Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/RfsbMdywNxXunSe1P6_NkosC07E.roa
File: RfsbMdywNxXunSe1P6_NkosC07E.roa (raw, json)
Hash identifier: BkABe86mF4ooJ8PtzWxmAR76VqR8ybQUIBf1Y8WPw64=
Subject key identifier: 45:FB:1B:31:DC:B0:37:15:EE:9D:27:B5:3F:AF:CD:92:8B:02:D3:B1
Certificate issuer: /CN=70bf553042f1a43827dc034500bbd1068a7297ca
Certificate serial: 0185106C077488EDED82A3DEB5FE02C73795
Authority key identifier: 70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/RfsbMdywNxXunSe1P6_NkosC07E.roa
Signing time: Wed 14 Dec 2022 11:36:33 +0000
ROA not before: Wed 14 Dec 2022 11:36:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207137
IP address blocks: 2a13:240:2::/48 maxlen: 48
2a13:240::/48 maxlen: 48
2a13:240:3::/48 maxlen: 48
2a13:240:1::/48 maxlen: 48
2a13:240:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:10:6c:07:74:88:ed:ed:82:a3:de:b5:fe:02:c7:37:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70bf553042f1a43827dc034500bbd1068a7297ca
Validity
Not Before: Dec 14 11:36:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=45fb1b31dcb03715ee9d27b53fafcd928b02d3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:89:03:0f:f3:61:73:51:e3:9e:8a:2e:01:ce:
1a:f1:30:70:43:e3:70:76:31:a8:93:d0:c7:26:69:
df:9d:5c:f1:a3:94:bd:26:a4:6f:5f:b7:5f:7d:13:
dd:45:cb:7c:08:65:4c:57:b1:00:65:36:ab:b3:7e:
53:e6:e5:8e:99:62:1c:27:47:6c:1b:60:0e:d2:4c:
44:10:b5:69:c8:7f:fe:1b:d7:dd:f0:a2:d0:ae:3c:
1a:b2:1c:fd:5c:f5:28:50:7e:3a:cd:36:01:34:29:
27:44:18:74:81:05:b0:4b:5e:3b:52:a2:c7:98:55:
d5:c4:83:8c:7c:4e:c1:85:a4:f4:8e:d3:1a:27:23:
c9:15:e1:f6:ff:cf:6c:3f:fa:85:fc:ea:72:e6:c1:
01:bc:e1:4e:82:88:49:14:d2:6c:af:a5:fb:5f:0c:
11:2b:f8:3a:aa:72:e9:f3:88:5d:40:6c:81:f5:d4:
10:1b:fb:f0:c6:00:4b:70:44:ed:ca:cb:5d:3a:80:
87:76:63:5f:45:f5:d6:af:ab:f3:2f:6f:9f:50:9e:
65:d2:85:e2:aa:86:d8:65:e4:8c:0f:f0:d7:b6:ac:
fc:a5:35:2f:93:55:e5:19:46:05:55:59:01:03:6a:
1d:0b:fe:c1:6d:72:dc:b5:12:1d:62:c6:e3:d2:8f:
b2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:FB:1B:31:DC:B0:37:15:EE:9D:27:B5:3F:AF:CD:92:8B:02:D3:B1
X509v3 Authority Key Identifier:
keyid:70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/RfsbMdywNxXunSe1P6_NkosC07E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:240::-2a13:240:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
dd:cd:65:8f:e8:7e:b8:b1:18:69:c2:ad:da:25:cd:33:24:3e:
1c:5f:b8:c8:7b:45:c4:f8:2c:be:38:65:60:35:37:9c:3f:36:
49:09:1c:9b:7c:3c:fd:6a:0c:43:1f:ad:53:e0:ca:e4:7c:fc:
97:a1:1a:69:3e:55:1e:bf:20:98:6e:57:45:57:c3:4c:c9:7e:
d0:dc:d0:91:e1:50:4d:ef:7b:f1:91:78:ee:c5:81:a0:de:ee:
96:e4:63:c1:96:cf:41:14:98:44:4f:01:5d:cd:ba:06:04:6a:
ed:de:f5:43:04:83:34:f1:a7:da:29:91:fd:4f:3c:28:6c:47:
98:5e:07:ed:ed:31:63:e0:cd:fc:47:be:42:3b:33:53:79:3f:
90:56:cf:c1:c8:9b:e9:fd:02:eb:f8:01:82:23:82:1d:40:12:
22:98:76:6a:f7:5d:70:74:f6:29:11:b3:a5:ef:15:f8:67:bf:
90:40:85:59:14:88:7a:0e:bb:c4:b5:85:2a:e1:e1:58:22:0d:
ee:95:c5:48:f0:78:b3:99:d1:c5:90:53:7f:1f:12:1d:5a:17:
b1:a0:84:5e:8c:22:cf:2a:0d:17:7c:29:99:ba:85:57:cb:83:
3b:32:c2:6e:d6:35:64:90:fd:2c:56:a3:69:ce:f5:d0:5a:29:
4a:ee:88:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUQbAd0iO3tgqPetf4CxzeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmY1NTMwNDJmMWE0MzgyN2RjMDM0NTAwYmJkMTA2OGE3
Mjk3Y2EwHhcNMjIxMjE0MTEzNjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWZiMWIzMWRjYjAzNzE1ZWU5ZDI3YjUzZmFmY2Q5MjhiMDJkM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuokDD/Nhc1HjnoouAc4a8TBwQ+Nw
djGok9DHJmnfnVzxo5S9JqRvX7dffRPdRct8CGVMV7EAZTars35T5uWOmWIcJ0ds
G2AO0kxEELVpyH/+G9fd8KLQrjwashz9XPUoUH46zTYBNCknRBh0gQWwS147UqLH
mFXVxIOMfE7BhaT0jtMaJyPJFeH2/89sP/qF/Opy5sEBvOFOgohJFNJsr6X7XwwR
K/g6qnLp84hdQGyB9dQQG/vwxgBLcETtystdOoCHdmNfRfXWr6vzL2+fUJ5l0oXi
qobYZeSMD/DXtqz8pTUvk1XlGUYFVVkBA2odC/7BbXLctRIdYsbj0o+yPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEX7GzHcsDcV7p0ntT+vzZKLAtOxMB8GA1UdIwQY
MBaAFHC/VTBC8aQ4J9wDRQC70QaKcpfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYt
NTM1ODQwMWZiNzk2LzEvUmZzYk1keXdOeFh1blNlMVA2X05rb3NDMDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYtNTM1ODQwMWZiNzk2
LzEvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBQYqEwJA
AwcAKhMCQAAEMA0GCSqGSIb3DQEBCwUAA4IBAQDdzWWP6H64sRhpwq3aJc0zJD4c
X7jIe0XE+Cy+OGVgNTecPzZJCRybfDz9agxDH61T4MrkfPyXoRppPlUevyCYbldF
V8NMyX7Q3NCR4VBN73vxkXjuxYGg3u6W5GPBls9BFJhETwFdzboGBGrt3vVDBIM0
8afaKZH9TzwobEeYXgft7TFj4M38R75COzNTeT+QVs/ByJvp/QLr+AGCI4IdQBIi
mHZq911wdPYpEbOl7xX4Z7+QQIVZFIh6DrvEtYUq4eFYIg3ulcVI8HizmdHFkFN/
HxIdWhexoIRejCLPKg0XfCmZuoVXy4M7MsJu1jVkkP0sVqNpzvXQWilK7oha
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:21:49 2025 by rpki-client