Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/03cc4f-60c2-475e-9e09-524803ee2949/1/OOV3LOxIGvwajb3wOAo8IpAffoY.roa
File: OOV3LOxIGvwajb3wOAo8IpAffoY.roa (raw, json)
Hash identifier: WHcAZvNabeSifFQsonRPlYpx1xYgbi5v0iUyz+nKpKo=
Subject key identifier: 38:E5:77:2C:EC:48:1A:FC:1A:8D:BD:F0:38:0A:3C:22:90:1F:7E:86
Certificate issuer: /CN=780f86d044a4a2a233319418aa8da9ad837c76ea
Certificate serial: 09272D13
Authority key identifier: 78:0F:86:D0:44:A4:A2:A2:33:31:94:18:AA:8D:A9:AD:83:7C:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eA-G0ESkoqIzMZQYqo2prYN8duo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/03cc4f-60c2-475e-9e09-524803ee2949/1/OOV3LOxIGvwajb3wOAo8IpAffoY.roa
Signing time: Sat 01 Jan 2022 05:05:14 +0000
ROA not before: Sat 01 Jan 2022 05:05:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209591
IP address blocks: 141.98.124.0/22 maxlen: 24
2a10:2980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153562387 (0x9272d13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=780f86d044a4a2a233319418aa8da9ad837c76ea
Validity
Not Before: Jan 1 05:05:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38e5772cec481afc1a8dbdf0380a3c22901f7e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:81:7d:7d:96:b0:65:87:fd:90:6f:cc:63:ad:
36:20:9c:3f:a0:51:dc:40:6f:a3:94:fe:a6:ca:fb:
bb:3a:1a:0a:91:83:28:aa:7d:77:de:5b:2b:71:e6:
b6:cc:35:42:89:fa:7b:09:da:90:d1:81:e1:c9:e1:
ec:53:de:87:ae:6d:d1:b4:c4:81:4b:85:f4:b1:80:
51:fb:47:f9:ed:2a:bb:6c:98:a3:e8:1b:e7:18:d5:
85:b0:fa:a8:e3:3d:7b:4e:47:0e:fd:89:4c:29:4b:
43:ea:a2:f2:4a:ef:c7:46:79:93:b7:91:96:31:96:
a1:ba:f8:ec:c2:cd:9c:70:20:69:51:f2:67:ad:95:
4b:59:70:90:23:6a:f1:79:6f:49:a7:57:ad:6a:72:
a6:43:ab:57:93:22:57:d8:d3:9b:40:a1:be:32:03:
03:69:f1:59:3d:60:33:86:47:b1:74:d6:2d:1d:c2:
1c:dd:d1:38:6b:ea:d1:d6:ab:e6:27:68:e1:6c:12:
f8:1f:ef:5d:4b:24:1d:2b:49:f8:ef:9c:1a:b3:e2:
ce:87:2b:0a:89:f6:2a:97:5a:d0:9f:87:85:38:93:
02:b0:c2:e3:42:6d:f1:01:d2:8b:e5:b7:f3:6f:e2:
a4:48:c3:25:a5:86:dc:ab:10:8e:1e:4a:59:33:f5:
58:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E5:77:2C:EC:48:1A:FC:1A:8D:BD:F0:38:0A:3C:22:90:1F:7E:86
X509v3 Authority Key Identifier:
keyid:78:0F:86:D0:44:A4:A2:A2:33:31:94:18:AA:8D:A9:AD:83:7C:76:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eA-G0ESkoqIzMZQYqo2prYN8duo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03cc4f-60c2-475e-9e09-524803ee2949/1/OOV3LOxIGvwajb3wOAo8IpAffoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03cc4f-60c2-475e-9e09-524803ee2949/1/eA-G0ESkoqIzMZQYqo2prYN8duo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.124.0/22
IPv6:
2a10:2980::/29
Signature Algorithm: sha256WithRSAEncryption
0e:30:33:2e:eb:02:ae:d2:8a:d4:1a:be:46:4a:90:0e:b5:ff:
14:2b:04:53:c7:43:21:93:76:a1:1d:ce:9b:49:bf:a0:60:8e:
2f:d2:ad:08:0c:b5:c7:64:81:53:13:10:b5:fa:45:0b:2d:50:
a1:6e:b2:26:d6:a3:6e:8f:ac:bd:1b:b9:4f:80:33:f0:d5:cd:
13:4f:25:33:4f:f7:85:1a:61:3c:44:f3:f7:02:a2:fc:6a:c4:
68:5a:4c:20:7d:61:db:45:bf:31:38:44:24:92:cb:ea:d4:31:
c6:70:27:33:a8:5e:2f:a0:52:bd:04:e1:dd:47:33:ea:b6:c8:
1e:c1:9d:22:24:49:8e:f2:54:ca:8f:43:9f:be:8c:62:34:e3:
3f:50:b6:bb:71:7e:c3:01:f1:ae:34:14:54:81:2d:91:d0:95:
b9:09:44:8f:94:02:d5:f8:41:21:7c:91:53:e9:ab:ee:bb:94:
11:b0:3f:aa:bd:98:7b:fe:d3:b1:fb:7b:ed:25:5e:ce:94:34:
7a:55:94:a3:87:b9:d4:6d:05:05:d6:fb:05:2e:fd:2e:a9:cb:
89:62:c7:f9:fe:6a:ac:b8:97:40:d7:d3:75:25:b3:03:30:4a:
1b:8e:8b:0a:16:73:98:f3:33:24:6c:54:02:d8:3e:1c:4b:53:
3a:c7:10:a4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECSctEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ODBmODZkMDQ0YTRhMmEyMzMzMTk0MThhYThkYTlhZDgzN2M3NmVhMB4XDTIyMDEw
MTA1MDUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhlNTc3MmNlYzQ4
MWFmYzFhOGRiZGYwMzgwYTNjMjI5MDFmN2U4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSBfX2WsGWH/ZBvzGOtNiCcP6BR3EBvo5T+psr7uzoaCpGD
KKp9d95bK3Hmtsw1Qon6ewnakNGB4cnh7FPeh65t0bTEgUuF9LGAUftH+e0qu2yY
o+gb5xjVhbD6qOM9e05HDv2JTClLQ+qi8krvx0Z5k7eRljGWobr47MLNnHAgaVHy
Z62VS1lwkCNq8XlvSadXrWpypkOrV5MiV9jTm0ChvjIDA2nxWT1gM4ZHsXTWLR3C
HN3ROGvq0dar5ido4WwS+B/vXUskHStJ+O+cGrPizocrCon2Kpda0J+HhTiTArDC
40Jt8QHSi+W382/ipEjDJaWG3KsQjh5KWTP1WJ8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ45Xcs7Ega/BqNvfA4CjwikB9+hjAfBgNVHSMEGDAWgBR4D4bQRKSiojMx
lBiqjamtg3x26jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VBLUcwRVNrb3FJek1aUVlxbzJwcllOOGR1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvMDNjYzRmLTYwYzItNDc1ZS05ZTA5LTUyNDgwM2VlMjk0OS8x
L09PVjNMT3hJR3Z3YWpiM3dPQW84SXBBZmZvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
MDNjYzRmLTYwYzItNDc1ZS05ZTA5LTUyNDgwM2VlMjk0OS8xL2VBLUcwRVNrb3FJ
ek1aUVlxbzJwcllOOGR1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAo1ifDANBAIAAjAHAwUDKhApgDAN
BgkqhkiG9w0BAQsFAAOCAQEADjAzLusCrtKK1Bq+RkqQDrX/FCsEU8dDIZN2oR3O
m0m/oGCOL9KtCAy1x2SBUxMQtfpFCy1QoW6yJtajbo+svRu5T4Az8NXNE08lM0/3
hRphPETz9wKi/GrEaFpMIH1h20W/MThEJJLL6tQxxnAnM6heL6BSvQTh3Ucz6rbI
HsGdIiRJjvJUyo9Dn76MYjTjP1C2u3F+wwHxrjQUVIEtkdCVuQlEj5QC1fhBIXyR
U+mr7ruUEbA/qr2Ye/7Tsft77SVezpQ0elWUo4e51G0FBdb7BS79LqnLiWLH+f5q
rLiXQNfTdSWzAzBKG46LChZzmPMzJGxUAtg+HEtTOscQpA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:46:05 2025 by rpki-client