Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/7b0b9b-1bb9-4cf7-a3f4-7ef17d911e0c/1/OtXbB_-l1G9I-56FfqaQ_MbHSvM.roa
File: OtXbB_-l1G9I-56FfqaQ_MbHSvM.roa (raw, json)
Hash identifier: pp+QySCHn92ID7mJyxworZqSt6li0lmmUAMi2z0ceOk=
Subject key identifier: 3A:D5:DB:07:FF:A5:D4:6F:48:FB:9E:85:7E:A6:90:FC:C6:C7:4A:F3
Certificate issuer: /CN=e25cdd5073aa543df4489280f67dae53fac26179
Certificate serial: 017A34
Authority key identifier: E2:5C:DD:50:73:AA:54:3D:F4:48:92:80:F6:7D:AE:53:FA:C2:61:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4lzdUHOqVD30SJKA9n2uU_rCYXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/7b0b9b-1bb9-4cf7-a3f4-7ef17d911e0c/1/OtXbB_-l1G9I-56FfqaQ_MbHSvM.roa
Signing time: Tue 29 Mar 2022 08:26:33 +0000
ROA not before: Tue 29 Mar 2022 08:26:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59829
IP address blocks: 2a12:b340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96820 (0x17a34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e25cdd5073aa543df4489280f67dae53fac26179
Validity
Not Before: Mar 29 08:26:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ad5db07ffa5d46f48fb9e857ea690fcc6c74af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:cd:cc:c2:64:e1:7c:bd:42:ef:a2:ff:e7:4b:
06:af:a2:c2:b8:b6:e4:3f:aa:ec:a8:b5:b8:36:66:
e2:7f:16:35:90:15:2e:28:cd:a2:24:e6:db:c4:a4:
9b:07:fd:d9:5f:dd:43:d7:b2:f4:80:52:66:b6:ba:
8a:2f:56:d7:18:f4:43:6c:bf:04:8a:f7:18:2f:f7:
82:d5:84:8e:68:4f:c0:77:26:b4:ce:f8:d2:e4:7d:
11:91:53:1a:ce:b7:79:3a:fb:c7:8b:32:d7:f8:af:
96:88:49:36:e7:37:fa:76:3a:2b:ab:19:34:b5:fc:
17:ea:ab:7b:5d:30:3f:05:b2:a7:f9:96:b4:a7:d3:
02:bc:79:8b:48:0c:47:30:3f:e1:24:02:ab:36:c9:
af:bf:5f:2e:61:fd:7e:45:97:a8:d6:e4:b8:96:d7:
a5:97:8f:9a:4c:c1:aa:db:6d:09:08:11:7a:36:60:
f9:04:f6:0f:19:c8:11:5b:c4:7e:9e:9e:e8:7c:a4:
fa:5a:21:4f:f8:78:c3:7c:66:48:09:d5:7a:09:b0:
31:f5:aa:59:0f:cb:f0:f9:7b:60:65:21:c0:61:6d:
64:74:ff:2c:76:59:0f:43:ba:e6:3d:7a:28:32:5f:
c2:49:7d:d1:f6:a9:ad:2e:01:c4:45:2a:ee:82:b4:
22:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D5:DB:07:FF:A5:D4:6F:48:FB:9E:85:7E:A6:90:FC:C6:C7:4A:F3
X509v3 Authority Key Identifier:
keyid:E2:5C:DD:50:73:AA:54:3D:F4:48:92:80:F6:7D:AE:53:FA:C2:61:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4lzdUHOqVD30SJKA9n2uU_rCYXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7b0b9b-1bb9-4cf7-a3f4-7ef17d911e0c/1/OtXbB_-l1G9I-56FfqaQ_MbHSvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7b0b9b-1bb9-4cf7-a3f4-7ef17d911e0c/1/4lzdUHOqVD30SJKA9n2uU_rCYXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:b340::/29
Signature Algorithm: sha256WithRSAEncryption
67:43:82:ea:5d:52:3b:12:07:8b:14:54:c9:5b:f0:c2:21:3b:
b7:3b:01:ed:22:1a:88:1e:a7:64:8e:02:93:3a:1a:bf:45:1e:
57:af:de:40:38:f8:45:47:b8:87:3b:54:aa:9e:92:dd:01:a4:
f4:7b:c8:4f:49:2b:5b:01:9a:0d:0b:d3:2f:d0:50:f4:1a:78:
a7:21:a3:88:83:d0:5b:ea:49:32:4c:df:1f:5e:3b:84:28:2b:
2b:1e:47:21:e3:b0:c5:6b:cf:20:8b:20:79:0a:66:69:8d:54:
71:8f:2b:b3:ae:fc:bf:73:ee:7c:0b:85:72:1f:6a:e0:8e:c6:
63:06:ba:3b:d7:27:fd:bf:ad:67:73:c8:6f:ea:90:79:4a:fa:
5c:07:d8:84:76:83:72:0a:ca:a4:4a:9d:56:24:34:fc:57:d4:
b1:9d:96:48:01:5c:99:3a:c1:a8:ae:99:78:25:73:05:6b:9e:
3a:f1:22:41:5d:73:a1:e8:c6:f0:cf:28:83:c2:73:a2:db:51:
78:ee:79:c6:73:73:e5:a4:8b:b8:94:d8:65:bf:8c:ce:24:b3:
8c:1c:63:9e:d3:f3:d4:5d:e4:dd:5d:75:5a:a1:76:5d:98:5d:
2e:56:1c:df:58:e3:35:2d:d8:35:fd:38:9c:66:39:f6:98:1a:
c6:d8:ca:cb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAXo0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUy
NWNkZDUwNzNhYTU0M2RmNDQ4OTI4MGY2N2RhZTUzZmFjMjYxNzkwHhcNMjIwMzI5
MDgyNjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYWQ1ZGIwN2ZmYTVk
NDZmNDhmYjllODU3ZWE2OTBmY2M2Yzc0YWYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2M3MwmThfL1C76L/50sGr6LCuLbkP6rsqLW4NmbifxY1kBUu
KM2iJObbxKSbB/3ZX91D17L0gFJmtrqKL1bXGPRDbL8EivcYL/eC1YSOaE/Adya0
zvjS5H0RkVMazrd5OvvHizLX+K+WiEk25zf6djorqxk0tfwX6qt7XTA/BbKn+Za0
p9MCvHmLSAxHMD/hJAKrNsmvv18uYf1+RZeo1uS4ltell4+aTMGq220JCBF6NmD5
BPYPGcgRW8R+np7ofKT6WiFP+HjDfGZICdV6CbAx9apZD8vw+XtgZSHAYW1kdP8s
dlkPQ7rmPXooMl/CSX3R9qmtLgHERSrugrQiQQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFDrV2wf/pdRvSPuehX6mkPzGx0rzMB8GA1UdIwQYMBaAFOJc3VBzqlQ99EiS
gPZ9rlP6wmF5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NGx6ZFVIT3FWRDMwU0pLQTluMnVVX3JDWVhrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mNS83YjBiOWItMWJiOS00Y2Y3LWEzZjQtN2VmMTdkOTExZTBjLzEv
T3RYYkJfLWwxRzlJLTU2RmZxYVFfTWJIU3ZNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83
YjBiOWItMWJiOS00Y2Y3LWEzZjQtN2VmMTdkOTExZTBjLzEvNGx6ZFVIT3FWRDMw
U0pLQTluMnVVX3JDWVhrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKzQDANBgkqhkiG9w0BAQsFAAOC
AQEAZ0OC6l1SOxIHixRUyVvwwiE7tzsB7SIaiB6nZI4Ckzoav0UeV6/eQDj4RUe4
hztUqp6S3QGk9HvIT0krWwGaDQvTL9BQ9Bp4pyGjiIPQW+pJMkzfH147hCgrKx5H
IeOwxWvPIIsgeQpmaY1UcY8rs678v3PufAuFch9q4I7GYwa6O9cn/b+tZ3PIb+qQ
eUr6XAfYhHaDcgrKpEqdViQ0/FfUsZ2WSAFcmTrBqK6ZeCVzBWueOvEiQV1zoejG
8M8og8JzottReO55xnNz5aSLuJTYZb+MziSzjBxjntPz1F3k3V11WqF2XZhdLlYc
31jjNS3YNf04nGY59pgaxtjKyw==
-----END CERTIFICATE-----