Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/O2JKOG2ETE0aL8pr_6Sr0OzAFzY.roa
File: O2JKOG2ETE0aL8pr_6Sr0OzAFzY.roa (raw, json)
Hash identifier: WOhvbD80GkhE22HGJEu6UZ8mw2hoEKeKvpg4KTSvpUI=
Subject key identifier: 3B:62:4A:38:6D:84:4C:4D:1A:2F:CA:6B:FF:A4:AB:D0:EC:C0:17:36
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 018CAFD3BCE28BE117B80B5E95F23642B478
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/O2JKOG2ETE0aL8pr_6Sr0OzAFzY.roa
Signing time: Thu 28 Dec 2023 09:48:58 +0000
ROA not before: Thu 28 Dec 2023 09:48:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212165
IP address blocks: 2a02:eb00:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:d3:bc:e2:8b:e1:17:b8:0b:5e:95:f2:36:42:b4:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Dec 28 09:48:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b624a386d844c4d1a2fca6bffa4abd0ecc01736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9a:b0:89:51:b3:0f:bb:91:ca:fe:85:1d:24:
fe:fb:cd:bb:fa:48:41:2b:9b:aa:9a:e8:27:3c:91:
3e:a7:66:34:5e:6f:5a:d1:d0:77:75:09:fd:fb:26:
cb:6c:38:62:87:6b:e2:01:e7:27:23:ac:b5:8d:7c:
9e:dd:93:e7:c8:a6:d5:24:65:c2:ac:a9:f3:98:9a:
d6:b0:21:c6:82:b0:3f:a0:15:7d:35:bb:fe:8b:7d:
3c:fc:b8:bd:31:e1:cc:f4:1e:f6:c9:4f:0c:5b:2a:
64:77:dd:e8:7a:c2:16:c4:24:94:bd:1b:91:c8:b5:
f1:a8:b3:a7:ac:d9:8d:2c:91:5b:72:5b:69:46:fb:
a7:d2:73:63:f8:16:b8:93:68:23:2b:e1:ca:45:f4:
0b:3e:1e:30:4b:88:6d:80:f8:67:29:be:57:8f:85:
e4:dd:10:da:0f:3e:aa:b4:b0:9d:fd:51:fc:9f:ff:
42:38:c3:1f:de:d1:e9:fc:4c:b1:b3:cd:3c:a7:95:
a5:43:86:35:d6:31:4d:27:1f:bf:d9:d0:53:69:f8:
77:49:a8:37:a7:92:26:e1:0f:1c:1f:6b:36:ae:8b:
54:20:f6:47:1a:ed:11:09:74:fa:b7:1a:18:cc:72:
9a:38:9d:85:2f:d8:39:db:0f:f6:70:f1:97:c3:a4:
59:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:62:4A:38:6D:84:4C:4D:1A:2F:CA:6B:FF:A4:AB:D0:EC:C0:17:36
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/O2JKOG2ETE0aL8pr_6Sr0OzAFzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:eb00:2::/48
Signature Algorithm: sha256WithRSAEncryption
0d:53:56:6e:e9:7e:5b:58:4c:1c:e0:bb:3b:42:1a:13:4e:c1:
53:e5:15:03:e0:d9:e9:fe:1b:31:85:bd:cd:77:55:80:b7:fe:
09:3d:2b:d3:e8:94:93:f6:40:92:09:92:ed:df:58:90:5d:16:
2b:93:65:89:79:1f:4d:eb:64:2c:75:ff:a5:c3:72:d1:cd:53:
98:42:b1:a7:ab:13:99:7e:ae:ca:b2:14:b5:fe:1b:ea:3d:9f:
6a:a4:7a:90:d7:25:ee:73:da:76:43:25:17:b3:4f:5e:dc:41:
73:71:41:f7:ce:fc:5e:6e:08:56:0c:44:db:e8:b3:2d:e4:e1:
70:92:5c:97:39:02:d2:22:a2:a5:ab:34:8a:2c:58:da:75:89:
fc:de:5f:23:a0:04:b0:84:d9:2e:c0:91:ee:c5:fe:b4:69:07:
5a:eb:8f:7b:59:f0:00:f1:79:f1:6c:06:3d:33:2c:9d:dd:42:
4a:0b:5a:9b:73:6d:5d:62:3c:80:20:c7:71:f2:2c:f8:7d:c1:
e4:43:37:eb:54:e6:4a:bd:d2:be:6c:86:e9:8b:74:20:60:9b:
8a:00:f3:29:64:58:27:4c:c2:6c:18:c1:61:e3:91:aa:b4:86:
8c:bc:17:97:8d:73:95:ec:dd:bc:cf:26:8a:e1:4e:14:78:74:
0b:38:ac:d0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYyv07zii+EXuAtelfI2QrR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMxMjI4MDk0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjYyNGEzODZkODQ0YzRkMWEyZmNhNmJmZmE0YWJkMGVjYzAxNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5qwiVGzD7uRyv6FHST++827+khB
K5uqmugnPJE+p2Y0Xm9a0dB3dQn9+ybLbDhih2viAecnI6y1jXye3ZPnyKbVJGXC
rKnzmJrWsCHGgrA/oBV9Nbv+i308/Li9MeHM9B72yU8MWypkd93oesIWxCSUvRuR
yLXxqLOnrNmNLJFbcltpRvun0nNj+Ba4k2gjK+HKRfQLPh4wS4htgPhnKb5Xj4Xk
3RDaDz6qtLCd/VH8n/9COMMf3tHp/Eyxs808p5WlQ4Y11jFNJx+/2dBTafh3Sag3
p5Im4Q8cH2s2rotUIPZHGu0RCXT6txoYzHKaOJ2FL9g52w/2cPGXw6RZywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDtiSjhthExNGi/Ka/+kq9DswBc2MB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvTzJKS09HMkVURTBhTDhwcl82U3IwT3pBRnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgLrAAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQANU1Zu6X5bWEwc4Ls7QhoTTsFT5RUD4Nnp/hsx
hb3Nd1WAt/4JPSvT6JST9kCSCZLt31iQXRYrk2WJeR9N62Qsdf+lw3LRzVOYQrGn
qxOZfq7KshS1/hvqPZ9qpHqQ1yXuc9p2QyUXs09e3EFzcUH3zvxebghWDETb6LMt
5OFwklyXOQLSIqKlqzSKLFjadYn83l8joASwhNkuwJHuxf60aQda6497WfAA8Xnx
bAY9Myyd3UJKC1qbc21dYjyAIMdx8iz4fcHkQzfrVOZKvdK+bIbpi3QgYJuKAPMp
ZFgnTMJsGMFh45GqtIaMvBeXjXOV7N28zyaK4U4UeHQLOKzQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:24 2025 by rpki-client