Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9ddc9d-60c7-4bcb-919a-3408089edc45/1/ocj2MceXYH7IVXdms97eP7lgllk.roa
File: ocj2MceXYH7IVXdms97eP7lgllk.roa (raw, json)
Hash identifier: Hwcf+xpbX8Mxp/dlAllYXZrz/yMs9l3o8m6QKDzXIGQ=
Subject key identifier: A1:C8:F6:31:C7:97:60:7E:C8:55:77:66:B3:DE:DE:3F:B9:60:96:59
Certificate issuer: /CN=542d971ad3c2e438d4a312d1a1de751810aca4e0
Certificate serial: 0185708C95EB3551DB56F6DB152BFFF140D5
Authority key identifier: 54:2D:97:1A:D3:C2:E4:38:D4:A3:12:D1:A1:DE:75:18:10:AC:A4:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC2XGtPC5DjUoxLRod51GBCspOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9ddc9d-60c7-4bcb-919a-3408089edc45/1/ocj2MceXYH7IVXdms97eP7lgllk.roa
Signing time: Mon 02 Jan 2023 03:35:39 +0000
ROA not before: Mon 02 Jan 2023 03:35:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209490
IP address blocks: 171.22.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:95:eb:35:51:db:56:f6:db:15:2b:ff:f1:40:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542d971ad3c2e438d4a312d1a1de751810aca4e0
Validity
Not Before: Jan 2 03:35:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1c8f631c797607ec8557766b3dede3fb9609659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:eb:19:dc:1b:85:52:9c:a7:e4:11:b9:de:cb:
59:48:3b:b5:a3:96:3e:48:00:c8:a3:eb:e3:20:ba:
dd:11:ad:a5:13:ef:99:ac:37:a0:60:bb:d5:eb:50:
e8:32:34:72:fb:2c:fa:81:24:c5:f4:28:20:99:c2:
0c:3a:f1:ed:30:8e:52:1a:50:98:78:01:27:8a:ad:
b0:49:14:07:47:68:d1:31:a6:1d:73:8b:cb:3f:e8:
27:27:f3:4f:ae:2b:8e:e2:a9:82:ea:4e:ba:bc:0c:
7b:1e:0f:cb:27:86:97:b2:52:b1:24:5b:7d:c6:c8:
48:10:48:5d:71:23:f3:72:42:23:29:99:35:03:a8:
a4:e8:59:04:20:35:8c:82:d5:bb:41:5c:17:32:d9:
89:58:2c:29:7f:96:68:ef:21:ac:ba:89:5c:4e:59:
20:c5:f1:60:16:12:36:fb:e5:9b:ed:17:1f:68:57:
c7:40:70:39:6c:1c:6a:65:a7:58:19:34:68:3a:1a:
59:6a:48:58:a8:7a:87:00:f5:68:70:27:60:d5:2d:
60:a5:a6:ec:11:fa:c9:65:da:2b:8d:d2:90:52:c9:
e4:2f:9c:6f:a2:7d:38:20:06:8c:f2:93:26:2f:fc:
bf:7b:d2:8e:73:6d:69:a4:d2:5e:c3:a5:7c:43:98:
a3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C8:F6:31:C7:97:60:7E:C8:55:77:66:B3:DE:DE:3F:B9:60:96:59
X509v3 Authority Key Identifier:
keyid:54:2D:97:1A:D3:C2:E4:38:D4:A3:12:D1:A1:DE:75:18:10:AC:A4:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC2XGtPC5DjUoxLRod51GBCspOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ddc9d-60c7-4bcb-919a-3408089edc45/1/ocj2MceXYH7IVXdms97eP7lgllk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ddc9d-60c7-4bcb-919a-3408089edc45/1/VC2XGtPC5DjUoxLRod51GBCspOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.56.0/22
Signature Algorithm: sha256WithRSAEncryption
50:a0:a6:51:32:d8:6b:41:d0:fe:9c:bd:30:7a:ee:ea:9d:f9:
f0:57:62:94:33:b3:ca:d4:e0:28:9c:ed:67:5a:a3:45:7d:38:
ea:60:c7:9c:2d:8d:86:1d:98:51:69:ac:76:d0:b1:df:41:4c:
6d:5e:09:49:1f:b1:35:ed:9e:36:6b:17:37:64:dd:9d:9e:cc:
46:ac:77:83:b2:d0:66:aa:6d:3a:ee:46:58:0b:70:1e:05:79:
c4:7b:ef:04:a5:77:8a:2f:a7:32:1d:c0:7f:65:c3:e6:a2:e6:
5d:e4:37:74:4a:c4:5f:6d:1f:d6:ab:b4:05:d6:b1:d3:28:2f:
ea:44:17:b6:1d:76:3a:2a:bb:85:d8:67:4e:bf:29:df:d3:3b:
64:f3:b5:a3:a6:0a:4e:e2:74:ff:4e:56:55:31:8e:e2:00:56:
b1:8b:be:e5:4c:30:c9:b4:6f:b6:ef:65:f9:90:3c:31:4f:7c:
06:67:8f:94:9e:46:19:b5:8e:e7:24:fb:6b:71:f6:81:8e:58:
c2:f4:99:86:8d:14:9b:13:28:c6:d7:fa:cb:cb:35:84:0c:ef:
b1:96:8c:0e:70:3e:4b:e1:d8:27:67:4a:d7:af:16:20:28:4c:
39:04:0d:63:1c:b7:9e:fe:01:72:d4:5b:6a:8a:4e:d0:49:7e:
14:f1:6b:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjJXrNVHbVvbbFSv/8UDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmQ5NzFhZDNjMmU0MzhkNGEzMTJkMWExZGU3NTE4MTBh
Y2E0ZTAwHhcNMjMwMTAyMDMzNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM4ZjYzMWM3OTc2MDdlYzg1NTc3NjZiM2RlZGUzZmI5NjA5NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnesZ3BuFUpyn5BG53stZSDu1o5Y+
SADIo+vjILrdEa2lE++ZrDegYLvV61DoMjRy+yz6gSTF9CggmcIMOvHtMI5SGlCY
eAEniq2wSRQHR2jRMaYdc4vLP+gnJ/NPriuO4qmC6k66vAx7Hg/LJ4aXslKxJFt9
xshIEEhdcSPzckIjKZk1A6ik6FkEIDWMgtW7QVwXMtmJWCwpf5Zo7yGsuolcTlkg
xfFgFhI2++Wb7RcfaFfHQHA5bBxqZadYGTRoOhpZakhYqHqHAPVocCdg1S1gpabs
EfrJZdorjdKQUsnkL5xvon04IAaM8pMmL/y/e9KOc21ppNJew6V8Q5ijNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHI9jHHl2B+yFV3ZrPe3j+5YJZZMB8GA1UdIwQY
MBaAFFQtlxrTwuQ41KMS0aHedRgQrKTgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkMyWEd0UEM1RGpVb3hMUm9kNTFHQkNzcE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85ZGRjOWQtNjBjNy00YmNiLTkxOWEt
MzQwODA4OWVkYzQ1LzEvb2NqMk1jZVhZSDdJVlhkbXM5N2VQN2xnbGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85ZGRjOWQtNjBjNy00YmNiLTkxOWEtMzQwODA4OWVkYzQ1
LzEvVkMyWEd0UEM1RGpVb3hMUm9kNTFHQkNzcE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqxY4MA0G
CSqGSIb3DQEBCwUAA4IBAQBQoKZRMthrQdD+nL0weu7qnfnwV2KUM7PK1OAonO1n
WqNFfTjqYMecLY2GHZhRaax20LHfQUxtXglJH7E17Z42axc3ZN2dnsxGrHeDstBm
qm067kZYC3AeBXnEe+8EpXeKL6cyHcB/ZcPmouZd5Dd0SsRfbR/Wq7QF1rHTKC/q
RBe2HXY6KruF2GdOvynf0ztk87WjpgpO4nT/TlZVMY7iAFaxi77lTDDJtG+272X5
kDwxT3wGZ4+UnkYZtY7nJPtrcfaBjljC9JmGjRSbEyjG1/rLyzWEDO+xlowOcD5L
4dgnZ0rXrxYgKEw5BA1jHLee/gFy1Ftqik7QSX4U8WsU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:59 2025 by rpki-client