Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/9sNCUSRZYiwR2nsEG3G1RMqmF_o.roa
File: 9sNCUSRZYiwR2nsEG3G1RMqmF_o.roa (raw, json)
Hash identifier: /AoR7hivDZQmMhsgdLA3CIbREMNMYPzYA9UlVE48tY8=
Subject key identifier: F6:C3:42:51:24:59:62:2C:11:DA:7B:04:1B:71:B5:44:CA:A6:17:FA
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8F1B9FBE6E483ABA4553ACA1C17824D
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/9sNCUSRZYiwR2nsEG3G1RMqmF_o.roa
Signing time: Thu 16 Nov 2023 16:23:22 +0000
ROA not before: Thu 16 Nov 2023 16:23:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33874
IP address blocks: 2a01:838::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:f1:b9:fb:e6:e4:83:ab:a4:55:3a:ca:1c:17:82:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 16:23:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6c342512459622c11da7b041b71b544caa617fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e6:f0:a2:28:7e:bd:b4:69:9a:29:62:ad:ca:
4c:58:97:53:99:d5:3e:d4:15:50:24:85:4e:90:78:
e0:82:5d:de:fc:5a:35:cc:8f:1f:02:74:19:f9:c1:
97:3e:af:ae:92:bd:f0:06:ca:56:04:c5:e9:29:5f:
05:a5:a5:48:8f:c5:88:0a:7f:b8:a4:3d:99:c9:71:
19:2e:b2:94:bd:ac:6c:59:b5:77:70:90:93:82:f3:
0a:e9:26:77:17:86:14:aa:5f:0a:d8:8f:ad:15:32:
a7:c4:c0:ec:5b:fd:06:5b:02:e3:a5:90:cf:26:91:
20:1a:cf:ca:ec:0c:e4:04:73:2e:a3:6f:04:f0:3c:
70:7e:be:c1:bd:f0:46:06:d4:38:d6:ef:fa:b3:9d:
f2:ae:8d:b7:d7:4f:c3:69:3e:d9:f6:c4:cf:52:19:
61:e2:81:8e:f9:0b:be:e3:f2:07:ef:8e:72:67:90:
59:98:41:5c:be:40:a8:46:c1:e5:24:c9:c1:9b:39:
c0:a3:d6:68:53:b0:96:ce:f6:27:e3:4e:72:b1:64:
ce:25:ac:da:1e:cc:9c:bc:5b:54:f3:7e:0d:d2:42:
85:14:db:22:17:15:31:be:90:40:2f:9f:cb:9e:da:
62:a9:34:e1:66:46:52:dc:84:df:4c:9c:ca:da:15:
bd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C3:42:51:24:59:62:2C:11:DA:7B:04:1B:71:B5:44:CA:A6:17:FA
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/9sNCUSRZYiwR2nsEG3G1RMqmF_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:838::/32
Signature Algorithm: sha256WithRSAEncryption
a1:4e:cc:7c:80:74:62:db:32:a4:71:b9:49:7c:5b:97:6f:c4:
40:dd:2a:00:b5:7b:a2:8e:99:08:7c:9d:48:bb:5b:15:00:37:
9c:2a:0b:2a:f1:24:05:b8:02:33:da:51:20:ab:ca:5f:46:21:
80:d1:65:d0:23:24:62:4b:2a:0e:33:6d:1b:35:6b:29:4d:29:
f2:79:c0:c0:21:16:1b:8c:1b:ea:c8:d5:b7:8b:65:9c:73:ae:
c9:24:2f:e6:e9:3a:30:10:66:81:19:15:33:32:25:af:e3:f9:
85:03:cd:60:fc:1d:7b:76:56:56:a8:93:9b:be:fd:41:7f:ff:
9a:e2:58:6c:be:72:b8:8c:95:c3:f1:de:90:1c:e2:b8:4b:d8:
8a:ac:cd:ee:7c:4a:26:2d:fb:07:45:cc:00:0a:da:48:aa:8d:
00:ac:a1:f4:13:07:d1:18:20:f4:93:90:f2:39:3c:f0:bf:db:
43:bd:3e:99:17:a9:e9:28:85:43:df:a2:ae:de:32:3b:9a:f7:
19:99:01:5e:35:54:f1:6d:03:26:8a:b2:39:29:00:4d:04:12:
e6:61:63:5e:c1:60:1f:e3:46:28:69:d0:11:01:1b:b4:5a:79:
be:b8:1f:dd:c8:51:b3:6f:a2:25:90:71:9d:a8:ca:c7:be:31:
b2:53:1b:85
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYvY8bn75uSDq6RVOsocF4JNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTYyMzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmMzNDI1MTI0NTk2MjJjMTFkYTdiMDQxYjcxYjU0NGNhYTYxN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgebwoih+vbRpmilircpMWJdTmdU+
1BVQJIVOkHjggl3e/Fo1zI8fAnQZ+cGXPq+ukr3wBspWBMXpKV8FpaVIj8WICn+4
pD2ZyXEZLrKUvaxsWbV3cJCTgvMK6SZ3F4YUql8K2I+tFTKnxMDsW/0GWwLjpZDP
JpEgGs/K7AzkBHMuo28E8Dxwfr7BvfBGBtQ41u/6s53yro2310/DaT7Z9sTPUhlh
4oGO+Qu+4/IH745yZ5BZmEFcvkCoRsHlJMnBmznAo9ZoU7CWzvYn405ysWTOJaza
HsycvFtU834N0kKFFNsiFxUxvpBAL5/LntpiqTThZkZS3ITfTJzK2hW9BQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPbDQlEkWWIsEdp7BBtxtUTKphf6MB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvOXNOQ1VTUlpZaXdSMm5zRUczRzFSTXFtRl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEIODAN
BgkqhkiG9w0BAQsFAAOCAQEAoU7MfIB0YtsypHG5SXxbl2/EQN0qALV7oo6ZCHyd
SLtbFQA3nCoLKvEkBbgCM9pRIKvKX0YhgNFl0CMkYksqDjNtGzVrKU0p8nnAwCEW
G4wb6sjVt4tlnHOuySQv5uk6MBBmgRkVMzIlr+P5hQPNYPwde3ZWVqiTm779QX//
muJYbL5yuIyVw/HekBziuEvYiqzN7nxKJi37B0XMAAraSKqNAKyh9BMH0Rgg9JOQ
8jk88L/bQ70+mRep6SiFQ9+irt4yO5r3GZkBXjVU8W0DJoqyOSkATQQS5mFjXsFg
H+NGKGnQEQEbtFp5vrgf3chRs2+iJZBxnajKx74xslMbhQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:14:49 2025 by rpki-client