Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/oxq12mGyJjApK-Z4pysVAznM3io.roa
File: oxq12mGyJjApK-Z4pysVAznM3io.roa (raw, json)
Hash identifier: 9Q5D5YF2HLJrL31xL/9fw3VmsY4TLCz22hvQcrr7nBo=
Subject key identifier: A3:1A:B5:DA:61:B2:26:30:29:2B:E6:78:A7:2B:15:03:39:CC:DE:2A
Certificate issuer: /CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Certificate serial: 0184962C4BC6A26B8C2FD837DB9C2805BAEE
Authority key identifier: 0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/oxq12mGyJjApK-Z4pysVAznM3io.roa
Signing time: Sun 20 Nov 2022 17:53:16 +0000
ROA not before: Sun 20 Nov 2022 17:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56849
IP address blocks: 2a0e:48c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:96:2c:4b:c6:a2:6b:8c:2f:d8:37:db:9c:28:05:ba:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Validity
Not Before: Nov 20 17:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a31ab5da61b22630292be678a72b150339ccde2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:94:01:9c:4e:66:fd:76:ed:d6:cc:1e:1c:77:
aa:a3:4d:8f:40:18:03:a8:2b:ab:24:0d:18:d9:5a:
74:b6:eb:fd:d3:f9:7a:e1:ac:da:be:14:db:9f:15:
d9:5a:03:42:0c:22:5a:83:a3:b1:00:94:60:55:ab:
54:d1:61:ef:1d:bc:7d:63:8a:4f:88:9d:f6:03:4d:
b7:ca:f6:02:76:ef:03:54:0f:b6:c6:61:b8:51:7a:
1c:b6:c6:9a:cd:2b:38:3f:56:db:20:e8:b0:d6:45:
d1:c2:02:2d:cf:80:31:b7:15:7f:08:e7:5f:3f:f3:
c9:31:e9:71:ba:3e:58:6d:d5:b2:9e:98:81:9b:1a:
ec:48:59:75:be:9c:d3:ad:42:cc:77:b1:ab:25:9b:
6b:36:5a:37:fc:02:2b:f8:e1:88:00:2c:a0:af:d6:
a2:a5:3c:8a:b5:95:a7:3d:25:da:b7:fa:4a:e1:3d:
81:41:72:36:14:f1:8d:15:52:a0:98:bb:c1:d6:e1:
66:75:25:41:58:cb:f9:21:85:29:3a:bd:8c:57:27:
6b:ac:8a:c5:22:7a:4f:81:8d:8b:31:6a:63:87:9d:
fb:0e:eb:8d:d4:f9:db:89:d1:c4:22:d4:ff:be:bc:
81:09:7a:be:98:39:50:02:73:d7:c7:74:3c:08:24:
60:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1A:B5:DA:61:B2:26:30:29:2B:E6:78:A7:2B:15:03:39:CC:DE:2A
X509v3 Authority Key Identifier:
keyid:0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/oxq12mGyJjApK-Z4pysVAznM3io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
54:00:a8:29:f1:7f:79:60:42:c2:ff:23:39:0c:6c:49:8d:68:
e6:87:e4:f9:bf:07:e1:aa:59:a6:be:10:dc:ac:b6:aa:1e:51:
80:2c:45:07:63:51:a7:34:2b:15:e5:f0:55:0a:1d:8c:40:a2:
f2:19:6b:48:ab:1a:90:f6:a5:27:8a:76:67:62:c4:7b:3d:7c:
2d:01:d0:91:ff:5b:9b:f5:c1:36:46:1a:19:89:2f:cc:f9:76:
c4:6e:e9:f1:3d:ea:4e:49:38:c0:14:0c:45:37:3f:36:e9:4e:
79:a8:c0:8e:b6:c8:77:1a:28:74:93:46:92:70:7a:41:f2:6b:
5b:e2:09:90:64:0f:46:ae:cc:52:bb:04:7f:52:e3:00:7d:1e:
f6:1e:6f:97:c7:b4:e6:b0:1d:f6:bc:2a:7d:5c:2f:77:bf:69:
48:97:7d:c3:2e:df:40:e5:33:69:c1:1b:4e:99:67:2e:04:52:
9f:37:42:61:5a:4f:1c:44:1d:bf:21:34:46:fc:71:bc:33:7a:
7d:f7:7f:0b:0b:36:eb:d4:00:0e:cb:bf:aa:49:76:c6:84:5d:
c5:99:b2:64:f6:b8:04:ff:b8:47:03:38:45:c6:bf:f7:b1:d0:
6b:b0:86:76:85:da:ff:9a:cd:ab:cf:51:c0:15:db:7b:b4:9f:
23:a2:d5:63
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSWLEvGomuML9g325woBbruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjNlNzNhYThiN2YwYWYzYmQ4NDAwNTcyZGFlNzJiMGQ0
NmY1NWMwHhcNMjIxMTIwMTc1MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzFhYjVkYTYxYjIyNjMwMjkyYmU2NzhhNzJiMTUwMzM5Y2NkZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipQBnE5m/Xbt1sweHHeqo02PQBgD
qCurJA0Y2Vp0tuv90/l64azavhTbnxXZWgNCDCJag6OxAJRgVatU0WHvHbx9Y4pP
iJ32A023yvYCdu8DVA+2xmG4UXoctsaazSs4P1bbIOiw1kXRwgItz4AxtxV/COdf
P/PJMelxuj5YbdWynpiBmxrsSFl1vpzTrULMd7GrJZtrNlo3/AIr+OGIACygr9ai
pTyKtZWnPSXat/pK4T2BQXI2FPGNFVKgmLvB1uFmdSVBWMv5IYUpOr2MVydrrIrF
InpPgY2LMWpjh537DuuN1PnbidHEItT/vryBCXq+mDlQAnPXx3Q8CCRgCQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKMatdphsiYwKSvmeKcrFQM5zN4qMB8GA1UdIwQY
MBaAFAuz5zqot/CvO9hABXLa5ysNRvVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzIt
YWQyOGZhOTY2YjUxLzEvb3hxMTJtR3lKakFwSy1aNHB5c1ZBem5NM2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzItYWQyOGZhOTY2YjUx
LzEvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg5IwDAN
BgkqhkiG9w0BAQsFAAOCAQEAVACoKfF/eWBCwv8jOQxsSY1o5ofk+b8H4apZpr4Q
3Ky2qh5RgCxFB2NRpzQrFeXwVQodjECi8hlrSKsakPalJ4p2Z2LEez18LQHQkf9b
m/XBNkYaGYkvzPl2xG7p8T3qTkk4wBQMRTc/NulOeajAjrbIdxoodJNGknB6QfJr
W+IJkGQPRq7MUrsEf1LjAH0e9h5vl8e05rAd9rwqfVwvd79pSJd9wy7fQOUzacEb
TplnLgRSnzdCYVpPHEQdvyE0RvxxvDN6ffd/Cws269QADsu/qkl2xoRdxZmyZPa4
BP+4RwM4Rca/97HQa7CGdoXa/5rNq89RwBXbe7SfI6LVYw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:14 2023 by rpki-client on console-fra.rpki-client.org