Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/OjG_pRXYtUirPQPcRlS7c_dqj_0.roa
File: OjG_pRXYtUirPQPcRlS7c_dqj_0.roa (raw, json)
Hash identifier: xsH8K29opth9HEqYM/e0hNEV5yFmycHdO5EQqMitohQ=
Subject key identifier: 3A:31:BF:A5:15:D8:B5:48:AB:3D:03:DC:46:54:BB:73:F7:6A:8F:FD
Certificate issuer: /CN=cbd757e913aace434e6dd6d6d50a7edf72ce888c
Certificate serial: 0184A0DEA29029E24CA1436EC0183CBA43F0
Authority key identifier: CB:D7:57:E9:13:AA:CE:43:4E:6D:D6:D6:D5:0A:7E:DF:72:CE:88:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dX6ROqzkNObdbW1Qp-33LOiIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/OjG_pRXYtUirPQPcRlS7c_dqj_0.roa
Signing time: Tue 22 Nov 2022 19:44:15 +0000
ROA not before: Tue 22 Nov 2022 19:44:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205099
IP address blocks: 2a0c:900::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a0:de:a2:90:29:e2:4c:a1:43:6e:c0:18:3c:ba:43:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd757e913aace434e6dd6d6d50a7edf72ce888c
Validity
Not Before: Nov 22 19:44:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a31bfa515d8b548ab3d03dc4654bb73f76a8ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5d:81:89:9b:2d:25:8d:f8:72:66:f2:0f:fa:
1d:0f:84:91:df:84:08:0a:87:78:c3:3e:9c:ad:db:
74:19:93:27:21:1d:d1:a7:6c:7f:7c:da:e6:18:87:
9a:d5:11:fb:d4:a1:86:5b:a7:7f:09:32:f8:84:99:
cf:ee:0f:d9:16:e2:da:32:b5:3b:ac:80:17:10:af:
18:45:20:00:7d:af:f6:9e:fb:0f:a1:51:5d:a6:22:
d3:da:85:05:29:a1:46:c4:5a:12:1a:78:4f:8b:fc:
38:89:1c:8c:89:31:5b:e0:c6:32:ea:46:01:a9:9f:
32:a5:8a:9d:b6:f5:c3:eb:2c:71:4c:22:5f:98:df:
8c:d9:34:94:86:4a:6f:63:00:24:95:d1:0a:be:ff:
7d:d6:64:42:5e:7c:b8:99:37:43:18:4b:c2:fc:7a:
92:66:5a:89:07:e8:8b:73:a4:c4:ef:8a:f2:52:b3:
01:ea:58:de:29:eb:a5:00:bb:09:e4:2e:88:1b:a1:
9d:6e:5f:ad:15:8f:ac:23:7b:c4:cc:d8:b1:51:ae:
b0:80:e7:80:d3:38:fd:25:81:ff:f4:04:fc:98:c2:
59:be:a6:f6:80:cf:40:14:a9:a4:74:84:ab:44:4f:
d0:31:45:38:6c:75:a5:24:14:a5:68:a4:79:5c:90:
4e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:31:BF:A5:15:D8:B5:48:AB:3D:03:DC:46:54:BB:73:F7:6A:8F:FD
X509v3 Authority Key Identifier:
keyid:CB:D7:57:E9:13:AA:CE:43:4E:6D:D6:D6:D5:0A:7E:DF:72:CE:88:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dX6ROqzkNObdbW1Qp-33LOiIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/OjG_pRXYtUirPQPcRlS7c_dqj_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/y9dX6ROqzkNObdbW1Qp-33LOiIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:900::/29
Signature Algorithm: sha256WithRSAEncryption
7f:77:e4:8f:ec:04:26:19:80:49:4f:6f:da:0a:ec:1c:f6:af:
64:09:15:bd:f5:78:ee:b1:71:49:60:0a:a5:ee:55:8a:a8:b1:
b5:d8:d4:7e:5e:a5:d7:a3:41:d0:19:5f:ec:f8:62:44:a4:74:
a2:d4:26:43:57:4e:b1:aa:31:61:3b:00:9e:63:e4:8e:51:e0:
4e:b2:5e:fc:23:4a:7a:6b:de:da:c9:72:37:d6:37:c4:74:21:
bb:4d:a4:e0:df:8f:39:6d:31:28:17:ac:58:0a:12:15:26:36:
c5:d9:ed:e6:f1:14:6b:fd:48:8c:5b:46:ca:29:cf:87:28:d5:
d4:b3:01:be:72:a6:eb:99:70:bc:49:5a:c5:46:3b:5b:69:28:
66:11:76:60:cb:00:99:19:c2:7a:f4:e0:b2:42:e6:e4:f1:61:
3a:17:74:87:87:9a:91:91:3e:ef:6b:66:d3:c6:b6:c7:9f:7b:
ea:10:50:2c:0b:d2:97:86:7e:8d:cf:3d:ff:53:2f:5c:d4:13:
45:9e:fd:93:83:df:83:f7:89:74:ef:85:8b:b3:b6:35:a8:0a:
f8:8a:71:33:0e:84:87:d3:c9:1f:d5:44:33:ad:56:06:b6:94:
e4:3f:6b:c7:c8:fb:aa:a4:3c:ba:05:ce:fb:b6:d7:de:bd:d9:
9f:90:0e:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSg3qKQKeJMoUNuwBg8ukPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc1N2U5MTNhYWNlNDM0ZTZkZDZkNmQ1MGE3ZWRmNzJj
ZTg4OGMwHhcNMjIxMTIyMTk0NDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTMxYmZhNTE1ZDhiNTQ4YWIzZDAzZGM0NjU0YmI3M2Y3NmE4ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF2BiZstJY34cmbyD/odD4SR34QI
Cod4wz6crdt0GZMnIR3Rp2x/fNrmGIea1RH71KGGW6d/CTL4hJnP7g/ZFuLaMrU7
rIAXEK8YRSAAfa/2nvsPoVFdpiLT2oUFKaFGxFoSGnhPi/w4iRyMiTFb4MYy6kYB
qZ8ypYqdtvXD6yxxTCJfmN+M2TSUhkpvYwAkldEKvv991mRCXny4mTdDGEvC/HqS
ZlqJB+iLc6TE74ryUrMB6ljeKeulALsJ5C6IG6Gdbl+tFY+sI3vEzNixUa6wgOeA
0zj9JYH/9AT8mMJZvqb2gM9AFKmkdISrRE/QMUU4bHWlJBSlaKR5XJBO7wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDoxv6UV2LVIqz0D3EZUu3P3ao/9MB8GA1UdIwQY
MBaAFMvXV+kTqs5DTm3W1tUKft9yzoiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkWDZST3F6a05PYmRiVzFRcC0zM0xPaUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9iZGMwOWEtMmIyYS00Nzk3LWEyOTYt
OWNmZGYzYzJiMzQ4LzEvT2pHX3BSWFl0VWlyUFFQY1JsUzdjX2Rxal8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9iZGMwOWEtMmIyYS00Nzk3LWEyOTYtOWNmZGYzYzJiMzQ4
LzEveTlkWDZST3F6a05PYmRiVzFRcC0zM0xPaUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgwJADAN
BgkqhkiG9w0BAQsFAAOCAQEAf3fkj+wEJhmASU9v2grsHPavZAkVvfV47rFxSWAK
pe5ViqixtdjUfl6l16NB0Blf7PhiRKR0otQmQ1dOsaoxYTsAnmPkjlHgTrJe/CNK
emve2slyN9Y3xHQhu02k4N+POW0xKBesWAoSFSY2xdnt5vEUa/1IjFtGyinPhyjV
1LMBvnKm65lwvElaxUY7W2koZhF2YMsAmRnCevTgskLm5PFhOhd0h4eakZE+72tm
08a2x5976hBQLAvSl4Z+jc89/1MvXNQTRZ79k4Pfg/eJdO+Fi7O2NagK+IpxMw6E
h9PJH9VEM61WBraU5D9rx8j7qqQ8ugXO+7bX3r3Zn5AOGA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:31 2023 by rpki-client on console.sobornost.net