Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/OFTymxP4ysMOY5v1HdNMJ5qbNCc.roa
File: OFTymxP4ysMOY5v1HdNMJ5qbNCc.roa (raw, json)
Hash identifier: +fFGDS0gYaFmlvRXBI1ASfqh/RFPGwJjyy/VdssnLYU=
Subject key identifier: 38:54:F2:9B:13:F8:CA:C3:0E:63:9B:F5:1D:D3:4C:27:9A:9B:34:27
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018BC8D88FD95ECEE0E2BE82D0A97F8440E7
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/OFTymxP4ysMOY5v1HdNMJ5qbNCc.roa
Signing time: Mon 13 Nov 2023 13:21:57 +0000
ROA not before: Mon 13 Nov 2023 13:21:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 109.160.39.0/24 maxlen: 24
109.160.40.0/24 maxlen: 24
109.160.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:d8:8f:d9:5e:ce:e0:e2:be:82:d0:a9:7f:84:40:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Nov 13 13:21:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3854f29b13f8cac30e639bf51dd34c279a9b3427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6f:bc:ea:17:94:1e:02:c0:61:6d:87:00:fb:
a5:39:10:9a:c6:7f:c8:74:51:c1:0a:ec:ad:01:10:
96:4f:07:2b:42:ef:c5:b4:46:58:05:fe:01:6c:0c:
4a:e6:bf:ed:cb:0b:3c:43:19:04:c5:79:6b:c8:58:
66:f6:38:14:05:70:b1:a7:39:f2:0c:c7:ba:85:08:
7a:ed:e9:2e:81:59:82:b0:7c:96:53:9c:c6:43:5a:
e8:df:57:8f:28:9a:01:79:ee:9a:1b:15:8b:d7:cf:
48:2c:69:b8:80:08:75:35:67:6a:c0:02:88:1e:73:
ce:88:77:59:eb:73:7f:69:db:66:a7:e5:b6:b3:1d:
bc:43:f7:c7:89:96:26:97:43:9b:21:b7:07:26:88:
e7:fd:07:d4:76:7e:3e:7d:40:76:e8:c5:3b:88:2a:
f7:8d:be:47:45:9f:95:22:9a:71:f2:18:8a:0d:1b:
fd:19:c9:a2:53:aa:ca:92:b9:36:f2:b2:d6:69:ba:
6d:4e:d4:9f:2c:ba:15:6b:00:75:31:27:13:88:89:
67:24:0e:dc:57:50:47:7b:02:2b:0d:f7:99:26:8b:
41:33:72:7d:4f:d5:b9:79:d5:1f:f4:1d:c7:f3:e8:
19:4e:e1:ed:99:ef:ff:6b:e9:1b:85:73:31:bd:fc:
bb:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:54:F2:9B:13:F8:CA:C3:0E:63:9B:F5:1D:D3:4C:27:9A:9B:34:27
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/OFTymxP4ysMOY5v1HdNMJ5qbNCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.39.0-109.160.41.255
Signature Algorithm: sha256WithRSAEncryption
86:b1:ed:f9:79:65:1c:e6:dd:6e:c5:e4:36:7f:9e:dc:24:82:
ce:c0:76:33:86:ec:56:4b:38:d1:ce:df:f8:a6:2e:9b:01:e7:
76:5b:7d:db:70:e2:80:bc:c9:c0:33:ed:b3:fb:17:79:b9:d2:
db:59:2c:4a:fe:5e:0e:b8:95:37:3f:09:44:ef:1d:79:24:1a:
ca:26:d9:a6:d8:1c:92:e2:85:91:8e:df:46:c2:1f:2b:ab:a7:
4c:5f:12:76:e8:0a:06:ea:45:7c:93:93:e0:5a:7d:29:e8:0f:
f2:fd:91:75:82:ac:0b:63:be:29:46:4d:de:b0:fd:a3:14:73:
20:40:3e:7c:a1:79:2b:db:ff:40:0a:92:bc:69:13:be:c4:90:
6c:af:16:70:0c:d4:90:67:19:66:2a:c6:68:8e:7c:b6:79:67:
7c:3e:e7:62:27:0e:76:4b:e1:35:ed:89:46:92:1f:a6:b8:a1:
90:aa:28:85:da:65:c4:2e:c2:d2:6b:82:8b:9f:0e:ec:20:9a:
70:2f:ee:e5:1a:41:8a:ca:3b:47:cf:83:15:5b:54:13:96:ae:
b6:b1:26:59:d3:27:02:12:c1:6e:cc:1c:53:ef:98:3e:35:22:
42:69:b0:9c:65:c8:48:c9:e7:db:fc:88:ea:b0:5b:82:72:47:
5a:55:c4:18
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYvI2I/ZXs7g4r6C0Kl/hEDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMxMTEzMTMyMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODU0ZjI5YjEzZjhjYWMzMGU2MzliZjUxZGQzNGMyNzlhOWIzNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2+86heUHgLAYW2HAPulORCaxn/I
dFHBCuytARCWTwcrQu/FtEZYBf4BbAxK5r/tyws8QxkExXlryFhm9jgUBXCxpzny
DMe6hQh67ekugVmCsHyWU5zGQ1ro31ePKJoBee6aGxWL189ILGm4gAh1NWdqwAKI
HnPOiHdZ63N/adtmp+W2sx28Q/fHiZYml0ObIbcHJojn/QfUdn4+fUB26MU7iCr3
jb5HRZ+VIppx8hiKDRv9GcmiU6rKkrk28rLWabptTtSfLLoVawB1MScTiIlnJA7c
V1BHewIrDfeZJotBM3J9T9W5edUf9B3H8+gZTuHtme//a+kbhXMxvfy7HQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDhU8psT+MrDDmOb9R3TTCeamzQnMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvT0ZUeW14UDR5c01PWTV2MUhkTk1KNXFiTkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABtoCcD
BAFtoCgwDQYJKoZIhvcNAQELBQADggEBAIax7fl5ZRzm3W7F5DZ/ntwkgs7AdjOG
7FZLONHO3/imLpsB53Zbfdtw4oC8ycAz7bP7F3m50ttZLEr+Xg64lTc/CUTvHXkk
Gsom2abYHJLihZGO30bCHyurp0xfEnboCgbqRXyTk+BafSnoD/L9kXWCrAtjvilG
Td6w/aMUcyBAPnyheSvb/0AKkrxpE77EkGyvFnAM1JBnGWYqxmiOfLZ5Z3w+52In
DnZL4TXtiUaSH6a4oZCqKIXaZcQuwtJrgoufDuwgmnAv7uUaQYrKO0fPgxVbVBOW
rraxJlnTJwISwW7MHFPvmD41IkJpsJxlyEjJ59v8iOqwW4JyR1pVxBg=
-----END CERTIFICATE-----
Generated at Wed May 14 02:58:43 2025 by rpki-client