Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/VH2lJpSegeyEn7_9CMBAsWFMo-A.roa
File: VH2lJpSegeyEn7_9CMBAsWFMo-A.roa (raw, json)
Hash identifier: JfJmIUGG9VJv8YlbbCRQnil/omKUrIHmh4w1/d7lQlQ=
Subject key identifier: 54:7D:A5:26:94:9E:81:EC:84:9F:BF:FD:08:C0:40:B1:61:4C:A3:E0
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246CB14BA755A260E6A6849BB2DD3C8
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/VH2lJpSegeyEn7_9CMBAsWFMo-A.roa
Signing time: Mon 02 Jan 2023 11:38:40 +0000
ROA not before: Mon 02 Jan 2023 11:38:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200367
IP address blocks: 2a0c:9a40:8ca0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:cb:14:ba:75:5a:26:0e:6a:68:49:bb:2d:d3:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=547da526949e81ec849fbffd08c040b1614ca3e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:aa:30:7d:3a:38:20:25:0d:c4:22:0d:68:c7:
fa:ad:f0:e9:6c:4c:6c:e5:c3:c5:7d:4d:6e:f4:c9:
65:30:01:e8:bb:ae:a0:0e:92:95:fb:11:ef:4e:22:
c7:72:27:32:f8:38:ef:01:a3:69:4d:40:9d:c8:13:
13:c3:f7:4d:21:4e:8f:7f:c0:46:3e:8f:ad:ed:8c:
6f:5a:52:b1:7f:e0:19:38:0b:6e:83:40:b0:3a:55:
45:d8:cb:2c:c9:ec:53:b0:0e:c4:c3:3e:74:e3:ad:
7c:ca:04:06:58:93:c3:d6:de:5e:80:97:93:b9:01:
10:57:c1:7d:5c:bf:ff:8d:d3:98:5c:31:2a:70:01:
d8:49:6a:7f:3d:4c:82:3c:b0:44:19:7f:b2:7c:c9:
3d:60:8a:2d:a1:f2:db:7d:e1:24:63:cf:75:7c:70:
bf:a3:7f:6d:6f:d6:1e:bc:4a:47:66:5d:49:50:4c:
7c:de:5d:18:81:54:54:78:7f:5f:e9:61:2a:f9:00:
a9:a7:ee:f2:3f:28:e0:e1:e6:15:c3:18:60:78:55:
5e:32:5c:3e:71:84:d5:e0:b6:fe:07:63:da:89:ca:
88:a6:26:b6:0d:9c:b6:77:6c:bf:cf:60:91:bc:dc:
76:4e:f4:7a:d0:8c:6a:2e:29:28:dc:a4:74:e9:41:
2c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:7D:A5:26:94:9E:81:EC:84:9F:BF:FD:08:C0:40:B1:61:4C:A3:E0
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/VH2lJpSegeyEn7_9CMBAsWFMo-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8ca0::/44
Signature Algorithm: sha256WithRSAEncryption
26:24:52:6a:c7:0e:d6:c2:35:9e:39:93:a1:3f:e3:35:ce:88:
c0:6a:53:69:3c:e5:ac:7e:48:70:ab:01:3a:54:d6:9f:27:0b:
4d:9b:35:d6:71:0e:4d:74:d6:b9:97:a8:16:5b:c3:51:fe:2a:
c0:70:9b:02:23:dd:8c:36:1c:2f:de:e5:c7:88:fd:85:43:27:
ab:0d:97:0f:62:70:ce:ac:ea:1a:5d:e9:1d:44:c4:e6:22:f2:
82:44:7a:a6:a4:a1:55:7b:2e:e2:b8:35:75:1f:19:1c:f5:82:
16:5d:fd:7c:03:5c:38:f7:f7:60:4a:95:70:30:6a:f0:55:3c:
cc:3b:7c:72:c5:30:fb:b9:74:5e:b4:af:02:2a:fb:80:4e:9a:
42:2e:b4:90:2d:f7:72:4d:7d:73:a0:7d:48:d3:8e:4a:9c:7d:
76:73:cd:aa:00:8b:46:de:18:48:23:ea:39:43:46:8b:49:65:
5d:45:d6:0e:c5:d3:dc:cc:f6:d5:e7:0c:11:06:9b:87:c9:6b:
a2:2c:e3:8a:d1:6e:82:36:41:59:b2:8e:7d:38:a6:5a:e2:55:
c7:a8:98:42:17:83:2d:ab:bd:9f:91:24:f5:64:ea:c2:97:a9:
6f:0a:47:59:97:a4:5b:62:26:92:7c:cd:00:dd:b7:56:8d:cc:
18:b7:78:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRssUunVaJg5qaEm7LdPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDdkYTUyNjk0OWU4MWVjODQ5ZmJmZmQwOGMwNDBiMTYxNGNhM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKowfTo4ICUNxCINaMf6rfDpbExs
5cPFfU1u9MllMAHou66gDpKV+xHvTiLHcicy+DjvAaNpTUCdyBMTw/dNIU6Pf8BG
Po+t7YxvWlKxf+AZOAtug0CwOlVF2MssyexTsA7Ewz504618ygQGWJPD1t5egJeT
uQEQV8F9XL//jdOYXDEqcAHYSWp/PUyCPLBEGX+yfMk9YIotofLbfeEkY891fHC/
o39tb9YevEpHZl1JUEx83l0YgVRUeH9f6WEq+QCpp+7yPyjg4eYVwxhgeFVeMlw+
cYTV4Lb+B2PaicqIpia2DZy2d2y/z2CRvNx2TvR60IxqLiko3KR06UEsuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFR9pSaUnoHshJ+//QjAQLFhTKPgMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvVkgybEpwU2VnZXlFbjdfOUNNQkFzV0ZNby1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIyg
MA0GCSqGSIb3DQEBCwUAA4IBAQAmJFJqxw7WwjWeOZOhP+M1zojAalNpPOWsfkhw
qwE6VNafJwtNmzXWcQ5NdNa5l6gWW8NR/irAcJsCI92MNhwv3uXHiP2FQyerDZcP
YnDOrOoaXekdRMTmIvKCRHqmpKFVey7iuDV1Hxkc9YIWXf18A1w49/dgSpVwMGrw
VTzMO3xyxTD7uXRetK8CKvuATppCLrSQLfdyTX1zoH1I045KnH12c82qAItG3hhI
I+o5Q0aLSWVdRdYOxdPczPbV5wwRBpuHyWuiLOOK0W6CNkFZso59OKZa4lXHqJhC
F4Mtq72fkST1ZOrCl6lvCkdZl6RbYiaSfM0A3bdWjcwYt3hY
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:20:41 2025 by rpki-client