Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/1OSCta5FO3Jeya52Bqq0t6vu8SY.roa
File: 1OSCta5FO3Jeya52Bqq0t6vu8SY.roa (raw, json)
Hash identifier: F7Hu+eoLYfSX5/d6EqATtBAunDd4QP6zZo8HJ5T8x4I=
Subject key identifier: D4:E4:82:B5:AE:45:3B:72:5E:C9:AE:76:06:AA:B4:B7:AB:EE:F1:26
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 01856DDD755D08C3BC3DDEF4799E443BC45D
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/1OSCta5FO3Jeya52Bqq0t6vu8SY.roa
Signing time: Sun 01 Jan 2023 15:05:08 +0000
ROA not before: Sun 01 Jan 2023 15:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205232
IP address blocks: 2a03:5840:270::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:75:5d:08:c3:bc:3d:de:f4:79:9e:44:3b:c4:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 1 15:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4e482b5ae453b725ec9ae7606aab4b7abeef126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c7:51:e5:01:44:6b:b0:e0:93:41:60:9a:b7:
28:00:66:db:b1:ca:e7:b2:08:e6:82:09:6e:52:e3:
b3:4c:82:10:d4:3e:dd:a2:1f:98:fb:46:45:40:d0:
0d:ca:73:bc:3d:b1:6e:aa:40:6f:18:52:69:c2:de:
52:5e:9a:37:04:3e:68:21:53:8d:84:0f:67:47:24:
aa:4a:a5:eb:25:c7:db:f3:6d:eb:09:0b:b8:0c:22:
21:f7:94:de:1e:95:dd:62:6f:42:3d:e2:3e:5a:84:
d8:61:d5:b5:99:95:b4:b2:5b:50:31:9b:32:0c:ba:
a5:64:22:f8:15:fb:26:47:13:9c:6d:a1:36:ac:f9:
55:7e:32:c4:38:13:29:d7:19:23:f6:f4:90:ca:01:
46:d4:ab:d4:2b:b3:28:16:a0:e7:ab:bf:ba:bf:12:
a9:a3:b1:4c:a6:d5:fe:8c:3a:16:e4:a3:27:92:59:
b5:17:f4:19:81:5d:60:ab:48:95:17:15:c5:5e:0f:
f9:5b:05:ca:62:10:25:94:71:cb:73:d0:17:68:97:
f1:d8:f7:f4:67:1c:88:16:66:eb:b3:e2:94:98:86:
9a:54:0a:15:fd:42:de:b0:7c:03:e1:3d:2c:0b:0e:
bc:6c:06:d8:f9:f7:8a:8c:19:d0:22:4f:fd:bd:a2:
4f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E4:82:B5:AE:45:3B:72:5E:C9:AE:76:06:AA:B4:B7:AB:EE:F1:26
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/1OSCta5FO3Jeya52Bqq0t6vu8SY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:270::/44
Signature Algorithm: sha256WithRSAEncryption
54:63:4a:d8:56:c0:00:83:23:46:7b:45:ab:67:53:c5:c5:4f:
e0:b1:87:d9:7c:83:46:ed:67:e0:71:cb:fa:6b:c7:ff:2d:a9:
11:fb:fd:7c:ad:ab:eb:e1:a6:35:55:d6:f4:66:1d:9c:4e:e2:
fd:1d:aa:de:3a:20:1f:f3:a7:39:96:bb:67:52:ff:9f:f3:7f:
34:04:0f:f3:c6:46:9e:43:e3:18:d1:1e:cf:47:c2:c2:ae:34:
7e:61:87:08:67:81:a3:d8:74:a6:14:09:df:07:94:4f:ef:b3:
6c:34:57:43:a8:22:d9:2a:37:ea:8c:7b:9d:e5:a8:19:c3:45:
bb:1b:ba:59:37:ef:2c:51:26:f5:fa:be:44:a1:e8:c2:d7:01:
e6:65:cd:d5:2f:d4:71:18:49:93:2c:f4:7c:89:70:c0:f4:cf:
54:9f:18:20:b0:6e:c9:9b:f6:80:45:b6:ed:25:6b:9b:47:3c:
6a:8d:2f:3f:55:54:f1:a2:a9:0a:2e:64:85:9e:54:54:c7:ab:
b9:c6:33:f9:6b:03:59:e5:32:9a:3e:ef:07:c2:a2:8d:d7:ce:
45:42:35:e8:a0:d0:25:b4:1d:ab:99:6e:da:e2:f8:69:3d:1e:
32:9a:cf:cc:c6:58:0c:a4:30:33:43:92:15:72:b6:53:32:00:
0a:9a:38:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVt3XVdCMO8Pd70eZ5EO8RdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMwMTAxMTUwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU0ODJiNWFlNDUzYjcyNWVjOWFlNzYwNmFhYjRiN2FiZWVmMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMdR5QFEa7Dgk0FgmrcoAGbbscrn
sgjmggluUuOzTIIQ1D7doh+Y+0ZFQNANynO8PbFuqkBvGFJpwt5SXpo3BD5oIVON
hA9nRySqSqXrJcfb823rCQu4DCIh95TeHpXdYm9CPeI+WoTYYdW1mZW0sltQMZsy
DLqlZCL4FfsmRxOcbaE2rPlVfjLEOBMp1xkj9vSQygFG1KvUK7MoFqDnq7+6vxKp
o7FMptX+jDoW5KMnklm1F/QZgV1gq0iVFxXFXg/5WwXKYhAllHHLc9AXaJfx2Pf0
ZxyIFmbrs+KUmIaaVAoV/ULesHwD4T0sCw68bAbY+feKjBnQIk/9vaJPEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNTkgrWuRTtyXsmudgaqtLer7vEmMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvMU9TQ3RhNUZPM0pleWE1MkJxcTB0NnZ1OFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgNYQAJw
MA0GCSqGSIb3DQEBCwUAA4IBAQBUY0rYVsAAgyNGe0WrZ1PFxU/gsYfZfING7Wfg
ccv6a8f/LakR+/18ravr4aY1Vdb0Zh2cTuL9HareOiAf86c5lrtnUv+f8380BA/z
xkaeQ+MY0R7PR8LCrjR+YYcIZ4Gj2HSmFAnfB5RP77NsNFdDqCLZKjfqjHud5agZ
w0W7G7pZN+8sUSb1+r5EoejC1wHmZc3VL9RxGEmTLPR8iXDA9M9UnxggsG7Jm/aA
RbbtJWubRzxqjS8/VVTxoqkKLmSFnlRUx6u5xjP5awNZ5TKaPu8HwqKN185FQjXo
oNAltB2rmW7a4vhpPR4yms/MxlgMpDAzQ5IVcrZTMgAKmjjo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:07 2025 by rpki-client