Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/s-lR2kI_R1B9olbDgvGs97__OCM.roa
File: s-lR2kI_R1B9olbDgvGs97__OCM.roa (raw, json)
Hash identifier: 5AnR7LhO8rHoP1tIiSjAGADk6CqBs18lUeKmU3co2MM=
Subject key identifier: B3:E9:51:DA:42:3F:47:50:7D:A2:56:C3:82:F1:AC:F7:BF:FF:38:23
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018B918777200CAAC00EC30EFA24DDDDD91D
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/s-lR2kI_R1B9olbDgvGs97__OCM.roa
Signing time: Thu 02 Nov 2023 19:34:16 +0000
ROA not before: Thu 02 Nov 2023 19:34:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47924
IP address blocks: 2a05:b0c7:300::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:91:87:77:20:0c:aa:c0:0e:c3:0e:fa:24:dd:dd:d9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Nov 2 19:34:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3e951da423f47507da256c382f1acf7bfff3823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:55:9b:88:57:6e:51:1c:68:87:77:de:8e:68:
3f:4a:07:f7:ae:21:cf:48:a0:f6:ca:04:14:27:0a:
ca:86:91:67:ed:47:82:6e:1c:f8:b7:59:ff:97:15:
e4:c4:3d:9c:ef:c3:17:f4:d3:94:ad:2a:4d:2c:bb:
94:83:36:70:6f:db:68:89:8a:76:68:a4:af:21:9d:
d2:52:c4:a5:fa:c6:3f:e5:82:c8:14:aa:ea:cf:42:
2f:ea:25:4e:f2:26:a3:b9:91:73:24:c2:59:d0:ca:
4e:6a:aa:30:b7:1b:c0:85:ef:c3:fa:df:57:85:d3:
f6:89:fa:7a:05:4a:a1:a5:89:37:86:6b:23:df:94:
53:6f:c6:c0:ff:6d:d2:87:61:12:cc:9d:51:8f:91:
72:a1:b0:ec:b9:a3:62:49:e3:35:d9:05:ef:97:57:
ec:38:e6:5b:88:58:76:f4:11:84:0a:21:4f:8f:4b:
07:90:bc:98:16:36:35:c1:6b:72:57:f0:c7:86:a3:
88:8d:ed:f2:73:15:c5:01:bf:77:a3:64:1c:e2:a4:
2d:ac:9c:99:d9:64:65:4d:2e:8a:e8:49:05:37:96:
52:75:fc:cf:95:05:c9:c8:91:cb:8d:df:14:d1:8c:
5c:c3:90:51:4c:3e:a6:fc:24:fe:c5:5d:0e:de:e7:
b2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E9:51:DA:42:3F:47:50:7D:A2:56:C3:82:F1:AC:F7:BF:FF:38:23
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/s-lR2kI_R1B9olbDgvGs97__OCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c7:300::/48
Signature Algorithm: sha256WithRSAEncryption
34:c0:fa:a5:ad:d9:a8:d5:2a:42:0f:54:ae:2f:09:92:3f:c2:
27:6f:a3:67:e3:a3:51:22:93:06:99:4b:a3:cb:62:0f:d0:aa:
66:f7:28:79:15:76:e5:6b:8a:37:ce:eb:5d:8c:09:53:e9:0c:
56:75:7b:f4:fe:06:18:b5:ae:7d:b2:17:a8:85:11:b0:f3:1c:
20:f8:9f:1a:07:7d:27:55:81:9c:dd:99:f1:57:b6:04:b6:b8:
35:94:26:fa:e7:a0:85:18:71:91:cc:f3:d9:8e:2e:0c:3b:e2:
25:8c:a2:7a:d0:cc:3b:33:52:b6:0d:07:0d:90:fc:7e:22:3d:
95:10:c7:7e:45:dc:19:c0:35:c8:53:ce:49:f1:03:22:12:01:
97:16:c7:df:f4:ca:e8:81:43:1e:fc:22:59:95:d1:33:aa:f7:
0e:71:06:46:cb:c9:6a:7f:99:38:41:9b:df:85:2b:34:9a:1a:
f9:da:08:d6:5e:7f:f7:b9:d7:b1:59:84:b3:47:29:34:a6:0a:
8a:fa:cb:84:9c:c2:04:d3:45:64:50:59:68:0b:34:f5:a6:07:
72:1a:cd:6f:ed:ee:c1:06:5c:d8:77:ad:a1:86:99:9e:fb:70:
a1:32:55:4e:d2:fb:f6:21:04:0e:b4:18:77:3e:eb:ec:37:a0:
5a:8b:7b:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYuRh3cgDKrADsMO+iTd3dkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjMxMTAyMTkzNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2U5NTFkYTQyM2Y0NzUwN2RhMjU2YzM4MmYxYWNmN2JmZmYzODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlWbiFduURxoh3fejmg/Sgf3riHP
SKD2ygQUJwrKhpFn7UeCbhz4t1n/lxXkxD2c78MX9NOUrSpNLLuUgzZwb9toiYp2
aKSvIZ3SUsSl+sY/5YLIFKrqz0Iv6iVO8iajuZFzJMJZ0MpOaqowtxvAhe/D+t9X
hdP2ifp6BUqhpYk3hmsj35RTb8bA/23Sh2ESzJ1Rj5FyobDsuaNiSeM12QXvl1fs
OOZbiFh29BGECiFPj0sHkLyYFjY1wWtyV/DHhqOIje3ycxXFAb93o2Qc4qQtrJyZ
2WRlTS6K6EkFN5ZSdfzPlQXJyJHLjd8U0Yxcw5BRTD6m/CT+xV0O3ueydQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLPpUdpCP0dQfaJWw4LxrPe//zgjMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvcy1sUjJrSV9SMUI5b2xiRGd2R3M5N19fT0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWwxwMA
MA0GCSqGSIb3DQEBCwUAA4IBAQA0wPqlrdmo1SpCD1SuLwmSP8Inb6Nn46NRIpMG
mUujy2IP0Kpm9yh5FXbla4o3zutdjAlT6QxWdXv0/gYYta59sheohRGw8xwg+J8a
B30nVYGc3ZnxV7YEtrg1lCb656CFGHGRzPPZji4MO+IljKJ60Mw7M1K2DQcNkPx+
Ij2VEMd+RdwZwDXIU85J8QMiEgGXFsff9MrogUMe/CJZldEzqvcOcQZGy8lqf5k4
QZvfhSs0mhr52gjWXn/3udexWYSzRyk0pgqK+suEnMIE00VkUFloCzT1pgdyGs1v
7e7BBlzYd62hhpme+3ChMlVO0vv2IQQOtBh3PuvsN6Bai3uq
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:00:06 2025 by rpki-client