Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/25BN5MlIY8ePFuF0QYQoetPZMN0.roa
File: 25BN5MlIY8ePFuF0QYQoetPZMN0.roa (raw, json)
Hash identifier: 1cLBQSzATqhs4tbyWOadHYRkvLfQmjeYWgsLwkRbtUs=
Subject key identifier: DB:90:4D:E4:C9:48:63:C7:8F:16:E1:74:41:84:28:7A:D3:D9:30:DD
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAD90CB57A403D16DF21E7B76D225E
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/25BN5MlIY8ePFuF0QYQoetPZMN0.roa
Signing time: Sun 01 Jan 2023 14:44:48 +0000
ROA not before: Sun 01 Jan 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12768
IP address blocks: 2a02:2698::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:d9:0c:b5:7a:40:3d:16:df:21:e7:b7:6d:22:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db904de4c94863c78f16e1744184287ad3d930dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:31:38:4c:0b:ef:32:f3:0a:01:46:37:63:9c:
5e:cc:d3:3d:92:90:41:44:8c:2f:12:b0:27:fa:7e:
9d:ce:a8:91:02:c4:a5:49:4c:c6:24:23:5a:8c:1e:
f0:dd:03:d7:5a:3d:0d:02:6e:99:83:62:47:fc:14:
e6:c6:ed:a1:80:fb:f7:2c:38:17:24:a0:db:3e:5c:
72:dd:21:18:43:d5:3c:2f:c5:49:3a:27:a0:a6:54:
00:cd:30:9e:23:5a:2b:9c:72:57:91:e7:48:09:0f:
c3:fe:25:7e:38:46:8c:64:7a:aa:19:38:08:cb:98:
e1:86:25:9d:51:7a:35:64:08:dd:0b:3d:86:1c:a1:
53:d8:3e:25:f9:16:cd:61:77:79:48:04:50:8a:cc:
bc:12:c8:9a:a8:9d:e2:f0:54:1a:69:14:5e:a4:37:
62:a0:17:c5:db:59:54:f1:be:56:1b:e2:ba:5d:9a:
85:d4:ea:b3:50:80:14:7e:9e:1b:1e:63:27:ee:5a:
6a:d7:5d:66:b9:93:f1:32:30:6a:9d:f0:9d:be:b3:
ac:d2:c0:47:35:ef:eb:6e:7d:73:f8:33:26:09:13:
5d:c2:15:9d:57:40:d1:89:32:8e:ac:31:09:92:fe:
6c:97:a8:db:ba:9e:22:33:69:40:c2:9c:eb:22:c2:
b6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:90:4D:E4:C9:48:63:C7:8F:16:E1:74:41:84:28:7A:D3:D9:30:DD
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/25BN5MlIY8ePFuF0QYQoetPZMN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698::/38
Signature Algorithm: sha256WithRSAEncryption
ce:55:a4:f7:bc:3d:d0:52:14:03:5b:16:20:34:c8:71:ea:45:
e5:a0:ee:26:f4:e8:c7:c5:44:dc:08:f7:66:13:c1:63:6b:04:
7d:84:d9:b8:3b:39:25:87:7b:34:0c:f6:6b:85:5e:43:f8:d6:
ce:2c:f7:96:10:9e:d1:50:eb:6d:0a:06:f3:2a:9c:ea:2f:ac:
47:c5:10:16:b8:fc:5c:03:7d:55:9b:88:35:27:40:02:74:b4:
75:8c:1e:b0:73:18:0d:c5:2a:b8:84:de:94:f1:3f:ac:34:a6:
5b:be:28:ea:b7:33:b2:18:ea:7b:dc:30:12:a8:3c:6f:e8:25:
f2:0b:b4:a4:e3:72:8f:56:3d:0e:9c:dc:2f:d1:b1:a3:69:e1:
fc:d0:49:01:71:a7:29:15:d5:82:91:9f:dd:10:05:fd:b6:12:
ce:80:2d:22:8c:74:a3:e8:ba:90:31:78:4e:e3:09:e9:40:85:
9b:c2:cf:38:fc:b4:b8:53:51:42:b8:45:f2:92:8b:38:37:09:
ff:11:cf:4c:26:8f:88:14:05:d6:d5:af:5c:31:1b:79:bd:0a:
0c:0d:29:c5:85:32:05:14:ff:4f:0a:54:0d:10:e7:9a:04:3c:
a9:50:fa:cb:cc:ef:35:f4:be:99:7d:cc:2d:2d:ed:d1:b3:57:
8d:52:89:29
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtytkMtXpAPRbfIee3bSJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjkwNGRlNGM5NDg2M2M3OGYxNmUxNzQ0MTg0Mjg3YWQzZDkzMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjE4TAvvMvMKAUY3Y5xezNM9kpBB
RIwvErAn+n6dzqiRAsSlSUzGJCNajB7w3QPXWj0NAm6Zg2JH/BTmxu2hgPv3LDgX
JKDbPlxy3SEYQ9U8L8VJOiegplQAzTCeI1ornHJXkedICQ/D/iV+OEaMZHqqGTgI
y5jhhiWdUXo1ZAjdCz2GHKFT2D4l+RbNYXd5SARQisy8EsiaqJ3i8FQaaRRepDdi
oBfF21lU8b5WG+K6XZqF1OqzUIAUfp4bHmMn7lpq111muZPxMjBqnfCdvrOs0sBH
Ne/rbn1z+DMmCRNdwhWdV0DRiTKOrDEJkv5sl6jbup4iM2lAwpzrIsK2yQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNuQTeTJSGPHjxbhdEGEKHrT2TDdMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvMjVCTjVNbElZOGVQRnVGMFFZUW9ldFBaTU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmAAw
DQYJKoZIhvcNAQELBQADggEBAM5VpPe8PdBSFANbFiA0yHHqReWg7ib06MfFRNwI
92YTwWNrBH2E2bg7OSWHezQM9muFXkP41s4s95YQntFQ620KBvMqnOovrEfFEBa4
/FwDfVWbiDUnQAJ0tHWMHrBzGA3FKriE3pTxP6w0plu+KOq3M7IY6nvcMBKoPG/o
JfILtKTjco9WPQ6c3C/RsaNp4fzQSQFxpykV1YKRn90QBf22Es6ALSKMdKPoupAx
eE7jCelAhZvCzzj8tLhTUUK4RfKSizg3Cf8Rz0wmj4gUBdbVr1wxG3m9CgwNKcWF
MgUU/08KVA0Q55oEPKlQ+svM7zX0vpl9zC0t7dGzV41SiSk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:29 2025 by rpki-client