Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/8WYhlQT5AjC41fUZOhw_JBlx9ko.roa
File: 8WYhlQT5AjC41fUZOhw_JBlx9ko.roa (raw, json)
Hash identifier: ubjjO+YAdh1FEUIcxc1GDBHYLJnPcHk70W2gCISQjs0=
Subject key identifier: F1:66:21:95:04:F9:02:30:B8:D5:F5:19:3A:1C:3F:24:19:71:F6:4A
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 018925F6B00DD555C815A1972A3372C6B47E
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/8WYhlQT5AjC41fUZOhw_JBlx9ko.roa
Signing time: Wed 05 Jul 2023 12:11:11 +0000
ROA not before: Wed 05 Jul 2023 12:11:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a13:85c0::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:f6:b0:0d:d5:55:c8:15:a1:97:2a:33:72:c6:b4:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Jul 5 12:11:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f166219504f90230b8d5f5193a1c3f241971f64a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a0:ba:5a:6e:de:af:1f:0a:db:52:32:9f:d1:
aa:62:9f:40:a2:7a:09:bb:cc:5a:0f:5c:a7:10:46:
a1:c5:ee:43:f0:e0:4a:f0:ce:a2:5f:7e:33:65:3e:
f1:7b:87:ec:1a:df:74:dd:0d:76:be:30:8f:4e:61:
0e:78:5d:c2:37:5d:10:a0:36:d3:2f:20:cd:83:33:
46:0b:0d:61:0e:f1:62:65:bb:ee:6c:07:93:81:fd:
bc:ad:9b:fe:09:b0:36:c3:ad:8b:37:1e:7a:22:65:
6c:ed:49:6a:45:f0:97:b8:8c:97:6c:b9:69:31:a0:
0b:37:90:42:53:fa:9e:ce:86:4d:4a:ab:09:d7:a5:
2b:73:54:0e:27:af:8f:5f:59:68:4a:21:0b:f4:42:
13:5f:b4:b9:45:9b:59:7e:25:5a:40:2d:14:2a:3d:
44:8b:3e:02:d9:75:b3:2a:71:d9:29:23:58:5d:d1:
70:9c:2a:3b:9f:07:cd:ed:14:aa:c2:6b:d9:a9:38:
25:6e:b6:e9:c9:56:a1:4a:61:3f:90:3a:97:c8:6a:
bd:bd:65:dd:c8:e5:4f:fa:4a:2a:7f:cc:3a:d8:7f:
7e:cf:21:7a:e8:cb:ba:ce:d5:ab:4f:b8:1b:1c:ae:
95:a8:fa:c5:c8:40:37:72:9a:c6:bf:87:00:85:c8:
af:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:66:21:95:04:F9:02:30:B8:D5:F5:19:3A:1C:3F:24:19:71:F6:4A
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/8WYhlQT5AjC41fUZOhw_JBlx9ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:85c0::/40
Signature Algorithm: sha256WithRSAEncryption
16:56:62:ba:f2:cd:71:9b:5f:83:f6:8b:24:93:89:92:ba:7a:
f5:29:e6:a7:f9:4a:1e:b5:ab:3a:aa:3b:ed:ae:0c:6d:39:bd:
3e:c4:55:71:65:21:80:d6:d8:b4:4b:12:89:e1:93:85:45:c7:
ad:42:07:53:d5:7b:55:98:cb:d0:32:6e:8b:d6:11:d7:40:3d:
ef:68:7b:19:b9:ca:bd:61:8c:6c:db:a7:07:1e:92:63:c0:38:
d8:b5:8e:15:cc:05:09:3c:b2:25:d6:99:c9:b9:76:9c:6b:f6:
e2:76:63:05:72:97:b9:21:6a:7b:2b:fd:6c:e5:97:ab:fe:53:
d7:45:64:12:75:56:76:1e:34:0e:ec:f3:7c:e3:b0:21:af:dc:
9b:f7:82:43:1c:bc:fe:a0:e2:86:90:69:56:d2:fa:83:f1:27:
ce:5b:7f:45:9a:2c:4f:9d:d4:bf:e8:7c:06:c7:59:6e:95:6f:
5a:e9:11:c0:b4:a2:67:17:aa:4a:e6:14:8b:10:37:7b:16:5d:
a5:33:c6:cc:0c:f0:62:ce:72:a2:35:de:77:1d:c5:0a:44:42:
5e:10:cf:6d:2e:78:fd:89:49:76:35:5b:0d:6d:4f:90:71:9b:
a9:e2:92:0a:e8:45:2f:ba:f5:6b:9a:09:f0:fc:70:fd:a5:e3:
bb:79:3c:03
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYkl9rAN1VXIFaGXKjNyxrR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjMwNzA1MTIxMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTY2MjE5NTA0ZjkwMjMwYjhkNWY1MTkzYTFjM2YyNDE5NzFmNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqC6Wm7erx8K21Iyn9GqYp9AonoJ
u8xaD1ynEEahxe5D8OBK8M6iX34zZT7xe4fsGt903Q12vjCPTmEOeF3CN10QoDbT
LyDNgzNGCw1hDvFiZbvubAeTgf28rZv+CbA2w62LNx56ImVs7UlqRfCXuIyXbLlp
MaALN5BCU/qezoZNSqsJ16Urc1QOJ6+PX1loSiEL9EITX7S5RZtZfiVaQC0UKj1E
iz4C2XWzKnHZKSNYXdFwnCo7nwfN7RSqwmvZqTglbrbpyVahSmE/kDqXyGq9vWXd
yOVP+koqf8w62H9+zyF66Mu6ztWrT7gbHK6VqPrFyEA3cprGv4cAhcivFQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPFmIZUE+QIwuNX1GTocPyQZcfZKMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvOFdZaGxRVDVBakM0MWZVWk9od19KQmx4OWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOFwAAw
DQYJKoZIhvcNAQELBQADggEBABZWYrryzXGbX4P2iySTiZK6evUp5qf5Sh61qzqq
O+2uDG05vT7EVXFlIYDW2LRLEonhk4VFx61CB1PVe1WYy9AybovWEddAPe9oexm5
yr1hjGzbpwcekmPAONi1jhXMBQk8siXWmcm5dpxr9uJ2YwVyl7khansr/Wzll6v+
U9dFZBJ1VnYeNA7s83zjsCGv3Jv3gkMcvP6g4oaQaVbS+oPxJ85bf0WaLE+d1L/o
fAbHWW6Vb1rpEcC0omcXqkrmFIsQN3sWXaUzxswM8GLOcqI13ncdxQpEQl4Qz20u
eP2JSXY1Ww1tT5Bxm6nikgroRS+69WuaCfD8cP2l47t5PAM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:48:06 2025 by rpki-client