Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/OmoIs0HV7ZPTgH7qjBe0PbuKrS4.roa
File: OmoIs0HV7ZPTgH7qjBe0PbuKrS4.roa (raw, json)
Hash identifier: mC/vEHe6+MrrAVRN/MyL5r8WDx6VIi/FVjQL9a4dE68=
Subject key identifier: 3A:6A:08:B3:41:D5:ED:93:D3:80:7E:EA:8C:17:B4:3D:BB:8A:AD:2E
Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial: 3C4A8D1E
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/OmoIs0HV7ZPTgH7qjBe0PbuKrS4.roa
Signing time: Sat 01 Jan 2022 13:57:37 +0000
ROA not before: Sat 01 Jan 2022 13:57:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 134.97.16.0/24 maxlen: 24
193.22.4.0/24 maxlen: 24
134.97.3.0/24 maxlen: 24
134.97.2.0/24 maxlen: 24
2001:650:cc02::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1011518750 (0x3c4a8d1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Validity
Not Before: Jan 1 13:57:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a6a08b341d5ed93d3807eea8c17b43dbb8aad2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:53:16:b1:77:6a:78:e0:f0:29:c3:43:32:24:
ba:cb:2d:6f:de:7f:0d:98:e4:8c:da:44:36:91:89:
4c:fb:dd:a3:58:7b:51:54:45:26:27:a9:c5:df:da:
28:9c:1a:29:3d:47:b9:f1:93:a4:1f:18:d6:b0:04:
7a:ed:d7:05:ba:30:d5:7b:81:66:a5:ab:39:b3:87:
0f:2f:72:02:61:ef:7b:bf:cb:33:72:2c:fc:78:9c:
9a:b5:e8:c4:c4:7f:3e:f2:6f:20:63:2b:52:14:84:
ad:ec:8f:b4:77:a5:7a:93:7b:f8:95:c9:1b:b5:06:
ba:1e:53:5e:62:75:16:24:bd:0f:b5:4a:a8:fb:c3:
b7:a0:62:40:21:0f:69:a9:b4:f1:b4:51:38:cf:6e:
c8:bd:95:c3:6f:21:4a:89:1a:3c:93:65:fd:9f:e0:
1a:a2:f8:d8:81:1e:50:1e:52:24:b9:d0:a8:f1:ce:
8f:da:07:c2:d3:70:bf:c8:b1:4e:78:39:d7:5c:00:
ef:28:7a:fc:ad:6d:3f:60:b1:0e:de:1a:bf:11:c5:
54:9b:78:e6:2c:a7:d1:c5:1c:06:54:17:97:7b:d6:
c7:8a:86:d5:05:62:8c:cd:f6:4c:d9:f7:78:f7:bb:
09:41:e1:a1:c5:b5:03:82:4e:8c:70:ac:7e:ed:45:
b4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6A:08:B3:41:D5:ED:93:D3:80:7E:EA:8C:17:B4:3D:BB:8A:AD:2E
X509v3 Authority Key Identifier:
keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/OmoIs0HV7ZPTgH7qjBe0PbuKrS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.97.2.0/23
134.97.16.0/24
193.22.4.0/24
IPv6:
2001:650:cc02::/48
Signature Algorithm: sha256WithRSAEncryption
b5:6c:05:e0:9d:d0:b6:6c:c5:3e:d4:e4:d1:e5:03:5f:ef:6c:
04:19:be:a2:53:39:0d:48:e8:14:07:4c:69:5e:6f:6a:8f:a9:
5e:4a:50:a2:95:50:ad:51:4b:7f:45:36:45:58:56:ee:9d:0e:
aa:69:88:3a:21:7c:4b:7d:42:62:eb:bc:fe:28:08:e5:17:ac:
ad:c7:4f:3b:5e:f3:6e:31:2a:28:38:31:a8:b3:34:ae:89:5f:
aa:19:17:df:8d:36:f6:d7:a7:a7:83:85:55:83:38:1a:4f:1e:
19:7a:b0:f6:3b:5b:91:b4:db:75:3f:4e:ef:95:6d:77:cd:74:
82:69:6a:0c:7d:0b:e7:5e:e5:e2:aa:bb:e2:03:27:64:4f:59:
b2:80:44:36:30:65:7b:dc:ae:fa:78:1c:f2:ca:5e:cf:32:bd:
74:9d:96:94:00:35:9d:f6:c5:c5:90:0c:e2:36:c7:96:62:07:
82:2d:76:c7:a0:9f:60:3c:d8:19:44:3f:af:6c:0c:32:37:8f:
3e:78:8d:92:35:76:63:fd:97:75:be:cf:0d:f3:fc:a2:ad:b2:
45:c2:e0:71:a0:fe:c9:4e:e9:c9:24:c2:b0:c5:27:45:05:3f:
32:64:c1:3d:ea:c0:e9:1e:34:2e:30:af:00:06:bf:4b:98:0f:
e7:66:da:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEPEqNHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Njk5NDhkMGZlNGQ3Zjk5ZDU0YmE4YmZmY2Q5OWExYTYwOGFlMGQzMB4XDTIyMDEw
MTEzNTczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E2YTA4YjM0MWQ1
ZWQ5M2QzODA3ZWVhOGMxN2I0M2RiYjhhYWQyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhTFrF3anjg8CnDQzIkusstb95/DZjkjNpENpGJTPvdo1h7
UVRFJiepxd/aKJwaKT1HufGTpB8Y1rAEeu3XBbow1XuBZqWrObOHDy9yAmHve7/L
M3Is/HicmrXoxMR/PvJvIGMrUhSEreyPtHelepN7+JXJG7UGuh5TXmJ1FiS9D7VK
qPvDt6BiQCEPaam08bRROM9uyL2Vw28hSokaPJNl/Z/gGqL42IEeUB5SJLnQqPHO
j9oHwtNwv8ixTng511wA7yh6/K1tP2CxDt4avxHFVJt45iyn0cUcBlQXl3vWx4qG
1QVijM32TNn3ePe7CUHhocW1A4JOjHCsfu1FtOUCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQ6agizQdXtk9OAfuqMF7Q9u4qtLjAfBgNVHSMEGDAWgBSWmUjQ/k1/mdVL
qL/82ZoaYIrg0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xwbEkwUDVOZjVuVlM2aV9fTm1hR21DSzROTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvMWEyZmEyLWVlYjMtNDMxMi05MTMwLTUzY2M1ZGFmNTJjZi8x
L09tb0lzMEhWN1pQVGdIN3FqQmUwUGJ1S3JTNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
MWEyZmEyLWVlYjMtNDMxMi05MTMwLTUzY2M1ZGFmNTJjZi8xL2xwbEkwUDVOZjVu
VlM2aV9fTm1hR21DSzROTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAYZhAgMEAIZhEAMEAMEWBDAPBAIA
AjAJAwcAIAEGUMwCMA0GCSqGSIb3DQEBCwUAA4IBAQC1bAXgndC2bMU+1OTR5QNf
72wEGb6iUzkNSOgUB0xpXm9qj6leSlCilVCtUUt/RTZFWFbunQ6qaYg6IXxLfUJi
67z+KAjlF6ytx087XvNuMSooODGoszSuiV+qGRffjTb216eng4VVgzgaTx4ZerD2
O1uRtNt1P07vlW13zXSCaWoMfQvnXuXiqrviAydkT1mygEQ2MGV73K76eBzyyl7P
Mr10nZaUADWd9sXFkAziNseWYgeCLXbHoJ9gPNgZRD+vbAwyN48+eI2SNXZj/Zd1
vs8N8/yirbJFwuBxoP7JTunJJMKwxSdFBT8yZME96sDpHjQuMK8ABr9LmA/nZtpQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org