Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/OWDSR469IUmQ40wn1BLSZL0R8u8.roa
File: OWDSR469IUmQ40wn1BLSZL0R8u8.roa (raw, json)
Hash identifier: 3S2c9zkVYZuIbJ7hMn9I672c4o5sOZHMwSpnk0/XS3Q=
Subject key identifier: 39:60:D2:47:8E:BD:21:49:90:E3:4C:27:D4:12:D2:64:BD:11:F2:EF
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 01636E
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/OWDSR469IUmQ40wn1BLSZL0R8u8.roa
Signing time: Thu 07 Apr 2022 14:32:37 +0000
ROA not before: Thu 07 Apr 2022 14:32:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209105
IP address blocks: 2001:67c:9ac::/48 maxlen: 48
2001:67c:9a4::/48 maxlen: 48
2001:67c:99c::/48 maxlen: 48
2001:67c:9b0::/48 maxlen: 48
2001:67c:9a8::/48 maxlen: 48
2001:67c:9a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90990 (0x1636e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Apr 7 14:32:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3960d2478ebd214990e34c27d412d264bd11f2ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:59:7d:2c:b9:fd:ac:86:b0:ca:f0:20:65:17:
08:cd:bd:9a:5d:10:5d:ba:4e:f1:a9:d2:ca:9e:5d:
d6:23:d1:64:19:10:49:a6:ad:fd:d4:30:01:1c:9a:
58:3e:46:91:aa:27:32:13:90:07:af:dd:5b:b0:76:
1d:a5:9f:dc:24:bf:da:b6:e9:e2:af:cc:87:1d:8c:
8a:db:2d:7b:8b:cd:d4:de:a4:55:67:23:e8:bf:b9:
03:a7:c5:8b:00:81:7f:04:e2:f3:48:b1:e7:08:9d:
59:ce:c5:36:63:15:bc:7b:0b:a4:ac:6e:00:a1:6e:
4a:1f:39:eb:db:8a:d1:2b:51:66:e7:fb:1c:8a:a0:
e4:c5:da:0f:64:92:96:ef:a3:0a:df:0a:bf:3c:6e:
51:0c:ac:dd:7f:86:4d:53:07:aa:ff:07:1f:e8:ba:
f8:1d:2a:2a:d6:65:0d:cb:ec:20:9a:a8:43:f3:66:
8a:98:28:bf:8f:13:58:72:59:39:b6:ea:69:2b:07:
41:d7:29:46:86:62:04:73:23:8d:64:f2:a5:cd:01:
b8:40:32:e3:82:5d:ab:1f:8f:4e:09:f1:26:72:b8:
46:a0:73:0d:34:d8:9e:49:57:c8:f8:52:0f:48:4f:
d5:83:c0:f0:43:4d:17:0b:52:1e:d9:c9:ff:56:5a:
5b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:60:D2:47:8E:BD:21:49:90:E3:4C:27:D4:12:D2:64:BD:11:F2:EF
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/OWDSR469IUmQ40wn1BLSZL0R8u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:99c::/48
2001:67c:9a0::/48
2001:67c:9a4::/48
2001:67c:9a8::/48
2001:67c:9ac::/48
2001:67c:9b0::/48
Signature Algorithm: sha256WithRSAEncryption
5e:16:69:b8:6d:0d:d3:a5:d4:b5:b9:9a:f0:e6:3a:4c:cf:48:
c9:0c:94:17:e6:a9:88:4a:10:1b:b3:f3:c5:68:81:3c:4a:4c:
36:90:67:eb:07:63:20:82:84:e1:f0:85:86:6b:7f:26:d4:a5:
08:ef:e4:9d:ae:3a:bb:6a:78:60:90:d3:60:0a:76:20:d0:10:
9c:cc:9c:a0:d0:48:aa:70:a7:10:c6:f3:b9:56:cb:60:31:03:
33:92:65:8a:75:20:ca:e5:8c:79:e3:5a:fd:13:31:2b:5b:ea:
62:cf:05:cb:79:15:af:10:e3:90:bc:75:2e:46:4d:af:7c:5b:
c8:4e:1c:8a:49:ac:8e:3a:60:f8:df:ca:0e:ed:d0:56:c4:d5:
c3:7a:99:9d:83:da:d8:1b:80:ff:d2:90:86:f5:22:8e:9d:02:
45:68:27:85:94:a3:fd:ee:ff:ba:52:ce:88:17:2e:62:9d:74:
6d:b2:77:05:ec:78:30:c9:26:ff:9d:d3:c7:4d:64:9b:35:d8:
94:dc:72:29:46:00:c9:83:30:5d:d3:47:a1:cc:95:f6:9e:26:
b7:3b:b8:71:3b:2d:98:06:7c:d1:aa:2e:3a:bd:da:09:ef:3e:
04:22:cd:8c:03:4c:3d:17:c2:67:d9:48:18:83:70:70:6d:39:
35:3a:16:2c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIDAWNuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkx
ZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2MzA1OGMwHhcNMjIwNDA3
MTQzMjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzOTYwZDI0NzhlYmQy
MTQ5OTBlMzRjMjdkNDEyZDI2NGJkMTFmMmVmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3Fl9LLn9rIawyvAgZRcIzb2aXRBduk7xqdLKnl3WI9FkGRBJ
pq391DABHJpYPkaRqicyE5AHr91bsHYdpZ/cJL/atunir8yHHYyK2y17i83U3qRV
ZyPov7kDp8WLAIF/BOLzSLHnCJ1ZzsU2YxW8ewukrG4AoW5KHznr24rRK1Fm5/sc
iqDkxdoPZJKW76MK3wq/PG5RDKzdf4ZNUweq/wcf6Lr4HSoq1mUNy+wgmqhD82aK
mCi/jxNYclk5tuppKwdB1ylGhmIEcyONZPKlzQG4QDLjgl2rH49OCfEmcrhGoHMN
NNieSVfI+FIPSE/Vg8DwQ00XC1Ie2cn/VlpbWQIDAQABo4ICOTCCAjUwHQYDVR0O
BBYEFDlg0keOvSFJkONMJ9QS0mS9EfLvMB8GA1UdIwQYMBaAFJHdDkjZARrfN2Zl
rU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
a2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYzLzEv
T1dEU1I0NjlJVW1RNDB3bjFCTFNaTDBSOHU4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8x
ZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgz
Wm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME8G
CCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAIAEGfAmcAwcAIAEGfAmgAwcAIAEG
fAmkAwcAIAEGfAmoAwcAIAEGfAmsAwcAIAEGfAmwMA0GCSqGSIb3DQEBCwUAA4IB
AQBeFmm4bQ3TpdS1uZrw5jpMz0jJDJQX5qmIShAbs/PFaIE8Skw2kGfrB2MggoTh
8IWGa38m1KUI7+Sdrjq7anhgkNNgCnYg0BCczJyg0EiqcKcQxvO5VstgMQMzkmWK
dSDK5Yx541r9EzErW+pizwXLeRWvEOOQvHUuRk2vfFvIThyKSayOOmD438oO7dBW
xNXDepmdg9rYG4D/0pCG9SKOnQJFaCeFlKP97v+6Us6IFy5inXRtsncF7HgwySb/
ndPHTWSbNdiU3HIpRgDJgzBd00ehzJX2nia3O7hxOy2YBnzRqi46vdoJ7z4EIs2M
A0w9F8Jn2UgYg3BwbTk1OhYs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:13 2024 by rpki-client on console-ams.rpki-client.org