Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/OnE9J8wQe5mg7qlBNNasVfiKnqI.roa
File: OnE9J8wQe5mg7qlBNNasVfiKnqI.roa (raw, json)
Hash identifier: HmLVWK6hknBiLinugPs/3JbfxyIvGzJ8pv2xQ0zzcnc=
Subject key identifier: 3A:71:3D:27:CC:10:7B:99:A0:EE:A9:41:34:D6:AC:55:F8:8A:9E:A2
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 0956E3AB
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/OnE9J8wQe5mg7qlBNNasVfiKnqI.roa
Signing time: Wed 27 Apr 2022 19:44:43 +0000
ROA not before: Wed 27 Apr 2022 19:44:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42093
IP address blocks: 2a06:c3c0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156689323 (0x956e3ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Apr 27 19:44:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a713d27cc107b99a0eea94134d6ac55f88a9ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:22:22:a2:06:eb:47:bc:5c:20:62:9b:d8:af:
27:e4:65:f0:1b:9e:d2:da:47:e1:9a:19:93:5e:85:
05:21:d2:30:2d:80:10:b0:8f:43:58:a9:7e:a6:bc:
25:1e:b6:95:1d:53:d4:21:f5:99:f2:6b:c5:52:33:
68:23:82:ab:4c:2a:29:08:c5:02:e5:53:0b:b2:a3:
a1:2d:30:81:54:a2:49:e3:2c:41:ea:6a:ba:f4:3a:
96:39:a3:b5:49:92:10:f4:64:de:b8:c4:44:19:5e:
e4:41:35:39:a7:24:f6:18:71:5c:70:27:c2:43:c7:
28:05:d0:37:5d:0c:0b:79:9d:30:09:04:10:7c:0e:
ca:25:ae:66:e0:97:71:31:95:50:db:6a:4d:a1:08:
22:70:e1:a8:ce:e9:5d:ce:67:eb:af:cb:82:12:94:
03:7c:48:80:d5:7c:9a:e0:f2:85:ca:7b:a4:66:a5:
70:49:cb:e5:7d:15:f6:d4:74:e5:c2:f8:14:5e:6c:
91:f1:6d:a8:01:f9:1c:9d:14:bd:5e:f1:99:ef:21:
57:9d:2f:7e:9b:60:41:2f:e2:09:a6:23:28:98:01:
68:b5:01:9f:63:19:f0:61:d9:54:63:80:5e:fc:9e:
47:64:4b:02:32:bf:d2:22:b2:f4:a0:a9:39:01:7a:
3e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:71:3D:27:CC:10:7B:99:A0:EE:A9:41:34:D6:AC:55:F8:8A:9E:A2
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/OnE9J8wQe5mg7qlBNNasVfiKnqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:c3c0:3::/48
Signature Algorithm: sha256WithRSAEncryption
20:3f:cf:a3:cc:00:b2:ed:a4:da:b2:55:f6:fe:62:b6:08:ec:
23:2b:b2:0f:b2:8f:1d:35:cc:c3:5c:18:8f:31:a9:87:77:28:
0e:df:12:b7:dc:2f:7f:38:4a:4b:fe:c6:8b:20:14:11:9d:09:
2c:84:e4:a2:5c:0b:68:bb:ad:e8:52:f7:39:bb:07:ba:7f:c7:
41:d1:45:7b:af:50:10:92:30:5e:cd:60:77:ad:61:73:28:1f:
17:c8:dc:96:f0:c9:b4:53:3a:67:e6:c7:18:49:e9:ba:74:e5:
b1:f5:80:d9:9f:5f:50:6e:04:f8:da:ff:dc:d1:e7:d7:15:26:
f3:89:31:03:d2:92:71:10:db:3f:9e:18:43:50:7f:11:0c:05:
33:fa:36:c7:ef:ef:0e:e4:a6:a3:da:5c:a4:00:80:a4:0c:83:
aa:c8:0a:44:a0:0a:c0:97:df:ab:13:4a:a1:ca:5b:84:33:ba:
59:9a:b9:4b:5e:ac:2c:fa:77:20:e2:d6:99:27:63:8c:e1:bc:
94:58:90:98:fc:66:82:4a:be:2d:b9:41:16:79:c4:12:da:13:
7e:c9:63:e6:b1:01:9c:a9:e5:f2:c4:41:ab:4e:72:6b:24:66:
9b:b3:83:c6:87:50:a9:4d:88:df:ec:d3:be:8c:d9:6e:e8:15:
e9:f8:19:ec
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECVbjqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDYzNjUzNTViNjY1NTY0YTIxMGMzNThjNjhhMDExN2I3ZmJlYjlhMB4XDTIyMDQy
NzE5NDQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E3MTNkMjdjYzEw
N2I5OWEwZWVhOTQxMzRkNmFjNTVmODhhOWVhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUiIqIG60e8XCBim9ivJ+Rl8Bue0tpH4ZoZk16FBSHSMC2A
ELCPQ1ipfqa8JR62lR1T1CH1mfJrxVIzaCOCq0wqKQjFAuVTC7KjoS0wgVSiSeMs
QepquvQ6ljmjtUmSEPRk3rjERBle5EE1Oack9hhxXHAnwkPHKAXQN10MC3mdMAkE
EHwOyiWuZuCXcTGVUNtqTaEIInDhqM7pXc5n66/LghKUA3xIgNV8muDyhcp7pGal
cEnL5X0V9tR05cL4FF5skfFtqAH5HJ0UvV7xme8hV50vfptgQS/iCaYjKJgBaLUB
n2MZ8GHZVGOAXvyeR2RLAjK/0iKy9KCpOQF6PtsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ6cT0nzBB7maDuqUE01qxV+IqeojAfBgNVHSMEGDAWgBR0Y2U1W2ZVZKIQ
w1jGigEXt/vrmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RHTmxOVnRtVldTaUVNTll4b29CRjdmNzY1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvYWVhMzZkLWJhYmYtNDQ3NC1hNzhiLTZhNGVjYWY4YjNiMS8x
L09uRTlKOHdRZTVtZzdxbEJOTmFzVmZpS25xSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
YWVhMzZkLWJhYmYtNDQ3NC1hNzhiLTZhNGVjYWY4YjNiMS8xL2RHTmxOVnRtVldT
aUVNTll4b29CRjdmNzY1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoGw8AAAzANBgkqhkiG9w0BAQsF
AAOCAQEAID/Po8wAsu2k2rJV9v5itgjsIyuyD7KPHTXMw1wYjzGph3coDt8St9wv
fzhKS/7GiyAUEZ0JLITkolwLaLut6FL3ObsHun/HQdFFe69QEJIwXs1gd61hcygf
F8jclvDJtFM6Z+bHGEnpunTlsfWA2Z9fUG4E+Nr/3NHn1xUm84kxA9KScRDbP54Y
Q1B/EQwFM/o2x+/vDuSmo9pcpACApAyDqsgKRKAKwJffqxNKocpbhDO6WZq5S16s
LPp3IOLWmSdjjOG8lFiQmPxmgkq+LblBFnnEEtoTfslj5rEBnKnl8sRBq05yayRm
m7ODxodQqU2I3+zTvozZbugV6fgZ7A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:44 2023 by rpki-client on console-ams.rpki-client.org