Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/OyXXq0mnoLQMA7EvDoYub2mVjHY.roa
File: OyXXq0mnoLQMA7EvDoYub2mVjHY.roa (raw, json)
Hash identifier: NicGSZvH2dzupRSSR28nIKcx9h6INuaaetS/8nBYGKY=
Subject key identifier: 3B:25:D7:AB:49:A7:A0:B4:0C:03:B1:2F:0E:86:2E:6F:69:95:8C:76
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 17A4A99B
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/OyXXq0mnoLQMA7EvDoYub2mVjHY.roa
Signing time: Sat 01 Jan 2022 13:03:30 +0000
ROA not before: Sat 01 Jan 2022 13:03:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211581
IP address blocks: 2a09:e1c1:d000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 396667291 (0x17a4a99b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 13:03:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b25d7ab49a7a0b40c03b12f0e862e6f69958c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:67:fe:f1:81:2c:4b:b3:f7:8c:97:11:48:b3:
29:44:0e:89:d6:46:ac:6e:14:c3:35:6a:8c:e2:65:
c9:61:78:06:d7:89:22:63:9c:6e:da:67:d8:c3:4b:
e4:67:71:1d:68:02:48:90:46:5c:cb:42:da:79:bc:
e0:a2:30:33:d0:37:b2:ce:ef:96:f1:dd:55:64:cc:
22:f4:fd:18:7c:95:9f:12:06:05:6c:b7:9e:9c:9c:
4b:b3:60:a2:fe:ba:81:ae:b6:bb:da:aa:6e:ff:f2:
e0:ca:96:55:9d:c8:f6:2b:e5:b1:e2:ee:c0:34:88:
76:db:01:88:24:be:f5:0d:4a:88:8b:fa:b8:2e:e5:
6a:18:69:3d:62:2d:22:76:79:be:d5:64:30:b8:59:
c7:57:b1:b9:f0:0a:af:fc:ab:31:4e:c9:10:73:fc:
48:80:86:42:48:db:58:72:19:77:55:d0:26:96:0c:
32:c8:4e:d2:47:53:41:44:d3:ff:5e:fb:15:d4:2d:
01:1f:cd:ed:bd:8e:f6:b5:b3:f5:12:0b:cb:b5:1c:
65:06:79:13:11:8f:90:ac:86:12:20:71:d7:63:78:
d9:fc:b6:0d:87:d9:71:33:21:cf:96:55:fc:23:15:
3a:b3:9e:57:6d:65:f5:9f:94:29:d5:15:2c:67:e0:
1c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:25:D7:AB:49:A7:A0:B4:0C:03:B1:2F:0E:86:2E:6F:69:95:8C:76
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/OyXXq0mnoLQMA7EvDoYub2mVjHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e1c1:d000::/36
Signature Algorithm: sha256WithRSAEncryption
94:f2:b6:ed:94:d6:52:6c:a0:63:84:48:77:78:95:47:0c:53:
cb:eb:7b:31:dd:33:d0:b5:50:d8:b9:6f:b8:78:b8:e3:f7:08:
32:43:99:f2:c3:f4:0b:0c:01:d6:7b:fd:c0:48:29:6e:2c:0a:
ff:63:b5:bc:e1:b8:46:19:e3:e4:fc:21:03:36:88:f1:91:e8:
86:57:b9:4e:6d:d2:65:98:bb:c8:ae:d3:4f:18:5e:1b:be:ac:
57:8e:cb:cb:d7:e7:3b:49:62:aa:7f:4a:12:0d:d8:6b:5a:12:
29:0d:13:bb:6f:54:2b:fe:9b:3b:ff:3a:27:08:80:ff:33:63:
55:82:58:c1:e4:c8:df:b7:07:c7:9e:02:d1:9f:f8:5f:d6:57:
a9:8e:9d:4e:d6:4d:49:b7:7f:c5:a2:c3:30:2a:49:36:b5:06:
9e:8e:95:67:4f:a2:42:9b:29:5f:a0:06:b4:a3:e7:8a:20:48:
1d:d5:17:fd:cc:50:99:17:68:de:37:0d:25:6f:f7:be:1a:3c:
e4:1b:52:2a:ba:79:e2:69:c0:5f:96:56:29:70:36:91:22:0b:
2c:06:e5:20:99:8a:b0:e1:fd:7d:0c:aa:d9:45:5d:11:d9:76:
5b:bd:12:9f:6f:48:ca:c1:b2:26:c6:e9:32:59:59:29:44:32:
c1:fd:39:a6
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEF6SpmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2IyNWQ3YWI0OWE3
YTBiNDBjMDNiMTJmMGU4NjJlNmY2OTk1OGM3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJln/vGBLEuz94yXEUizKUQOidZGrG4UwzVqjOJlyWF4BteJ
ImOcbtpn2MNL5GdxHWgCSJBGXMtC2nm84KIwM9A3ss7vlvHdVWTMIvT9GHyVnxIG
BWy3npycS7Ngov66ga62u9qqbv/y4MqWVZ3I9ivlseLuwDSIdtsBiCS+9Q1KiIv6
uC7lahhpPWItInZ5vtVkMLhZx1exufAKr/yrMU7JEHP8SICGQkjbWHIZd1XQJpYM
MshO0kdTQUTT/177FdQtAR/N7b2O9rWz9RILy7UcZQZ5ExGPkKyGEiBx12N42fy2
DYfZcTMhz5ZV/CMVOrOeV21l9Z+UKdUVLGfgHG8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQ7JderSaegtAwDsS8Ohi5vaZWMdjAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L095WFhxMG1ub0xRTUE3RXZEb1l1YjJtVmpIWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoJ4cHQMA0GCSqGSIb3DQEBCwUA
A4IBAQCU8rbtlNZSbKBjhEh3eJVHDFPL63sx3TPQtVDYuW+4eLjj9wgyQ5nyw/QL
DAHWe/3ASCluLAr/Y7W84bhGGePk/CEDNojxkeiGV7lObdJlmLvIrtNPGF4bvqxX
jsvL1+c7SWKqf0oSDdhrWhIpDRO7b1Qr/ps7/zonCID/M2NVgljB5MjftwfHngLR
n/hf1lepjp1O1k1Jt3/FosMwKkk2tQaejpVnT6JCmylfoAa0o+eKIEgd1Rf9zFCZ
F2jeNw0lb/e+GjzkG1IqunniacBfllYpcDaRIgssBuUgmYqw4f19DKrZRV0R2XZb
vRKfb0jKwbImxukyWVkpRDLB/Tmm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org