Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OjO9MRvsC1zGwZSHySSZF2v-czQ.roa
File: OjO9MRvsC1zGwZSHySSZF2v-czQ.roa (raw, json)
Hash identifier: MVmHmVxZzmBjNLmk741jjhZlcRfeZR/9F3SG7sgxVkE=
Subject key identifier: 3A:33:BD:31:1B:EC:0B:5C:C6:C1:94:87:C9:24:99:17:6B:FE:73:34
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187B6C73A2B433F73A87DC225C66666E679
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OjO9MRvsC1zGwZSHySSZF2v-czQ.roa
Signing time: Tue 25 Apr 2023 04:58:42 +0000
ROA not before: Tue 25 Apr 2023 04:58:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207401
IP address blocks: 2a0e:b107:4ee::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b6:c7:3a:2b:43:3f:73:a8:7d:c2:25:c6:66:66:e6:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 25 04:58:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a33bd311bec0b5cc6c19487c92499176bfe7334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:31:a3:e7:98:f0:4a:91:19:3b:a1:e1:f2:20:
6d:17:6d:81:1c:6e:ea:5a:d2:c2:cb:06:5d:e2:07:
5b:0c:6e:38:30:5c:17:7b:e1:04:ca:2e:f6:48:77:
e1:81:ad:86:02:77:25:2e:10:6d:48:e7:e6:49:be:
51:4e:76:34:9e:3e:90:ef:82:b3:08:0a:0c:98:76:
7c:ce:4d:03:7b:8b:09:c4:2f:41:2a:06:b4:49:7b:
44:01:ba:2b:00:36:a3:d3:26:d1:2a:9f:70:82:50:
f5:e6:7a:56:c7:ec:dd:02:b2:68:87:d3:bc:c6:f1:
bd:a3:f7:2e:46:f1:2b:a6:f2:06:db:99:8a:00:30:
1a:54:9a:b6:45:fe:6f:73:63:c2:04:64:2a:1d:e5:
75:3e:38:df:79:b1:72:8e:19:1e:24:ea:67:56:e8:
20:39:29:de:5b:61:eb:d5:8f:de:b5:c9:67:6d:d8:
d4:c9:79:d8:ed:53:b8:b8:75:5a:a5:1e:92:3b:4f:
34:63:d1:99:a2:ac:2f:eb:75:51:f6:66:04:7f:68:
47:3e:97:84:21:8b:1d:45:6a:a7:e5:1a:d1:f1:72:
75:3a:4d:5b:9a:0b:e3:a5:33:a5:56:b1:04:d9:66:
01:ec:fe:39:b8:e0:58:3a:57:45:54:a0:51:a8:7f:
6f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:33:BD:31:1B:EC:0B:5C:C6:C1:94:87:C9:24:99:17:6B:FE:73:34
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OjO9MRvsC1zGwZSHySSZF2v-czQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:4ee::/48
Signature Algorithm: sha256WithRSAEncryption
90:d1:f2:ce:45:9f:0a:72:ce:50:96:ca:33:53:f3:4a:c2:fc:
94:b5:0d:6d:f8:8a:41:f0:fb:c7:59:e3:d3:fe:98:ff:7b:f0:
78:e1:ef:96:b9:7f:33:87:36:18:68:e4:f7:4f:ba:c4:77:05:
c6:5a:18:1d:a4:bd:2a:c1:52:80:18:3b:75:6e:fe:ff:7f:0c:
ae:e0:15:89:3a:8e:4b:e1:4a:ec:d2:2b:8f:b1:c9:0e:d0:ef:
a2:62:b0:fb:95:2b:85:7f:cc:24:a8:2a:2b:15:2b:9b:b6:29:
26:00:ff:77:d8:54:82:53:7a:0a:bb:b8:fa:3b:df:d8:05:08:
94:37:1d:4c:2c:3d:4d:8e:c8:da:87:29:6a:0d:50:ee:40:0e:
a4:fe:4c:4d:17:80:c7:da:f4:d3:80:a7:b7:d6:a7:fb:d4:28:
1a:03:53:e4:32:37:32:e7:b6:25:da:60:4c:ff:23:a4:61:d5:
1d:5c:da:98:f6:ab:0d:7c:11:c8:8f:10:0e:a9:a9:7f:83:34:
b0:d8:25:e6:3d:8e:0d:d8:64:2d:b9:67:1c:98:b5:66:19:fb:
8e:ab:20:55:45:90:6e:a4:c8:90:88:63:6c:f6:7a:30:86:46:
d2:df:17:e6:86:55:c5:e1:9d:50:2f:69:53:47:5a:d8:b5:fb:
be:2b:64:75
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYe2xzorQz9zqH3CJcZmZuZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDI1MDQ1ODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTMzYmQzMTFiZWMwYjVjYzZjMTk0ODdjOTI0OTkxNzZiZmU3MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszGj55jwSpEZO6Hh8iBtF22BHG7q
WtLCywZd4gdbDG44MFwXe+EEyi72SHfhga2GAnclLhBtSOfmSb5RTnY0nj6Q74Kz
CAoMmHZ8zk0De4sJxC9BKga0SXtEAborADaj0ybRKp9wglD15npWx+zdArJoh9O8
xvG9o/cuRvErpvIG25mKADAaVJq2Rf5vc2PCBGQqHeV1PjjfebFyjhkeJOpnVugg
OSneW2Hr1Y/etclnbdjUyXnY7VO4uHVapR6SO080Y9GZoqwv63VR9mYEf2hHPpeE
IYsdRWqn5RrR8XJ1Ok1bmgvjpTOlVrEE2WYB7P45uOBYOldFVKBRqH9vhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDozvTEb7AtcxsGUh8kkmRdr/nM0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT2pPOU1SdnNDMXpHd1pTSHlTU1pGMnYtY3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwTu
MA0GCSqGSIb3DQEBCwUAA4IBAQCQ0fLORZ8Kcs5QlsozU/NKwvyUtQ1t+IpB8PvH
WePT/pj/e/B44e+WuX8zhzYYaOT3T7rEdwXGWhgdpL0qwVKAGDt1bv7/fwyu4BWJ
Oo5L4Urs0iuPsckO0O+iYrD7lSuFf8wkqCorFSubtikmAP932FSCU3oKu7j6O9/Y
BQiUNx1MLD1NjsjahylqDVDuQA6k/kxNF4DH2vTTgKe31qf71CgaA1PkMjcy57Yl
2mBM/yOkYdUdXNqY9qsNfBHIjxAOqal/gzSw2CXmPY4N2GQtuWccmLVmGfuOqyBV
RZBupMiQiGNs9nowhkbS3xfmhlXF4Z1QL2lTR1rYtfu+K2R1
-----END CERTIFICATE-----
Generated at Fri Jun 20 00:39:53 2025 by rpki-client