Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/oEHAOCLogjbGqN6woj8C017sSXI.roa
File: oEHAOCLogjbGqN6woj8C017sSXI.roa (raw, json)
Hash identifier: FyV9GelDk+uxphZfuHzQI1bILAkz6qh+b3L2SN+dKt8=
Subject key identifier: A0:41:C0:38:22:E8:82:36:C6:A8:DE:B0:A2:3F:02:D3:5E:EC:49:72
Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial: 0C8135C3
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/oEHAOCLogjbGqN6woj8C017sSXI.roa
Signing time: Sat 01 Jan 2022 10:57:17 +0000
ROA not before: Sat 01 Jan 2022 10:57:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 212.124.94.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209794499 (0xc8135c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Validity
Not Before: Jan 1 10:57:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a041c03822e88236c6a8deb0a23f02d35eec4972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:df:bc:4c:b6:c4:98:5e:f7:9c:a4:ab:c7:aa:
6b:81:16:4b:b3:95:68:59:f5:8c:53:41:2a:94:38:
b9:f2:0a:b8:f7:36:07:d4:33:79:5e:15:57:40:55:
3b:e3:3f:b6:e5:71:06:aa:63:0e:f8:14:5d:5f:89:
10:d4:04:3d:f8:b0:18:5c:d4:22:ca:9f:a9:70:e3:
cc:58:ee:f0:ba:80:34:7b:08:4b:c5:fd:53:90:bf:
83:49:57:69:e6:8e:cb:10:41:a4:4c:cc:8b:f8:52:
ca:37:a7:11:53:24:a8:c5:22:4d:d5:a4:4e:26:c0:
61:95:12:90:de:42:31:7f:e9:06:54:e7:8c:69:c3:
c9:6c:be:f8:9b:74:28:90:30:30:7d:8e:77:68:ee:
4d:e7:f1:8e:98:97:3d:95:d4:05:d8:89:ac:b6:90:
e6:21:d9:f5:cf:d6:05:e1:74:89:c7:28:1a:07:eb:
58:8b:2c:39:7a:32:6f:66:a1:70:4b:5d:5d:33:42:
51:42:9f:f0:90:37:a5:e7:6e:c2:76:ff:32:4c:ee:
ab:35:c5:6b:70:aa:e3:6b:62:1c:c4:ec:92:91:40:
20:9b:51:2d:76:20:98:f0:5e:fd:2e:4c:a8:50:6f:
5e:96:fc:90:7c:57:6d:93:a1:67:07:aa:5b:9a:24:
95:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:41:C0:38:22:E8:82:36:C6:A8:DE:B0:A2:3F:02:D3:5E:EC:49:72
X509v3 Authority Key Identifier:
keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/oEHAOCLogjbGqN6woj8C017sSXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.124.94.0/23
Signature Algorithm: sha256WithRSAEncryption
79:42:d4:88:96:eb:81:02:ad:55:ee:8b:0b:d1:4c:32:b3:44:
e3:3b:11:e0:24:24:95:a4:d0:85:ad:f8:09:c0:92:b3:30:1a:
41:53:64:83:98:90:15:e5:e5:a8:43:4a:9c:9d:fb:88:0b:72:
25:b5:a9:3c:4d:29:2c:e2:6d:49:72:09:bd:1f:3a:9c:0a:b7:
cb:57:75:93:b0:6c:d9:a5:21:3b:1c:6f:30:be:56:ca:09:c0:
35:2b:e4:ce:02:db:ca:4b:2d:96:7e:a3:22:f0:c2:45:a3:51:
e5:62:39:58:49:3d:01:8f:47:25:0a:93:96:ae:d2:11:d5:77:
01:f6:c5:ea:93:b5:ef:89:dc:c9:17:da:31:22:cf:df:2a:9f:
fc:e1:34:b5:d0:55:bb:0d:7e:bc:08:5c:9e:6b:cd:72:25:95:
bc:b9:eb:14:8c:17:ca:4a:6b:a6:42:c5:79:cb:68:47:83:7a:
1f:5c:ea:02:18:83:ad:31:52:9f:f8:38:b0:da:15:b9:e0:dd:
e1:22:4a:ee:8e:96:5d:48:37:34:f6:55:cb:67:c6:11:3e:74:
3e:02:3a:49:a0:db:f9:cb:62:31:5f:18:22:90:98:89:11:0a:
e8:d1:df:3f:4e:16:4d:48:ea:74:9a:39:1d:bf:e0:fe:d7:10:
70:d7:0e:6f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDIE1wzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmVlMmJmNDNmMjFhODFjNDkyYzZlNmE5ZmM2ZjA3NGQyZjBhMjE3MB4XDTIyMDEw
MTEwNTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA0MWMwMzgyMmU4
ODIzNmM2YThkZWIwYTIzZjAyZDM1ZWVjNDk3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHfvEy2xJhe95ykq8eqa4EWS7OVaFn1jFNBKpQ4ufIKuPc2
B9QzeV4VV0BVO+M/tuVxBqpjDvgUXV+JENQEPfiwGFzUIsqfqXDjzFju8LqANHsI
S8X9U5C/g0lXaeaOyxBBpEzMi/hSyjenEVMkqMUiTdWkTibAYZUSkN5CMX/pBlTn
jGnDyWy++Jt0KJAwMH2Od2juTefxjpiXPZXUBdiJrLaQ5iHZ9c/WBeF0iccoGgfr
WIssOXoyb2ahcEtdXTNCUUKf8JA3peduwnb/MkzuqzXFa3Cq42tiHMTskpFAIJtR
LXYgmPBe/S5MqFBvXpb8kHxXbZOhZweqW5oklWsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSgQcA4IuiCNsao3rCiPwLTXuxJcjAfBgNVHSMEGDAWgBTf7iv0PyGoHEks
bmqfxvB00vCiFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMtNHI5RDhocUJ4SkxHNXFuOGJ3ZE5Md29oYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvM2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8x
L29FSEFPQ0xvZ2piR3FONndvajhDMDE3c1NYSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
M2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8xLzMtNHI5RDhocUJ4
SkxHNXFuOGJ3ZE5Md29oYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdR8XjANBgkqhkiG9w0BAQsFAAOC
AQEAeULUiJbrgQKtVe6LC9FMMrNE4zsR4CQklaTQha34CcCSszAaQVNkg5iQFeXl
qENKnJ37iAtyJbWpPE0pLOJtSXIJvR86nAq3y1d1k7Bs2aUhOxxvML5WygnANSvk
zgLbykstln6jIvDCRaNR5WI5WEk9AY9HJQqTlq7SEdV3AfbF6pO174ncyRfaMSLP
3yqf/OE0tdBVuw1+vAhcnmvNciWVvLnrFIwXykprpkLFectoR4N6H1zqAhiDrTFS
n/g4sNoVueDd4SJK7o6WXUg3NPZVy2fGET50PgI6SaDb+ctiMV8YIpCYiREK6NHf
P04WTUjqdJo5Hb/g/tcQcNcObw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:54 2024 by rpki-client on console-ams.rpki-client.org