI0aRgCdouKJNT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/ouPE7Hs2ES_OUh9b7yhzx7TMiNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.63.0-91.227.67.255
194.180.108.0/23
194.180.170.0/23
IPv6:
2a0f:4640::/29
Signature Algorithm: sha256WithRSAEncryption
4e:f1:dd:a8:b4:3f:ed:d6:7f:e1:b3:f1:4b:05:fb:60:8b:ef:
3c:4f:49:60:11:88:6a:51:95:10:b9:2e:52:03:a9:24:4f:aa:
72:93:48:8d:ce:ac:65:64:27:87:a3:65:f8:9a:b6:f6:87:6e:
2b:e0:86:ad:52:bf:2c:a8:5a:52:17:10:8d:24:d6:4d:c4:ba:
1f:1f:6d:bf:4a:a4:61:a3:18:3b:3d:ee:0c:63:ed:f9:60:73:
ee:8e:70:a5:3d:b4:c2:4a:de:36:a6:82:36:22:62:b1:a4:e6:
e7:da:ee:49:a7:16:e9:72:9d:92:70:25:8d:1a:64:cd:89:86:
e6:8d:ee:01:c1:56:7c:3d:34:ba:01:cf:2b:a0:20:48:5c:ed:
a9:29:f4:84:8b:bb:54:43:f7:a6:ad:30:12:56:77:f9:39:dd:
27:12:66:19:d9:7c:12:df:09:dd:f5:94:13:8b:f3:ee:dc:74:
61:2c:fe:3a:fe:07:8a:d6:7b:88:1d:4d:93:6f:96:48:b2:de:
a7:28:87:77:e5:fb:02:4c:b2:8d:ef:b6:78:9e:ff:76:65:c5:
b3:77:39:f7:5f:a8:c1:22:89:6d:e3:ee:83:cc:7b:3e:f1:f9:
85:ed:db:0d:5d:3c:32:d7:b0:4b:7d:90:fb:4c:a1:53:b2:12:
ae:03:ac:ec
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVt5mf0x+1jexg22KSZc5KxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZTNjNGVjN2IzNjExMmZjZTUyMWY1YmVmMjg3M2M3YjRj
Yzg4ZDEwHhcNMjMwMTAxMTUxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NhOTY4NDdmMTRmYmZiNzUxODhkMWE0NjAwOWRhMmUyODkzNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9WkhK+Id0L8IXTHU193I+dVocHz
rSIsHxlKa20boyXohlJTx3pMiAQvqFxApspRycBvIZVe6WWNYr6J67piiae9SaRI
XtdfhGagjpktoH/hazA/id8RYRlEo7PpunUXO7TWB3b1VCwO172I2t653BUJum+7
icuKzzkDvQviwJEkUqwWLQMmd2N0ArSRSsp7C+T1Atppz10HpsQu+IcRjmA9RGv4
QpHZgQLrJSEBQAGnmip8SquBTQ718HV0OYzqQiJQZlOX6ZdKNTkhiiE7RGl47qrD
OcnctTk+uOLCzXVjXZTU5f2khhWbYmPFBfEx+EdKvjG7K1uw0w+/W0SbCQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKPKloR/FPv7dRiNGkYAnaLiiTU/MB8GA1UdIwQY
MBaAFKLjxOx7NhEvzlIfW+8oc8e0zIjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3VQRTdIczJFU19PVWg5Yjd5aHp4N1RNaU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9mNDAzODctMmQ4NC00MDYyLWJlYzYt
ZGE1MTNjYzY5ODM5LzEvbzhxV2hIOFUtX3QxR0kwYVJnQ2RvdUtKTlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9mNDAzODctMmQ4NC00MDYyLWJlYzYtZGE1MTNjYzY5ODM5
LzEvb3VQRTdIczJFU19PVWg5Yjd5aHp4N1RNaU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBABb4z8D
BAJb40ADBAHCtGwDBAHCtKowDQQCAAIwBwMFAyoPRkAwDQYJKoZIhvcNAQELBQAD
ggEBAE7x3ai0P+3Wf+Gz8UsF+2CL7zxPSWARiGpRlRC5LlIDqSRPqnKTSI3OrGVk
J4ejZfiatvaHbivghq1SvyyoWlIXEI0k1k3Euh8fbb9KpGGjGDs97gxj7flgc+6O
cKU9tMJK3jamgjYiYrGk5ufa7kmnFulynZJwJY0aZM2JhuaN7gHBVnw9NLoBzyug
IEhc7akp9ISLu1RD96atMBJWd/k53ScSZhnZfBLfCd31lBOL8+7cdGEs/jr+B4rW
e4gdTZNvlkiy3qcoh3fl+wJMso3vtnie/3ZlxbN3OfdfqMEiiW3j7oPMez7x+YXt
2w1dPDLXsEt9kPtMoVOyEq4DrOw=
-----END CERTIFICATE-----
Generated at Wed May 7 08:16:22 2025 by rpki-client