Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/pIkRMOSiQFb30jlToL5mtuwYTbM.roa
File: pIkRMOSiQFb30jlToL5mtuwYTbM.roa (raw, json)
Hash identifier: NXXT8x1Ibdp511wWIbP9pAA8UVDyP29FWj5CtA31Xnw=
Subject key identifier: A4:89:11:30:E4:A2:40:56:F7:D2:39:53:A0:BE:66:B6:EC:18:4D:B3
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246E6BF65B61E1F577C6D8163912DB7
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/pIkRMOSiQFb30jlToL5mtuwYTbM.roa
Signing time: Mon 02 Jan 2023 11:38:47 +0000
ROA not before: Mon 02 Jan 2023 11:38:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212983
IP address blocks: 2a0c:9a40:8180::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:e6:bf:65:b6:1e:1f:57:7c:6d:81:63:91:2d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4891130e4a24056f7d23953a0be66b6ec184db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:26:a1:97:f0:7c:ef:07:72:7a:28:97:26:4e:
28:85:dd:06:18:60:3a:e4:bf:64:09:09:5f:8f:b1:
b0:61:f7:be:07:6a:b7:2a:50:70:59:66:46:fc:35:
0e:a9:36:65:0e:99:6f:9d:1b:c4:e7:95:0d:0d:53:
8f:82:b0:e9:0c:92:2a:6c:76:7d:26:20:19:20:41:
fe:a7:46:0d:c8:3e:6f:ee:e7:ee:60:83:c6:cc:8c:
96:7f:9b:63:eb:59:64:80:95:7d:69:1a:0d:85:bf:
25:9a:2f:14:eb:2d:52:11:1d:23:b5:fe:65:22:f7:
90:f6:d2:60:7f:f1:f4:19:27:ab:ad:ed:45:a6:4c:
e3:8c:b9:2b:b2:17:8f:ab:a2:a1:b9:e4:ea:c2:5e:
aa:02:78:c9:6e:03:99:23:5f:b9:ef:e5:5c:4f:13:
36:d3:c9:f9:29:16:60:87:c1:66:87:75:cb:f3:81:
53:70:37:ad:41:6e:ac:75:a6:f7:0d:f5:26:7d:33:
74:2f:4d:63:89:fe:9d:67:24:82:cc:78:3d:8b:c4:
83:4a:a0:46:a6:a7:e4:6b:18:60:37:b2:81:7e:5b:
fb:7e:3f:b4:55:3d:3b:da:54:81:1c:16:75:55:39:
2b:30:0b:ad:01:6c:49:ae:6f:26:ee:2f:c5:de:13:
a9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:89:11:30:E4:A2:40:56:F7:D2:39:53:A0:BE:66:B6:EC:18:4D:B3
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/pIkRMOSiQFb30jlToL5mtuwYTbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8180::/48
Signature Algorithm: sha256WithRSAEncryption
8c:f6:76:43:3b:26:9c:ee:33:5f:4f:37:72:e7:35:da:0c:a1:
46:bb:85:01:7e:dc:6d:0f:98:3e:4b:58:85:50:76:5d:16:b2:
19:8e:25:f9:e8:08:04:26:09:61:73:d6:71:33:71:0b:6c:11:
b3:90:8e:a3:75:18:95:34:01:af:39:98:de:cd:c1:32:7c:20:
9d:1e:05:19:21:d5:52:37:1c:0c:41:17:44:c6:f1:f6:8a:9e:
0b:b4:bd:0d:be:1f:4b:0d:6f:24:87:ab:1c:bb:a5:f1:e8:01:
fc:e1:0c:18:fe:0d:af:81:f4:28:fd:3f:b5:49:a7:a9:68:98:
5a:f5:f2:1d:6b:10:76:1b:7f:e7:58:7e:a9:ce:4e:0e:7b:34:
35:46:10:b1:1e:a8:ce:b5:53:0d:35:02:a1:9f:21:08:cc:3a:
da:3b:ba:03:33:08:21:8b:41:7e:39:03:9b:66:68:6d:3c:aa:
24:e6:65:99:51:24:7d:ff:14:ba:27:8a:a4:3c:1d:83:ff:c5:
0b:50:90:c0:a5:8e:77:5e:11:98:59:1a:df:b8:24:72:e2:5b:
6c:bb:e0:bf:ba:cd:db:15:10:7b:5f:1c:ea:9c:b9:0a:17:3a:
2f:ce:94:14:0b:cb:c2:ba:fd:bb:46:b9:91:e4:af:56:2c:e2:
a8:40:7b:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRua/ZbYeH1d8bYFjkS23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDg5MTEzMGU0YTI0MDU2ZjdkMjM5NTNhMGJlNjZiNmVjMTg0ZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCahl/B87wdyeiiXJk4ohd0GGGA6
5L9kCQlfj7GwYfe+B2q3KlBwWWZG/DUOqTZlDplvnRvE55UNDVOPgrDpDJIqbHZ9
JiAZIEH+p0YNyD5v7ufuYIPGzIyWf5tj61lkgJV9aRoNhb8lmi8U6y1SER0jtf5l
IveQ9tJgf/H0GSerre1FpkzjjLkrshePq6KhueTqwl6qAnjJbgOZI1+57+VcTxM2
08n5KRZgh8Fmh3XL84FTcDetQW6sdab3DfUmfTN0L01jif6dZySCzHg9i8SDSqBG
pqfkaxhgN7KBflv7fj+0VT072lSBHBZ1VTkrMAutAWxJrm8m7i/F3hOpdQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKSJETDkokBW99I5U6C+ZrbsGE2zMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvcElrUk1PU2lRRmIzMGpsVG9MNW10dXdZVGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIGA
MA0GCSqGSIb3DQEBCwUAA4IBAQCM9nZDOyac7jNfTzdy5zXaDKFGu4UBftxtD5g+
S1iFUHZdFrIZjiX56AgEJglhc9ZxM3ELbBGzkI6jdRiVNAGvOZjezcEyfCCdHgUZ
IdVSNxwMQRdExvH2ip4LtL0Nvh9LDW8kh6scu6Xx6AH84QwY/g2vgfQo/T+1Saep
aJha9fIdaxB2G3/nWH6pzk4OezQ1RhCxHqjOtVMNNQKhnyEIzDraO7oDMwghi0F+
OQObZmhtPKok5mWZUSR9/xS6J4qkPB2D/8ULUJDApY53XhGYWRrfuCRy4ltsu+C/
us3bFRB7XxzqnLkKFzovzpQUC8vCuv27RrmR5K9WLOKoQHuU
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:17:48 2025 by rpki-client