Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/ssOC2hKwcgD1TRBcYtaIvSwQsek.roa
File: ssOC2hKwcgD1TRBcYtaIvSwQsek.roa (raw, json)
Hash identifier: UVHufTULrNsIsSbT+qv9o0O7vxEPEvPtST7CRHQgAbI=
Subject key identifier: B2:C3:82:DA:12:B0:72:00:F5:4D:10:5C:62:D6:88:BD:2C:10:B1:E9
Certificate issuer: /CN=7af6779e62b4612887fe6f8d4e9c0e3731f6e108
Certificate serial: 0686ADF2
Authority key identifier: 7A:F6:77:9E:62:B4:61:28:87:FE:6F:8D:4E:9C:0E:37:31:F6:E1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/ssOC2hKwcgD1TRBcYtaIvSwQsek.roa
Signing time: Sat 01 Jan 2022 03:00:12 +0000
ROA not before: Sat 01 Jan 2022 03:00:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208236
IP address blocks: 45.150.152.0/22 maxlen: 24
2a0f:d600::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109489650 (0x686adf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7af6779e62b4612887fe6f8d4e9c0e3731f6e108
Validity
Not Before: Jan 1 03:00:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2c382da12b07200f54d105c62d688bd2c10b1e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:35:9a:c3:fc:40:04:2b:93:e9:fd:1b:33:84:
3f:97:96:e9:f5:4e:26:07:5c:ae:d1:eb:8b:57:b5:
e7:4f:af:04:a1:43:41:cd:21:7d:17:8a:f9:95:02:
ad:61:c5:0e:b8:f7:aa:0d:0c:72:59:9e:f1:22:24:
9d:0d:26:f1:a3:65:c5:17:c2:af:b4:38:78:fb:de:
f6:87:0d:a5:76:d7:62:f6:2d:59:11:1d:25:de:8b:
0f:f1:60:7f:8a:3f:ea:c5:30:cd:43:eb:4a:93:57:
f4:a1:d7:94:3b:27:36:26:7a:d3:3a:b1:10:0b:3b:
fd:cd:3b:7f:37:5b:59:aa:c1:64:8e:31:8a:c3:bf:
aa:08:e2:3d:22:03:c8:69:f6:5b:d3:5a:b6:66:e2:
46:06:75:64:32:97:29:9d:81:6d:5a:91:95:1b:9b:
41:d3:4e:cc:c7:9c:c2:23:7e:0e:fd:0b:da:28:2f:
82:93:86:c9:f1:e1:71:60:20:a0:4a:23:3f:64:68:
d5:4c:68:5b:05:7a:d1:4c:b5:a1:4c:11:bb:65:3a:
68:b4:2d:3e:9d:e2:e7:bd:6c:1d:94:5e:60:00:4a:
b8:de:15:78:ee:57:34:3e:28:90:b6:26:c1:e8:a6:
90:7a:e7:58:5a:28:8f:57:dc:30:b4:8c:15:6f:8b:
05:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C3:82:DA:12:B0:72:00:F5:4D:10:5C:62:D6:88:BD:2C:10:B1:E9
X509v3 Authority Key Identifier:
keyid:7A:F6:77:9E:62:B4:61:28:87:FE:6F:8D:4E:9C:0E:37:31:F6:E1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/ssOC2hKwcgD1TRBcYtaIvSwQsek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/evZ3nmK0YSiH_m-NTpwONzH24Qg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.152.0/22
IPv6:
2a0f:d600::/29
Signature Algorithm: sha256WithRSAEncryption
2a:96:7f:07:da:e5:6c:fd:b1:e3:57:84:2a:6d:2f:19:a0:80:
33:63:2f:97:ce:95:6d:0c:e1:3e:95:64:dc:ef:7a:52:6e:f9:
3c:1c:1a:e8:2e:67:8e:fe:3b:b0:4c:2a:42:32:a6:5c:54:f7:
97:3e:29:f4:08:9b:08:1c:a4:fa:0c:a3:ac:e1:36:a9:c7:b3:
3d:fe:07:b2:36:40:13:7a:b7:bf:0a:6a:57:5a:81:0d:a3:d1:
36:e3:02:22:78:46:54:59:ce:c6:84:9b:55:5e:0f:a6:e0:a4:
06:42:dd:75:6c:46:a1:f5:c0:41:5f:9f:46:b4:f7:48:59:c9:
62:32:8f:e6:bd:54:ea:3d:cb:57:18:35:f0:5c:9d:45:79:99:
21:ae:17:5b:5b:55:ee:25:75:4c:71:a8:c4:c2:ae:e0:23:81:
4b:0e:b1:86:85:c7:72:55:cd:da:28:98:e7:cf:78:30:11:3e:
65:a3:e6:64:bc:15:f7:1c:27:c7:b5:ef:27:6f:4f:a6:d5:8b:
cd:3b:36:ca:94:66:26:c2:bb:c0:00:8a:51:4f:88:ef:32:8f:
af:d2:84:f2:c6:9a:0d:12:e8:fc:38:1e:3a:f5:8b:81:48:3e:
4c:b7:64:09:ac:be:83:cd:45:c4:6f:63:07:72:91:57:26:62:
b4:1c:1c:67
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBoat8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YWY2Nzc5ZTYyYjQ2MTI4ODdmZTZmOGQ0ZTljMGUzNzMxZjZlMTA4MB4XDTIyMDEw
MTAzMDAxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJjMzgyZGExMmIw
NzIwMGY1NGQxMDVjNjJkNjg4YmQyYzEwYjFlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALM1msP8QAQrk+n9GzOEP5eW6fVOJgdcrtHri1e150+vBKFD
Qc0hfReK+ZUCrWHFDrj3qg0Mclme8SIknQ0m8aNlxRfCr7Q4ePve9ocNpXbXYvYt
WREdJd6LD/Fgf4o/6sUwzUPrSpNX9KHXlDsnNiZ60zqxEAs7/c07fzdbWarBZI4x
isO/qgjiPSIDyGn2W9NatmbiRgZ1ZDKXKZ2BbVqRlRubQdNOzMecwiN+Dv0L2igv
gpOGyfHhcWAgoEojP2Ro1UxoWwV60Uy1oUwRu2U6aLQtPp3i571sHZReYABKuN4V
eO5XND4okLYmweimkHrnWFooj1fcMLSMFW+LBc8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSyw4LaErByAPVNEFxi1oi9LBCx6TAfBgNVHSMEGDAWgBR69neeYrRhKIf+
b41OnA43MfbhCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2V2WjNubUswWVNpSF9tLU5UcHdPTnpIMjRRZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvMzBiMTI0LTg3ZjItNGM3YS1iYzBlLTc5MDc3NWM3NzljNS8x
L3NzT0MyaEt3Y2dEMVRSQmNZdGFJdlN3UXNlay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
MzBiMTI0LTg3ZjItNGM3YS1iYzBlLTc5MDc3NWM3NzljNS8xL2V2WjNubUswWVNp
SF9tLU5UcHdPTnpIMjRRZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2WmDANBAIAAjAHAwUDKg/WADAN
BgkqhkiG9w0BAQsFAAOCAQEAKpZ/B9rlbP2x41eEKm0vGaCAM2Mvl86VbQzhPpVk
3O96Um75PBwa6C5njv47sEwqQjKmXFT3lz4p9AibCByk+gyjrOE2qcezPf4HsjZA
E3q3vwpqV1qBDaPRNuMCInhGVFnOxoSbVV4PpuCkBkLddWxGofXAQV+fRrT3SFnJ
YjKP5r1U6j3LVxg18FydRXmZIa4XW1tV7iV1THGoxMKu4COBSw6xhoXHclXN2iiY
5894MBE+ZaPmZLwV9xwnx7XvJ29PptWLzTs2ypRmJsK7wACKUU+I7zKPr9KE8saa
DRLo/DgeOvWLgUg+TLdkCay+g81FxG9jB3KRVyZitBwcZw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:56 2023 by rpki-client on console-fra.rpki-client.org