Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/oUo6bwMomGO4ozEEXTvqP7WGCmw.roa
File: oUo6bwMomGO4ozEEXTvqP7WGCmw.roa (raw, json)
Hash identifier: YCH5HEboN5sICSshFJG+9IsRYNAN9IgZc1P6TJfLEmM=
Subject key identifier: A1:4A:3A:6F:03:28:98:63:B8:A3:31:04:5D:3B:EA:3F:B5:86:0A:6C
Certificate issuer: /CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Certificate serial: 03C27A1B
Authority key identifier: 70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/oUo6bwMomGO4ozEEXTvqP7WGCmw.roa
Signing time: Sat 01 Jan 2022 12:57:19 +0000
ROA not before: Sat 01 Jan 2022 12:57:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56544
IP address blocks: 217.11.140.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63076891 (0x3c27a1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Validity
Not Before: Jan 1 12:57:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a14a3a6f03289863b8a331045d3bea3fb5860a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ee:d3:22:63:18:e2:13:d5:ee:eb:9d:66:6e:
39:9f:a3:a5:24:7c:fb:89:d7:44:78:a6:27:46:0a:
61:0d:64:09:ad:d7:be:f6:f2:09:45:1f:c6:fd:11:
b8:7d:bd:80:75:10:5c:36:2d:28:e2:c5:8b:4b:76:
b0:2d:83:52:94:b2:a8:1f:f5:ff:70:96:5f:a8:46:
07:d8:90:22:21:56:fe:fe:92:19:d5:45:32:c6:11:
42:96:f4:2e:94:0f:15:7c:6a:f3:30:34:71:47:1c:
f6:5d:e9:6c:93:3a:2f:72:c6:d5:d3:ba:e4:c4:97:
c6:9e:a6:ec:4a:47:8c:3d:9f:19:25:d0:1d:a6:7c:
bc:87:97:c9:dc:0c:84:d3:c1:a8:1d:ee:fe:4b:c3:
98:70:a8:91:c9:4d:03:85:e2:14:4e:1d:38:5c:b4:
dc:e1:5d:0a:94:2a:a2:67:1e:91:59:80:8d:a7:a3:
24:23:96:80:b0:e4:85:18:b8:4b:73:bf:62:0f:f9:
b3:d0:c8:f2:b6:41:e8:59:f2:55:5f:1a:19:19:9b:
12:c7:ee:bb:29:f1:ee:04:03:53:9e:79:4f:a1:6c:
af:d1:5d:37:95:1f:fb:d7:b0:2d:5f:39:bf:5f:96:
1c:0d:e3:ad:ed:fc:75:21:90:70:40:be:02:64:1c:
b6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:4A:3A:6F:03:28:98:63:B8:A3:31:04:5D:3B:EA:3F:B5:86:0A:6C
X509v3 Authority Key Identifier:
keyid:70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/oUo6bwMomGO4ozEEXTvqP7WGCmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.11.140.0/23
Signature Algorithm: sha256WithRSAEncryption
80:04:43:2f:d9:e4:81:85:67:06:f8:d6:7f:d6:09:93:e6:d5:
9b:4a:fb:e3:4f:0a:25:36:c6:47:8c:22:53:c7:5f:29:56:2d:
c2:57:7f:8a:6c:03:b7:23:f1:5b:87:be:8f:f4:40:b0:8c:27:
3f:70:da:4f:42:7d:cf:a0:2f:1f:60:dd:f6:f4:7e:22:00:97:
af:b7:8a:33:74:22:02:9d:b1:be:63:e4:14:6d:58:fd:55:20:
e3:1d:4c:3b:00:2f:3f:66:d9:8b:8d:06:35:f1:5b:73:50:ca:
22:64:09:f2:79:ef:ce:a2:d5:8e:b2:58:f1:ea:22:06:09:f1:
07:21:8d:89:ff:5e:27:ee:12:74:b7:60:5f:e5:6a:dc:50:d0:
96:a7:9f:1d:03:15:ae:e6:3a:d6:f2:e5:f1:0e:36:ef:fd:ee:
00:36:15:cb:1b:0a:a3:5e:b5:32:99:b2:66:c2:28:0c:90:47:
6b:d0:00:87:c9:ef:dd:e4:ac:09:da:1d:ae:d8:cc:bc:cd:fa:
7f:86:52:ea:48:fd:9f:8b:98:54:ef:01:07:80:e1:c6:7f:a5:
b0:71:3b:be:8b:7b:5c:8c:45:29:c5:e9:f3:da:fc:b8:e0:4a:
1e:82:1b:b2:e5:a4:8a:b8:fb:53:47:b9:4b:0f:86:89:63:b4:
bc:aa:81:12
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8J6GzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDBhMTIzMWQxYzI3YTc1NGU0NmVmMTBlOTJhNzMwYWUxNWQwZjU1MB4XDTIyMDEw
MTEyNTcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE0YTNhNmYwMzI4
OTg2M2I4YTMzMTA0NWQzYmVhM2ZiNTg2MGE2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPu0yJjGOIT1e7rnWZuOZ+jpSR8+4nXRHimJ0YKYQ1kCa3X
vvbyCUUfxv0RuH29gHUQXDYtKOLFi0t2sC2DUpSyqB/1/3CWX6hGB9iQIiFW/v6S
GdVFMsYRQpb0LpQPFXxq8zA0cUcc9l3pbJM6L3LG1dO65MSXxp6m7EpHjD2fGSXQ
HaZ8vIeXydwMhNPBqB3u/kvDmHCokclNA4XiFE4dOFy03OFdCpQqomcekVmAjaej
JCOWgLDkhRi4S3O/Yg/5s9DI8rZB6FnyVV8aGRmbEsfuuynx7gQDU555T6Fsr9Fd
N5Uf+9ewLV85v1+WHA3jre38dSGQcEC+AmQctr0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShSjpvAyiYY7ijMQRdO+o/tYYKbDAfBgNVHSMEGDAWgBRwChIx0cJ6dU5G
7xDpKnMK4V0PVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NBb1NNZEhDZW5WT1J1OFE2U3B6Q3VGZEQxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvZGNjMmI0LTlkZWQtNDY3OC04Mzk4LWFiNzlhMzc4OWY4Zi8x
L29VbzZid01vbUdPNG96RUVYVHZxUDdXR0Ntdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
ZGNjMmI0LTlkZWQtNDY3OC04Mzk4LWFiNzlhMzc4OWY4Zi8xL2NBb1NNZEhDZW5W
T1J1OFE2U3B6Q3VGZEQxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdkLjDANBgkqhkiG9w0BAQsFAAOC
AQEAgARDL9nkgYVnBvjWf9YJk+bVm0r7408KJTbGR4wiU8dfKVYtwld/imwDtyPx
W4e+j/RAsIwnP3DaT0J9z6AvH2Dd9vR+IgCXr7eKM3QiAp2xvmPkFG1Y/VUg4x1M
OwAvP2bZi40GNfFbc1DKImQJ8nnvzqLVjrJY8eoiBgnxByGNif9eJ+4SdLdgX+Vq
3FDQlqefHQMVruY61vLl8Q427/3uADYVyxsKo161MpmyZsIoDJBHa9AAh8nv3eSs
CdodrtjMvM36f4ZS6kj9n4uYVO8BB4Dhxn+lsHE7vot7XIxFKcXp89r8uOBKHoIb
suWkirj7U0e5Sw+GiWO0vKqBEg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:26:02 2025 by rpki-client