Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/3f9529-7172-43f8-895d-8eeb089b5caf/1/OrG_y42hS_akXx5HbBT0101kQvA.roa
File: OrG_y42hS_akXx5HbBT0101kQvA.roa (raw, json)
Hash identifier: S3DfuhyOHivXlGiUkaN0/U5NACQNU6NsMYlYHVi+WL8=
Subject key identifier: 3A:B1:BF:CB:8D:A1:4B:F6:A4:5F:1E:47:6C:14:F4:D7:4D:64:42:F0
Certificate issuer: /CN=04feaefea82b6103dc2b8971e9bdda01669a1357
Certificate serial: 338776FC
Authority key identifier: 04:FE:AE:FE:A8:2B:61:03:DC:2B:89:71:E9:BD:DA:01:66:9A:13:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BP6u_qgrYQPcK4lx6b3aAWaaE1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/3f9529-7172-43f8-895d-8eeb089b5caf/1/OrG_y42hS_akXx5HbBT0101kQvA.roa
Signing time: Sat 01 Jan 2022 05:04:25 +0000
ROA not before: Sat 01 Jan 2022 05:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198792
IP address blocks: 5.39.224.0/21 maxlen: 21
2a00:fb40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 864515836 (0x338776fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04feaefea82b6103dc2b8971e9bdda01669a1357
Validity
Not Before: Jan 1 05:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ab1bfcb8da14bf6a45f1e476c14f4d74d6442f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fc:74:df:c8:04:2f:c9:5f:a3:77:61:8f:ac:
37:7f:56:11:02:2c:20:07:98:04:61:ed:79:d5:df:
31:f7:8e:13:c9:4c:37:e8:73:83:c5:14:0a:4d:de:
b0:5a:6a:da:a9:1f:fd:ad:bc:98:64:35:0c:ba:24:
eb:92:2f:1d:1d:78:18:aa:07:64:d9:db:02:71:6b:
98:c9:62:98:25:ab:60:ba:8c:f4:53:da:06:46:35:
82:b2:ad:a3:da:74:a3:6c:52:bf:c0:1a:7f:d2:04:
a6:3f:a4:bc:49:ad:63:e1:51:8b:05:0c:1a:7e:27:
54:24:46:ed:e0:20:1b:b6:2a:38:00:2e:09:d8:81:
0c:ca:36:71:a9:6f:46:30:47:5e:22:f0:e1:a7:2f:
fd:32:5c:51:0d:da:cb:b5:13:eb:32:db:20:e0:98:
00:5e:c9:13:76:ff:0b:00:64:47:43:b9:ec:5a:e0:
39:f5:7c:de:0f:80:5c:47:66:8c:b9:24:85:d7:23:
93:02:b9:7d:b7:11:d6:cd:ad:b3:8d:bf:31:84:24:
6f:d0:d3:e5:28:fb:15:52:0d:5a:cb:14:da:ea:23:
0c:68:ef:5b:dd:38:ec:1a:0e:92:a8:3a:d0:b1:d7:
f3:b4:44:09:ae:9e:4a:8f:59:60:cd:e3:3d:72:70:
0c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B1:BF:CB:8D:A1:4B:F6:A4:5F:1E:47:6C:14:F4:D7:4D:64:42:F0
X509v3 Authority Key Identifier:
keyid:04:FE:AE:FE:A8:2B:61:03:DC:2B:89:71:E9:BD:DA:01:66:9A:13:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BP6u_qgrYQPcK4lx6b3aAWaaE1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3f9529-7172-43f8-895d-8eeb089b5caf/1/OrG_y42hS_akXx5HbBT0101kQvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3f9529-7172-43f8-895d-8eeb089b5caf/1/BP6u_qgrYQPcK4lx6b3aAWaaE1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.224.0/21
IPv6:
2a00:fb40::/32
Signature Algorithm: sha256WithRSAEncryption
6e:56:05:05:24:c4:52:e2:f5:11:cd:32:6a:58:0e:a6:fd:c3:
2a:42:b9:10:46:92:f1:b0:3d:b2:98:58:a5:4f:cf:3d:ea:ea:
4a:a2:e1:44:3f:71:ba:0b:25:a9:b9:01:53:ec:1e:7f:e1:9b:
4f:de:98:d4:63:4e:ec:e0:af:ad:5b:49:48:53:08:8b:74:f0:
8b:d9:07:55:cf:2e:52:10:25:9a:d7:95:5b:18:2e:6b:7c:73:
78:44:02:89:c7:a6:35:18:22:02:bb:91:32:c9:95:4b:ef:f2:
ab:80:66:c1:6b:d9:a6:e8:aa:ce:5b:19:6d:78:a0:07:eb:41:
b4:96:3c:dd:59:2f:79:52:ce:24:51:aa:90:dd:b5:9f:15:ee:
85:15:5b:bc:7c:0e:4f:1f:b0:d8:5e:18:17:2b:69:06:74:88:
80:3b:b6:a2:d1:5d:8e:21:4c:81:3e:3d:a2:d0:9f:d7:33:fe:
de:2a:50:b2:df:ed:5f:79:75:63:19:c3:bd:0d:ae:ba:8c:d3:
20:1d:09:ff:cc:48:41:74:a3:89:31:86:fa:81:df:2e:75:06:
6c:a8:6e:02:6d:ca:bc:99:e7:c5:44:24:71:bb:ed:c4:df:14:
6d:b1:d6:de:f2:53:b2:ac:b4:8e:26:25:0b:3c:16:e4:e7:72:
68:56:a7:86
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEM4d2/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGZlYWVmZWE4MmI2MTAzZGMyYjg5NzFlOWJkZGEwMTY2OWExMzU3MB4XDTIyMDEw
MTA1MDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FiMWJmY2I4ZGEx
NGJmNmE0NWYxZTQ3NmMxNGY0ZDc0ZDY0NDJmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKP8dN/IBC/JX6N3YY+sN39WEQIsIAeYBGHtedXfMfeOE8lM
N+hzg8UUCk3esFpq2qkf/a28mGQ1DLok65IvHR14GKoHZNnbAnFrmMlimCWrYLqM
9FPaBkY1grKto9p0o2xSv8Aaf9IEpj+kvEmtY+FRiwUMGn4nVCRG7eAgG7YqOAAu
CdiBDMo2calvRjBHXiLw4acv/TJcUQ3ay7UT6zLbIOCYAF7JE3b/CwBkR0O57Frg
OfV83g+AXEdmjLkkhdcjkwK5fbcR1s2ts42/MYQkb9DT5Sj7FVINWssU2uojDGjv
W9047BoOkqg60LHX87RECa6eSo9ZYM3jPXJwDAsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ6sb/LjaFL9qRfHkdsFPTXTWRC8DAfBgNVHSMEGDAWgBQE/q7+qCthA9wr
iXHpvdoBZpoTVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JQNnVfcWdyWVFQY0s0bHg2YjNhQVdhYUUxYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvM2Y5NTI5LTcxNzItNDNmOC04OTVkLThlZWIwODliNWNhZi8x
L09yR195NDJoU19ha1h4NUhiQlQwMTAxa1F2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
M2Y5NTI5LTcxNzItNDNmOC04OTVkLThlZWIwODliNWNhZi8xL0JQNnVfcWdyWVFQ
Y0s0bHg2YjNhQVdhYUUxYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAwUn4DANBAIAAjAHAwUAKgD7QDAN
BgkqhkiG9w0BAQsFAAOCAQEAblYFBSTEUuL1Ec0yalgOpv3DKkK5EEaS8bA9sphY
pU/PPerqSqLhRD9xugslqbkBU+wef+GbT96Y1GNO7OCvrVtJSFMIi3Twi9kHVc8u
UhAlmteVWxgua3xzeEQCicemNRgiAruRMsmVS+/yq4BmwWvZpuiqzlsZbXigB+tB
tJY83VkveVLOJFGqkN21nxXuhRVbvHwOTx+w2F4YFytpBnSIgDu2otFdjiFMgT49
otCf1zP+3ipQst/tX3l1YxnDvQ2uuozTIB0J/8xIQXSjiTGG+oHfLnUGbKhuAm3K
vJnnxUQkcbvtxN8UbbHW3vJTsqy0jiYlCzwW5OdyaFanhg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:37 2023 by rpki-client on console-ams.rpki-client.org