Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/OJWQrdokdFyCvXftZzYu9_MatWs.roa
File: OJWQrdokdFyCvXftZzYu9_MatWs.roa (raw, json)
Hash identifier: cezcnvKGCN7jbrHeA58si+vkmD3ZXOCeJVUVjyIW8Tw=
Subject key identifier: 38:95:90:AD:DA:24:74:5C:82:BD:77:ED:67:36:2E:F7:F3:1A:B5:6B
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 40CF25
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/OJWQrdokdFyCvXftZzYu9_MatWs.roa
Signing time: Fri 29 Apr 2022 02:02:53 +0000
ROA not before: Fri 29 Apr 2022 02:02:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208548
IP address blocks: 2a12:bec1::/36 maxlen: 36
2a12:bec1:4000::/36 maxlen: 36
2a12:bec1:3000::/36 maxlen: 36
2a12:bec1:2000::/36 maxlen: 36
2a12:bec1:1000::/36 maxlen: 36
2a12:bec0:40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4247333 (0x40cf25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Apr 29 02:02:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=389590adda24745c82bd77ed67362ef7f31ab56b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:43:16:ea:6d:e9:31:9f:87:66:21:7a:f0:28:
59:fd:9a:17:25:50:67:2a:1b:9c:67:d9:d9:6b:5f:
04:d9:17:0a:dd:41:94:a1:19:ea:e5:f3:5f:97:01:
fc:b7:94:23:d3:5d:92:2c:13:d6:bc:53:e1:0c:f8:
e8:fd:c9:9f:1e:a6:3f:90:6b:c5:49:94:c2:84:a0:
14:0b:b0:c5:71:af:32:84:e8:1b:ef:8c:9a:22:f4:
99:39:65:68:d3:14:87:f9:14:ac:91:c1:91:dd:ec:
65:55:76:ce:e7:71:af:3e:e6:75:4c:d7:6f:35:b8:
03:45:fe:c8:e9:93:9c:1d:0f:03:91:95:e8:ea:c9:
bc:57:0d:51:60:e8:e5:a6:ec:de:61:fa:80:f5:43:
9e:db:e9:c2:62:fe:5b:c9:3b:29:ef:48:fa:31:5f:
2a:1e:57:2a:c4:2c:67:b6:7f:92:9f:17:0c:90:24:
49:51:10:de:97:7b:43:b8:86:c2:9c:79:2c:f0:94:
b3:1b:7f:71:39:df:f5:2e:f0:e8:5e:99:52:09:66:
b2:e2:c5:87:f2:65:1f:c5:cc:05:54:d0:36:55:49:
69:aa:f4:9b:c8:db:43:37:19:61:2d:9b:3e:91:22:
01:95:15:a1:4c:38:fb:ad:50:af:3d:10:c5:57:86:
8c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:95:90:AD:DA:24:74:5C:82:BD:77:ED:67:36:2E:F7:F3:1A:B5:6B
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/OJWQrdokdFyCvXftZzYu9_MatWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:40::/48
2a12:bec1::-2a12:bec1:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
79:6c:54:27:60:d3:e0:94:dc:a9:47:62:cb:48:0b:de:b1:78:
f1:6d:66:cd:ff:90:7a:5c:9c:e1:f5:25:16:d8:57:7d:fd:f6:
84:c1:70:c5:28:6c:d8:46:5f:0a:8a:d0:22:5e:02:5d:12:3a:
48:ce:47:ca:ed:c0:85:de:d4:0e:6d:21:e5:fb:f0:01:a1:3d:
7e:6d:25:32:7a:3a:3a:6d:27:26:31:69:4e:80:95:7a:db:2b:
c6:00:87:ce:19:f6:aa:27:aa:5b:37:4e:b3:d2:bc:7e:68:e3:
f3:23:e4:18:e0:da:c3:9d:71:2c:b0:5b:5a:da:6e:58:88:85:
62:01:2b:28:e2:3b:b7:14:08:d2:fd:96:ae:ad:67:8e:f8:2a:
3d:b5:0f:d5:f1:7c:c6:36:b7:6c:86:98:94:2b:d5:18:aa:a0:
4d:8e:36:0c:f9:a2:0e:d9:22:86:a6:a6:7a:1f:f0:36:e1:0b:
e4:99:fe:e7:5b:de:6a:f7:c1:99:ab:ca:18:e5:ca:ec:d2:9d:
ac:af:29:b7:31:02:ce:3c:f4:ff:76:1e:18:26:ee:ae:a8:61:
e9:79:97:1e:a7:e0:c1:dc:b0:53:09:32:c6:c7:30:e8:9f:5f:
fb:90:26:87:0d:c2:d2:27:ca:da:fc:57:b1:56:23:ad:4c:98:
c9:65:f3:c2
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIDQM8lMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
N2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBjM2Q2NmYwHhcNMjIwNDI5
MDIwMjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzODk1OTBhZGRhMjQ3
NDVjODJiZDc3ZWQ2NzM2MmVmN2YzMWFiNTZiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuEMW6m3pMZ+HZiF68ChZ/ZoXJVBnKhucZ9nZa18E2RcK3UGU
oRnq5fNflwH8t5Qj012SLBPWvFPhDPjo/cmfHqY/kGvFSZTChKAUC7DFca8yhOgb
74yaIvSZOWVo0xSH+RSskcGR3exlVXbO53GvPuZ1TNdvNbgDRf7I6ZOcHQ8DkZXo
6sm8Vw1RYOjlpuzeYfqA9UOe2+nCYv5byTsp70j6MV8qHlcqxCxntn+SnxcMkCRJ
URDel3tDuIbCnHks8JSzG39xOd/1LvDoXplSCWay4sWH8mUfxcwFVNA2VUlpqvSb
yNtDNxlhLZs+kSIBlRWhTDj7rVCvPRDFV4aMDQIDAQABo4ICHTCCAhkwHQYDVR0O
BBYEFDiVkK3aJHRcgr137Wc2LvfzGrVrMB8GA1UdIwQYMBaAFLN+IVpBXte13ktt
wS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
czM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2VlLzEv
T0pXUXJkb2tkRnlDdlhmdFp6WXU5X01hdFdzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85
N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2VlLzEvczM0aFdrRmUxN1hl
UzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDMG
CCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwcAKhK+wABAMA8DBQAqEr7BAwYEKhK+
wUAwDQYJKoZIhvcNAQELBQADggEBAHlsVCdg0+CU3KlHYstIC96xePFtZs3/kHpc
nOH1JRbYV3399oTBcMUobNhGXwqK0CJeAl0SOkjOR8rtwIXe1A5tIeX78AGhPX5t
JTJ6OjptJyYxaU6AlXrbK8YAh84Z9qonqls3TrPSvH5o4/Mj5Bjg2sOdcSywW1ra
bliIhWIBKyjiO7cUCNL9lq6tZ474Kj21D9XxfMY2t2yGmJQr1RiqoE2ONgz5og7Z
Ioampnof8DbhC+SZ/udb3mr3wZmryhjlyuzSnayvKbcxAs489P92Hhgm7q6oYel5
lx6n4MHcsFMJMsbHMOifX/uQJocNwtInytr8V7FWI61MmMll88I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org