Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/OXm0YppPfptGnrMuyAzTCvwatVo.roa
File: OXm0YppPfptGnrMuyAzTCvwatVo.roa (raw, json)
Hash identifier: 7C3tM753RaC9aqmNMxow68nPLs30xLHOX70yVbwDNcU=
Subject key identifier: 39:79:B4:62:9A:4F:7E:9B:46:9E:B3:2E:C8:0C:D3:0A:FC:1A:B5:5A
Certificate issuer: /CN=325a8b688deadbb91efbe0772308bac9f304a533
Certificate serial: 0181EEE4F0A765D3FD32ACB5CE571237F8CC
Authority key identifier: 32:5A:8B:68:8D:EA:DB:B9:1E:FB:E0:77:23:08:BA:C9:F3:04:A5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlqLaI3q27ke--B3Iwi6yfMEpTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/OXm0YppPfptGnrMuyAzTCvwatVo.roa
Signing time: Mon 11 Jul 2022 20:13:10 +0000
ROA not before: Mon 11 Jul 2022 20:13:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209861
IP address blocks: 2a0b:6647::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ee:e4:f0:a7:65:d3:fd:32:ac:b5:ce:57:12:37:f8:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=325a8b688deadbb91efbe0772308bac9f304a533
Validity
Not Before: Jul 11 20:13:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3979b4629a4f7e9b469eb32ec80cd30afc1ab55a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:46:1e:50:26:eb:bb:3b:62:53:36:42:9b:fc:
8c:54:ef:37:c7:ab:f0:33:48:c1:dd:5a:4c:81:2c:
f5:09:68:ea:32:36:30:4e:55:ce:4d:d9:c5:e7:27:
47:d7:4d:98:6f:b6:ab:78:b7:d2:60:c4:d9:4f:54:
85:40:fc:b1:13:28:18:13:6a:5d:53:89:fa:00:c7:
d4:66:16:df:f8:a7:eb:bd:3b:e8:84:79:5f:a1:ab:
5f:5f:13:ff:c5:03:0d:e7:c4:dc:5a:8c:bc:60:7b:
b2:84:ca:0a:a2:1b:c2:5f:a1:5e:22:3b:45:02:ee:
de:3e:cf:a6:7f:7c:03:3d:12:47:fd:3a:87:8e:f5:
0d:46:05:c1:a8:a8:be:78:ae:18:fa:fa:30:f6:0d:
e7:33:73:d6:f7:c0:20:87:6d:b2:80:60:a0:8e:6c:
40:11:88:09:68:4f:20:ea:f0:c2:8f:86:3e:e5:f1:
a7:c4:a1:9d:11:ca:3e:04:26:66:f8:b2:22:f4:3b:
b0:80:9e:9b:d7:9e:11:89:e6:41:2e:32:3a:0f:17:
55:dd:30:dc:0f:4e:3f:fb:be:7d:65:cd:06:6d:f7:
11:1b:49:a9:24:36:18:7f:49:38:5d:03:94:04:ec:
bf:a1:7f:58:2a:20:e7:14:93:73:e1:66:57:19:44:
ec:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:79:B4:62:9A:4F:7E:9B:46:9E:B3:2E:C8:0C:D3:0A:FC:1A:B5:5A
X509v3 Authority Key Identifier:
keyid:32:5A:8B:68:8D:EA:DB:B9:1E:FB:E0:77:23:08:BA:C9:F3:04:A5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlqLaI3q27ke--B3Iwi6yfMEpTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/OXm0YppPfptGnrMuyAzTCvwatVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/MlqLaI3q27ke--B3Iwi6yfMEpTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6647::/40
Signature Algorithm: sha256WithRSAEncryption
13:53:c8:61:0c:29:60:fe:e7:fe:98:d7:f2:58:16:ae:37:c5:
76:34:d4:b4:b7:5c:fa:d3:ab:57:c7:37:8e:2e:34:a3:46:5a:
fd:5e:23:17:e2:e3:9b:3c:17:be:b7:fe:3c:bf:b7:fe:77:21:
7d:f2:83:9d:c6:c4:3e:36:27:1a:2b:a4:1b:7c:54:15:03:d8:
3c:f5:56:53:de:20:f1:e7:59:54:10:49:2c:19:b2:33:34:1c:
9a:77:90:a6:b9:82:b6:1b:f9:b5:43:df:54:05:a8:ab:0b:4d:
e9:4f:78:55:a0:ce:3e:9c:da:41:64:ba:bc:76:6a:4b:f6:60:
cd:83:c9:2f:c0:93:cc:c0:15:aa:58:fe:0f:76:44:72:85:d3:
74:d6:3b:29:0f:25:b1:fd:04:88:bc:cf:80:7c:0d:dd:96:96:
52:5b:b0:d8:a0:6f:c9:b6:01:5e:46:90:b4:79:19:04:69:6f:
bc:07:3d:51:81:b2:d7:45:46:f3:6d:ee:2a:3b:cd:22:ff:64:
e1:0d:63:a2:b2:7a:17:c0:58:e1:07:57:fa:d6:98:ed:9f:62:
ca:60:29:89:59:e9:bf:28:a7:c1:dd:57:d9:61:98:61:9b:9c:
2f:14:73:4b:c7:e0:5e:4a:3a:67:bb:87:09:2a:d3:e0:45:0b:
59:e2:67:4a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYHu5PCnZdP9Mqy1zlcSN/jMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNWE4YjY4OGRlYWRiYjkxZWZiZTA3NzIzMDhiYWM5ZjMw
NGE1MzMwHhcNMjIwNzExMjAxMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTc5YjQ2MjlhNGY3ZTliNDY5ZWIzMmVjODBjZDMwYWZjMWFiNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokYeUCbruztiUzZCm/yMVO83x6vw
M0jB3VpMgSz1CWjqMjYwTlXOTdnF5ydH102Yb7areLfSYMTZT1SFQPyxEygYE2pd
U4n6AMfUZhbf+KfrvTvohHlfoatfXxP/xQMN58TcWoy8YHuyhMoKohvCX6FeIjtF
Au7ePs+mf3wDPRJH/TqHjvUNRgXBqKi+eK4Y+vow9g3nM3PW98Agh22ygGCgjmxA
EYgJaE8g6vDCj4Y+5fGnxKGdEco+BCZm+LIi9DuwgJ6b154RieZBLjI6DxdV3TDc
D04/+759Zc0GbfcRG0mpJDYYf0k4XQOUBOy/oX9YKiDnFJNz4WZXGUTssQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDl5tGKaT36bRp6zLsgM0wr8GrVaMB8GA1UdIwQY
MBaAFDJai2iN6tu5HvvgdyMIusnzBKUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxxTGFJM3EyN2tlLS1CM0l3aTZ5Zk1FcFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hMzViYzktNzJlNi00OTc5LWI0NjIt
YmI0YTg2NzJjYzBjLzEvT1htMFlwcFBmcHRHbnJNdXlBelRDdndhdFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hMzViYzktNzJlNi00OTc5LWI0NjItYmI0YTg2NzJjYzBj
LzEvTWxxTGFJM3EyN2tlLS1CM0l3aTZ5Zk1FcFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtmRwAw
DQYJKoZIhvcNAQELBQADggEBABNTyGEMKWD+5/6Y1/JYFq43xXY01LS3XPrTq1fH
N44uNKNGWv1eIxfi45s8F763/jy/t/53IX3yg53GxD42JxorpBt8VBUD2Dz1VlPe
IPHnWVQQSSwZsjM0HJp3kKa5grYb+bVD31QFqKsLTelPeFWgzj6c2kFkurx2akv2
YM2DyS/Ak8zAFapY/g92RHKF03TWOykPJbH9BIi8z4B8Dd2WllJbsNigb8m2AV5G
kLR5GQRpb7wHPVGBstdFRvNt7io7zSL/ZOENY6KyehfAWOEHV/rWmO2fYspgKYlZ
6b8op8HdV9lhmGGbnC8Uc0vH4F5KOme7hwkq0+BFC1niZ0o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:36 2025 by rpki-client