Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/gRWdBosM3ZVZg3XixmuyKoOexi0.roa
File: gRWdBosM3ZVZg3XixmuyKoOexi0.roa (raw, json)
Hash identifier: yafBasAhrtR/9nYWbiwgIZn3ZQawa1L9mZvuWt2Upw0=
Subject key identifier: 81:15:9D:06:8B:0C:DD:95:59:83:75:E2:C6:6B:B2:2A:83:9E:C6:2D
Certificate issuer: /CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Certificate serial: 01840C7446160BF221AA8BEC7312292D97F9
Authority key identifier: 0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/gRWdBosM3ZVZg3XixmuyKoOexi0.roa
Signing time: Tue 25 Oct 2022 00:04:17 +0000
ROA not before: Tue 25 Oct 2022 00:04:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209968
IP address blocks: 2a0e:48c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0c:74:46:16:0b:f2:21:aa:8b:ec:73:12:29:2d:97:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Validity
Not Before: Oct 25 00:04:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81159d068b0cdd95598375e2c66bb22a839ec62d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:01:ca:4e:3e:cc:ab:29:99:aa:96:ea:8a:dc:
e8:bf:7d:a0:18:7a:71:2f:9d:4b:83:c4:3c:68:05:
d6:46:63:58:d2:ab:0b:a8:94:dc:97:d6:b1:ce:f1:
69:a2:f0:d5:7d:bd:bc:1a:50:26:d2:54:7b:c8:c1:
9b:71:e9:64:0f:88:7f:57:8f:68:c5:ee:26:91:df:
2d:ff:9f:a4:ff:64:29:4b:fe:c6:98:7f:91:bb:3a:
31:80:12:c5:6a:f2:c8:96:58:24:63:66:3a:b6:11:
81:3e:20:5f:fb:9c:9f:ab:e5:89:c9:5a:d9:f5:95:
6a:44:80:5f:be:e9:2f:18:3f:3a:27:c6:e0:a7:80:
8c:a4:11:8d:4a:4f:4d:18:5e:5e:eb:96:dd:b0:4a:
45:f1:cf:ab:98:95:aa:b6:3d:3c:4a:a4:ee:7c:ee:
bb:09:95:c4:92:b6:30:cf:c1:6c:a3:ab:b2:0f:56:
f4:62:c5:59:7f:da:80:e5:86:5d:eb:7c:ae:c6:c4:
d7:f0:c4:ee:87:e5:2f:28:17:05:26:03:d8:d1:91:
ba:30:ad:bf:6a:b0:51:be:81:3f:0c:45:d1:55:2c:
2a:af:95:91:51:de:a0:ae:23:34:eb:1c:b8:7b:fc:
a0:67:6c:e4:cf:fc:2f:b0:0e:8a:ae:30:0e:3a:a4:
ec:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:15:9D:06:8B:0C:DD:95:59:83:75:E2:C6:6B:B2:2A:83:9E:C6:2D
X509v3 Authority Key Identifier:
keyid:0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/gRWdBosM3ZVZg3XixmuyKoOexi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
4c:ce:f7:92:ba:3e:7f:12:7c:ba:5b:da:f8:e2:84:b6:a4:1f:
98:c3:7f:80:f4:c2:7c:9e:e9:8d:b2:22:77:56:9c:15:d1:9e:
18:0e:e2:e6:67:bd:e6:72:1b:18:42:e8:22:68:cb:03:2f:f7:
08:ac:06:c8:4d:af:aa:90:60:50:2c:8f:3f:65:fb:f6:5e:2f:
fe:83:ae:6c:54:95:82:53:41:31:12:23:03:fa:0e:6a:76:51:
71:08:42:b6:66:c3:66:4e:50:ef:47:d9:c7:fd:36:d7:8c:08:
69:b6:79:3d:91:86:ff:9b:d3:01:f2:81:6b:e3:cb:f5:3c:f5:
cb:8a:78:2a:7c:c1:3e:4f:24:f3:55:06:37:ce:45:cf:58:28:
a3:b9:79:4d:9b:af:45:c3:a5:1e:50:f9:3f:6e:dc:6d:ae:6d:
9f:be:76:61:1f:04:28:67:7d:48:ff:da:5f:be:cc:83:bf:9a:
c9:5b:49:3f:41:9e:98:69:ca:da:b3:83:cb:e3:54:f9:32:e8:
c8:f5:1b:a2:ab:d1:84:15:c6:11:6a:c5:ed:a0:1b:97:43:8d:
ec:e6:65:ac:67:9f:53:84:df:00:a2:dc:34:d5:50:28:94:13:
af:09:31:6a:82:fe:df:70:e2:3a:44:9b:2b:b4:b4:da:11:cc:
40:f0:ab:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQMdEYWC/IhqovscxIpLZf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjNlNzNhYThiN2YwYWYzYmQ4NDAwNTcyZGFlNzJiMGQ0
NmY1NWMwHhcNMjIxMDI1MDAwNDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTE1OWQwNjhiMGNkZDk1NTk4Mzc1ZTJjNjZiYjIyYTgzOWVjNjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wHKTj7MqymZqpbqitzov32gGHpx
L51Lg8Q8aAXWRmNY0qsLqJTcl9axzvFpovDVfb28GlAm0lR7yMGbcelkD4h/V49o
xe4mkd8t/5+k/2QpS/7GmH+RuzoxgBLFavLIllgkY2Y6thGBPiBf+5yfq+WJyVrZ
9ZVqRIBfvukvGD86J8bgp4CMpBGNSk9NGF5e65bdsEpF8c+rmJWqtj08SqTufO67
CZXEkrYwz8Fso6uyD1b0YsVZf9qA5YZd63yuxsTX8MTuh+UvKBcFJgPY0ZG6MK2/
arBRvoE/DEXRVSwqr5WRUd6griM06xy4e/ygZ2zkz/wvsA6KrjAOOqTskwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIEVnQaLDN2VWYN14sZrsiqDnsYtMB8GA1UdIwQY
MBaAFAuz5zqot/CvO9hABXLa5ysNRvVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzIt
YWQyOGZhOTY2YjUxLzEvZ1JXZEJvc00zWlZaZzNYaXhtdXlLb09leGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzItYWQyOGZhOTY2YjUx
LzEvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5IwDAN
BgkqhkiG9w0BAQsFAAOCAQEATM73kro+fxJ8ulva+OKEtqQfmMN/gPTCfJ7pjbIi
d1acFdGeGA7i5me95nIbGELoImjLAy/3CKwGyE2vqpBgUCyPP2X79l4v/oOubFSV
glNBMRIjA/oOanZRcQhCtmbDZk5Q70fZx/0214wIabZ5PZGG/5vTAfKBa+PL9Tz1
y4p4KnzBPk8k81UGN85Fz1goo7l5TZuvRcOlHlD5P27cba5tn752YR8EKGd9SP/a
X77Mg7+ayVtJP0GemGnK2rODy+NU+TLoyPUboqvRhBXGEWrF7aAbl0ON7OZlrGef
U4TfAKLcNNVQKJQTrwkxaoL+33DiOkSbK7S02hHMQPCrGg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:25 2025 by rpki-client