Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/O2b1w7IwwvpC_Y_JOiIc0IOp08E.roa
File: O2b1w7IwwvpC_Y_JOiIc0IOp08E.roa (raw, json)
Hash identifier: 8rnS2HaGB4Jl/wAuLywaAUHw4ZDCK8ugO57Cn+uGCzE=
Subject key identifier: 3B:66:F5:C3:B2:30:C2:FA:42:FD:8F:C9:3A:22:1C:D0:83:A9:D3:C1
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 093AC969
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/O2b1w7IwwvpC_Y_JOiIc0IOp08E.roa
Signing time: Sat 01 Jan 2022 16:01:02 +0000
ROA not before: Sat 01 Jan 2022 16:01:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212718
IP address blocks: 2a0b:b87:ffba::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154847593 (0x93ac969)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:01:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b66f5c3b230c2fa42fd8fc93a221cd083a9d3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9f:cf:fb:a4:c1:0e:c9:95:ee:00:74:a3:37:
5f:e6:4a:7c:39:90:96:86:42:ed:e1:d6:4e:59:33:
db:e0:50:b6:f2:7a:ba:7f:26:c2:eb:5f:e8:5f:9e:
21:97:0a:2d:75:c6:17:bd:c0:e1:89:eb:a5:fc:f7:
e2:3a:42:13:be:f7:a5:eb:41:69:2a:48:b9:cd:8e:
55:ff:ec:89:7a:10:59:dc:c3:43:cf:95:78:61:58:
13:f5:6d:63:3c:db:58:d6:44:69:60:23:e1:f5:4e:
30:87:ed:4a:21:48:e0:c3:d8:ed:85:39:e9:c6:07:
7e:05:8a:07:02:d5:ef:39:a6:79:fb:ce:c0:0d:35:
a5:33:7b:a7:39:ef:89:19:09:63:ac:22:3e:6a:a3:
f0:d9:b9:dc:5c:99:58:9f:ef:71:9a:17:f5:ca:9c:
0b:a6:e7:49:13:82:89:7f:d4:8e:11:f7:f0:a2:94:
95:3b:1f:83:b6:fb:1a:ae:00:92:65:ad:5f:c6:12:
50:26:45:2e:1e:84:ef:02:02:f7:da:a9:e2:e6:9e:
aa:31:c9:52:9b:40:83:35:b8:17:cf:ad:dc:74:d5:
bf:fb:8e:65:ed:6d:07:d5:77:3f:07:21:ab:0b:31:
b2:77:fa:9d:4c:e9:f9:a6:46:ba:64:12:af:16:a5:
5a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:66:F5:C3:B2:30:C2:FA:42:FD:8F:C9:3A:22:1C:D0:83:A9:D3:C1
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/O2b1w7IwwvpC_Y_JOiIc0IOp08E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffba::/48
Signature Algorithm: sha256WithRSAEncryption
72:85:cd:88:36:da:b5:70:bb:6d:9a:7b:37:33:5e:a2:b0:f3:
aa:79:93:0b:00:a4:f6:27:9e:d2:b1:b7:85:aa:f8:69:1a:63:
99:51:f3:81:f4:e6:4a:b5:a4:74:2a:d8:90:f6:80:0e:23:c0:
9f:5c:e0:30:48:18:75:35:80:aa:7c:a0:83:4b:61:7a:75:9a:
63:57:bf:a4:e0:b9:3d:d2:22:08:8b:2f:20:22:df:ca:60:ef:
2c:92:41:25:28:5a:53:fb:8a:00:37:41:6e:e4:20:12:78:95:
96:7f:2d:b0:a5:d6:90:1f:fe:5a:fd:f5:c8:37:83:20:01:39:
1b:2f:12:ec:d0:03:dd:03:0a:39:71:5c:7d:53:fb:8f:c2:27:
d1:a3:0a:a9:51:69:32:a9:52:89:0e:e6:d0:79:35:2d:4c:1d:
8a:1f:f8:ea:14:cb:2d:02:80:dd:83:7b:8e:08:0c:9e:42:a4:
50:c0:24:26:3a:e0:e3:a3:7f:04:bd:d6:ad:59:b3:14:7f:83:
ff:f6:62:4b:b0:41:19:45:66:e2:1a:79:e6:6b:81:bf:21:8f:
f3:f8:e2:39:98:76:ea:3f:b3:7a:62:26:c9:0b:04:75:db:cf:
4f:3d:40:ca:c5:e0:f5:1b:90:1c:a0:f0:b7:39:cc:26:9c:b4:
65:9d:0a:34
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECTrJaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2I2NmY1YzNiMjMw
YzJmYTQyZmQ4ZmM5M2EyMjFjZDA4M2E5ZDNjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqfz/ukwQ7Jle4AdKM3X+ZKfDmQloZC7eHWTlkz2+BQtvJ6
un8mwutf6F+eIZcKLXXGF73A4Ynrpfz34jpCE773petBaSpIuc2OVf/siXoQWdzD
Q8+VeGFYE/VtYzzbWNZEaWAj4fVOMIftSiFI4MPY7YU56cYHfgWKBwLV7zmmefvO
wA01pTN7pznviRkJY6wiPmqj8Nm53FyZWJ/vcZoX9cqcC6bnSROCiX/UjhH38KKU
lTsfg7b7Gq4AkmWtX8YSUCZFLh6E7wIC99qp4uaeqjHJUptAgzW4F8+t3HTVv/uO
Ze1tB9V3Pwchqwsxsnf6nUzp+aZGumQSrxalWo0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ7ZvXDsjDC+kL9j8k6IhzQg6nTwTAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L08yYjF3N0l3d3ZwQ19ZX0pPaUljMElPcDA4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/ujANBgkqhkiG9w0BAQsF
AAOCAQEAcoXNiDbatXC7bZp7NzNeorDzqnmTCwCk9iee0rG3har4aRpjmVHzgfTm
SrWkdCrYkPaADiPAn1zgMEgYdTWAqnygg0thenWaY1e/pOC5PdIiCIsvICLfymDv
LJJBJShaU/uKADdBbuQgEniVln8tsKXWkB/+Wv31yDeDIAE5Gy8S7NAD3QMKOXFc
fVP7j8In0aMKqVFpMqlSiQ7m0Hk1LUwdih/46hTLLQKA3YN7jggMnkKkUMAkJjrg
46N/BL3WrVmzFH+D//ZiS7BBGUVm4hp55muBvyGP8/jiOZh26j+zemImyQsEddvP
Tz1AysXg9RuQHKDwtznMJpy0ZZ0KNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org