Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/35a6e5-3364-4a74-964c-3d4b283f322d/1/OhqvGY5s-LSBwr5F6YWUGq-HjQs.roa
File: OhqvGY5s-LSBwr5F6YWUGq-HjQs.roa (raw, json)
Hash identifier: bWrx4nyReVWWRSEqpH+8uprZr4HExrrW93MGuW7YnQc=
Subject key identifier: 3A:1A:AF:19:8E:6C:F8:B4:81:C2:BE:45:E9:85:94:1A:AF:87:8D:0B
Certificate issuer: /CN=dc0dea4ea2546d7a019a4ef8243b5eb63565c847
Certificate serial: 1054133A
Authority key identifier: DC:0D:EA:4E:A2:54:6D:7A:01:9A:4E:F8:24:3B:5E:B6:35:65:C8:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3A3qTqJUbXoBmk74JDtetjVlyEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/35a6e5-3364-4a74-964c-3d4b283f322d/1/OhqvGY5s-LSBwr5F6YWUGq-HjQs.roa
Signing time: Sat 01 Jan 2022 13:56:22 +0000
ROA not before: Sat 01 Jan 2022 13:56:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 139.20.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 273945402 (0x1054133a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc0dea4ea2546d7a019a4ef8243b5eb63565c847
Validity
Not Before: Jan 1 13:56:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a1aaf198e6cf8b481c2be45e985941aaf878d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ad:2e:e4:9c:7c:e7:6e:96:ba:d8:c8:de:2b:
f1:b3:c8:b3:f3:2e:4f:1d:60:af:9c:b7:ce:90:84:
ac:96:a4:bc:95:d6:64:a7:84:68:58:d6:54:26:36:
f2:24:b1:4f:4b:9f:0d:82:fe:0d:85:b5:9a:e7:06:
6d:a0:e7:9f:cb:81:9f:f3:92:57:f1:bf:0e:9c:4b:
67:d4:79:18:db:83:b7:60:62:06:fb:d9:17:94:38:
f5:f7:4f:01:25:d7:20:2c:c6:57:68:f2:6b:c2:4d:
52:3d:68:b4:78:f7:f6:d2:5d:33:76:bf:c2:8c:51:
10:ca:42:2a:81:9d:f2:c2:69:7e:59:cb:f8:43:4c:
8e:04:25:b5:ff:3d:c9:6d:fd:ea:8f:05:d6:4f:c5:
1f:a5:fb:ca:a0:53:71:8e:c4:ee:36:c6:c4:e6:f6:
94:9c:c5:ef:36:42:b1:f2:d1:7e:e2:26:9b:fe:24:
09:8c:2f:ca:0f:af:1f:bd:77:09:ac:4c:6f:e1:d0:
30:9f:15:cc:26:39:44:c1:3e:bb:02:8a:87:55:f4:
ef:12:f2:1e:1e:00:02:14:7e:4c:ca:1b:17:17:1b:
6e:94:81:93:7c:e1:92:42:b6:00:4d:3d:73:b8:7f:
ac:64:c0:de:a9:3a:13:94:98:cd:5f:6d:6d:50:84:
84:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1A:AF:19:8E:6C:F8:B4:81:C2:BE:45:E9:85:94:1A:AF:87:8D:0B
X509v3 Authority Key Identifier:
keyid:DC:0D:EA:4E:A2:54:6D:7A:01:9A:4E:F8:24:3B:5E:B6:35:65:C8:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3A3qTqJUbXoBmk74JDtetjVlyEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/35a6e5-3364-4a74-964c-3d4b283f322d/1/OhqvGY5s-LSBwr5F6YWUGq-HjQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/35a6e5-3364-4a74-964c-3d4b283f322d/1/3A3qTqJUbXoBmk74JDtetjVlyEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:2d:97:47:f6:0e:b9:df:0e:01:e9:c9:d4:b4:7e:68:fa:2c:
be:fe:92:14:e7:6c:8f:6c:30:3a:c2:7b:f9:ba:fa:43:e0:4b:
aa:a4:c3:b8:7d:e7:fb:87:93:44:b6:b2:fc:45:13:c8:84:06:
bf:12:e1:ea:eb:bd:e8:ed:c3:d6:b0:23:8a:fa:0e:c2:c1:0b:
04:cf:ea:f2:a8:8f:9e:55:09:ce:1d:56:61:1b:a7:6f:fc:bf:
3e:32:38:fd:58:c0:20:09:51:86:04:a1:ba:94:e1:ff:e2:b7:
62:f0:68:52:1b:26:2b:16:3b:fa:35:59:a3:84:ad:82:1c:4e:
5a:b1:1b:d0:60:05:ca:42:2b:08:46:47:95:25:a1:e2:5a:6e:
33:f0:b6:eb:96:56:3f:b7:bb:90:75:17:7d:99:d2:e3:5e:8e:
42:27:01:a0:3b:ee:f5:df:27:29:48:11:0e:a2:ad:af:53:af:
13:61:b7:de:a4:cb:c7:25:ba:a1:f9:9c:d0:ec:1d:92:3d:41:
28:b9:e6:70:8e:f4:56:c5:60:b5:ed:08:21:17:8f:90:84:59:
d5:73:5d:a2:fa:07:f8:d9:f7:61:5b:1a:6a:d8:5d:9e:de:1c:
89:f2:b3:f2:f4:04:98:3e:1e:98:5d:81:70:fb:6a:08:aa:18:
3b:0c:03:72
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEEFQTOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzBkZWE0ZWEyNTQ2ZDdhMDE5YTRlZjgyNDNiNWViNjM1NjVjODQ3MB4XDTIyMDEw
MTEzNTYyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ExYWFmMTk4ZTZj
ZjhiNDgxYzJiZTQ1ZTk4NTk0MWFhZjg3OGQwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+tLuScfOdulrrYyN4r8bPIs/MuTx1gr5y3zpCErJakvJXW
ZKeEaFjWVCY28iSxT0ufDYL+DYW1mucGbaDnn8uBn/OSV/G/DpxLZ9R5GNuDt2Bi
BvvZF5Q49fdPASXXICzGV2jya8JNUj1otHj39tJdM3a/woxREMpCKoGd8sJpflnL
+ENMjgQltf89yW396o8F1k/FH6X7yqBTcY7E7jbGxOb2lJzF7zZCsfLRfuImm/4k
CYwvyg+vH713CaxMb+HQMJ8VzCY5RME+uwKKh1X07xLyHh4AAhR+TMobFxcbbpSB
k3zhkkK2AE09c7h/rGTA3qk6E5SYzV9tbVCEhD8CAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQ6Gq8Zjmz4tIHCvkXphZQar4eNCzAfBgNVHSMEGDAWgBTcDepOolRtegGa
TvgkO162NWXIRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNBM3FUcUpVYlhvQm1rNzRKRHRldGpWbHlFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvMzVhNmU1LTMzNjQtNGE3NC05NjRjLTNkNGIyODNmMzIyZC8x
L09ocXZHWTVzLUxTQndyNUY2WVdVR3EtSGpRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
MzVhNmU1LTMzNjQtNGE3NC05NjRjLTNkNGIyODNmMzIyZC8xLzNBM3FUcUpVYlhv
Qm1rNzRKRHRldGpWbHlFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIsUMA0GCSqGSIb3DQEBCwUAA4IB
AQA7LZdH9g653w4B6cnUtH5o+iy+/pIU52yPbDA6wnv5uvpD4EuqpMO4fef7h5NE
trL8RRPIhAa/EuHq673o7cPWsCOK+g7CwQsEz+ryqI+eVQnOHVZhG6dv/L8+Mjj9
WMAgCVGGBKG6lOH/4rdi8GhSGyYrFjv6NVmjhK2CHE5asRvQYAXKQisIRkeVJaHi
Wm4z8LbrllY/t7uQdRd9mdLjXo5CJwGgO+713ycpSBEOoq2vU68TYbfepMvHJbqh
+ZzQ7B2SPUEoueZwjvRWxWC17QghF4+QhFnVc12i+gf42fdhWxpq2F2e3hyJ8rPy
9ASYPh6YXYFw+2oIqhg7DANy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:40 2023 by rpki-client on console-fra.rpki-client.org