Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/OgjWsXejIP3C3WSaQAQAcrA8uUM.roa
File: OgjWsXejIP3C3WSaQAQAcrA8uUM.roa (raw, json)
Hash identifier: VZWJHIV6oXm77Q/3osPZl/0eNDpisZTETBcFQO2EPKU=
Subject key identifier: 3A:08:D6:B1:77:A3:20:FD:C2:DD:64:9A:40:04:00:72:B0:3C:B9:43
Certificate issuer: /CN=dd4748cd4714a5cc87cafb8430fb81248b094079
Certificate serial: 0183B289C7E3E28EA0BDB382349439D9AACC
Authority key identifier: DD:47:48:CD:47:14:A5:CC:87:CA:FB:84:30:FB:81:24:8B:09:40:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3UdIzUcUpcyHyvuEMPuBJIsJQHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/OgjWsXejIP3C3WSaQAQAcrA8uUM.roa
Signing time: Fri 07 Oct 2022 13:01:57 +0000
ROA not before: Fri 07 Oct 2022 13:01:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31343
IP address blocks: 2a04:1d00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b2:89:c7:e3:e2:8e:a0:bd:b3:82:34:94:39:d9:aa:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd4748cd4714a5cc87cafb8430fb81248b094079
Validity
Not Before: Oct 7 13:01:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a08d6b177a320fdc2dd649a40040072b03cb943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:36:6c:eb:c3:ff:aa:b2:f3:3a:cd:4e:39:68:
f6:b0:3c:8f:42:7f:21:15:7b:c6:b7:6d:bb:9f:e5:
a2:ea:88:f6:06:79:71:8c:1d:59:50:72:c4:b0:7b:
cf:20:84:48:54:f2:5e:87:0d:f6:1d:b7:b0:6b:39:
c9:1d:c0:29:fc:65:e7:59:dd:ba:e9:d1:fe:ab:aa:
13:b0:a1:e8:6c:3e:78:6b:ab:99:b1:58:e8:02:6d:
90:97:c0:9a:5b:34:31:c8:61:c0:e3:ea:8f:55:be:
64:e9:45:39:61:ff:9a:09:a1:a7:0a:7b:19:42:a5:
c9:b7:34:26:6f:b5:3a:63:7b:46:5b:b0:b4:a7:19:
91:c6:c6:e1:26:7a:dd:cf:6f:5b:cc:0c:d6:2a:91:
f5:25:fe:0d:1a:9d:af:22:ad:a4:98:8a:71:38:a4:
c6:38:1b:78:a5:83:8d:66:21:65:89:a2:2a:e3:92:
32:73:4d:8f:17:52:7c:3f:a2:7a:8f:8b:31:69:30:
eb:3e:55:f1:2d:6f:db:65:dd:dc:02:2a:0a:7c:fc:
c7:a6:30:65:cc:66:21:0d:88:c7:08:ea:9b:6d:44:
69:76:9d:b5:ad:75:3c:34:94:1c:40:79:ca:74:34:
d0:94:a6:54:06:1f:aa:a8:b8:9b:ce:9c:a8:8e:45:
64:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:08:D6:B1:77:A3:20:FD:C2:DD:64:9A:40:04:00:72:B0:3C:B9:43
X509v3 Authority Key Identifier:
keyid:DD:47:48:CD:47:14:A5:CC:87:CA:FB:84:30:FB:81:24:8B:09:40:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UdIzUcUpcyHyvuEMPuBJIsJQHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/OgjWsXejIP3C3WSaQAQAcrA8uUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/3UdIzUcUpcyHyvuEMPuBJIsJQHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:1d00::/29
Signature Algorithm: sha256WithRSAEncryption
22:32:6c:89:a9:0f:20:99:9c:8b:55:6a:11:44:ec:8c:f0:ce:
6e:87:45:6f:f7:d4:3e:4e:ec:c2:56:c6:b1:26:6a:7e:db:94:
2e:89:52:fb:a7:a1:51:71:77:d1:2a:43:22:16:9b:6f:83:b8:
20:6b:03:da:03:e4:51:9c:6a:00:0a:46:de:5c:18:49:d9:4e:
6e:3d:58:57:6f:54:26:b4:1c:88:9d:4c:fc:cc:16:bd:39:f5:
ca:80:fd:f0:de:13:37:63:af:63:40:06:43:3d:24:29:11:1f:
e0:5a:45:c4:ca:4c:db:33:a1:3b:da:38:e6:93:e8:63:2f:2c:
5c:40:2f:28:9c:ef:11:24:57:fd:26:b6:0d:13:14:c4:70:63:
3f:db:89:8e:55:0e:0a:79:70:d0:38:43:3d:05:b8:cc:0c:6d:
69:ec:a6:00:c8:fa:03:a6:f0:d0:14:eb:c4:eb:41:ac:aa:23:
f4:b3:96:21:d2:74:13:68:b9:af:e2:19:e0:f8:23:3f:5d:3f:
cc:b0:a5:50:1c:e5:d9:ce:73:2a:1e:75:e8:44:bf:71:0f:f7:
af:a1:0f:e4:81:b6:bd:b0:28:10:14:9f:e1:62:e6:90:78:cc:
ee:59:fd:e9:8a:73:31:fd:0e:b8:90:e4:b0:d8:38:f1:54:a5:
50:0d:7e:57
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYOyicfj4o6gvbOCNJQ52arMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNDc0OGNkNDcxNGE1Y2M4N2NhZmI4NDMwZmI4MTI0OGIw
OTQwNzkwHhcNMjIxMDA3MTMwMTU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTA4ZDZiMTc3YTMyMGZkYzJkZDY0OWE0MDA0MDA3MmIwM2NiOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzZs68P/qrLzOs1OOWj2sDyPQn8h
FXvGt227n+Wi6oj2BnlxjB1ZUHLEsHvPIIRIVPJehw32HbewaznJHcAp/GXnWd26
6dH+q6oTsKHobD54a6uZsVjoAm2Ql8CaWzQxyGHA4+qPVb5k6UU5Yf+aCaGnCnsZ
QqXJtzQmb7U6Y3tGW7C0pxmRxsbhJnrdz29bzAzWKpH1Jf4NGp2vIq2kmIpxOKTG
OBt4pYONZiFliaIq45Iyc02PF1J8P6J6j4sxaTDrPlXxLW/bZd3cAioKfPzHpjBl
zGYhDYjHCOqbbURpdp21rXU8NJQcQHnKdDTQlKZUBh+qqLibzpyojkVkDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDoI1rF3oyD9wt1kmkAEAHKwPLlDMB8GA1UdIwQY
MBaAFN1HSM1HFKXMh8r7hDD7gSSLCUB5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1VkSXpVY1VwY3lIeXZ1RU1QdUJKSXNKUUhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80YzU1YWYtNWU5Yi00MTk3LTg2ZmIt
Mzc1NDVkYTA1NmJkLzEvT2dqV3NYZWpJUDNDM1dTYVFBUUFjckE4dVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80YzU1YWYtNWU5Yi00MTk3LTg2ZmItMzc1NDVkYTA1NmJk
LzEvM1VkSXpVY1VwY3lIeXZ1RU1QdUJKSXNKUUhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgQdADAN
BgkqhkiG9w0BAQsFAAOCAQEAIjJsiakPIJmci1VqEUTsjPDObodFb/fUPk7swlbG
sSZqftuULolS+6ehUXF30SpDIhabb4O4IGsD2gPkUZxqAApG3lwYSdlObj1YV29U
JrQciJ1M/MwWvTn1yoD98N4TN2OvY0AGQz0kKREf4FpFxMpM2zOhO9o45pPoYy8s
XEAvKJzvESRX/Sa2DRMUxHBjP9uJjlUOCnlw0DhDPQW4zAxtaeymAMj6A6bw0BTr
xOtBrKoj9LOWIdJ0E2i5r+IZ4PgjP10/zLClUBzl2c5zKh516ES/cQ/3r6EP5IG2
vbAoEBSf4WLmkHjM7ln96YpzMf0OuJDksNg48VSlUA1+Vw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:13 2025 by rpki-client