Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/DUKJe5nBJGVFgFbhWXHhok9lQ_Y.roa
File: DUKJe5nBJGVFgFbhWXHhok9lQ_Y.roa (raw, json)
Hash identifier: 0iwH84ldxHwhpsutkb9JkQbrIfqLnCCaNav9O6OH9A8=
Subject key identifier: 0D:42:89:7B:99:C1:24:65:45:80:56:E1:59:71:E1:A2:4F:65:43:F6
Certificate issuer: /CN=881721281ffba5713e9d052af6fe6d1b040a2a39
Certificate serial: 01856D6F888AF683C774879B28150F50435F
Authority key identifier: 88:17:21:28:1F:FB:A5:71:3E:9D:05:2A:F6:FE:6D:1B:04:0A:2A:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBchKB_7pXE-nQUq9v5tGwQKKjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/DUKJe5nBJGVFgFbhWXHhok9lQ_Y.roa
Signing time: Sun 01 Jan 2023 13:05:04 +0000
ROA not before: Sun 01 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34655
IP address blocks: 2a03:9c40:800::/48 maxlen: 48
2a03:9c40:600::/48 maxlen: 48
2a03:9c40:400::/48 maxlen: 48
2a03:9c40:200::/48 maxlen: 48
2a03:9c40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:88:8a:f6:83:c7:74:87:9b:28:15:0f:50:43:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881721281ffba5713e9d052af6fe6d1b040a2a39
Validity
Not Before: Jan 1 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d42897b99c12465458056e15971e1a24f6543f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:23:23:d8:12:28:3b:d6:2a:2e:59:bc:8f:21:
35:a4:ae:67:ae:52:41:0f:d6:c8:2f:22:53:df:bb:
44:74:d5:2d:6c:6a:2f:24:9c:c0:a0:2e:7f:65:bf:
3e:51:30:c1:cd:55:f2:99:bf:7a:25:7d:e3:af:f7:
79:4e:ae:aa:62:2d:75:9d:4e:b2:9a:39:f5:f9:8f:
71:3f:1c:dd:0f:f2:f2:00:42:18:cb:bb:19:3e:fc:
e9:00:e6:4b:cc:43:df:f8:83:65:52:ee:b6:aa:3e:
e7:39:85:b9:86:b3:72:03:88:69:88:4f:5d:73:4c:
4d:67:80:1a:84:4e:b3:e4:3c:b9:df:ba:71:24:c9:
b7:27:c5:16:41:fe:19:ce:fd:31:f4:bc:19:25:56:
7c:57:1b:b1:89:53:ce:7b:b4:80:c7:b2:ee:f2:46:
0b:5c:b8:e6:cd:f5:c4:e9:31:c2:9a:9c:0d:57:cb:
a1:e0:1f:6d:c1:11:80:7a:88:0e:5f:a9:92:f1:14:
60:dc:95:1e:62:f9:4e:7c:65:32:ae:e4:24:40:a7:
4b:2f:0f:80:7e:5f:92:96:66:d1:22:87:95:a6:a7:
df:6e:fd:ac:54:26:0b:be:d0:78:6b:b3:13:b1:09:
2f:9d:a1:76:dd:5a:c7:0a:cf:19:dc:e0:c4:83:8e:
9b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:42:89:7B:99:C1:24:65:45:80:56:E1:59:71:E1:A2:4F:65:43:F6
X509v3 Authority Key Identifier:
keyid:88:17:21:28:1F:FB:A5:71:3E:9D:05:2A:F6:FE:6D:1B:04:0A:2A:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBchKB_7pXE-nQUq9v5tGwQKKjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/DUKJe5nBJGVFgFbhWXHhok9lQ_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/iBchKB_7pXE-nQUq9v5tGwQKKjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9c40::/48
2a03:9c40:200::/48
2a03:9c40:400::/48
2a03:9c40:600::/48
2a03:9c40:800::/48
Signature Algorithm: sha256WithRSAEncryption
5a:ef:d0:26:dc:a0:19:42:ca:a5:6f:7d:5b:b6:5f:15:6d:78:
7b:12:e6:7b:fe:81:e0:17:c0:6a:db:cf:74:08:60:ff:c4:ab:
28:46:69:9d:3d:11:0c:69:6c:e5:f3:3a:3b:92:d2:e2:13:56:
1f:f1:90:4e:d8:2c:ba:ef:d7:0f:fe:e8:9c:da:30:8f:1f:f5:
c0:ed:01:bb:6f:20:89:d0:67:e3:e9:4d:14:e8:8c:62:0d:df:
6e:25:d0:88:75:9c:a1:8a:83:94:64:12:63:87:c6:39:2d:a1:
53:e5:2a:59:78:14:e0:fc:06:21:fd:29:87:d3:c1:14:6d:66:
7c:8b:da:ea:60:71:1e:ca:4f:25:c2:65:22:12:d0:08:e5:e4:
ed:98:4c:af:be:cf:83:ea:45:c0:72:94:85:58:03:ba:a3:d2:
bb:ba:08:9c:60:e5:c9:22:69:64:8d:ec:a2:0b:4e:ce:b4:73:
01:fa:ae:aa:1a:72:dc:1b:c7:93:c2:7c:4c:da:f2:83:a2:da:
67:37:33:11:21:94:1f:77:1b:08:44:f5:61:7c:62:62:60:a7:
7e:77:f8:a3:a0:66:0d:52:65:05:21:a8:d3:d2:dc:70:f9:db:
ed:31:9e:b0:cf:7c:cf:8e:ba:ad:c6:a8:1e:26:15:8e:1f:90:
5d:06:a8:27
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVtb4iK9oPHdIebKBUPUENfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTcyMTI4MWZmYmE1NzEzZTlkMDUyYWY2ZmU2ZDFiMDQw
YTJhMzkwHhcNMjMwMTAxMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQyODk3Yjk5YzEyNDY1NDU4MDU2ZTE1OTcxZTFhMjRmNjU0M2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyMj2BIoO9YqLlm8jyE1pK5nrlJB
D9bILyJT37tEdNUtbGovJJzAoC5/Zb8+UTDBzVXymb96JX3jr/d5Tq6qYi11nU6y
mjn1+Y9xPxzdD/LyAEIYy7sZPvzpAOZLzEPf+INlUu62qj7nOYW5hrNyA4hpiE9d
c0xNZ4AahE6z5Dy537pxJMm3J8UWQf4Zzv0x9LwZJVZ8VxuxiVPOe7SAx7Lu8kYL
XLjmzfXE6THCmpwNV8uh4B9twRGAeogOX6mS8RRg3JUeYvlOfGUyruQkQKdLLw+A
fl+SlmbRIoeVpqffbv2sVCYLvtB4a7MTsQkvnaF23VrHCs8Z3ODEg46bywIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFA1CiXuZwSRlRYBW4Vlx4aJPZUP2MB8GA1UdIwQY
MBaAFIgXISgf+6VxPp0FKvb+bRsECio5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJjaEtCXzdwWEUtblFVcTl2NXRHd1FLS2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84YzgzZmQtNTJiNS00MGJiLTk5NjMt
NDg4NzNiYWE2OWE3LzEvRFVLSmU1bkJKR1ZGZ0ZiaFdYSGhvazlsUV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84YzgzZmQtNTJiNS00MGJiLTk5NjMtNDg4NzNiYWE2OWE3
LzEvaUJjaEtCXzdwWEUtblFVcTl2NXRHd1FLS2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKgOcQAAA
AwcAKgOcQAIAAwcAKgOcQAQAAwcAKgOcQAYAAwcAKgOcQAgAMA0GCSqGSIb3DQEB
CwUAA4IBAQBa79Am3KAZQsqlb31btl8VbXh7EuZ7/oHgF8Bq2890CGD/xKsoRmmd
PREMaWzl8zo7ktLiE1Yf8ZBO2Cy679cP/uic2jCPH/XA7QG7byCJ0Gfj6U0U6Ixi
Dd9uJdCIdZyhioOUZBJjh8Y5LaFT5SpZeBTg/AYh/SmH08EUbWZ8i9rqYHEeyk8l
wmUiEtAI5eTtmEyvvs+D6kXAcpSFWAO6o9K7ugicYOXJImlkjeyiC07OtHMB+q6q
GnLcG8eTwnxM2vKDotpnNzMRIZQfdxsIRPVhfGJiYKd+d/ijoGYNUmUFIajT0txw
+dvtMZ6wz3zPjrqtxqgeJhWOH5BdBqgn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:23 2025 by rpki-client