Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/0IIRoJe9UVpD_BOIKgxAnkWh1b4.roa
File: 0IIRoJe9UVpD_BOIKgxAnkWh1b4.roa (raw, json)
Hash identifier: rUOQPqUnn3C6vp8i/Lt7d4RJlkV9Cs6shdkHO8XfTaM=
Subject key identifier: D0:82:11:A0:97:BD:51:5A:43:FC:13:88:2A:0C:40:9E:45:A1:D5:BE
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 03E3D36A
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/0IIRoJe9UVpD_BOIKgxAnkWh1b4.roa
Signing time: Sat 01 Jan 2022 06:56:38 +0000
ROA not before: Sat 01 Jan 2022 06:56:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209485
IP address blocks: 2a00:8860:900::/40 maxlen: 64
2a00:8861:900::/40 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65262442 (0x3e3d36a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 06:56:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d08211a097bd515a43fc13882a0c409e45a1d5be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:57:f6:30:77:f9:0b:2f:c8:71:f2:62:6c:ad:
87:30:57:b1:b0:db:7e:8f:9a:ea:fe:65:d5:81:3e:
5a:8e:ef:b4:37:25:bc:f8:98:ae:e1:e4:8d:30:06:
25:69:ea:cf:0b:08:bf:13:2f:73:57:25:f3:95:59:
55:1e:15:dc:eb:2c:2a:50:f5:14:cd:2d:4f:17:41:
70:93:1e:72:74:a0:11:b6:24:28:5d:aa:f2:2b:48:
71:34:2b:fd:c2:5c:b1:23:c8:a3:ff:9d:c3:92:88:
ea:d4:d6:16:42:02:0a:10:b2:53:e9:d3:6c:6b:89:
92:49:e9:86:b5:41:8b:b1:dc:94:5c:bd:58:1f:e3:
26:3e:b4:0f:b1:e7:eb:48:d6:e8:d4:93:ae:f1:f9:
d0:23:09:80:84:5b:87:3c:ef:3f:11:b1:0d:56:7b:
9c:93:b6:64:0a:45:e4:01:6e:20:61:43:35:ea:d1:
fc:27:92:31:87:21:86:27:d5:22:e0:6e:04:c6:80:
88:6e:71:d6:1c:59:ba:27:c5:be:a6:19:cb:66:48:
c6:13:be:d4:ea:f3:27:d6:aa:59:e3:4f:f0:6f:b3:
bc:c8:31:86:eb:52:dd:dc:ab:c7:44:8b:dd:58:00:
76:6d:b7:84:98:f7:7d:e5:ea:f2:9e:f4:cf:93:25:
55:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:82:11:A0:97:BD:51:5A:43:FC:13:88:2A:0C:40:9E:45:A1:D5:BE
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/0IIRoJe9UVpD_BOIKgxAnkWh1b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8860:900::/40
2a00:8861:900::/40
Signature Algorithm: sha256WithRSAEncryption
9d:0b:ab:50:1e:ab:a7:d0:78:0b:35:f3:88:d5:24:b2:ae:b9:
f0:23:93:06:93:fb:60:ad:6b:47:1d:90:b0:77:d1:e1:19:96:
32:7b:28:74:44:f9:bf:1a:f1:04:fa:0d:2d:4d:d9:de:15:31:
09:2a:01:18:85:11:b2:d0:f4:ed:72:03:d1:f9:d4:3b:86:21:
0e:88:15:86:f9:64:2f:52:52:ca:72:7f:53:79:bd:25:e9:31:
4f:20:54:bf:31:23:de:10:49:8d:3e:9d:b9:6f:d0:62:a0:14:
a5:bd:95:a8:f2:12:76:65:b1:39:37:a0:b9:6a:21:01:f2:32:
b5:7c:09:da:b4:11:95:ed:44:5c:65:60:f7:76:8e:cd:da:2c:
6a:26:6b:7c:72:90:55:bc:fc:92:18:6c:51:3f:c2:b4:d6:1a:
d4:57:7c:f6:bf:08:ae:dc:88:11:d2:ac:44:03:84:97:4f:40:
28:b0:19:c5:0d:1b:f7:09:9c:62:42:d1:0e:a2:04:01:57:f6:
1c:65:2a:5e:ca:b7:ef:a4:17:64:d9:40:b5:a1:2b:8d:ef:88:
af:5f:f5:a1:e8:8a:b3:f3:f0:55:0b:24:06:70:98:79:8e:30:
64:c1:93:31:f7:e5:2c:de:eb:5e:f3:4a:5a:5d:04:15:01:b2:
62:b4:3c:2d
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIEA+PTajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODIwMzQ2M2ViOTQ0YjI1YzY1MTM1Y2E0N2JkYmRhYjY0NmYzOTg0MB4XDTIyMDEw
MTA2NTYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA4MjExYTA5N2Jk
NTE1YTQzZmMxMzg4MmEwYzQwOWU0NWExZDViZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJX9jB3+QsvyHHyYmythzBXsbDbfo+a6v5l1YE+Wo7vtDcl
vPiYruHkjTAGJWnqzwsIvxMvc1cl85VZVR4V3OssKlD1FM0tTxdBcJMecnSgEbYk
KF2q8itIcTQr/cJcsSPIo/+dw5KI6tTWFkICChCyU+nTbGuJkknphrVBi7HclFy9
WB/jJj60D7Hn60jW6NSTrvH50CMJgIRbhzzvPxGxDVZ7nJO2ZApF5AFuIGFDNerR
/CeSMYchhifVIuBuBMaAiG5x1hxZuifFvqYZy2ZIxhO+1OrzJ9aqWeNP8G+zvMgx
hutS3dyrx0SL3VgAdm23hJj3feXq8p70z5MlVaECAwEAAaOCAhMwggIPMB0GA1Ud
DgQWBBTQghGgl71RWkP8E4gqDECeRaHVvjAfBgNVHSMEGDAWgBQ4IDRj65RLJcZR
NcpHvb2rZG85hDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09DQTBZLXVVU3lYR1VUWEtSNzI5cTJSdk9ZUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvMGEyOTg0LWE4NjktNDQwZC1iNTc4LTU4OTM1MTc5Yjk4NS8x
LzBJSVJvSmU5VVZwRF9CT0lLZ3hBbmtXaDFiNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
MGEyOTg0LWE4NjktNDQwZC1iNTc4LTU4OTM1MTc5Yjk4NS8xL09DQTBZLXVVU3lY
R1VUWEtSNzI5cTJSdk9ZUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAp
BggrBgEFBQcBBwEB/wQaMBgwFgQCAAIwEAMGACoAiGAJAwYAKgCIYQkwDQYJKoZI
hvcNAQELBQADggEBAJ0Lq1Aeq6fQeAs184jVJLKuufAjkwaT+2Cta0cdkLB30eEZ
ljJ7KHRE+b8a8QT6DS1N2d4VMQkqARiFEbLQ9O1yA9H51DuGIQ6IFYb5ZC9SUspy
f1N5vSXpMU8gVL8xI94QSY0+nblv0GKgFKW9lajyEnZlsTk3oLlqIQHyMrV8Cdq0
EZXtRFxlYPd2js3aLGoma3xykFW8/JIYbFE/wrTWGtRXfPa/CK7ciBHSrEQDhJdP
QCiwGcUNG/cJnGJC0Q6iBAFX9hxlKl7Kt++kF2TZQLWhK43viK9f9aHoirPz8FUL
JAZwmHmOMGTBkzH35Sze617zSlpdBBUBsmK0PC0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:09 2023 by rpki-client on console-ams.rpki-client.org