Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/7b0a85-9677-4d03-afb6-a9faf6a26426/1/P5RBz98MCkrs_Fh8ASrLbpZSG0s.roa
File: P5RBz98MCkrs_Fh8ASrLbpZSG0s.roa (raw, json)
Hash identifier: 0RugEbEvBPT/bA6KhiPN0OEK+E/9rSkVog0+7lCmz+8=
Subject key identifier: 3F:94:41:CF:DF:0C:0A:4A:EC:FC:58:7C:01:2A:CB:6E:96:52:1B:4B
Certificate issuer: /CN=f2807f280da99569eca24346babe9dc85ac13240
Certificate serial: 0185708CC9F5E08935E29365EEC51129C037
Authority key identifier: F2:80:7F:28:0D:A9:95:69:EC:A2:43:46:BA:BE:9D:C8:5A:C1:32:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8oB_KA2plWnsokNGur6dyFrBMkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/7b0a85-9677-4d03-afb6-a9faf6a26426/1/P5RBz98MCkrs_Fh8ASrLbpZSG0s.roa
Signing time: Mon 02 Jan 2023 03:35:53 +0000
ROA not before: Mon 02 Jan 2023 03:35:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14616
IP address blocks: 2a02:e38:8100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:c9:f5:e0:89:35:e2:93:65:ee:c5:11:29:c0:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2807f280da99569eca24346babe9dc85ac13240
Validity
Not Before: Jan 2 03:35:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f9441cfdf0c0a4aecfc587c012acb6e96521b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:bf:5d:a3:4c:6c:3e:e2:48:b7:a3:aa:97:c3:
06:ec:07:48:11:7b:02:5f:ca:d0:c0:94:4e:02:8d:
55:ab:37:38:b7:5e:e3:f8:fc:55:d1:12:22:df:c0:
90:37:78:35:21:42:35:c8:8d:9e:2f:b1:c5:80:63:
3a:18:4d:53:f4:4b:10:1c:87:12:0a:c6:19:72:d4:
39:f7:bb:92:97:fa:0f:5f:94:23:56:1d:44:dd:c6:
25:d4:2e:73:54:14:53:95:a1:10:9b:9b:46:c4:8a:
85:76:59:96:e1:4c:77:7a:85:9f:0e:43:9c:04:62:
11:3f:8f:a4:69:31:ec:88:ef:5b:1f:38:97:68:74:
51:7b:eb:b3:41:e1:5c:cf:00:8c:13:dd:4a:c0:b6:
aa:e3:c0:03:c8:c8:52:d4:bf:07:12:f2:4e:ee:27:
fe:47:b3:39:4d:32:2f:58:e8:3d:61:7e:c8:57:32:
68:10:d5:11:64:bc:ad:b4:73:47:db:c1:42:06:54:
42:30:6c:90:fe:be:b9:b5:96:c7:fa:f9:f2:05:10:
94:05:d4:5e:fd:4b:66:b6:e2:24:85:7a:03:f0:48:
66:e2:9c:5a:ee:57:b5:5f:50:e9:19:f4:d6:84:82:
a1:72:c5:cb:7e:1c:08:98:5a:bd:fd:51:65:4c:d9:
ac:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:94:41:CF:DF:0C:0A:4A:EC:FC:58:7C:01:2A:CB:6E:96:52:1B:4B
X509v3 Authority Key Identifier:
keyid:F2:80:7F:28:0D:A9:95:69:EC:A2:43:46:BA:BE:9D:C8:5A:C1:32:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8oB_KA2plWnsokNGur6dyFrBMkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/7b0a85-9677-4d03-afb6-a9faf6a26426/1/P5RBz98MCkrs_Fh8ASrLbpZSG0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/7b0a85-9677-4d03-afb6-a9faf6a26426/1/8oB_KA2plWnsokNGur6dyFrBMkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:e38:8100::/40
Signature Algorithm: sha256WithRSAEncryption
14:73:98:9b:86:ad:14:d0:18:0d:ce:99:30:3b:83:78:dc:06:
de:2a:a8:d4:8e:e1:83:82:c7:25:ba:c9:c2:e5:a4:3e:53:ac:
27:9d:4d:56:b5:a0:fa:bc:53:e3:b0:61:0e:69:97:34:e8:6c:
14:80:32:99:2d:22:b9:3a:f2:0b:5a:30:53:da:19:f9:76:5e:
03:fe:b4:4c:61:dc:d1:d9:69:0c:85:4e:84:93:06:d2:e6:83:
73:33:17:f0:f5:0d:82:4e:51:09:64:e0:aa:26:88:fe:83:6c:
4a:af:bd:b4:16:98:1c:ee:bd:b3:89:c1:05:e4:ba:0e:ab:a5:
24:08:8a:4a:60:a4:db:af:67:9b:f0:e7:47:3d:57:bd:35:39:
1a:ba:4f:39:61:3c:b9:6d:33:56:a6:eb:b7:da:85:fa:87:ca:
b0:4f:0f:7e:f6:fe:d5:42:b1:19:8f:4d:d5:90:6d:d8:25:32:
2f:06:b1:32:92:84:6b:2e:ea:1d:52:4e:d2:08:2a:06:6b:b0:
21:56:dc:3b:43:8b:9b:dd:cd:92:04:51:63:58:b6:ac:9b:df:
3f:0a:0b:b5:fe:38:69:91:09:6f:6c:b0:60:58:bc:f4:88:4e:
99:a5:7d:96:96:b2:15:c2:2a:60:77:d7:c8:f5:e7:ab:30:39:
9c:c5:0e:89
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwjMn14Ik14pNl7sURKcA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyODA3ZjI4MGRhOTk1NjllY2EyNDM0NmJhYmU5ZGM4NWFj
MTMyNDAwHhcNMjMwMTAyMDMzNTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjk0NDFjZmRmMGMwYTRhZWNmYzU4N2MwMTJhY2I2ZTk2NTIxYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+79do0xsPuJIt6Oql8MG7AdIEXsC
X8rQwJROAo1Vqzc4t17j+PxV0RIi38CQN3g1IUI1yI2eL7HFgGM6GE1T9EsQHIcS
CsYZctQ597uSl/oPX5QjVh1E3cYl1C5zVBRTlaEQm5tGxIqFdlmW4Ux3eoWfDkOc
BGIRP4+kaTHsiO9bHziXaHRRe+uzQeFczwCME91KwLaq48ADyMhS1L8HEvJO7if+
R7M5TTIvWOg9YX7IVzJoENURZLyttHNH28FCBlRCMGyQ/r65tZbH+vnyBRCUBdRe
/UtmtuIkhXoD8Ehm4pxa7le1X1DpGfTWhIKhcsXLfhwImFq9/VFlTNms3QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFD+UQc/fDApK7PxYfAEqy26WUhtLMB8GA1UdIwQY
MBaAFPKAfygNqZVp7KJDRrq+nchawTJAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG9CX0tBMnBsV25zb2tOR3VyNmR5RnJCTWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy83YjBhODUtOTY3Ny00ZDAzLWFmYjYt
YTlmYWY2YTI2NDI2LzEvUDVSQno5OE1Da3JzX0ZoOEFTckxicFpTRzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy83YjBhODUtOTY3Ny00ZDAzLWFmYjYtYTlmYWY2YTI2NDI2
LzEvOG9CX0tBMnBsV25zb2tOR3VyNmR5RnJCTWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgIOOIEw
DQYJKoZIhvcNAQELBQADggEBABRzmJuGrRTQGA3OmTA7g3jcBt4qqNSO4YOCxyW6
ycLlpD5TrCedTVa1oPq8U+OwYQ5plzTobBSAMpktIrk68gtaMFPaGfl2XgP+tExh
3NHZaQyFToSTBtLmg3MzF/D1DYJOUQlk4KomiP6DbEqvvbQWmBzuvbOJwQXkug6r
pSQIikpgpNuvZ5vw50c9V701ORq6TzlhPLltM1am67fahfqHyrBPD372/tVCsRmP
TdWQbdglMi8GsTKShGsu6h1STtIIKgZrsCFW3DtDi5vdzZIEUWNYtqyb3z8KC7X+
OGmRCW9ssGBYvPSITpmlfZaWshXCKmB318j156swOZzFDok=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:57 2025 by rpki-client