Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/OhrCxGxnCIrUpOFLzaRRqje_If0.roa
File: OhrCxGxnCIrUpOFLzaRRqje_If0.roa (raw, json)
Hash identifier: 00qLK1Iy5ooFv+4y9V/KN4Icbr99OTozRwgHMqSvGGc=
Subject key identifier: 3A:1A:C2:C4:6C:67:08:8A:D4:A4:E1:4B:CD:A4:51:AA:37:BF:21:FD
Certificate issuer: /CN=bcce590711ae7fcb016eeb7376b0a7fc7661cb13
Certificate serial: 01856F024DE26B13827CCED6AF37CC4B0EDA
Authority key identifier: BC:CE:59:07:11:AE:7F:CB:01:6E:EB:73:76:B0:A7:FC:76:61:CB:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vM5ZBxGuf8sBbutzdrCn_HZhyxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/OhrCxGxnCIrUpOFLzaRRqje_If0.roa
Signing time: Sun 01 Jan 2023 20:24:59 +0000
ROA not before: Sun 01 Jan 2023 20:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19541
IP address blocks: 2a00:ad40:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4d:e2:6b:13:82:7c:ce:d6:af:37:cc:4b:0e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcce590711ae7fcb016eeb7376b0a7fc7661cb13
Validity
Not Before: Jan 1 20:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a1ac2c46c67088ad4a4e14bcda451aa37bf21fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cf:27:e5:d2:2d:36:34:d5:25:be:94:54:fe:
d8:59:5a:d1:1c:5e:2c:8e:32:d6:9f:4d:52:d7:6e:
d6:d7:f3:90:98:84:4d:66:b4:7d:89:80:89:0f:f3:
d5:8e:ac:be:8c:27:cd:dd:0c:e6:08:95:c4:9f:f8:
b6:67:b8:6f:c0:0c:fc:7e:f8:06:f3:b8:da:9e:d5:
6f:6c:ad:0c:62:2e:e6:17:38:94:0c:a2:13:f6:52:
d5:6e:e8:f0:e7:b3:1d:12:56:ea:88:6d:62:1d:a8:
ec:cf:a1:6a:f9:7d:c0:5d:ae:d7:cf:39:1b:74:58:
98:d0:62:01:4a:e9:24:4e:57:27:44:71:92:57:e0:
b4:52:b3:da:85:01:03:43:03:8a:64:d7:4a:f0:fd:
50:31:f5:dc:aa:59:87:bf:2b:75:fb:75:ed:fb:cc:
2d:1b:82:de:b8:67:fb:9c:b2:a5:8d:6b:ed:14:37:
0b:4a:2b:dd:60:34:73:fa:e1:24:34:ec:5a:fa:aa:
97:e0:18:5c:09:56:6f:24:8e:f9:2f:32:c7:bd:42:
5b:fe:f1:0a:ef:64:ca:70:4a:b8:94:eb:05:35:77:
50:60:17:e1:0b:6d:89:91:a1:f8:e1:5c:20:86:43:
09:83:b0:1e:8b:89:52:e1:a3:fe:bd:f5:cf:ae:30:
38:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1A:C2:C4:6C:67:08:8A:D4:A4:E1:4B:CD:A4:51:AA:37:BF:21:FD
X509v3 Authority Key Identifier:
keyid:BC:CE:59:07:11:AE:7F:CB:01:6E:EB:73:76:B0:A7:FC:76:61:CB:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vM5ZBxGuf8sBbutzdrCn_HZhyxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/OhrCxGxnCIrUpOFLzaRRqje_If0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/vM5ZBxGuf8sBbutzdrCn_HZhyxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ad40:100::/40
Signature Algorithm: sha256WithRSAEncryption
82:ff:36:e2:77:e3:7c:7c:7d:a4:3a:ce:bc:ff:bd:fa:2a:06:
88:29:fa:6f:35:8e:0f:b4:04:1a:4c:d4:d9:14:4b:b9:c2:0e:
41:54:9c:a3:5a:79:09:27:d1:d3:a7:ee:85:5a:e1:c2:da:cc:
8c:76:e8:6d:c6:1d:b9:0b:91:6a:15:ee:ac:c6:d5:1d:41:57:
1c:b2:30:f6:41:09:02:49:c9:71:33:48:22:99:14:71:58:d3:
55:fa:65:16:55:b7:ce:08:da:dd:69:53:0b:e4:06:66:d0:9f:
58:74:91:0c:25:76:d4:b6:d1:2a:32:96:85:60:e0:c7:85:07:
dc:92:b4:b1:36:87:46:4f:17:d7:c7:c7:5a:7b:b3:c0:6f:33:
69:9d:fe:af:74:c8:77:50:a1:ec:04:6c:e0:48:94:d0:b8:5e:
2b:3b:5f:38:a3:98:3f:4c:2d:51:7a:48:bc:eb:a9:c3:34:0c:
e9:80:00:82:47:7f:af:ac:21:11:7b:3e:f4:22:9c:09:99:50:
c3:70:2f:a8:26:43:1b:ec:5a:e0:2a:ba:21:93:ac:a9:fa:f9:
c8:97:79:56:d0:ca:8f:0c:90:d4:aa:7b:9a:f9:04:e3:3d:05:
7d:05:e1:7d:ed:18:0f:2d:15:18:ef:b0:22:dc:9c:7d:40:06:
d0:22:52:08
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvAk3iaxOCfM7WrzfMSw7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2U1OTA3MTFhZTdmY2IwMTZlZWI3Mzc2YjBhN2ZjNzY2
MWNiMTMwHhcNMjMwMTAxMjAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTFhYzJjNDZjNjcwODhhZDRhNGUxNGJjZGE0NTFhYTM3YmYyMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkc8n5dItNjTVJb6UVP7YWVrRHF4s
jjLWn01S127W1/OQmIRNZrR9iYCJD/PVjqy+jCfN3QzmCJXEn/i2Z7hvwAz8fvgG
87jantVvbK0MYi7mFziUDKIT9lLVbujw57MdElbqiG1iHajsz6Fq+X3AXa7Xzzkb
dFiY0GIBSukkTlcnRHGSV+C0UrPahQEDQwOKZNdK8P1QMfXcqlmHvyt1+3Xt+8wt
G4LeuGf7nLKljWvtFDcLSivdYDRz+uEkNOxa+qqX4BhcCVZvJI75LzLHvUJb/vEK
72TKcEq4lOsFNXdQYBfhC22JkaH44VwghkMJg7Aei4lS4aP+vfXPrjA4AwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDoawsRsZwiK1KThS82kUao3vyH9MB8GA1UdIwQY
MBaAFLzOWQcRrn/LAW7rc3awp/x2YcsTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk01WkJ4R3VmOHNCYnV0emRyQ25fSFpoeXhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hYzZiOTEtZWRhZi00NDg2LTkzNGUt
MDVkYjQ5N2FjNDU1LzEvT2hyQ3hHeG5DSXJVcE9GTHphUlJxamVfSWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hYzZiOTEtZWRhZi00NDg2LTkzNGUtMDVkYjQ5N2FjNDU1
LzEvdk01WkJ4R3VmOHNCYnV0emRyQ25fSFpoeXhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgCtQAEw
DQYJKoZIhvcNAQELBQADggEBAIL/NuJ343x8faQ6zrz/vfoqBogp+m81jg+0BBpM
1NkUS7nCDkFUnKNaeQkn0dOn7oVa4cLazIx26G3GHbkLkWoV7qzG1R1BVxyyMPZB
CQJJyXEzSCKZFHFY01X6ZRZVt84I2t1pUwvkBmbQn1h0kQwldtS20SoyloVg4MeF
B9yStLE2h0ZPF9fHx1p7s8BvM2md/q90yHdQoewEbOBIlNC4Xis7XzijmD9MLVF6
SLzrqcM0DOmAAIJHf6+sIRF7PvQinAmZUMNwL6gmQxvsWuAquiGTrKn6+ciXeVbQ
yo8MkNSqe5r5BOM9BX0F4X3tGA8tFRjvsCLcnH1ABtAiUgg=
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:05:19 2025 by rpki-client