Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f5931e-0f84-40bd-ad0a-671a1f0af059/1/9dwOWRgEY8fcZdP13idb2pG5Ydo.roa
File: 9dwOWRgEY8fcZdP13idb2pG5Ydo.roa (raw, json)
Hash identifier: 3Fj1EMu0EASZixT5wVDh5ZL65Hey6ou/R4P/zhWX7Zw=
Subject key identifier: F5:DC:0E:59:18:04:63:C7:DC:65:D3:F5:DE:27:5B:DA:91:B9:61:DA
Certificate issuer: /CN=a206dfffab1d518c132f6d56d8d4a31d9059f4bf
Certificate serial: 018571A7A0ED5D868B9B164BAF869C1E3557
Authority key identifier: A2:06:DF:FF:AB:1D:51:8C:13:2F:6D:56:D8:D4:A3:1D:90:59:F4:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogbf_6sdUYwTL21W2NSjHZBZ9L8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f5931e-0f84-40bd-ad0a-671a1f0af059/1/9dwOWRgEY8fcZdP13idb2pG5Ydo.roa
Signing time: Mon 02 Jan 2023 08:44:49 +0000
ROA not before: Mon 02 Jan 2023 08:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210363
IP address blocks: 212.46.49.0/24 maxlen: 24
2a0c:5e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:a0:ed:5d:86:8b:9b:16:4b:af:86:9c:1e:35:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a206dfffab1d518c132f6d56d8d4a31d9059f4bf
Validity
Not Before: Jan 2 08:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5dc0e59180463c7dc65d3f5de275bda91b961da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:63:28:cc:15:70:1f:78:9c:df:06:96:e2:03:
01:d7:4b:fb:20:5b:8b:73:13:0d:52:24:ba:ac:c2:
36:16:6c:21:ad:49:b1:ec:00:38:d6:16:d5:69:9c:
1c:74:c9:c9:d1:b7:da:c6:9a:58:e2:f6:bc:db:ec:
86:7f:ab:a3:10:c7:15:ac:52:1a:6f:40:59:62:21:
4b:95:1f:78:db:d1:87:86:53:d7:c7:2e:cd:3e:66:
53:4f:cc:9a:12:ac:f0:3a:13:b4:9e:de:74:db:d7:
2c:d7:58:1b:1c:44:3c:47:9a:1d:fb:33:2f:23:dc:
7b:26:de:48:f4:7b:a1:d7:47:24:86:78:a0:7c:76:
b4:b7:16:0d:4b:75:2d:79:e3:b4:5a:89:71:1c:6f:
82:dc:b1:af:28:8e:14:27:d7:20:b6:4f:a8:7d:e5:
b8:27:d3:38:27:28:4d:3d:95:22:6f:78:4b:5e:91:
a4:2c:42:f9:dc:06:2d:91:a4:a3:db:e0:9c:d1:a0:
63:6b:65:a3:1a:0c:86:30:cd:78:04:05:9b:6d:7b:
7f:51:bf:ad:1a:b7:74:9c:27:75:ce:cc:f0:81:2b:
1e:65:75:1b:24:37:af:52:a8:80:08:65:9a:4c:c6:
0a:0d:73:2e:fe:f8:a7:bf:a5:9a:e2:7b:c0:f4:6f:
d5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:DC:0E:59:18:04:63:C7:DC:65:D3:F5:DE:27:5B:DA:91:B9:61:DA
X509v3 Authority Key Identifier:
keyid:A2:06:DF:FF:AB:1D:51:8C:13:2F:6D:56:D8:D4:A3:1D:90:59:F4:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogbf_6sdUYwTL21W2NSjHZBZ9L8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f5931e-0f84-40bd-ad0a-671a1f0af059/1/9dwOWRgEY8fcZdP13idb2pG5Ydo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f5931e-0f84-40bd-ad0a-671a1f0af059/1/ogbf_6sdUYwTL21W2NSjHZBZ9L8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.46.49.0/24
IPv6:
2a0c:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
67:fa:28:9d:aa:49:8a:7f:46:2a:29:2a:7c:6a:a3:9e:04:a8:
c6:e9:13:3a:81:f9:e3:d3:60:6d:2b:03:a6:4a:7f:ff:95:44:
d0:31:b1:69:ef:2b:07:08:e3:9a:bb:ea:d8:67:7f:39:c8:a4:
e8:b5:69:f6:c4:22:fe:9d:e1:3f:00:78:1f:42:58:f5:c3:10:
04:9a:31:54:5a:50:69:8a:8a:1f:3c:fe:11:ac:90:68:b6:60:
b2:8c:8d:88:b6:e0:37:fe:61:7d:53:05:7c:1a:10:95:20:72:
9a:24:07:a1:58:a3:ad:2f:83:95:97:75:5e:90:74:44:1f:d1:
08:2c:b0:72:79:7c:54:0a:fa:4f:3a:b4:3d:4b:ee:1f:49:d6:
46:4b:d2:2e:78:ef:32:00:f7:91:7a:c8:26:20:b3:f0:bc:6c:
a2:25:03:0e:62:aa:f1:1e:00:80:08:3b:35:1d:5e:3f:fc:e9:
7f:f7:77:52:7f:b8:30:44:97:47:c0:41:9d:90:c2:45:cb:58:
05:fb:eb:63:49:87:4f:0d:e0:c7:61:b3:ef:10:89:8a:1a:68:
aa:7f:da:a4:f6:64:27:84:03:02:d1:24:40:0a:5d:05:88:3f:
17:86:ab:26:52:e4:69:8a:a5:d2:e2:3e:92:38:ff:05:cd:b6:
2e:e4:b1:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxp6DtXYaLmxZLr4acHjVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDZkZmZmYWIxZDUxOGMxMzJmNmQ1NmQ4ZDRhMzFkOTA1
OWY0YmYwHhcNMjMwMTAyMDg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWRjMGU1OTE4MDQ2M2M3ZGM2NWQzZjVkZTI3NWJkYTkxYjk2MWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmMozBVwH3ic3waW4gMB10v7IFuL
cxMNUiS6rMI2FmwhrUmx7AA41hbVaZwcdMnJ0bfaxppY4va82+yGf6ujEMcVrFIa
b0BZYiFLlR9429GHhlPXxy7NPmZTT8yaEqzwOhO0nt5029cs11gbHEQ8R5od+zMv
I9x7Jt5I9Huh10ckhnigfHa0txYNS3UteeO0WolxHG+C3LGvKI4UJ9cgtk+ofeW4
J9M4JyhNPZUib3hLXpGkLEL53AYtkaSj2+Cc0aBja2WjGgyGMM14BAWbbXt/Ub+t
Grd0nCd1zszwgSseZXUbJDevUqiACGWaTMYKDXMu/vinv6Wa4nvA9G/ViQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPXcDlkYBGPH3GXT9d4nW9qRuWHaMB8GA1UdIwQY
MBaAFKIG3/+rHVGMEy9tVtjUox2QWfS/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2diZl82c2RVWXdUTDIxVzJOU2pIWkJaOUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNTkzMWUtMGY4NC00MGJkLWFkMGEt
NjcxYTFmMGFmMDU5LzEvOWR3T1dSZ0VZOGZjWmRQMTNpZGIycEc1WWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNTkzMWUtMGY4NC00MGJkLWFkMGEtNjcxYTFmMGFmMDU5
LzEvb2diZl82c2RVWXdUTDIxVzJOU2pIWkJaOUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1C4xMA0E
AgACMAcDBQMqDF6AMA0GCSqGSIb3DQEBCwUAA4IBAQBn+iidqkmKf0YqKSp8aqOe
BKjG6RM6gfnj02BtKwOmSn//lUTQMbFp7ysHCOOau+rYZ385yKTotWn2xCL+neE/
AHgfQlj1wxAEmjFUWlBpioofPP4RrJBotmCyjI2ItuA3/mF9UwV8GhCVIHKaJAeh
WKOtL4OVl3VekHREH9EILLByeXxUCvpPOrQ9S+4fSdZGS9IueO8yAPeResgmILPw
vGyiJQMOYqrxHgCACDs1HV4//Ol/93dSf7gwRJdHwEGdkMJFy1gF++tjSYdPDeDH
YbPvEImKGmiqf9qk9mQnhAMC0SRACl0FiD8XhqsmUuRpiqXS4j6SOP8FzbYu5LER
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:59 2025 by rpki-client