Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/PUUya_LBQ4PUISgfNpcpiH7tOjU.roa
File: PUUya_LBQ4PUISgfNpcpiH7tOjU.roa (raw, json)
Hash identifier: E4jhuksjpOOBKw7Ikq3/P+tU5fPjRpj1L7CDtmoZBDw=
Subject key identifier: 3D:45:32:6B:F2:C1:43:83:D4:21:28:1F:36:97:29:88:7E:ED:3A:35
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018548D2F1B6A9A637021F26B1BB2008136D
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/PUUya_LBQ4PUISgfNpcpiH7tOjU.roa
Signing time: Sun 25 Dec 2022 10:27:41 +0000
ROA not before: Sun 25 Dec 2022 10:27:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207618
IP address blocks: 2a0e:7d44:f000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:48:d2:f1:b6:a9:a6:37:02:1f:26:b1:bb:20:08:13:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Dec 25 10:27:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d45326bf2c14383d421281f369729887eed3a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7a:b4:cf:d1:12:f2:29:d2:ac:30:7b:10:5e:
e1:47:a7:9a:b4:52:42:3d:e3:ae:e3:cd:fd:a1:a2:
23:98:8a:16:48:9a:40:1e:89:44:2f:a4:b4:ae:6c:
b2:80:ac:3a:bf:d4:11:e1:75:8d:94:7e:0f:91:3d:
fd:50:41:6d:e6:42:43:5b:30:1a:40:a3:db:15:ed:
be:97:52:c3:16:d5:cd:31:9a:3e:59:91:40:64:5b:
d5:fa:50:57:fc:eb:4f:6f:ab:23:e6:fe:35:cc:96:
66:2a:65:00:63:15:68:6a:3a:7a:e8:16:97:db:a2:
e7:1f:5b:6a:8e:5d:f9:1e:4a:85:62:e0:00:fb:37:
c8:4d:2e:6d:69:9a:9d:fa:a8:58:92:5c:fc:14:b5:
da:e0:42:72:23:62:79:86:7e:11:41:a8:2e:0f:71:
65:89:4c:28:8e:18:09:58:55:0d:ea:f6:26:51:bb:
0d:36:08:b8:5f:ec:b1:77:cb:04:4f:4a:7d:4e:1c:
cd:9b:91:1a:5b:31:78:0e:1c:53:99:17:a2:ef:e0:
49:38:3d:b9:a3:c5:2a:26:15:d8:51:47:49:8e:f7:
31:a8:36:eb:74:0c:9b:66:da:7c:93:83:db:a8:1d:
71:af:5a:dc:6c:1f:cb:f5:95:bd:2d:d7:98:49:d5:
11:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:45:32:6B:F2:C1:43:83:D4:21:28:1F:36:97:29:88:7E:ED:3A:35
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/PUUya_LBQ4PUISgfNpcpiH7tOjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7d44:f000::/40
Signature Algorithm: sha256WithRSAEncryption
60:78:d7:12:f1:66:93:a4:f7:7b:92:10:03:d2:35:7c:b2:48:
50:54:ad:84:a1:34:cb:be:45:c0:b7:e5:d0:b5:62:f1:ca:34:
a0:c9:61:0d:5b:f4:f1:88:c7:2c:cb:c2:38:b8:fc:dd:6c:4d:
4e:87:cf:62:56:0b:98:6d:42:8f:95:d8:f7:63:f4:33:cd:42:
6b:f3:1c:68:cb:6d:f7:d2:d6:1a:6c:55:8c:96:8b:c4:60:69:
0c:53:12:00:2c:e2:ee:0a:b9:7d:ed:f7:a5:71:29:be:9c:26:
55:0a:ed:d7:8f:17:4e:13:00:5d:43:10:f4:81:80:f9:ef:c1:
e6:1c:2d:a7:f8:e8:13:ba:d9:d9:67:cc:4f:9f:c6:bb:2b:4e:
31:b0:45:40:fe:ba:c9:d4:c7:ba:cb:97:36:cd:5a:41:04:f6:
dd:85:28:5c:b0:8a:95:92:67:7a:d0:73:68:c5:c9:e3:2f:54:
34:81:ba:3a:f7:17:ad:c3:ab:30:e4:3e:65:d8:6b:33:cd:46:
e8:b9:30:ff:c1:e7:3b:ad:4c:95:43:78:0d:db:d4:bc:fa:89:
ce:4a:ac:2b:04:0d:59:25:ac:cb:54:04:d5:92:79:46:ef:54:
07:8c:63:eb:8c:49:9f:b6:77:8d:40:e4:d7:0b:0d:e9:9f:2a:
73:69:5d:cf
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVI0vG2qaY3Ah8msbsgCBNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIxMjI1MTAyNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDQ1MzI2YmYyYzE0MzgzZDQyMTI4MWYzNjk3Mjk4ODdlZWQzYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXq0z9ES8inSrDB7EF7hR6eatFJC
PeOu4839oaIjmIoWSJpAHolEL6S0rmyygKw6v9QR4XWNlH4PkT39UEFt5kJDWzAa
QKPbFe2+l1LDFtXNMZo+WZFAZFvV+lBX/OtPb6sj5v41zJZmKmUAYxVoajp66BaX
26LnH1tqjl35HkqFYuAA+zfITS5taZqd+qhYklz8FLXa4EJyI2J5hn4RQaguD3Fl
iUwojhgJWFUN6vYmUbsNNgi4X+yxd8sET0p9ThzNm5EaWzF4DhxTmRei7+BJOD25
o8UqJhXYUUdJjvcxqDbrdAybZtp8k4PbqB1xr1rcbB/L9ZW9LdeYSdURuQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFD1FMmvywUOD1CEoHzaXKYh+7To1MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvUFVVeWFfTEJRNFBVSVNnZk5wY3BpSDd0T2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg59RPAw
DQYJKoZIhvcNAQELBQADggEBAGB41xLxZpOk93uSEAPSNXyySFBUrYShNMu+RcC3
5dC1YvHKNKDJYQ1b9PGIxyzLwji4/N1sTU6Hz2JWC5htQo+V2Pdj9DPNQmvzHGjL
bffS1hpsVYyWi8RgaQxTEgAs4u4KuX3t96VxKb6cJlUK7dePF04TAF1DEPSBgPnv
weYcLaf46BO62dlnzE+fxrsrTjGwRUD+usnUx7rLlzbNWkEE9t2FKFywipWSZ3rQ
c2jFyeMvVDSBujr3F63DqzDkPmXYazPNRui5MP/B5zutTJVDeA3b1Lz6ic5KrCsE
DVklrMtUBNWSeUbvVAeMY+uMSZ+2d41A5NcLDemfKnNpXc8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:33:32 2025 by rpki-client