Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/O8vLvOzqYUooYZW0FJzc0aBT1y4.roa
File: O8vLvOzqYUooYZW0FJzc0aBT1y4.roa (raw, json)
Hash identifier: XHC5vG+24WhH80y1b/9M6MssH/aEZ0mmPa9gM8ydz5s=
Subject key identifier: 3B:CB:CB:BC:EC:EA:61:4A:28:61:95:B4:14:9C:DC:D1:A0:53:D7:2E
Certificate issuer: /CN=64685a6d73ff5a27e1bc1f9617dfb5508bad293b
Certificate serial: 1313D0
Authority key identifier: 64:68:5A:6D:73:FF:5A:27:E1:BC:1F:96:17:DF:B5:50:8B:AD:29:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGhabXP_WifhvB-WF9-1UIutKTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/O8vLvOzqYUooYZW0FJzc0aBT1y4.roa
Signing time: Sat 21 May 2022 08:11:29 +0000
ROA not before: Sat 21 May 2022 08:11:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205000
IP address blocks: 2a0f:dc80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1250256 (0x1313d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64685a6d73ff5a27e1bc1f9617dfb5508bad293b
Validity
Not Before: May 21 08:11:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bcbcbbcecea614a286195b4149cdcd1a053d72e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6a:ed:dc:37:5d:2c:f1:6f:be:77:e9:88:d6:
e7:f7:98:ad:fa:25:47:1c:25:1d:8d:78:e2:04:9f:
5a:ec:a6:05:6a:c7:f6:50:fa:37:0a:af:86:4c:0f:
c7:d4:ba:f0:a2:4b:51:6b:9f:d5:11:57:b7:3b:fd:
b5:9a:7f:61:94:06:64:a1:28:32:ae:9b:8d:df:ac:
e8:db:39:17:89:ee:68:26:a7:7e:84:f1:85:4b:53:
e7:02:35:1c:21:b0:7e:30:97:54:ad:4d:8a:ca:cd:
6e:1b:b8:14:f7:cd:4a:b6:e6:93:d4:f3:05:b1:1c:
3e:67:f5:11:eb:d5:6a:98:95:38:bc:24:ba:87:cd:
08:bb:32:30:ea:67:ed:fc:44:ed:95:ab:2d:a6:57:
e4:99:fe:8f:c7:e5:73:f9:2c:2a:3d:55:22:f2:59:
85:ad:0c:57:fb:d9:d7:9f:c1:01:b3:ec:29:d1:af:
d4:b6:1b:2b:c8:18:ca:46:7f:45:1e:bb:38:38:b9:
5d:29:76:ee:5d:84:40:73:9b:c1:4b:df:3a:f0:a6:
a4:02:a5:68:5e:47:0b:dd:71:a9:3b:a9:d6:cf:97:
44:0a:4e:11:90:be:74:24:6e:b9:b1:1b:f0:e3:4c:
ad:f6:89:2a:b8:74:39:a4:f8:53:8e:31:50:de:dd:
eb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CB:CB:BC:EC:EA:61:4A:28:61:95:B4:14:9C:DC:D1:A0:53:D7:2E
X509v3 Authority Key Identifier:
keyid:64:68:5A:6D:73:FF:5A:27:E1:BC:1F:96:17:DF:B5:50:8B:AD:29:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGhabXP_WifhvB-WF9-1UIutKTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/O8vLvOzqYUooYZW0FJzc0aBT1y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/ZGhabXP_WifhvB-WF9-1UIutKTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:dc80::/29
Signature Algorithm: sha256WithRSAEncryption
5d:03:09:cf:6c:fc:ce:13:b7:d3:12:a6:16:92:ee:97:d6:55:
89:97:be:ca:02:56:dc:65:52:22:91:68:5f:36:4e:29:f2:93:
e8:1a:16:3a:e5:b0:eb:b0:af:f4:9d:df:c7:9d:55:98:c6:13:
a6:ac:43:65:22:7a:38:39:05:dc:93:c2:4a:85:91:f0:ac:b1:
82:f7:78:59:04:cc:f5:97:8c:2f:53:69:e9:34:aa:8d:0c:f3:
19:ff:ee:80:ba:d7:40:65:aa:2c:61:95:40:39:9c:a7:8a:c3:
82:88:8f:2e:a9:9d:c7:4b:25:e1:f7:95:a5:83:00:43:f3:c5:
b8:e1:90:41:07:28:62:0b:9d:bb:2d:f8:df:1a:f6:0e:a2:c5:
0e:3e:66:89:61:21:de:57:09:86:2f:60:f6:89:73:0f:02:0a:
f1:d6:0a:6e:14:d8:85:7e:53:87:a5:eb:ed:b7:9a:c1:0f:11:
62:63:81:cb:36:9b:2a:29:1a:b2:10:d1:26:c2:3f:0d:68:86:
0d:fd:2d:e9:0e:f7:40:77:63:14:e3:9a:d5:b5:aa:77:b9:d2:
78:dd:22:b6:5e:ba:18:1c:29:51:6d:63:be:34:99:bd:02:8c:
d7:02:4c:a8:31:a7:c2:ff:94:01:88:0c:b8:e5:e0:92:fa:04:
92:6b:01:4d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDExPQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY0
Njg1YTZkNzNmZjVhMjdlMWJjMWY5NjE3ZGZiNTUwOGJhZDI5M2IwHhcNMjIwNTIx
MDgxMTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYmNiY2JiY2VjZWE2
MTRhMjg2MTk1YjQxNDljZGNkMWEwNTNkNzJlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtmrt3DddLPFvvnfpiNbn95it+iVHHCUdjXjiBJ9a7KYFasf2
UPo3Cq+GTA/H1LrwoktRa5/VEVe3O/21mn9hlAZkoSgyrpuN36zo2zkXie5oJqd+
hPGFS1PnAjUcIbB+MJdUrU2Kys1uG7gU981KtuaT1PMFsRw+Z/UR69VqmJU4vCS6
h80IuzIw6mft/ETtlastplfkmf6Px+Vz+SwqPVUi8lmFrQxX+9nXn8EBs+wp0a/U
thsryBjKRn9FHrs4OLldKXbuXYRAc5vBS9868KakAqVoXkcL3XGpO6nWz5dECk4R
kL50JG65sRvw40yt9okquHQ5pPhTjjFQ3t3r+QIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFDvLy7zs6mFKKGGVtBSc3NGgU9cuMB8GA1UdIwQYMBaAFGRoWm1z/1on4bwf
lhfftVCLrSk7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WkdoYWJYUF9XaWZodkItV0Y5LTFVSXV0S1RzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kMS8wYjNmMWMtYmJlZi00ZDM1LTgxNDYtYzQ4YjI1Zjc4NDZmLzEv
Tzh2THZPenFZVW9vWVpXMEZKemMwYUJUMXk0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8w
YjNmMWMtYmJlZi00ZDM1LTgxNDYtYzQ4YjI1Zjc4NDZmLzEvWkdoYWJYUF9XaWZo
dkItV0Y5LTFVSXV0S1RzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/cgDANBgkqhkiG9w0BAQsFAAOC
AQEAXQMJz2z8zhO30xKmFpLul9ZViZe+ygJW3GVSIpFoXzZOKfKT6BoWOuWw67Cv
9J3fx51VmMYTpqxDZSJ6ODkF3JPCSoWR8Kyxgvd4WQTM9ZeML1Np6TSqjQzzGf/u
gLrXQGWqLGGVQDmcp4rDgoiPLqmdx0sl4feVpYMAQ/PFuOGQQQcoYguduy343xr2
DqLFDj5miWEh3lcJhi9g9olzDwIK8dYKbhTYhX5Th6Xr7beawQ8RYmOByzabKika
shDRJsI/DWiGDf0t6Q73QHdjFOOa1bWqd7nSeN0itl66GBwpUW1jvjSZvQKM1wJM
qDGnwv+UAYgMuOXgkvoEkmsBTQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:12 2023 by rpki-client on console-ams.rpki-client.org