Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d67661-4324-4e7a-ac6e-8b49dab166a4/1/oOMdTjDg51XyT9qU5wlYrIKRYto.roa
File: oOMdTjDg51XyT9qU5wlYrIKRYto.roa (raw, json)
Hash identifier: A08YvMhZgW+92wkIiVonM+WZXuXJ6VcNNPc5P4EUFC4=
Subject key identifier: A0:E3:1D:4E:30:E0:E7:55:F2:4F:DA:94:E7:09:58:AC:82:91:62:DA
Certificate issuer: /CN=571a0fc012efb89650a77e6fbd12dcabda428cb0
Certificate serial: 01856B77CCA55537045D940AB20AD4AA6705
Authority key identifier: 57:1A:0F:C0:12:EF:B8:96:50:A7:7E:6F:BD:12:DC:AB:DA:42:8C:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VxoPwBLvuJZQp35vvRLcq9pCjLA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/d67661-4324-4e7a-ac6e-8b49dab166a4/1/oOMdTjDg51XyT9qU5wlYrIKRYto.roa
Signing time: Sun 01 Jan 2023 03:54:51 +0000
ROA not before: Sun 01 Jan 2023 03:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 139.18.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:cc:a5:55:37:04:5d:94:0a:b2:0a:d4:aa:67:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=571a0fc012efb89650a77e6fbd12dcabda428cb0
Validity
Not Before: Jan 1 03:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0e31d4e30e0e755f24fda94e70958ac829162da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:84:cb:0e:ce:40:cf:79:d9:56:67:fb:0e:fe:
bf:61:df:d6:5f:bd:27:2a:59:bb:6d:97:69:60:58:
ab:f3:10:fe:81:55:b7:c2:09:3d:6e:f9:77:1b:38:
8f:07:da:19:c5:e2:d6:09:ef:dd:4e:35:d3:da:b9:
d6:40:a7:ee:76:45:8f:23:b4:6e:5a:2c:db:23:ad:
f2:af:d6:51:d0:95:01:83:f3:0d:c9:de:5f:c8:9c:
c9:40:ad:e0:22:51:4e:20:70:1e:fb:89:46:53:47:
01:2e:a3:7f:db:21:c0:0d:e9:e1:c7:f4:04:72:cc:
2a:e0:18:0a:12:5f:19:86:1e:c0:28:ea:ba:64:be:
2d:d8:dd:a5:f7:a7:ed:a8:f8:44:c0:51:31:b1:ad:
a4:ab:23:31:79:b1:74:13:60:2c:21:fe:8d:53:25:
14:ed:22:19:50:0e:9f:d8:69:80:f9:10:84:74:35:
4a:4f:96:f0:0d:81:36:85:94:44:2d:9e:c3:b8:7d:
78:03:eb:f1:91:cf:a3:9a:0f:e3:f6:a8:92:ae:41:
b3:3d:df:e9:7c:7a:19:f3:be:e9:c8:ba:b9:51:f5:
d9:94:ec:9a:01:9e:dd:a5:9f:d1:8e:bf:6d:3d:fe:
3d:65:8e:56:9c:bc:54:59:0d:5e:1b:dd:09:cd:a9:
87:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E3:1D:4E:30:E0:E7:55:F2:4F:DA:94:E7:09:58:AC:82:91:62:DA
X509v3 Authority Key Identifier:
keyid:57:1A:0F:C0:12:EF:B8:96:50:A7:7E:6F:BD:12:DC:AB:DA:42:8C:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxoPwBLvuJZQp35vvRLcq9pCjLA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d67661-4324-4e7a-ac6e-8b49dab166a4/1/oOMdTjDg51XyT9qU5wlYrIKRYto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d67661-4324-4e7a-ac6e-8b49dab166a4/1/VxoPwBLvuJZQp35vvRLcq9pCjLA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.18.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:6b:14:53:7e:23:94:12:55:f4:a9:47:cb:e2:e0:23:4e:ee:
94:6b:93:c2:c4:d9:56:01:12:fe:aa:fd:7c:7b:72:c5:31:cb:
98:8a:97:37:f5:81:95:e4:27:e6:4c:ac:c8:d7:20:6e:13:1a:
c0:4a:10:14:39:c6:f0:3d:07:0d:71:d5:8c:69:4f:fd:7d:56:
dd:11:bd:19:0c:0d:a3:c7:81:0d:b4:54:01:b4:71:4e:0c:a7:
f8:34:a1:5a:59:2e:1b:75:93:dc:f5:8b:a7:43:e4:85:65:98:
1d:0f:95:41:ab:2c:2f:a4:d4:d2:a9:ac:9d:09:2e:0a:2c:69:
07:e7:06:18:a3:73:5a:91:95:db:90:b7:5b:29:ea:ab:95:c8:
af:64:e6:70:ce:84:93:4f:81:1b:ff:4d:7c:dc:45:56:cb:71:
0f:4e:fa:d7:4f:9c:1a:ff:00:3b:65:a7:35:c0:bb:67:97:95:
56:25:70:cb:ae:a4:d6:03:a0:9e:53:7e:1b:7c:2c:e6:13:95:
cf:ca:4d:d2:60:7e:66:1a:79:fd:2e:6d:6a:6a:47:16:20:fa:
2b:7d:86:35:d2:11:ed:7d:03:35:15:f2:6d:63:b4:50:34:e3:
80:a6:9d:cd:59:76:27:6b:05:9f:09:a2:d3:e4:a7:24:17:bd:
e7:22:4c:76
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVrd8ylVTcEXZQKsgrUqmcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MWEwZmMwMTJlZmI4OTY1MGE3N2U2ZmJkMTJkY2FiZGE0
MjhjYjAwHhcNMjMwMTAxMDM1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGUzMWQ0ZTMwZTBlNzU1ZjI0ZmRhOTRlNzA5NThhYzgyOTE2MmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oTLDs5Az3nZVmf7Dv6/Yd/WX70n
Klm7bZdpYFir8xD+gVW3wgk9bvl3GziPB9oZxeLWCe/dTjXT2rnWQKfudkWPI7Ru
WizbI63yr9ZR0JUBg/MNyd5fyJzJQK3gIlFOIHAe+4lGU0cBLqN/2yHADenhx/QE
cswq4BgKEl8Zhh7AKOq6ZL4t2N2l96ftqPhEwFExsa2kqyMxebF0E2AsIf6NUyUU
7SIZUA6f2GmA+RCEdDVKT5bwDYE2hZRELZ7DuH14A+vxkc+jmg/j9qiSrkGzPd/p
fHoZ877pyLq5UfXZlOyaAZ7dpZ/Rjr9tPf49ZY5WnLxUWQ1eG90JzamHywIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKDjHU4w4OdV8k/alOcJWKyCkWLaMB8GA1UdIwQY
MBaAFFcaD8AS77iWUKd+b70S3KvaQoywMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhvUHdCTHZ1SlpRcDM1dnZSTGNxOXBDakxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNjc2NjEtNDMyNC00ZTdhLWFjNmUt
OGI0OWRhYjE2NmE0LzEvb09NZFRqRGc1MVh5VDlxVTV3bFlySUtSWXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNjc2NjEtNDMyNC00ZTdhLWFjNmUtOGI0OWRhYjE2NmE0
LzEvVnhvUHdCTHZ1SlpRcDM1dnZSTGNxOXBDakxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAixIwDQYJ
KoZIhvcNAQELBQADggEBABxrFFN+I5QSVfSpR8vi4CNO7pRrk8LE2VYBEv6q/Xx7
csUxy5iKlzf1gZXkJ+ZMrMjXIG4TGsBKEBQ5xvA9Bw1x1YxpT/19Vt0RvRkMDaPH
gQ20VAG0cU4Mp/g0oVpZLht1k9z1i6dD5IVlmB0PlUGrLC+k1NKprJ0JLgosaQfn
Bhijc1qRlduQt1sp6quVyK9k5nDOhJNPgRv/TXzcRVbLcQ9O+tdPnBr/ADtlpzXA
u2eXlVYlcMuupNYDoJ5Tfht8LOYTlc/KTdJgfmYaef0ubWpqRxYg+it9hjXSEe19
AzUV8m1jtFA044Cmnc1ZdidrBZ8JotPkpyQXveciTHY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:45:54 2025 by rpki-client