Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/r-_OhmrhPhEX-Fx3GfBLD3FBiao.roa
File: r-_OhmrhPhEX-Fx3GfBLD3FBiao.roa (raw, json)
Hash identifier: ELlCPawfEKhPCrzOReUa3t7YjO9euTXOzem2cbpsfFo=
Subject key identifier: AF:EF:CE:86:6A:E1:3E:11:17:F8:5C:77:19:F0:4B:0F:71:41:89:AA
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 0185710C3EB9A65080D34219BA8B47731937
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/r-_OhmrhPhEX-Fx3GfBLD3FBiao.roa
Signing time: Mon 02 Jan 2023 05:55:05 +0000
ROA not before: Mon 02 Jan 2023 05:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208227
IP address blocks: 2a04:ff00:200::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:3e:b9:a6:50:80:d3:42:19:ba:8b:47:73:19:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Jan 2 05:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afefce866ae13e1117f85c7719f04b0f714189aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7c:a9:7e:64:ac:47:83:a5:e7:dd:2e:26:42:
25:5d:d2:42:22:68:6e:7d:4e:87:2e:2a:fa:e9:66:
3e:e3:27:24:05:68:d2:3c:b9:e3:e3:b7:86:6a:24:
87:e3:46:7f:be:71:26:21:21:4f:09:75:cc:f6:cc:
b5:ba:3f:00:a8:f0:8d:7a:e6:b2:5c:68:64:1b:e2:
92:37:cf:91:4f:25:df:78:0c:a6:e1:35:06:87:76:
ca:31:0f:ef:f2:44:8b:86:5e:82:dc:b8:cf:5e:53:
35:8f:3c:8c:a1:77:91:eb:7a:d0:40:a7:da:37:ac:
a3:e2:c5:8f:ca:cc:36:eb:5c:f6:20:8e:d5:57:81:
d9:48:5e:a5:92:c9:16:7f:5d:16:21:37:9a:9b:72:
11:98:39:08:b2:39:e0:c1:5c:a6:68:3e:d1:a0:f1:
d2:18:6d:7d:9f:9c:4c:a2:3c:76:0e:c2:23:a8:ef:
86:fb:72:5e:eb:c8:4e:a1:d3:b6:86:13:df:9f:a7:
2e:3f:79:23:06:fc:67:eb:5e:cc:35:f4:f4:09:ae:
de:e9:ab:bb:85:4a:1a:89:43:39:2f:35:1c:40:0a:
aa:0b:ed:3a:4b:f6:d7:24:6a:3f:c8:00:8b:f4:51:
80:6f:7a:54:17:b0:c3:b4:b1:30:35:ec:fd:6e:7d:
45:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EF:CE:86:6A:E1:3E:11:17:F8:5C:77:19:F0:4B:0F:71:41:89:AA
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/r-_OhmrhPhEX-Fx3GfBLD3FBiao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ff00:200::/40
Signature Algorithm: sha256WithRSAEncryption
70:d1:c0:c9:53:e7:9e:9d:a1:e8:05:28:fb:43:9b:f6:40:1f:
12:27:f8:b6:d8:61:6c:03:1d:c1:82:12:89:2a:8a:d8:f1:e1:
29:e4:bf:96:39:f7:32:0f:48:da:5b:29:dd:db:2e:f0:aa:34:
fa:ed:18:10:bd:77:e8:43:dc:13:fe:0c:aa:5e:6a:8a:0b:31:
8e:4b:eb:39:78:9e:8d:c9:dc:f6:ab:28:e1:f0:b9:43:a3:51:
c1:ba:90:44:3a:21:41:ee:2d:89:13:23:c2:05:dc:d7:6b:84:
bb:4a:d6:32:2b:86:62:c1:3d:74:e1:cc:db:a9:a5:d7:ab:9b:
e5:a1:97:a4:01:55:5a:ac:48:e8:6b:bf:d4:dc:8e:fc:7c:e5:
5e:c3:88:ea:12:ac:d1:3c:04:0e:22:c7:b2:84:80:02:c1:b1:
3f:35:34:a3:e3:d4:3d:56:5c:e1:ab:f7:09:02:6a:66:6c:ec:
94:4c:96:1c:de:be:e4:7e:73:c6:c6:c8:c4:fc:8c:f4:3d:d4:
a0:78:68:6c:a7:6f:e2:21:29:a8:e0:5a:1d:0f:e0:0c:77:2e:
ec:4e:9a:58:8e:7f:a0:9e:93:77:eb:fb:ab:dd:6d:34:e3:74:
92:0c:06:cb:65:6f:e7:54:56:df:43:58:dc:25:a8:77:fe:e7:
de:e8:a9:6b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxDD65plCA00IZuotHcxk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDRjMjVjMmY4YjQ3ZTVkYWY1MmQxYzRjNWE1MDk5OWRk
MGEwYTkwHhcNMjMwMTAyMDU1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVmY2U4NjZhZTEzZTExMTdmODVjNzcxOWYwNGIwZjcxNDE4OWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHypfmSsR4Ol590uJkIlXdJCImhu
fU6HLir66WY+4yckBWjSPLnj47eGaiSH40Z/vnEmISFPCXXM9sy1uj8AqPCNeuay
XGhkG+KSN8+RTyXfeAym4TUGh3bKMQ/v8kSLhl6C3LjPXlM1jzyMoXeR63rQQKfa
N6yj4sWPysw261z2II7VV4HZSF6lkskWf10WITeam3IRmDkIsjngwVymaD7RoPHS
GG19n5xMojx2DsIjqO+G+3Je68hOodO2hhPfn6cuP3kjBvxn617MNfT0Ca7e6au7
hUoaiUM5LzUcQAqqC+06S/bXJGo/yACL9FGAb3pUF7DDtLEwNez9bn1FVQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFK/vzoZq4T4RF/hcdxnwSw9xQYmqMB8GA1UdIwQY
MBaAFH0Ewlwvi0fl2vUtHExaUJmd0KCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMt
ZTYzZTk0Y2JhMDlmLzEvci1fT2htcmhQaEVYLUZ4M0dmQkxEM0ZCaWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMtZTYzZTk0Y2JhMDlm
LzEvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgT/AAIw
DQYJKoZIhvcNAQELBQADggEBAHDRwMlT556doegFKPtDm/ZAHxIn+LbYYWwDHcGC
Eokqitjx4Snkv5Y59zIPSNpbKd3bLvCqNPrtGBC9d+hD3BP+DKpeaooLMY5L6zl4
no3J3ParKOHwuUOjUcG6kEQ6IUHuLYkTI8IF3NdrhLtK1jIrhmLBPXThzNuppder
m+Whl6QBVVqsSOhrv9Tcjvx85V7DiOoSrNE8BA4ix7KEgALBsT81NKPj1D1WXOGr
9wkCamZs7JRMlhzevuR+c8bGyMT8jPQ91KB4aGynb+IhKajgWh0P4Ax3LuxOmliO
f6Cek3fr+6vdbTTjdJIMBstlb+dUVt9DWNwlqHf+597oqWs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:06 2025 by rpki-client