Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/gr73sRngVU47WroDREizViQmP24.roa
File: gr73sRngVU47WroDREizViQmP24.roa (raw, json)
Hash identifier: YmLDhkeE8hO/4tcAghzs8mV1jHjMHSgn6H9XmQo2j6k=
Subject key identifier: 82:BE:F7:B1:19:E0:55:4E:3B:5A:BA:03:44:48:B3:56:24:26:3F:6E
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 018B95F139A8A45203CFB633E9997ED24068
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/gr73sRngVU47WroDREizViQmP24.roa
Signing time: Fri 03 Nov 2023 16:08:15 +0000
ROA not before: Fri 03 Nov 2023 16:08:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201642
IP address blocks: 2a14:3200::/32 maxlen: 32
2a14:3200:2a14::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:f1:39:a8:a4:52:03:cf:b6:33:e9:99:7e:d2:40:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Nov 3 16:08:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82bef7b119e0554e3b5aba034448b35624263f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1a:40:5b:f3:d5:37:a2:e4:24:14:3f:e0:b1:
87:c8:79:75:a1:3b:94:a3:da:fc:22:50:a0:ec:3f:
5d:66:be:ba:49:ba:50:2a:6a:b5:44:d0:97:06:7a:
73:94:5c:81:86:e6:15:e0:25:02:64:cb:68:8a:38:
d9:74:2e:15:31:59:4e:4e:b2:10:28:74:ef:34:85:
8e:a8:83:3b:19:51:9d:74:f2:be:1c:5e:29:1c:84:
9d:8c:53:5f:15:fd:14:86:49:5b:1f:cc:4f:ff:ff:
a7:d5:1a:e2:03:47:21:e4:83:57:9e:b4:ab:d2:05:
34:36:80:23:79:67:92:10:b2:31:53:72:d6:72:bb:
7e:d3:e4:16:ec:97:ab:31:d3:96:db:2e:4c:df:63:
2d:79:19:56:eb:e9:ea:d6:ce:75:93:86:42:f6:3b:
f9:f4:09:d7:d8:4c:4d:03:73:51:44:e9:cd:d7:43:
61:ef:d8:c2:28:14:94:33:80:14:2a:35:e5:77:b5:
34:34:9b:14:00:03:36:62:7b:9e:06:6e:7a:f8:9b:
0f:6a:22:d0:91:55:b8:06:73:d0:69:d2:c7:2f:f1:
17:b8:38:8e:b9:b3:05:0a:cd:bd:07:14:02:54:5f:
f7:cd:bc:f7:27:b2:b9:fa:93:73:2a:c1:88:27:8f:
82:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BE:F7:B1:19:E0:55:4E:3B:5A:BA:03:44:48:B3:56:24:26:3F:6E
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/gr73sRngVU47WroDREizViQmP24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:3200::/32
Signature Algorithm: sha256WithRSAEncryption
16:df:0c:0f:9d:6f:95:8e:4f:52:34:96:ab:20:fb:29:35:dd:
c6:54:be:80:a1:bf:d2:f3:1a:08:9f:bc:5f:e7:69:39:51:09:
a7:f5:4d:40:84:eb:f0:22:d0:cb:98:d9:c7:81:d0:83:77:44:
98:5e:eb:8a:ab:5b:10:d4:c3:87:69:c6:9b:b8:ee:e3:6d:2b:
2e:20:ff:da:7e:43:92:9f:00:c1:2d:cc:64:ee:1d:90:08:bd:
4d:c5:a8:d5:8d:5c:17:b0:48:00:0b:9d:b5:c0:d7:5d:62:9c:
40:c4:70:05:15:78:8d:2e:50:f5:2c:98:cc:10:7d:ba:5d:df:
c3:7b:7e:dd:95:a1:5a:3f:a9:c5:71:ea:cc:8e:a5:f0:58:94:
20:aa:90:35:5f:ea:84:ff:dc:d6:55:c5:c0:6c:8e:c3:c4:1e:
c8:9f:c6:fd:97:57:a6:ff:eb:91:ad:c7:d2:fc:5e:d5:72:74:
16:2d:a7:76:14:e7:a2:c9:58:72:fd:e8:19:ce:68:4b:3d:3b:
ec:e0:fc:31:5e:07:60:b0:7f:63:03:18:65:37:bb:f0:40:29:
b0:d8:33:2e:da:a9:55:38:6c:a4:f4:20:5d:01:00:fe:c9:eb:
30:a5:bc:52:ee:d5:03:c4:1f:91:b7:af:5b:21:36:d9:d9:25:
1b:14:02:8b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuV8TmopFIDz7Yz6Zl+0kBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjMxMTAzMTYwODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmJlZjdiMTE5ZTA1NTRlM2I1YWJhMDM0NDQ4YjM1NjI0MjYzZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRpAW/PVN6LkJBQ/4LGHyHl1oTuU
o9r8IlCg7D9dZr66SbpQKmq1RNCXBnpzlFyBhuYV4CUCZMtoijjZdC4VMVlOTrIQ
KHTvNIWOqIM7GVGddPK+HF4pHISdjFNfFf0UhklbH8xP//+n1RriA0ch5INXnrSr
0gU0NoAjeWeSELIxU3LWcrt+0+QW7JerMdOW2y5M32MteRlW6+nq1s51k4ZC9jv5
9AnX2ExNA3NRROnN10Nh79jCKBSUM4AUKjXld7U0NJsUAAM2YnueBm56+JsPaiLQ
kVW4BnPQadLHL/EXuDiOubMFCs29BxQCVF/3zbz3J7K5+pNzKsGIJ4+CPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIK+97EZ4FVOO1q6A0RIs1YkJj9uMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvZ3I3M3NSbmdWVTQ3V3JvRFJFaXpWaVFtUDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhQyADAN
BgkqhkiG9w0BAQsFAAOCAQEAFt8MD51vlY5PUjSWqyD7KTXdxlS+gKG/0vMaCJ+8
X+dpOVEJp/VNQITr8CLQy5jZx4HQg3dEmF7riqtbENTDh2nGm7ju420rLiD/2n5D
kp8AwS3MZO4dkAi9TcWo1Y1cF7BIAAudtcDXXWKcQMRwBRV4jS5Q9SyYzBB9ul3f
w3t+3ZWhWj+pxXHqzI6l8FiUIKqQNV/qhP/c1lXFwGyOw8QeyJ/G/ZdXpv/rka3H
0vxe1XJ0Fi2ndhTnoslYcv3oGc5oSz077OD8MV4HYLB/YwMYZTe78EApsNgzLtqp
VThspPQgXQEA/snrMKW8Uu7VA8QfkbevWyE22dklGxQCiw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:12 2025 by rpki-client