Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/okG2oTmeL778hr59GC-Yq9it6cQ.roa
File: okG2oTmeL778hr59GC-Yq9it6cQ.roa (raw, json)
Hash identifier: fOcThYYUXZ3swxfvxH5ZT2VamfqXSm7YCToengBMA5I=
Subject key identifier: A2:41:B6:A1:39:9E:2F:BE:FC:86:BE:7D:18:2F:98:AB:D8:AD:E9:C4
Certificate issuer: /CN=c9b232958097b5863eafd047bb315171eaa01fb7
Certificate serial: 390BAD25
Authority key identifier: C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/okG2oTmeL778hr59GC-Yq9it6cQ.roa
Signing time: Fri 29 Apr 2022 05:19:03 +0000
ROA not before: Fri 29 Apr 2022 05:19:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12672
IP address blocks: 2a00:ff0:8888::/48 maxlen: 48
2a00:ff0:9999::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 957066533 (0x390bad25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9b232958097b5863eafd047bb315171eaa01fb7
Validity
Not Before: Apr 29 05:19:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a241b6a1399e2fbefc86be7d182f98abd8ade9c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:99:f0:66:35:32:3e:d3:44:05:a7:3c:d6:5f:
0d:0a:de:fe:2a:8d:95:fc:30:01:6d:1a:5f:d8:95:
11:ca:f8:fe:8b:e5:8f:5c:e0:de:44:63:03:ce:62:
a5:ba:69:52:d9:0c:41:a4:e0:f7:38:7b:7b:24:0d:
9c:ec:a8:b3:ab:c5:0f:cb:cc:29:20:84:9f:e3:40:
17:9a:58:4c:55:b2:98:01:24:39:9c:57:ec:ac:58:
2b:11:da:5e:4f:83:2a:d2:ae:51:ec:12:d7:35:ae:
d4:68:a9:b1:a1:c0:1f:e5:37:24:dd:77:a0:71:e2:
f4:cf:91:f5:ee:0a:31:d4:1d:44:8a:e8:a4:7c:2e:
d0:c8:88:80:4b:58:57:d2:5a:33:65:87:e7:9f:fb:
fa:74:a4:7b:af:15:8a:e5:f7:74:70:ee:3c:b9:a4:
b3:94:28:dd:d0:ad:0b:58:bc:00:fc:60:fd:f2:50:
02:a8:49:33:62:91:17:9a:e3:4f:df:c5:36:63:4c:
ea:5a:93:b3:91:5f:fa:23:bd:89:38:69:1f:6e:dc:
0f:d4:c0:25:32:58:ac:43:0c:f8:36:5e:6e:01:8f:
a5:3c:18:65:f2:76:f3:8f:3a:90:e3:61:4f:df:f6:
e5:45:f8:9b:fb:14:a8:8a:63:01:83:1b:8d:e7:c7:
2a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:41:B6:A1:39:9E:2F:BE:FC:86:BE:7D:18:2F:98:AB:D8:AD:E9:C4
X509v3 Authority Key Identifier:
keyid:C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/okG2oTmeL778hr59GC-Yq9it6cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ff0:8888::/48
2a00:ff0:9999::/48
Signature Algorithm: sha256WithRSAEncryption
04:fe:4e:a6:d2:c4:4a:41:d9:90:14:df:2b:b2:c9:1c:75:7c:
24:a2:9b:07:3c:cd:0b:0a:73:02:7c:9f:9d:25:67:ab:9a:4b:
b7:2a:f4:42:05:dc:a4:82:f9:c1:c6:5c:d8:bc:97:76:f5:db:
8f:fb:cc:9f:50:2b:f1:9a:89:82:92:10:01:a6:67:d5:0c:9b:
2b:d6:d6:d5:57:be:e6:f4:f5:7f:68:01:68:91:cb:c9:a6:5c:
c0:6c:96:cf:57:36:e8:8d:96:53:1c:3c:a1:c6:58:88:4c:6b:
db:58:45:b6:88:85:90:fd:db:00:0f:30:31:c1:88:86:1d:89:
af:4b:29:f8:f4:b9:95:8a:4e:d0:fb:f0:d9:6c:f5:b0:c2:9c:
c6:12:3b:cc:62:2f:47:ac:c2:de:67:9f:ff:d7:41:39:df:d0:
46:4c:a7:21:7a:a0:22:08:4d:20:44:0b:9a:6a:33:fc:d8:c7:
1f:74:e7:d5:22:6e:5d:57:62:a5:4c:ab:ce:57:14:62:f5:24:
75:59:ba:5d:ec:6e:56:eb:04:4a:e0:f2:09:ea:92:09:62:3f:
79:84:25:1c:63:52:61:f1:8a:e4:0c:83:cc:f4:e6:b5:67:25:
0f:7c:54:da:20:db:a2:ed:7a:01:26:f7:14:ea:83:b0:6d:b9:
27:55:17:31
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEOQutJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWIyMzI5NTgwOTdiNTg2M2VhZmQwNDdiYjMxNTE3MWVhYTAxZmI3MB4XDTIyMDQy
OTA1MTkwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI0MWI2YTEzOTll
MmZiZWZjODZiZTdkMTgyZjk4YWJkOGFkZTljNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ2Z8GY1Mj7TRAWnPNZfDQre/iqNlfwwAW0aX9iVEcr4/ovl
j1zg3kRjA85ipbppUtkMQaTg9zh7eyQNnOyos6vFD8vMKSCEn+NAF5pYTFWymAEk
OZxX7KxYKxHaXk+DKtKuUewS1zWu1GipsaHAH+U3JN13oHHi9M+R9e4KMdQdRIro
pHwu0MiIgEtYV9JaM2WH55/7+nSke68ViuX3dHDuPLmks5Qo3dCtC1i8APxg/fJQ
AqhJM2KRF5rjT9/FNmNM6lqTs5Ff+iO9iThpH27cD9TAJTJYrEMM+DZebgGPpTwY
ZfJ28486kONhT9/25UX4m/sUqIpjAYMbjefHKlkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSiQbahOZ4vvvyGvn0YL5ir2K3pxDAfBgNVHSMEGDAWgBTJsjKVgJe1hj6v
0Ee7MVFx6qAftzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3liSXlsWUNYdFlZLXI5Qkh1ekZSY2VxZ0g3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvZjM1NDMyLWNmOTktNGYxOS1hNzZlLTA3YjdmZWYwODU4Zi8x
L29rRzJvVG1lTDc3OGhyNTlHQy1ZcTlpdDZjUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
ZjM1NDMyLWNmOTktNGYxOS1hNzZlLTA3YjdmZWYwODU4Zi8xL3liSXlsWUNYdFlZ
LXI5Qkh1ekZSY2VxZ0g3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoAD/CIiAMHACoAD/CZmTANBgkq
hkiG9w0BAQsFAAOCAQEABP5OptLESkHZkBTfK7LJHHV8JKKbBzzNCwpzAnyfnSVn
q5pLtyr0QgXcpIL5wcZc2LyXdvXbj/vMn1Ar8ZqJgpIQAaZn1QybK9bW1Ve+5vT1
f2gBaJHLyaZcwGyWz1c26I2WUxw8ocZYiExr21hFtoiFkP3bAA8wMcGIhh2Jr0sp
+PS5lYpO0Pvw2Wz1sMKcxhI7zGIvR6zC3mef/9dBOd/QRkynIXqgIghNIEQLmmoz
/NjHH3Tn1SJuXVdipUyrzlcUYvUkdVm6XexuVusESuDyCeqSCWI/eYQlHGNSYfGK
5AyDzPTmtWclD3xU2iDbou16ASb3FOqDsG25J1UXMQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:05 2023 by rpki-client on console-fra.rpki-client.org