Route Origin Authorization
$ rpki-client -vvf rpki.owl.net/rrdp/owl/1/326130373a643838303a3a2f32392d3438203d3e203233393539.roa
File: 326130373a643838303a3a2f32392d3438203d3e203233393539.roa (raw, json)
Hash identifier: 3ts0JTgY312nItTzGR1oV+gQB6RDrRQYVfUbGhmkr3U=
Subject key identifier: 5F:E8:75:DE:06:DC:2D:21:9D:7F:F9:BD:AD:F0:03:10:70:23:B2:2C
Certificate issuer: /CN=b55e2e72d7ffde6bceb73ce26f185c678a23892d
Certificate serial: 31EB17E5842E552C142B8A9917C2BB57A431724E
Authority key identifier: B5:5E:2E:72:D7:FF:DE:6B:CE:B7:3C:E2:6F:18:5C:67:8A:23:89:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer
Subject info access: rsync://rpki.owl.net/rrdp/owl/1/326130373a643838303a3a2f32392d3438203d3e203233393539.roa
Signing time: Thu 12 Sep 2024 16:46:53 +0000
ROA not before: Thu 12 Sep 2024 16:41:53 +0000
ROA not after: Thu 11 Sep 2025 16:46:53 +0000
asID: 23959
IP address blocks: 2a07:d880::/29 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:eb:17:e5:84:2e:55:2c:14:2b:8a:99:17:c2:bb:57:a4:31:72:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b55e2e72d7ffde6bceb73ce26f185c678a23892d
Validity
Not Before: Sep 12 16:41:53 2024 GMT
Not After : Sep 11 16:46:53 2025 GMT
Subject: CN=5FE875DE06DC2D219D7FF9BDADF003107023B22C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:41:bd:55:ff:1b:cb:83:e1:77:8b:7b:3e:d2:
a9:1c:16:91:5d:ab:35:d3:cd:7e:ec:ce:9e:74:c6:
fc:49:70:f3:a1:a7:f8:f8:fa:1f:b8:5e:3d:37:fd:
04:b3:23:15:56:3b:72:b1:5f:70:dc:98:0e:20:63:
d4:da:34:c3:fb:17:3a:75:53:51:53:1b:bc:83:71:
a8:b5:9e:60:94:78:0e:b1:7a:9e:dd:5a:ee:14:3d:
3f:78:b7:99:4b:df:e0:56:c2:5a:b7:4b:9f:89:4b:
fa:01:5b:4f:53:64:40:d4:dd:76:59:fa:42:d9:07:
cc:bb:c9:5b:13:ae:c5:54:0a:f7:56:23:8a:17:49:
2c:f0:d2:51:f1:a7:21:36:e0:57:0a:db:6e:46:da:
59:0f:58:2e:3e:45:e3:f3:7f:b5:61:33:96:57:a2:
6b:ad:f1:4a:32:68:91:ec:88:a6:40:24:6b:e0:51:
31:d5:c0:b8:06:82:54:5c:01:cb:f0:13:5c:90:c3:
c7:2d:1d:9d:a3:3e:75:8e:e0:0c:b0:a4:59:af:70:
dc:7f:e8:a5:9d:57:3e:65:b4:25:aa:74:27:fb:e6:
6a:7f:30:18:72:fc:e1:cd:d8:5f:52:93:be:80:dd:
1e:b6:1d:e2:27:f6:34:55:d8:6b:8b:de:e7:06:9a:
36:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E8:75:DE:06:DC:2D:21:9D:7F:F9:BD:AD:F0:03:10:70:23:B2:2C
X509v3 Authority Key Identifier:
keyid:B5:5E:2E:72:D7:FF:DE:6B:CE:B7:3C:E2:6F:18:5C:67:8A:23:89:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.owl.net/rrdp/owl/1/B55E2E72D7FFDE6BCEB73CE26F185C678A23892D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.owl.net/rrdp/owl/1/326130373a643838303a3a2f32392d3438203d3e203233393539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:d880::/29
Signature Algorithm: sha256WithRSAEncryption
6f:49:cf:55:0b:43:d4:c4:88:dc:c3:44:ef:ec:dc:7d:53:01:
b9:75:8b:eb:2c:bd:37:0b:3d:e9:7c:cb:6e:a2:fa:62:23:5d:
36:39:d9:fe:e1:59:f4:2c:e8:4c:ac:63:1a:0a:90:79:d2:21:
7f:cb:e1:ca:db:a0:f2:20:fc:8b:1c:4d:07:b1:61:ca:b6:35:
91:1c:e7:fe:22:02:33:88:99:79:7c:a0:27:3c:d2:a7:8c:9c:
96:8b:c3:bf:d9:91:29:dd:52:86:58:00:cd:45:91:f5:5c:af:
d8:ec:09:ad:7f:f7:84:b3:98:1a:8f:5a:c3:7c:03:88:fe:c7:
ac:15:d0:b8:57:b1:21:13:58:a0:49:b4:5c:03:b4:67:50:83:
f2:b9:44:9e:58:5a:23:05:89:3b:eb:c4:ab:ab:d2:9d:f1:05:
ec:e5:51:48:2d:8e:ae:cf:cf:f9:71:0e:ae:3d:7a:99:91:3b:
e1:d8:d6:4e:76:37:af:b3:c9:98:b6:a4:73:79:2d:2a:bb:02:
e2:82:3e:bb:87:80:48:11:7b:5e:84:f4:b2:6a:7d:4a:7a:4e:
66:6d:61:87:26:5c:b7:7a:67:45:ae:2f:56:63:b2:3b:99:53:
ae:d1:e0:37:c5:c0:1d:e0:47:4e:32:f3:82:01:31:22:ee:d2:
2a:71:59:54
-----BEGIN CERTIFICATE-----
MIIEwTCCA6mgAwIBAgIUMesX5YQuVSwUK4qZF8K7V6Qxck4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjU1ZTJlNzJkN2ZmZGU2YmNlYjczY2UyNmYxODVjNjc4
YTIzODkyZDAeFw0yNDA5MTIxNjQxNTNaFw0yNTA5MTExNjQ2NTNaMDMxMTAvBgNV
BAMTKDVGRTg3NURFMDZEQzJEMjE5RDdGRjlCREFERjAwMzEwNzAyM0IyMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmQb1V/xvLg+F3i3s+0qkcFpFd
qzXTzX7szp50xvxJcPOhp/j4+h+4Xj03/QSzIxVWO3KxX3DcmA4gY9TaNMP7Fzp1
U1FTG7yDcai1nmCUeA6xep7dWu4UPT94t5lL3+BWwlq3S5+JS/oBW09TZEDU3XZZ
+kLZB8y7yVsTrsVUCvdWI4oXSSzw0lHxpyE24FcK225G2lkPWC4+RePzf7VhM5ZX
omut8UoyaJHsiKZAJGvgUTHVwLgGglRcAcvwE1yQw8ctHZ2jPnWO4AywpFmvcNx/
6KWdVz5ltCWqdCf75mp/MBhy/OHN2F9Sk76A3R62HeIn9jRV2GuL3ucGmjZNAgMB
AAGjggHLMIIBxzAdBgNVHQ4EFgQUX+h13gbcLSGdf/m9rfADEHAjsiwwHwYDVR0j
BBgwFoAUtV4uctf/3mvOtzzibxhcZ4ojiS0wDgYDVR0PAQH/BAQDAgeAMF0GA1Ud
HwRWMFQwUqBQoE6GTHJzeW5jOi8vcnBraS5vd2wubmV0L3JyZHAvb3dsLzEvQjU1
RTJFNzJEN0ZGREU2QkNFQjczQ0UyNkYxODVDNjc4QTIzODkyRC5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3RWNHVjdGZfM212T3R6emlieGhjWjRvamlTMC5jZXIw
dAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kub3dsLm5l
dC9ycmRwL293bC8xLzMyNjEzMDM3M2E2NDM4MzgzMDNhM2EyZjMyMzkyZDM0Mzgy
MDNkM2UyMDMyMzMzOTM1Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqB9iAMA0GCSqGSIb3DQEBCwUA
A4IBAQBvSc9VC0PUxIjcw0Tv7Nx9UwG5dYvrLL03Cz3pfMtuovpiI102Odn+4Vn0
LOhMrGMaCpB50iF/y+HK26DyIPyLHE0HsWHKtjWRHOf+IgIziJl5fKAnPNKnjJyW
i8O/2ZEp3VKGWADNRZH1XK/Y7Amtf/eEs5gaj1rDfAOI/sesFdC4V7EhE1igSbRc
A7RnUIPyuUSeWFojBYk768Srq9Kd8QXs5VFILY6uz8/5cQ6uPXqZkTvh2NZOdjev
s8mYtqRzeS0quwLigj67h4BIEXtehPSyan1Kek5mbWGHJly3emdFri9WY7I7mVOu
0eA3xcAd4EdOMvOCATEi7tIqcVlU
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:14 2025 by rpki-client