Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/ONRivd6fqYYS-oIPWjZUyw8p_40.roa
File: ONRivd6fqYYS-oIPWjZUyw8p_40.roa (raw, json)
Hash identifier: V4SVdeabrp4Lvho+3kzHSERbiJRk4TVdkdiOFVV0cqU=
Subject key identifier: 38:D4:62:BD:DE:9F:A9:86:12:FA:82:0F:5A:36:54:CB:0F:29:FF:8D
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 02080E9E
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/ONRivd6fqYYS-oIPWjZUyw8p_40.roa
Signing time: Wed 16 Mar 2022 18:15:16 +0000
ROA not before: Wed 16 Mar 2022 18:15:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56381
IP address blocks: 141.98.136.0/24 maxlen: 24
2a09:11c0:1000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34082462 (0x2080e9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Mar 16 18:15:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38d462bdde9fa98612fa820f5a3654cb0f29ff8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:86:98:82:51:b4:82:ba:cd:17:f3:fd:4d:ba:
bd:ac:61:80:4f:55:e0:67:9c:58:c6:8b:d4:a0:9d:
75:b4:1d:4b:26:1d:92:36:46:c7:c9:19:03:d8:46:
dd:cd:32:7a:08:6f:88:5f:20:2d:f6:e5:91:d5:86:
0b:31:1e:ec:6a:14:0b:11:44:e4:1a:bb:9b:b2:c5:
73:07:a7:42:41:c4:00:a3:42:d3:08:b3:e1:90:fb:
3f:a4:3b:10:02:60:53:62:62:73:cb:be:e7:86:ea:
39:2b:f8:74:f0:73:07:76:b3:0c:9e:05:e9:1b:43:
5d:14:0b:9e:65:b4:10:cc:fd:8c:29:8f:d7:83:72:
79:c7:58:16:f8:ec:00:77:c1:c9:33:0d:15:a2:85:
8d:6e:37:b5:3f:66:7d:0f:1a:68:2b:68:2e:67:bb:
a2:02:a2:b2:34:c1:47:fc:6d:58:ff:ab:12:81:03:
59:24:af:f8:7f:9d:48:e2:dd:1a:47:96:f8:04:14:
17:b5:81:61:a1:a3:8f:c2:8c:3f:55:5a:cb:71:63:
4b:2b:47:12:c7:2a:be:5f:57:c8:39:b0:e9:91:8c:
04:a7:77:e2:31:be:a5:c8:f5:64:5f:08:7e:d7:31:
4f:75:ed:76:5b:ea:ce:62:b9:e2:af:75:ed:ed:f0:
29:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D4:62:BD:DE:9F:A9:86:12:FA:82:0F:5A:36:54:CB:0F:29:FF:8D
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/ONRivd6fqYYS-oIPWjZUyw8p_40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.136.0/24
IPv6:
2a09:11c0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
01:b1:5c:80:ff:15:8c:76:61:ef:b7:db:74:6f:c9:17:f8:45:
cf:45:b6:64:01:8f:04:78:a0:ac:7d:46:45:3d:68:40:3c:48:
3d:56:f7:d8:cc:9a:63:87:e1:c3:bb:4b:69:9f:53:c4:a3:12:
d1:03:c3:30:b4:59:77:bb:25:57:18:38:30:05:b2:7b:32:98:
56:0a:ac:15:b2:78:54:fe:91:2b:b2:de:f0:c9:34:c8:24:aa:
e0:bf:16:ae:50:92:ab:1e:26:e5:03:f8:d3:97:6b:12:ed:ab:
17:cc:ee:e0:c0:49:de:a5:bb:fc:31:1b:92:5a:d3:80:82:42:
bb:1e:25:9a:bc:6f:e1:5f:a3:04:69:d4:7d:15:77:de:c9:42:
c6:e3:b4:c2:d9:f3:d3:b8:31:5b:5e:fe:6d:7f:5f:a6:00:33:
cb:97:a4:4f:94:ae:95:9c:68:46:ff:5c:d3:dd:b3:ce:d0:1a:
22:2f:ac:4d:fd:8f:3b:91:a6:3b:c2:a0:86:3c:5c:03:b1:18:
57:26:8a:f7:be:06:6b:14:6e:29:f4:d4:3f:8b:c1:49:c4:74:
7e:1a:26:18:82:e3:aa:71:e5:02:14:67:70:95:53:2d:72:5e:
96:a7:18:ea:6d:49:cf:e4:ea:42:44:dc:fc:36:29:f1:16:d2:
2a:20:03:f6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEAggOnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDRlYjIwNGYzNTgwMDQ3ODgyMjRlMmZiMThlNGQ1ZTc0YmViZjhkMB4XDTIyMDMx
NjE4MTUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhkNDYyYmRkZTlm
YTk4NjEyZmE4MjBmNWEzNjU0Y2IwZjI5ZmY4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+GmIJRtIK6zRfz/U26vaxhgE9V4GecWMaL1KCddbQdSyYd
kjZGx8kZA9hG3c0yeghviF8gLfblkdWGCzEe7GoUCxFE5Bq7m7LFcwenQkHEAKNC
0wiz4ZD7P6Q7EAJgU2Jic8u+54bqOSv4dPBzB3azDJ4F6RtDXRQLnmW0EMz9jCmP
14NyecdYFvjsAHfByTMNFaKFjW43tT9mfQ8aaCtoLme7ogKisjTBR/xtWP+rEoED
WSSv+H+dSOLdGkeW+AQUF7WBYaGjj8KMP1Vay3FjSytHEscqvl9XyDmw6ZGMBKd3
4jG+pcj1ZF8IftcxT3XtdlvqzmK54q917e3wKUMCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQ41GK93p+phhL6gg9aNlTLDyn/jTAfBgNVHSMEGDAWgBTwTrIE81gAR4gi
Ti+xjk1edL6/jTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhFNnlCUE5ZQUVlSUlrNHZzWTVOWG5TLXY0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOWFiNDJhLWRmOTItNGU0Mi05ZTMzLTVjNTg5MmFmYTQ4Ny8x
L09OUml2ZDZmcVlZUy1vSVBXalpVeXc4cF80MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OWFiNDJhLWRmOTItNGU0Mi05ZTMzLTVjNTg5MmFmYTQ4Ny8xLzhFNnlCUE5ZQUVl
SUlrNHZzWTVOWG5TLXY0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAI1iiDAOBAIAAjAIAwYEKgkRwBAw
DQYJKoZIhvcNAQELBQADggEBAAGxXID/FYx2Ye+323RvyRf4Rc9FtmQBjwR4oKx9
RkU9aEA8SD1W99jMmmOH4cO7S2mfU8SjEtEDwzC0WXe7JVcYODAFsnsymFYKrBWy
eFT+kSuy3vDJNMgkquC/Fq5QkqseJuUD+NOXaxLtqxfM7uDASd6lu/wxG5Ja04CC
QrseJZq8b+FfowRp1H0Vd97JQsbjtMLZ89O4MVte/m1/X6YAM8uXpE+UrpWcaEb/
XNPds87QGiIvrE39jzuRpjvCoIY8XAOxGFcmive+BmsUbin01D+LwUnEdH4aJhiC
46px5QIUZ3CVUy1yXpanGOptSc/k6kJE3Pw2KfEW0iogA/Y=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:32 2023 by rpki-client on console-ams.rpki-client.org