Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/XB7UYMlNSYkmZqFHT4SX3eLsGH8.roa
File: XB7UYMlNSYkmZqFHT4SX3eLsGH8.roa (raw, json)
Hash identifier: GI78mAqKSsLzeNkibKUy+Bh6UaAe3qxhu6euJ9FDe5Q=
Subject key identifier: 5C:1E:D4:60:C9:4D:49:89:26:66:A1:47:4F:84:97:DD:E2:EC:18:7F
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246CBF4BFFC14EEA2B78B4175649E6D
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/XB7UYMlNSYkmZqFHT4SX3eLsGH8.roa
Signing time: Mon 02 Jan 2023 11:38:40 +0000
ROA not before: Mon 02 Jan 2023 11:38:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200965
IP address blocks: 2a0c:9a40:8160::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:cb:f4:bf:fc:14:ee:a2:b7:8b:41:75:64:9e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c1ed460c94d49892666a1474f8497dde2ec187f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:07:6a:57:aa:d1:f1:28:31:37:96:f4:f2:71:
93:9a:be:97:09:5d:b8:28:02:8f:e1:67:8c:d2:ad:
12:ed:db:86:32:d5:dd:26:2e:4b:04:5b:a9:a3:f6:
66:be:24:09:44:df:ee:af:62:39:8f:44:c8:84:5e:
fb:c6:58:44:3e:26:2b:d0:96:81:df:69:9d:1d:ee:
7e:14:d3:dd:1d:01:53:79:0f:3a:0b:08:3c:2d:a9:
b4:f1:85:c8:a7:f9:db:6e:94:9b:2a:b5:25:5f:05:
29:45:01:d6:ef:fe:c1:7b:6d:5e:fe:4f:c9:4e:a8:
57:4b:56:56:1d:82:58:25:85:54:d3:a2:c5:56:28:
69:1e:0e:28:60:18:4e:a6:9d:a7:9b:4d:73:b7:c1:
22:df:a3:62:ad:8d:9d:53:14:53:38:5d:df:c2:8a:
70:b2:ef:78:1c:12:8f:d6:03:f1:87:d7:79:c4:ab:
67:a8:12:d4:79:ab:06:f7:3f:fb:33:40:17:bd:16:
e8:4a:23:81:2d:51:71:a0:4d:ec:4a:1e:58:cc:56:
1d:e2:7a:6c:6b:81:c1:41:2b:50:55:20:5f:da:b3:
33:da:83:72:73:43:6e:0e:6e:aa:e6:0f:d2:cd:46:
ab:4a:3b:cb:bd:aa:eb:c1:37:ec:20:2a:01:3f:fe:
1d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1E:D4:60:C9:4D:49:89:26:66:A1:47:4F:84:97:DD:E2:EC:18:7F
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/XB7UYMlNSYkmZqFHT4SX3eLsGH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8160::/44
Signature Algorithm: sha256WithRSAEncryption
c6:6d:a9:6b:f7:b4:14:10:e3:8c:9c:5e:0a:df:e0:8a:28:7a:
b0:83:8c:45:78:f1:a3:09:f1:71:11:aa:d8:09:a9:78:b2:07:
fe:20:50:8e:df:e0:49:51:4b:e8:a0:ba:bd:97:9f:09:3a:47:
7f:f0:33:11:27:71:3c:7f:f9:65:3d:96:a7:b3:ec:83:e4:53:
f9:0d:40:f7:07:a7:6d:9e:ff:81:fc:52:92:33:b0:09:f5:9a:
be:34:23:dc:07:53:ce:da:c5:83:63:92:b8:64:6e:2d:14:14:
d6:90:d6:b4:b2:a9:ff:75:55:3e:45:bc:ba:11:85:8b:82:25:
b1:b4:89:61:a8:80:01:24:9a:24:14:b2:38:b0:5b:7a:8f:6b:
e9:58:31:53:f5:e8:b4:8d:2c:8a:d7:29:42:5b:53:dc:e8:63:
6c:4a:36:28:59:d6:4e:c3:3e:e2:bc:99:30:25:d6:27:3e:94:
bb:9c:62:ff:bd:15:3b:95:38:7e:62:40:33:b1:aa:82:90:e4:
33:ff:2f:b0:69:71:79:b9:54:03:b0:bd:75:99:4e:36:66:93:
c9:af:0c:3f:f5:5c:30:bb:51:d2:8c:e5:49:cf:e1:a7:46:33:
81:f4:88:48:1b:2b:44:60:24:ab:07:74:07:85:de:62:c5:ee:
ef:ae:a4:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRsv0v/wU7qK3i0F1ZJ5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFlZDQ2MGM5NGQ0OTg5MjY2NmExNDc0Zjg0OTdkZGUyZWMxODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQdqV6rR8SgxN5b08nGTmr6XCV24
KAKP4WeM0q0S7duGMtXdJi5LBFupo/ZmviQJRN/ur2I5j0TIhF77xlhEPiYr0JaB
32mdHe5+FNPdHQFTeQ86Cwg8Lam08YXIp/nbbpSbKrUlXwUpRQHW7/7Be21e/k/J
TqhXS1ZWHYJYJYVU06LFVihpHg4oYBhOpp2nm01zt8Ei36NirY2dUxRTOF3fwopw
su94HBKP1gPxh9d5xKtnqBLUeasG9z/7M0AXvRboSiOBLVFxoE3sSh5YzFYd4nps
a4HBQStQVSBf2rMz2oNyc0NuDm6q5g/SzUarSjvLvarrwTfsICoBP/4dtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFwe1GDJTUmJJmahR0+El93i7Bh/MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvWEI3VVlNbE5TWWttWnFGSFQ0U1gzZUxzR0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIFg
MA0GCSqGSIb3DQEBCwUAA4IBAQDGbalr97QUEOOMnF4K3+CKKHqwg4xFePGjCfFx
EarYCal4sgf+IFCO3+BJUUvooLq9l58JOkd/8DMRJ3E8f/llPZans+yD5FP5DUD3
B6dtnv+B/FKSM7AJ9Zq+NCPcB1PO2sWDY5K4ZG4tFBTWkNa0sqn/dVU+Rby6EYWL
giWxtIlhqIABJJokFLI4sFt6j2vpWDFT9ei0jSyK1ylCW1Pc6GNsSjYoWdZOwz7i
vJkwJdYnPpS7nGL/vRU7lTh+YkAzsaqCkOQz/y+waXF5uVQDsL11mU42ZpPJrww/
9Vwwu1HSjOVJz+GnRjOB9IhIGytEYCSrB3QHhd5ixe7vrqSz
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:11:57 2025 by rpki-client