Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/4k1HTn4XyXEU9pscZlq-Kq8BOSU.roa
File: 4k1HTn4XyXEU9pscZlq-Kq8BOSU.roa (raw, json)
Hash identifier: ymVPvaPPjGkiJ0YaEYtF+TRUDJOm2TZ75dXbbTHcprM=
Subject key identifier: E2:4D:47:4E:7E:17:C9:71:14:F6:9B:1C:66:5A:BE:2A:AF:01:39:25
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 018B4755CA8BDCBE0FF0A8F3DDA3AAC7779B
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/4k1HTn4XyXEU9pscZlq-Kq8BOSU.roa
Signing time: Thu 19 Oct 2023 09:48:06 +0000
ROA not before: Thu 19 Oct 2023 09:48:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216334
IP address blocks: 2a12:b3c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:55:ca:8b:dc:be:0f:f0:a8:f3:dd:a3:aa:c7:77:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Oct 19 09:48:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e24d474e7e17c97114f69b1c665abe2aaf013925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5b:c0:2f:a0:be:23:26:d1:d6:88:9d:75:5e:
c7:3e:8f:94:2e:0d:f5:26:08:38:c4:d8:cd:1e:be:
b8:5a:c3:69:87:69:70:4c:1a:e2:30:67:7b:2d:5e:
44:47:65:f0:ce:ba:db:b6:36:05:a1:94:51:be:90:
2d:ba:36:c3:1b:b2:41:d8:30:df:ff:4e:37:ad:36:
15:31:43:55:59:dc:d5:7b:3c:05:b8:e0:13:cd:fc:
cf:c1:48:b8:a1:ad:26:33:d7:d0:90:9b:14:74:e3:
cf:6c:49:2b:a4:df:2f:e7:99:58:79:70:79:aa:2b:
7b:44:40:e4:ad:71:4e:0f:d4:b6:c5:21:4a:8d:ac:
13:dc:47:68:1a:99:2b:dc:43:76:e1:79:89:d6:41:
9c:e4:08:e1:7e:4c:0a:45:48:67:28:59:15:1a:06:
1b:14:2f:a9:08:c1:31:77:53:8e:ff:65:37:d5:94:
be:0e:b0:bb:a7:af:5f:b7:6e:87:2a:10:95:d5:4e:
dd:61:b4:68:8f:4a:ef:12:a3:b8:b5:db:37:4e:e6:
a4:65:15:32:0f:48:6f:e7:26:62:50:3e:8e:8f:36:
c5:bf:b6:0a:3d:b2:1f:9b:2d:84:d4:73:44:54:3f:
76:47:6c:cc:e9:4a:5e:a2:68:2b:53:18:2e:c1:d9:
ba:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4D:47:4E:7E:17:C9:71:14:F6:9B:1C:66:5A:BE:2A:AF:01:39:25
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/4k1HTn4XyXEU9pscZlq-Kq8BOSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:b3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
a1:a8:b4:4e:0d:15:57:6d:6a:93:74:49:91:23:d0:26:24:70:
e1:7d:58:55:0f:ca:cb:cd:09:5b:0a:ad:8d:d5:16:ed:63:b0:
b6:7c:87:6f:18:92:4a:ed:73:00:fa:26:dd:bf:d0:4a:85:bd:
bb:8d:75:3f:b4:39:92:1f:41:fa:31:14:3a:27:94:6b:6c:f4:
1e:9a:c6:e9:e7:4d:15:af:b5:28:0a:83:0e:fc:35:52:6f:f0:
46:d7:a9:20:08:ee:39:b7:7b:9f:ec:3e:4d:b9:71:21:83:58:
b2:3c:d2:64:bd:8d:07:7d:3b:13:4f:c0:da:de:e8:02:ed:ee:
6c:e4:37:aa:86:4d:9f:7c:d1:9b:33:d3:60:9e:c3:9a:8f:13:
e2:cf:c7:44:0a:a2:fd:cc:40:f9:4d:62:5e:d8:96:79:d1:69:
82:de:a2:2a:c0:78:de:5d:89:19:8b:6f:c3:3d:44:02:52:17:
4b:51:5f:d4:cf:12:7b:99:e1:63:45:77:9e:3e:ef:c3:01:40:
1c:5e:c7:3e:09:e6:31:fd:fe:da:99:1b:15:8f:0f:aa:00:1a:
61:76:23:bf:1f:ff:d7:a9:52:dc:d7:c3:4f:d4:ff:79:0e:56:
a4:5e:57:69:da:69:13:65:85:a3:88:91:d3:45:fe:10:a5:30:
2e:9c:4b:af
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtHVcqL3L4P8Kjz3aOqx3ebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjMxMDE5MDk0ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjRkNDc0ZTdlMTdjOTcxMTRmNjliMWM2NjVhYmUyYWFmMDEzOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklvAL6C+IybR1oiddV7HPo+ULg31
Jgg4xNjNHr64WsNph2lwTBriMGd7LV5ER2XwzrrbtjYFoZRRvpAtujbDG7JB2DDf
/043rTYVMUNVWdzVezwFuOATzfzPwUi4oa0mM9fQkJsUdOPPbEkrpN8v55lYeXB5
qit7REDkrXFOD9S2xSFKjawT3EdoGpkr3EN24XmJ1kGc5AjhfkwKRUhnKFkVGgYb
FC+pCMExd1OO/2U31ZS+DrC7p69ft26HKhCV1U7dYbRoj0rvEqO4tds3TuakZRUy
D0hv5yZiUD6OjzbFv7YKPbIfmy2E1HNEVD92R2zM6UpeomgrUxguwdm6PQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOJNR05+F8lxFPabHGZaviqvATklMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvNGsxSFRuNFh5WEVVOXBzY1pscS1LcThCT1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKzwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQChqLRODRVXbWqTdEmRI9AmJHDhfVhVD8rLzQlb
Cq2N1RbtY7C2fIdvGJJK7XMA+ibdv9BKhb27jXU/tDmSH0H6MRQ6J5RrbPQemsbp
500Vr7UoCoMO/DVSb/BG16kgCO45t3uf7D5NuXEhg1iyPNJkvY0HfTsTT8Da3ugC
7e5s5Deqhk2ffNGbM9NgnsOajxPiz8dECqL9zED5TWJe2JZ50WmC3qIqwHjeXYkZ
i2/DPUQCUhdLUV/UzxJ7meFjRXeePu/DAUAcXsc+CeYx/f7amRsVjw+qABphdiO/
H//XqVLc18NP1P95DlakXldp2mkTZYWjiJHTRf4QpTAunEuv
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:24 2025 by rpki-client