Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/OtGPKp_Kc9F1Hqv4_6fHEn_S3gM.roa
File: OtGPKp_Kc9F1Hqv4_6fHEn_S3gM.roa (raw, json)
Hash identifier: XNEPOGk4fl4EIbaUG4G1RlYMAFBD7uPmWdFCTlKx/tA=
Subject key identifier: 3A:D1:8F:2A:9F:CA:73:D1:75:1E:AB:F8:FF:A7:C7:12:7F:D2:DE:03
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01856F1DC816B3922EA6437103CF0BA2B872
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/OtGPKp_Kc9F1Hqv4_6fHEn_S3gM.roa
Signing time: Sun 01 Jan 2023 20:55:00 +0000
ROA not before: Sun 01 Jan 2023 20:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12871
IP address blocks: 37.188.64.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c8:16:b3:92:2e:a6:43:71:03:cf:0b:a2:b8:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 20:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ad18f2a9fca73d1751eabf8ffa7c7127fd2de03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f1:3c:91:42:b8:f1:21:f3:9f:25:1a:93:e0:
3f:b5:81:ae:f9:45:51:c2:14:f9:e4:74:a9:6d:34:
49:92:15:26:3f:ba:c2:41:2b:9b:bb:77:a3:94:ca:
2c:34:7f:7f:cd:95:9d:d6:9d:68:52:d2:7d:4d:a0:
7c:1c:c4:bd:97:a5:03:78:8c:49:ba:4c:44:8a:d3:
29:16:e1:b0:59:94:24:90:eb:1a:a6:e9:06:9a:33:
c7:6d:02:af:30:e8:25:37:34:aa:63:01:f5:ac:3f:
0c:0b:e9:9b:fd:0e:dd:62:20:83:91:79:18:bc:17:
32:e6:19:dc:f2:82:16:c2:ea:7c:36:5d:79:93:a1:
70:36:80:cc:db:bd:3e:9c:c2:b7:04:4e:e5:48:c0:
07:5e:cd:eb:84:33:51:7b:36:7a:cb:96:e3:d6:5a:
ff:c7:f3:0f:30:0b:5c:63:27:c1:d0:2b:8c:c6:a2:
a2:dd:e0:2b:7c:38:66:43:13:e3:a6:79:98:b1:a6:
ba:40:5e:1d:78:1a:78:f6:c4:7f:c1:8a:68:75:db:
53:67:d2:72:44:ca:c7:a3:f0:d5:9e:f7:77:b9:7f:
84:79:0a:2d:46:ae:d0:da:64:e7:b4:6f:0e:ab:a4:
5b:ba:b0:fd:a0:ed:4b:88:98:bf:b0:d4:f5:e7:ae:
d6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D1:8F:2A:9F:CA:73:D1:75:1E:AB:F8:FF:A7:C7:12:7F:D2:DE:03
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/OtGPKp_Kc9F1Hqv4_6fHEn_S3gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.188.64.0/20
Signature Algorithm: sha256WithRSAEncryption
55:b6:a3:9e:7a:fe:e2:af:79:28:a5:9b:d4:2d:51:6c:72:6e:
d0:d5:50:3e:6e:6d:d9:f2:8f:4a:33:56:3b:33:48:84:89:82:
da:e9:47:69:10:df:f7:42:93:e8:c0:8a:cd:8d:ae:db:e7:0c:
2a:c6:70:46:ed:8c:da:65:15:2a:b9:9b:b5:33:71:74:be:dd:
15:63:9a:ac:88:ab:0b:cb:48:d7:8a:ce:84:90:18:cd:e3:cd:
83:70:72:49:a8:01:66:13:a0:e2:c2:a3:34:43:5f:c5:fc:6d:
ed:c2:ea:f1:0c:f7:fb:b2:6c:d8:af:a0:91:b4:50:13:fc:8d:
d5:74:5d:47:ad:9e:48:57:db:14:b9:16:b3:05:5e:f8:d8:e4:
41:c1:64:57:45:c6:e7:80:3f:be:71:27:63:34:3a:19:6f:92:
a7:fc:8a:42:8d:a3:ea:37:90:2f:c7:ce:a6:48:9c:1f:6d:30:
6e:16:6b:4c:06:f1:4a:cf:c4:c9:8c:b8:f1:91:41:84:31:1a:
b5:c9:88:2c:9d:43:9e:97:fc:8c:da:a2:2a:94:b5:17:77:cb:
11:38:75:bf:c1:00:c3:40:35:9b:4a:08:31:88:c8:57:3a:6a:
58:67:88:c5:bf:30:17:36:c9:9f:cb:c6:c2:a8:1d:83:c3:57:
7e:91:ab:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHcgWs5IupkNxA88LorhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQxOGYyYTlmY2E3M2QxNzUxZWFiZjhmZmE3YzcxMjdmZDJkZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPE8kUK48SHznyUak+A/tYGu+UVR
whT55HSpbTRJkhUmP7rCQSubu3ejlMosNH9/zZWd1p1oUtJ9TaB8HMS9l6UDeIxJ
ukxEitMpFuGwWZQkkOsapukGmjPHbQKvMOglNzSqYwH1rD8MC+mb/Q7dYiCDkXkY
vBcy5hnc8oIWwup8Nl15k6FwNoDM270+nMK3BE7lSMAHXs3rhDNRezZ6y5bj1lr/
x/MPMAtcYyfB0CuMxqKi3eArfDhmQxPjpnmYsaa6QF4deBp49sR/wYpoddtTZ9Jy
RMrHo/DVnvd3uX+EeQotRq7Q2mTntG8Oq6RburD9oO1LiJi/sNT1567WWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrRjyqfynPRdR6r+P+nxxJ/0t4DMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvT3RHUEtwX0tjOUYxSHF2NF82ZkhFbl9TM2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJbxAMA0G
CSqGSIb3DQEBCwUAA4IBAQBVtqOeev7ir3kopZvULVFscm7Q1VA+bm3Z8o9KM1Y7
M0iEiYLa6UdpEN/3QpPowIrNja7b5wwqxnBG7YzaZRUquZu1M3F0vt0VY5qsiKsL
y0jXis6EkBjN482DcHJJqAFmE6DiwqM0Q1/F/G3twurxDPf7smzYr6CRtFAT/I3V
dF1HrZ5IV9sUuRazBV742ORBwWRXRcbngD++cSdjNDoZb5Kn/IpCjaPqN5Avx86m
SJwfbTBuFmtMBvFKz8TJjLjxkUGEMRq1yYgsnUOel/yM2qIqlLUXd8sROHW/wQDD
QDWbSggxiMhXOmpYZ4jFvzAXNsmfy8bCqB2Dw1d+kav7
-----END CERTIFICATE-----
Generated at Sat May 10 20:05:20 2025 by rpki-client