Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/OE0Hegg2XNJF2DRoV2rhESeYoz4.roa
File: OE0Hegg2XNJF2DRoV2rhESeYoz4.roa (raw, json)
Hash identifier: tYqGQmAHzQf0er0LPFsR77TelQG6DFQcQ/b1YQPiboU=
Subject key identifier: 38:4D:07:7A:08:36:5C:D2:45:D8:34:68:57:6A:E1:11:27:98:A3:3E
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 01828937EE5A61C70D524697AD61A7E4020E
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/OE0Hegg2XNJF2DRoV2rhESeYoz4.roa
Signing time: Wed 10 Aug 2022 19:25:20 +0000
ROA not before: Wed 10 Aug 2022 19:25:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 945
IP address blocks: 2a05:b0c6:b00b::/48 maxlen: 48
2a05:b0c7:b00b::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:89:37:ee:5a:61:c7:0d:52:46:97:ad:61:a7:e4:02:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Aug 10 19:25:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=384d077a08365cd245d83468576ae1112798a33e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:17:cc:58:a7:d0:a2:2b:6e:d8:52:26:7f:ed:
92:5e:76:9b:4c:dd:8b:94:c0:0e:9b:fc:02:dd:d1:
31:fe:9e:3f:59:fd:8a:8f:d4:69:14:b5:27:d3:43:
d9:26:d2:b0:94:18:12:83:90:44:be:99:9c:02:22:
81:1c:8e:08:34:3f:ea:eb:12:ca:c5:9e:0f:f6:86:
c1:d4:3d:85:0a:65:d0:65:7b:a3:2c:bd:29:fb:99:
c3:ba:b9:0f:24:de:c5:e9:19:99:9f:34:4f:90:a5:
ce:ca:7b:75:e2:20:a0:80:1e:90:9a:ac:52:80:99:
fe:bd:2d:95:b6:be:c1:d7:c8:90:53:f3:1f:3a:85:
10:25:87:36:ed:4d:1d:c7:7d:76:2a:b9:56:3e:8a:
8b:4e:82:b9:34:e7:6e:60:f8:7b:fb:72:9f:3d:6c:
00:ad:35:a6:d2:e8:a2:11:40:b6:51:bc:e4:f4:06:
87:a4:21:4c:6d:04:0d:a2:4f:b9:04:21:93:24:ba:
d6:fc:4f:7e:ad:10:70:97:ef:eb:4e:ca:39:6b:48:
cd:43:f1:3f:be:48:22:2b:9c:c7:47:24:e5:cf:30:
57:68:df:e6:f4:ac:de:7c:62:80:47:8c:1e:62:f1:
16:4b:58:db:91:43:00:76:61:57:24:1a:38:41:4f:
ab:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4D:07:7A:08:36:5C:D2:45:D8:34:68:57:6A:E1:11:27:98:A3:3E
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/OE0Hegg2XNJF2DRoV2rhESeYoz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:b00b::/48
2a05:b0c7:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
81:25:6a:c2:d3:d0:6f:ab:8a:06:f5:49:e4:a0:4e:a0:57:df:
62:63:b2:fd:85:06:98:f5:6c:29:cd:0e:59:96:96:93:89:be:
0d:ed:79:05:f2:93:0f:30:2d:a3:d5:2a:b7:51:73:6a:22:0d:
e4:a4:c7:87:ab:31:e3:b8:a6:d5:3b:78:cb:ef:d1:6f:1e:50:
2a:76:60:0b:d8:1a:54:b8:8c:b3:8e:a7:fd:b4:3c:2f:5f:f8:
2b:bb:93:60:55:e0:ac:43:9d:b9:8a:26:96:5b:c1:40:b0:00:
04:e3:b1:a3:5c:da:bf:90:c4:48:bf:dd:d5:c7:23:52:39:e0:
97:9b:13:94:7a:a6:84:e5:55:01:dc:d5:73:03:5d:a4:8b:84:
ac:ae:dd:08:86:5e:17:ad:49:2c:6c:e1:0c:09:ef:41:1d:f1:
50:19:1c:cb:e1:79:82:c1:54:59:13:ea:a5:0c:83:56:7d:58:
9b:dd:42:eb:4f:dc:b0:9e:bd:2b:01:06:26:19:59:d1:f3:be:
6e:98:45:43:a6:a3:78:ff:c0:b6:35:95:60:0a:3d:8d:39:83:
5f:49:9b:98:eb:ee:7f:62:96:51:83:58:c6:26:d4:8a:f3:df:
6d:30:c5:92:dd:af:80:70:17:62:4e:08:51:bf:e5:fb:d5:7d:
a0:7d:90:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKJN+5aYccNUkaXrWGn5AIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjIwODEwMTkyNTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODRkMDc3YTA4MzY1Y2QyNDVkODM0Njg1NzZhZTExMTI3OThhMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxfMWKfQoitu2FImf+2SXnabTN2L
lMAOm/wC3dEx/p4/Wf2Kj9RpFLUn00PZJtKwlBgSg5BEvpmcAiKBHI4IND/q6xLK
xZ4P9obB1D2FCmXQZXujLL0p+5nDurkPJN7F6RmZnzRPkKXOynt14iCggB6QmqxS
gJn+vS2Vtr7B18iQU/MfOoUQJYc27U0dx312KrlWPoqLToK5NOduYPh7+3KfPWwA
rTWm0uiiEUC2Ubzk9AaHpCFMbQQNok+5BCGTJLrW/E9+rRBwl+/rTso5a0jNQ/E/
vkgiK5zHRyTlzzBXaN/m9KzefGKAR4weYvEWS1jbkUMAdmFXJBo4QU+rtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDhNB3oINlzSRdg0aFdq4REnmKM+MB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvT0UwSGVnZzJYTkpGMkRSb1YycmhFU2VZb3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgWwxrAL
AwcAKgWwx7ALMA0GCSqGSIb3DQEBCwUAA4IBAQCBJWrC09Bvq4oG9UnkoE6gV99i
Y7L9hQaY9WwpzQ5ZlpaTib4N7XkF8pMPMC2j1Sq3UXNqIg3kpMeHqzHjuKbVO3jL
79FvHlAqdmAL2BpUuIyzjqf9tDwvX/gru5NgVeCsQ525iiaWW8FAsAAE47GjXNq/
kMRIv93VxyNSOeCXmxOUeqaE5VUB3NVzA12ki4Ssrt0Ihl4XrUksbOEMCe9BHfFQ
GRzL4XmCwVRZE+qlDINWfVib3ULrT9ywnr0rAQYmGVnR875umEVDpqN4/8C2NZVg
Cj2NOYNfSZuY6+5/YpZRg1jGJtSK899tMMWS3a+AcBdiTghRv+X71X2gfZBs
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:57:38 2025 by rpki-client