Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/oqBpHxjKtsSpJNV-swa6fgak0TE.roa
File: oqBpHxjKtsSpJNV-swa6fgak0TE.roa (raw, json)
Hash identifier: yph0+uyOM8Ig/xUIvKOE4djSNsn7KzdMPt8xR2T5cZc=
Subject key identifier: A2:A0:69:1F:18:CA:B6:C4:A9:24:D5:7E:B3:06:BA:7E:06:A4:D1:31
Certificate issuer: /CN=29db7ca4eee1e453d26fab99c8201adf894612be
Certificate serial: 038509B2
Authority key identifier: 29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/oqBpHxjKtsSpJNV-swa6fgak0TE.roa
Signing time: Sat 01 Jan 2022 02:00:44 +0000
ROA not before: Sat 01 Jan 2022 02:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 37.123.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59050418 (0x38509b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29db7ca4eee1e453d26fab99c8201adf894612be
Validity
Not Before: Jan 1 02:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2a0691f18cab6c4a924d57eb306ba7e06a4d131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b8:57:ce:ab:c2:65:54:5a:7d:7f:a4:35:16:
04:c5:9d:01:fa:1e:af:b3:c6:ab:78:71:10:24:bb:
5e:02:73:71:b9:3d:4d:7b:5d:05:29:16:7f:32:b7:
d9:aa:df:90:2e:32:58:74:e8:40:47:d1:5e:91:c5:
d5:89:4b:ee:f6:be:79:88:74:ef:45:1d:1f:3a:3f:
6d:59:75:2d:56:1e:cb:75:f8:4d:a5:a5:61:c7:39:
74:f7:4d:9d:f1:a7:fe:b0:4b:45:83:c0:50:2f:b1:
c9:ce:a9:67:75:8e:63:3b:11:2d:46:d6:c8:b6:62:
db:fb:57:52:f9:d3:12:f9:f5:1d:32:f9:af:4e:2c:
f4:b2:fb:1d:f6:89:98:01:30:e0:8f:ec:b6:bb:36:
6b:46:07:57:87:04:f2:87:c1:83:1d:4e:5f:d3:1b:
eb:f7:ee:35:45:29:2c:f5:d1:c6:d5:48:d0:87:2d:
3d:12:de:1a:73:13:72:48:53:21:ae:ce:b3:eb:89:
a6:14:19:74:d5:88:82:7f:40:59:7e:6c:bb:4b:57:
ca:d2:d7:23:60:34:80:ea:53:9a:00:75:42:63:8a:
be:a4:9a:cf:e9:a9:7e:ce:15:f9:73:5c:5f:8f:7b:
6d:38:05:52:85:f3:d0:79:b3:07:03:4f:1d:c9:00:
47:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A0:69:1F:18:CA:B6:C4:A9:24:D5:7E:B3:06:BA:7E:06:A4:D1:31
X509v3 Authority Key Identifier:
keyid:29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/oqBpHxjKtsSpJNV-swa6fgak0TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/Kdt8pO7h5FPSb6uZyCAa34lGEr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.254.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:12:6c:2f:ed:cf:73:25:7e:8a:e5:e0:cd:a4:8e:b7:69:51:
cc:2b:c8:74:ed:c2:26:4f:4b:7c:f7:a5:85:d2:3f:ae:94:5c:
b7:c6:e2:91:de:1b:3d:4b:34:18:ab:16:89:a9:e2:f1:33:04:
ed:69:f3:b5:fb:ba:79:74:c5:59:47:17:04:6a:d7:62:a1:05:
98:f4:20:db:c5:3f:2a:8c:95:e5:e2:01:07:5d:1b:33:27:34:
8f:63:31:4e:a1:19:51:3f:f7:f3:0a:c8:50:ac:e8:ba:af:92:
07:fa:b9:6a:f6:a3:4f:35:29:21:5d:50:49:13:73:77:33:41:
60:ea:db:ac:fc:5f:68:6f:53:51:04:43:49:eb:91:24:4b:2c:
fb:97:d4:17:34:29:74:a9:0b:6a:dd:75:2f:fa:bd:89:6a:24:
10:52:1c:e8:9a:f5:f2:f3:58:b2:58:4c:ba:b2:da:b8:ef:86:
99:2c:c1:29:a2:a2:d8:94:f7:a2:13:25:76:5a:1e:6e:f5:d5:
16:c6:a6:c8:df:67:12:e8:f5:07:89:60:0e:37:a2:93:12:91:
c9:02:58:45:78:d0:e7:5d:49:08:8e:87:a2:57:c1:a3:b7:59:
91:ac:ae:0d:bc:a6:a3:c7:b3:ef:87:01:bb:71:5b:7d:7a:3a:
e6:ad:22:d2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA4UJsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWRiN2NhNGVlZTFlNDUzZDI2ZmFiOTljODIwMWFkZjg5NDYxMmJlMB4XDTIyMDEw
MTAyMDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJhMDY5MWYxOGNh
YjZjNGE5MjRkNTdlYjMwNmJhN2UwNmE0ZDEzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJK4V86rwmVUWn1/pDUWBMWdAfoer7PGq3hxECS7XgJzcbk9
TXtdBSkWfzK32arfkC4yWHToQEfRXpHF1YlL7va+eYh070UdHzo/bVl1LVYey3X4
TaWlYcc5dPdNnfGn/rBLRYPAUC+xyc6pZ3WOYzsRLUbWyLZi2/tXUvnTEvn1HTL5
r04s9LL7HfaJmAEw4I/strs2a0YHV4cE8ofBgx1OX9Mb6/fuNUUpLPXRxtVI0Ict
PRLeGnMTckhTIa7Os+uJphQZdNWIgn9AWX5su0tXytLXI2A0gOpTmgB1QmOKvqSa
z+mpfs4V+XNcX497bTgFUoXz0HmzBwNPHckAR20CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSioGkfGMq2xKkk1X6zBrp+BqTRMTAfBgNVHSMEGDAWgBQp23yk7uHkU9Jv
q5nIIBrfiUYSvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkdDhwTzdoNUZQU2I2dVp5Q0FhMzRsR0VyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvN2YyOTBiLTgxYzctNDJiNy05NDdmLWQzM2ZhMTYwNWFlMS8x
L29xQnBIeGpLdHNTcEpOVi1zd2E2ZmdhazBURS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
N2YyOTBiLTgxYzctNDJiNy05NDdmLWQzM2ZhMTYwNWFlMS8xL0tkdDhwTzdoNUZQ
U2I2dVp5Q0FhMzRsR0VyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACV7/jANBgkqhkiG9w0BAQsFAAOC
AQEASxJsL+3PcyV+iuXgzaSOt2lRzCvIdO3CJk9LfPelhdI/rpRct8bikd4bPUs0
GKsWiani8TME7Wnztfu6eXTFWUcXBGrXYqEFmPQg28U/KoyV5eIBB10bMyc0j2Mx
TqEZUT/38wrIUKzouq+SB/q5avajTzUpIV1QSRNzdzNBYOrbrPxfaG9TUQRDSeuR
JEss+5fUFzQpdKkLat11L/q9iWokEFIc6Jr18vNYslhMurLauO+GmSzBKaKi2JT3
ohMldloebvXVFsamyN9nEuj1B4lgDjeikxKRyQJYRXjQ511JCI6HolfBo7dZkayu
Dbymo8ez74cBu3FbfXo65q0i0g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:58 2023 by rpki-client on console-fra.rpki-client.org