Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/4De-xqx6w0-jtsGA5dYUzwwsDT0.roa
File: 4De-xqx6w0-jtsGA5dYUzwwsDT0.roa (raw, json)
Hash identifier: FHaKJPr2427GaEPOQsbHtPpoi58teuZ34ObqrkNEWOs=
Subject key identifier: E0:37:BE:C6:AC:7A:C3:4F:A3:B6:C1:80:E5:D6:14:CF:0C:2C:0D:3D
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018CB57FC302308C2E3ABDC69FBD7F8D585D
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/4De-xqx6w0-jtsGA5dYUzwwsDT0.roa
Signing time: Fri 29 Dec 2023 12:14:58 +0000
ROA not before: Fri 29 Dec 2023 12:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50340
IP address blocks: 2a11:5a44::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:7f:c3:02:30:8c:2e:3a:bd:c6:9f:bd:7f:8d:58:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Dec 29 12:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e037bec6ac7ac34fa3b6c180e5d614cf0c2c0d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:01:87:1c:c6:b9:09:8c:cf:b8:8b:bb:1e:f5:
91:c9:32:eb:98:ad:af:47:1b:8f:11:89:4e:b6:65:
0c:ca:18:54:c7:e5:ef:bc:f1:f3:4b:a8:61:f6:e2:
27:e1:f1:b1:33:fc:d8:6f:c6:da:6c:2d:f0:36:cb:
48:77:ba:41:ee:34:bd:cb:d7:0a:0d:72:45:63:71:
6a:e1:5a:26:ec:74:0c:87:6f:c0:d0:ee:10:fe:05:
c6:2d:b7:42:ce:25:80:59:b3:73:2d:af:60:b9:7c:
16:e1:db:f7:a2:c5:87:59:fa:2a:06:96:0b:5e:95:
b2:cb:e0:67:73:9f:cd:c0:29:af:13:94:75:ab:89:
f0:5b:a8:74:d2:12:fe:63:c8:df:f7:23:8b:b8:06:
78:17:db:b9:84:39:25:29:04:6a:94:8b:d5:e9:43:
70:19:70:fa:dd:b7:d7:f5:f2:73:af:bc:49:44:c0:
30:21:d1:7c:74:cc:fa:9a:df:8e:3a:0b:8c:b6:cf:
66:0e:f8:57:64:aa:e7:72:98:3e:58:fe:06:4e:07:
5f:19:2b:20:c4:e6:fe:cb:a5:6d:56:32:15:fd:3f:
eb:ea:8f:85:46:90:e6:bd:49:b2:83:ff:fa:b2:87:
db:4c:d5:11:b3:95:dd:8c:d5:7a:f9:b1:ef:ce:51:
3b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:37:BE:C6:AC:7A:C3:4F:A3:B6:C1:80:E5:D6:14:CF:0C:2C:0D:3D
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/4De-xqx6w0-jtsGA5dYUzwwsDT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5a44::/32
Signature Algorithm: sha256WithRSAEncryption
98:f6:cb:e6:f1:77:b8:46:66:6a:97:1e:85:32:f8:7e:60:e9:
22:70:8b:71:ef:6e:05:29:3b:84:d6:52:5b:9d:47:1e:44:1a:
55:70:2d:1f:4c:75:fd:b0:39:3b:da:c6:10:82:f0:5c:cf:6b:
eb:da:08:81:77:39:15:8c:5d:10:7f:f1:18:a3:13:26:68:6c:
42:9f:2d:99:23:20:f2:36:1f:5c:c7:6a:79:42:df:66:cb:be:
d4:63:e1:74:6e:28:50:2b:87:61:3a:f6:cc:c2:fa:4d:66:e4:
32:48:a3:ff:ee:11:83:e2:33:2e:66:2d:81:04:6d:24:9e:4a:
a9:38:f5:ac:ec:1c:9e:8e:79:aa:6f:bb:d0:a5:be:d5:36:a1:
91:a0:f6:a3:65:69:b8:c1:13:3e:fd:c0:02:d2:5f:5e:db:ee:
c0:6b:30:94:8a:b9:bf:9b:db:59:45:bb:2c:92:3c:63:ec:c4:
bf:cb:fa:cb:a5:62:82:98:c8:08:3b:94:44:0e:8c:4c:a6:cb:
8c:43:93:8e:ff:7e:d7:1a:66:3c:e2:e1:91:ed:63:28:81:3e:
82:fa:b5:27:d5:0b:d3:9a:f1:73:7c:cc:e1:72:41:24:9e:7a:
b0:b0:52:52:3d:8e:09:7e:6c:a2:6e:91:5b:ff:e4:44:a4:8e:
48:9d:25:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYy1f8MCMIwuOr3Gn71/jVhdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjMxMjI5MTIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDM3YmVjNmFjN2FjMzRmYTNiNmMxODBlNWQ2MTRjZjBjMmMwZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAGHHMa5CYzPuIu7HvWRyTLrmK2v
RxuPEYlOtmUMyhhUx+XvvPHzS6hh9uIn4fGxM/zYb8babC3wNstId7pB7jS9y9cK
DXJFY3Fq4Vom7HQMh2/A0O4Q/gXGLbdCziWAWbNzLa9guXwW4dv3osWHWfoqBpYL
XpWyy+Bnc5/NwCmvE5R1q4nwW6h00hL+Y8jf9yOLuAZ4F9u5hDklKQRqlIvV6UNw
GXD63bfX9fJzr7xJRMAwIdF8dMz6mt+OOguMts9mDvhXZKrncpg+WP4GTgdfGSsg
xOb+y6VtVjIV/T/r6o+FRpDmvUmyg//6sofbTNURs5XdjNV6+bHvzlE7bQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOA3vsasesNPo7bBgOXWFM8MLA09MB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvNERlLXhxeDZ3MC1qdHNHQTVkWVV6d3dzRFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFaRDAN
BgkqhkiG9w0BAQsFAAOCAQEAmPbL5vF3uEZmapcehTL4fmDpInCLce9uBSk7hNZS
W51HHkQaVXAtH0x1/bA5O9rGEILwXM9r69oIgXc5FYxdEH/xGKMTJmhsQp8tmSMg
8jYfXMdqeULfZsu+1GPhdG4oUCuHYTr2zML6TWbkMkij/+4Rg+IzLmYtgQRtJJ5K
qTj1rOwcno55qm+70KW+1TahkaD2o2VpuMETPv3AAtJfXtvuwGswlIq5v5vbWUW7
LJI8Y+zEv8v6y6VigpjICDuURA6MTKbLjEOTjv9+1xpmPOLhke1jKIE+gvq1J9UL
05rxc3zM4XJBJJ56sLBSUj2OCX5som6RW//kRKSOSJ0law==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:01 2025 by rpki-client