Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/bf748d-c4ca-4fd1-a59d-4060f211f3c3/1/OekNB-unH4FgrDx33RbDL2CI-DU.roa
File: OekNB-unH4FgrDx33RbDL2CI-DU.roa (raw, json)
Hash identifier: w9I7taT43gsXi6ZcZAEl5TTrtwNsaXZlopTd7dSOgDw=
Subject key identifier: 39:E9:0D:07:EB:A7:1F:81:60:AC:3C:77:DD:16:C3:2F:60:88:F8:35
Certificate issuer: /CN=b453a2b3fb83d86c7806cc0660d829119d9375b4
Certificate serial: 018B1D6D7943B9CE1179CA334737EBBA0661
Authority key identifier: B4:53:A2:B3:FB:83:D8:6C:78:06:CC:06:60:D8:29:11:9D:93:75:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/bf748d-c4ca-4fd1-a59d-4060f211f3c3/1/OekNB-unH4FgrDx33RbDL2CI-DU.roa
Signing time: Wed 11 Oct 2023 06:29:55 +0000
ROA not before: Wed 11 Oct 2023 06:29:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47540
IP address blocks: 2a13:cfc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:6d:79:43:b9:ce:11:79:ca:33:47:37:eb:ba:06:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b453a2b3fb83d86c7806cc0660d829119d9375b4
Validity
Not Before: Oct 11 06:29:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39e90d07eba71f8160ac3c77dd16c32f6088f835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d8:0e:1b:60:51:25:50:bb:e6:1a:30:c8:ce:
ce:e8:03:ba:73:ec:83:e2:28:50:f7:d1:d5:56:41:
a4:0c:34:64:b1:b7:ec:4c:29:61:d1:0f:ca:dd:36:
f0:e7:1d:62:e5:58:11:bf:63:7e:8a:9d:06:57:a1:
4d:11:15:6b:86:45:28:96:4a:30:f6:48:17:e5:90:
ee:1a:bf:cb:c6:fe:81:4c:fb:8f:ea:e9:78:bb:9a:
42:e4:50:30:6e:b2:2b:5a:4f:14:54:92:c9:7e:b0:
ef:4e:18:e4:4f:4b:bc:56:f8:1f:95:68:88:dd:f2:
b5:b5:7d:47:c0:7e:34:6e:80:32:38:b3:fc:a6:21:
d6:af:a4:77:f5:8d:11:af:3a:a1:32:44:6a:1f:59:
34:29:b3:2d:bd:f0:06:bf:23:3c:ea:61:9e:5c:ee:
d6:a5:00:b6:75:28:46:0e:ce:49:5b:52:7e:8c:90:
3f:6c:6d:98:04:0e:00:b3:dd:37:35:93:45:56:99:
81:ad:1c:94:78:9c:0e:9b:05:98:9c:aa:db:0d:20:
7e:86:3a:c8:01:4a:3c:64:72:60:c9:47:6b:2c:c0:
3f:4c:3d:29:9a:b3:f9:bf:ea:47:a6:4e:62:65:02:
e4:60:b7:8f:21:9c:7a:59:fc:0f:0a:82:c4:94:4b:
6e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E9:0D:07:EB:A7:1F:81:60:AC:3C:77:DD:16:C3:2F:60:88:F8:35
X509v3 Authority Key Identifier:
keyid:B4:53:A2:B3:FB:83:D8:6C:78:06:CC:06:60:D8:29:11:9D:93:75:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf748d-c4ca-4fd1-a59d-4060f211f3c3/1/OekNB-unH4FgrDx33RbDL2CI-DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf748d-c4ca-4fd1-a59d-4060f211f3c3/1/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
b2:d4:70:e2:91:37:58:69:43:1b:f8:f4:89:ab:bd:23:03:46:
d1:fb:f4:b4:35:29:d9:ca:43:c6:a1:71:f8:d8:d7:39:52:3b:
86:e3:39:bc:88:1e:56:ea:09:2e:80:e4:d9:52:33:48:ca:e6:
fe:ae:44:7c:60:33:76:72:f1:a0:4a:e4:9a:a8:bd:fa:a0:51:
11:a6:0a:6e:10:3d:56:24:41:99:f6:a4:bc:80:46:1f:15:96:
61:3a:33:b0:fd:b0:23:7e:93:63:eb:40:79:e5:b1:55:02:f9:
64:10:54:f2:6d:1c:c8:a3:71:ae:41:e1:94:7c:84:18:3b:35:
10:c6:12:cb:73:fc:64:94:6c:2a:16:59:72:88:5f:d3:ce:56:
9d:d5:07:12:30:d5:0f:ab:58:29:7b:f7:2a:31:db:2a:b0:de:
0e:1d:fc:d2:19:dc:85:60:ab:50:a3:34:48:58:e9:fe:d2:22:
4d:1c:e1:1d:03:42:b3:04:19:86:87:2f:b4:2e:82:e5:33:52:
94:7b:ec:cc:38:19:1a:fe:2f:80:45:5d:25:25:e9:88:50:64:
df:39:41:ad:ba:78:b9:f8:f5:47:3d:d7:61:43:c6:b4:27:68:
20:42:ee:e2:31:45:bb:d0:77:17:37:01:b6:30:b7:6b:72:9e:
6a:8f:3a:20
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYsdbXlDuc4RecozRzfrugZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTNhMmIzZmI4M2Q4NmM3ODA2Y2MwNjYwZDgyOTExOWQ5
Mzc1YjQwHhcNMjMxMDExMDYyOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWU5MGQwN2ViYTcxZjgxNjBhYzNjNzdkZDE2YzMyZjYwODhmODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytgOG2BRJVC75howyM7O6AO6c+yD
4ihQ99HVVkGkDDRksbfsTClh0Q/K3Tbw5x1i5VgRv2N+ip0GV6FNERVrhkUolkow
9kgX5ZDuGr/Lxv6BTPuP6ul4u5pC5FAwbrIrWk8UVJLJfrDvThjkT0u8VvgflWiI
3fK1tX1HwH40boAyOLP8piHWr6R39Y0RrzqhMkRqH1k0KbMtvfAGvyM86mGeXO7W
pQC2dShGDs5JW1J+jJA/bG2YBA4As903NZNFVpmBrRyUeJwOmwWYnKrbDSB+hjrI
AUo8ZHJgyUdrLMA/TD0pmrP5v+pHpk5iZQLkYLePIZx6WfwPCoLElEtu1QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDnpDQfrpx+BYKw8d90Wwy9giPg1MB8GA1UdIwQY
MBaAFLRTorP7g9hseAbMBmDYKRGdk3W0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZPaXNfdUQyR3g0QnN3R1lOZ3BFWjJUZGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9iZjc0OGQtYzRjYS00ZmQxLWE1OWQt
NDA2MGYyMTFmM2MzLzEvT2VrTkItdW5INEZnckR4MzNSYkRMMkNJLURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9iZjc0OGQtYzRjYS00ZmQxLWE1OWQtNDA2MGYyMTFmM2Mz
LzEvdEZPaXNfdUQyR3g0QnN3R1lOZ3BFWjJUZGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPPwDAN
BgkqhkiG9w0BAQsFAAOCAQEAstRw4pE3WGlDG/j0iau9IwNG0fv0tDUp2cpDxqFx
+NjXOVI7huM5vIgeVuoJLoDk2VIzSMrm/q5EfGAzdnLxoErkmqi9+qBREaYKbhA9
ViRBmfakvIBGHxWWYTozsP2wI36TY+tAeeWxVQL5ZBBU8m0cyKNxrkHhlHyEGDs1
EMYSy3P8ZJRsKhZZcohf085WndUHEjDVD6tYKXv3KjHbKrDeDh380hnchWCrUKM0
SFjp/tIiTRzhHQNCswQZhocvtC6C5TNSlHvszDgZGv4vgEVdJSXpiFBk3zlBrbp4
ufj1Rz3XYUPGtCdoIELu4jFFu9B3FzcBtjC3a3Keao86IA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:39 2025 by rpki-client