Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/423e9c-4425-496e-b237-6b0ef9108688/1/OvtGJl52D0OB-dx0fOpqf1XvMKs.roa
File: OvtGJl52D0OB-dx0fOpqf1XvMKs.roa (raw, json)
Hash identifier: rXzDzfcPrfh2UKFKYHW07dLvqj0/sYoLfS6IVTtCEN4=
Subject key identifier: 3A:FB:46:26:5E:76:0F:43:81:F9:DC:74:7C:EA:6A:7F:55:EF:30:AB
Certificate issuer: /CN=8b8d8598064db5a8edb3a6084064cd2a1ad8c6e3
Certificate serial: 018533B7905D43D94AD469C395620D114DE5
Authority key identifier: 8B:8D:85:98:06:4D:B5:A8:ED:B3:A6:08:40:64:CD:2A:1A:D8:C6:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i42FmAZNtajts6YIQGTNKhrYxuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/423e9c-4425-496e-b237-6b0ef9108688/1/OvtGJl52D0OB-dx0fOpqf1XvMKs.roa
Signing time: Wed 21 Dec 2022 08:05:45 +0000
ROA not before: Wed 21 Dec 2022 08:05:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51801
IP address blocks: 2a13:4880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:33:b7:90:5d:43:d9:4a:d4:69:c3:95:62:0d:11:4d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b8d8598064db5a8edb3a6084064cd2a1ad8c6e3
Validity
Not Before: Dec 21 08:05:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3afb46265e760f4381f9dc747cea6a7f55ef30ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:96:25:f6:02:d5:55:a1:c2:3e:de:bd:f0:c1:
3e:36:7d:80:43:a0:8b:31:49:64:dc:30:3b:1e:c2:
3b:fc:aa:44:b1:4d:87:99:e1:a1:30:bc:7d:cc:de:
62:88:bf:2e:00:f6:17:9c:94:0e:db:4a:06:6c:fe:
d6:18:07:e9:55:91:90:81:a5:76:80:85:db:db:00:
ec:d3:c3:a4:9a:70:a5:a5:5f:33:9b:3e:fb:46:db:
35:b3:e7:c5:0f:4e:d4:e3:42:18:ea:b5:7e:38:95:
4e:34:40:44:37:a9:8b:44:7f:46:81:b1:e1:ab:89:
23:22:a9:58:e2:84:cc:c6:30:39:d8:04:f5:40:11:
b3:40:b8:40:78:5a:c2:5e:6e:da:c5:91:5e:b9:cb:
f4:27:8f:cb:b8:38:9f:4a:a8:ec:9e:93:3e:e0:eb:
43:3c:dc:b9:ce:fb:20:c4:4c:64:91:f5:8e:91:bb:
51:8f:12:81:ec:25:56:06:73:36:8f:b7:99:5e:b2:
b5:a4:36:bf:25:70:54:9f:e8:0f:64:a3:37:29:0a:
8d:c2:a0:30:56:6f:72:ff:69:1c:d5:a0:bd:56:38:
72:2b:be:47:e3:0d:ec:ba:05:36:e4:44:46:2d:9b:
0c:f9:b8:62:e5:d8:3e:ae:36:af:7a:df:dd:59:44:
86:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FB:46:26:5E:76:0F:43:81:F9:DC:74:7C:EA:6A:7F:55:EF:30:AB
X509v3 Authority Key Identifier:
keyid:8B:8D:85:98:06:4D:B5:A8:ED:B3:A6:08:40:64:CD:2A:1A:D8:C6:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i42FmAZNtajts6YIQGTNKhrYxuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/423e9c-4425-496e-b237-6b0ef9108688/1/OvtGJl52D0OB-dx0fOpqf1XvMKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/423e9c-4425-496e-b237-6b0ef9108688/1/i42FmAZNtajts6YIQGTNKhrYxuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:4880::/29
Signature Algorithm: sha256WithRSAEncryption
7c:05:6f:8c:50:43:4f:d7:b1:77:ea:a6:9b:7c:55:df:52:57:
3a:7c:96:84:e3:db:45:c8:ce:c8:9f:50:8b:77:b1:81:56:8c:
ad:ac:f2:22:2b:18:12:64:6f:a1:00:74:73:b8:c8:84:64:2b:
07:fa:4b:2d:85:03:e6:ad:47:a3:e8:20:bc:72:4b:c0:75:13:
a0:8b:eb:2b:df:df:75:bb:36:bc:db:29:97:2a:ba:10:62:9b:
26:ec:61:82:9d:96:db:e5:18:17:17:b8:48:e1:49:db:02:53:
dc:3a:01:d9:9b:b8:d3:0c:15:f7:7a:18:d6:d8:a9:7b:33:21:
85:5b:27:d3:32:97:f2:1a:de:ef:8c:55:7d:0e:ea:5f:ef:db:
62:9d:a3:9d:51:5f:ec:02:05:ed:46:80:42:f3:43:6f:bf:00:
16:a5:bc:91:be:65:65:5f:46:19:0c:1a:13:43:80:2e:e1:2c:
d7:c0:85:6c:40:f3:53:fb:48:63:c7:7f:49:42:a9:9b:95:0b:
96:d0:b1:cd:07:2f:8a:aa:07:7c:62:20:fe:4c:fb:ca:0b:72:
9a:4c:dc:86:40:4e:dc:95:31:22:c0:8e:96:24:a6:45:8b:1d:
b3:b7:15:12:f2:d7:04:c8:23:f5:48:a4:78:4f:5f:4c:0f:f8:
f8:38:58:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYUzt5BdQ9lK1GnDlWINEU3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOGQ4NTk4MDY0ZGI1YThlZGIzYTYwODQwNjRjZDJhMWFk
OGM2ZTMwHhcNMjIxMjIxMDgwNTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWZiNDYyNjVlNzYwZjQzODFmOWRjNzQ3Y2VhNmE3ZjU1ZWYzMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJYl9gLVVaHCPt698ME+Nn2AQ6CL
MUlk3DA7HsI7/KpEsU2HmeGhMLx9zN5iiL8uAPYXnJQO20oGbP7WGAfpVZGQgaV2
gIXb2wDs08OkmnClpV8zmz77Rts1s+fFD07U40IY6rV+OJVONEBEN6mLRH9GgbHh
q4kjIqlY4oTMxjA52AT1QBGzQLhAeFrCXm7axZFeucv0J4/LuDifSqjsnpM+4OtD
PNy5zvsgxExkkfWOkbtRjxKB7CVWBnM2j7eZXrK1pDa/JXBUn+gPZKM3KQqNwqAw
Vm9y/2kc1aC9VjhyK75H4w3sugU25ERGLZsM+bhi5dg+rjavet/dWUSGuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDr7RiZedg9DgfncdHzqan9V7zCrMB8GA1UdIwQY
MBaAFIuNhZgGTbWo7bOmCEBkzSoa2MbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTQyRm1BWk50YWp0czZZSVFHVE5LaHJZeHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MjNlOWMtNDQyNS00OTZlLWIyMzct
NmIwZWY5MTA4Njg4LzEvT3Z0R0psNTJEME9CLWR4MGZPcHFmMVh2TUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MjNlOWMtNDQyNS00OTZlLWIyMzctNmIwZWY5MTA4Njg4
LzEvaTQyRm1BWk50YWp0czZZSVFHVE5LaHJZeHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAfAVvjFBDT9exd+qmm3xV31JXOnyWhOPbRcjOyJ9Q
i3exgVaMrazyIisYEmRvoQB0c7jIhGQrB/pLLYUD5q1Ho+ggvHJLwHUToIvrK9/f
dbs2vNsplyq6EGKbJuxhgp2W2+UYFxe4SOFJ2wJT3DoB2Zu40wwV93oY1tipezMh
hVsn0zKX8hre74xVfQ7qX+/bYp2jnVFf7AIF7UaAQvNDb78AFqW8kb5lZV9GGQwa
E0OALuEs18CFbEDzU/tIY8d/SUKpm5ULltCxzQcviqoHfGIg/kz7ygtymkzchkBO
3JUxIsCOliSmRYsds7cVEvLXBMgj9UikeE9fTA/4+DhYSQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:17:41 2025 by rpki-client