Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/53866_p3UZJLoXBFyjDbuPvz6IY.roa
File: 53866_p3UZJLoXBFyjDbuPvz6IY.roa (raw, json)
Hash identifier: V46HEUjzfdAmFDKYrJ4b0fC2QWKVOhREo6/OjFNcYcM=
Subject key identifier: E7:7F:3A:EB:FA:77:51:92:4B:A1:70:45:CA:30:DB:B8:FB:F3:E8:86
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCADD896CD397E058CE791E3276780F
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/53866_p3UZJLoXBFyjDbuPvz6IY.roa
Signing time: Sun 01 Jan 2023 14:44:49 +0000
ROA not before: Sun 01 Jan 2023 14:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39435
IP address blocks: 2a02:2698:c00::/38 maxlen: 48
2a02:2698:1000::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:dd:89:6c:d3:97:e0:58:ce:79:1e:32:76:78:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e77f3aebfa7751924ba17045ca30dbb8fbf3e886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a1:ca:9a:ab:6b:88:d2:fb:78:a9:e1:18:64:
2c:2a:35:a0:0b:5c:b2:f8:3c:64:5d:0c:38:ed:f0:
41:79:2b:17:f8:6e:41:04:35:65:4a:d3:d2:e5:71:
2c:39:eb:45:a8:b6:c3:51:a9:74:62:99:76:30:77:
73:2e:49:ec:8b:80:76:c9:d3:c2:01:e0:67:87:e1:
c8:9a:f9:d0:b0:d4:56:5a:95:74:4b:e4:9b:82:4b:
5d:53:b7:fb:db:1c:57:44:86:19:1c:12:b7:27:4b:
24:37:68:db:16:3d:75:f4:6c:23:04:5d:07:24:eb:
50:5b:b9:7e:3f:ea:f7:86:62:30:36:1f:8d:2c:7f:
8d:72:4b:8c:3e:b2:72:a4:f6:60:f3:03:87:d6:51:
c3:b4:43:41:d4:7b:02:a7:39:46:77:4c:e9:d4:ce:
37:ea:2d:e8:b9:c3:06:11:85:32:77:99:91:49:c8:
6d:99:45:de:e7:98:fc:66:3f:6b:b5:e5:42:a3:fb:
fc:15:71:6e:a5:c9:93:b9:37:10:43:89:e5:84:a1:
5a:d6:75:a7:1c:2b:df:26:2c:08:cb:2d:a0:b1:95:
6c:12:09:af:68:2a:d8:33:5a:a3:8f:ff:a0:e0:27:
e6:e8:01:68:5b:f1:3c:4e:dd:6b:15:e1:b4:f3:08:
22:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:7F:3A:EB:FA:77:51:92:4B:A1:70:45:CA:30:DB:B8:FB:F3:E8:86
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/53866_p3UZJLoXBFyjDbuPvz6IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:c00::-2a02:2698:13ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:48:b2:99:e4:7f:8e:dd:a8:4d:59:df:e2:e1:88:8a:d9:e7:
dc:59:7a:f7:73:cd:39:bd:2d:ef:20:5f:7f:41:6f:f4:2a:15:
86:e3:04:16:cb:6e:77:ec:e8:e4:ac:60:f5:0f:e3:a2:69:8f:
ec:f4:ef:cf:ce:fe:c9:60:93:89:38:94:fc:c5:c7:3c:13:42:
71:69:cb:65:b0:0a:8a:26:79:66:57:e0:9f:15:b1:8c:fe:2d:
10:60:d9:8d:9a:e2:39:cc:c0:27:e8:4a:b7:10:21:cb:c3:6f:
18:64:fe:15:d2:64:86:e9:a4:31:bd:01:46:35:1e:f9:ca:b4:
04:f7:38:5e:bb:93:35:6b:20:6c:cd:0f:4c:fa:3c:e4:a4:bc:
a2:60:f1:4a:e7:a9:65:b9:61:92:bc:85:3a:0d:2e:a7:ee:e8:
55:01:7f:fe:8a:0b:4f:1c:e2:66:14:f2:d9:14:39:c4:1b:8b:
af:48:3c:b7:5f:5f:81:42:31:d1:be:60:d4:00:f0:5b:96:bc:
02:61:1c:fd:b5:f1:80:94:ca:05:08:4e:fc:b4:ab:cb:c6:06:
e1:a2:22:f3:d0:1d:7c:e8:49:06:4e:18:a6:79:02:ef:d6:a9:
82:79:89:06:a0:99:74:3a:fc:68:6f:04:5a:4a:5c:52:54:e9:
0a:06:6d:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtyt2JbNOX4FjOeR4ydngPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzdmM2FlYmZhNzc1MTkyNGJhMTcwNDVjYTMwZGJiOGZiZjNlODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqHKmqtriNL7eKnhGGQsKjWgC1yy
+DxkXQw47fBBeSsX+G5BBDVlStPS5XEsOetFqLbDUal0Ypl2MHdzLknsi4B2ydPC
AeBnh+HImvnQsNRWWpV0S+SbgktdU7f72xxXRIYZHBK3J0skN2jbFj119GwjBF0H
JOtQW7l+P+r3hmIwNh+NLH+NckuMPrJypPZg8wOH1lHDtENB1HsCpzlGd0zp1M43
6i3oucMGEYUyd5mRSchtmUXe55j8Zj9rteVCo/v8FXFupcmTuTcQQ4nlhKFa1nWn
HCvfJiwIyy2gsZVsEgmvaCrYM1qjj/+g4Cfm6AFoW/E8Tt1rFeG08wgipwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOd/Ouv6d1GSS6FwRcow27j78+iGMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvNTM4NjZfcDNVWkpMb1hCRnlqRGJ1UHZ6NklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgIqAiaY
DAMGAioCJpgQMA0GCSqGSIb3DQEBCwUAA4IBAQBDSLKZ5H+O3ahNWd/i4YiK2efc
WXr3c805vS3vIF9/QW/0KhWG4wQWy2537OjkrGD1D+OiaY/s9O/Pzv7JYJOJOJT8
xcc8E0JxactlsAqKJnlmV+CfFbGM/i0QYNmNmuI5zMAn6Eq3ECHLw28YZP4V0mSG
6aQxvQFGNR75yrQE9zheu5M1ayBszQ9M+jzkpLyiYPFK56lluWGSvIU6DS6n7uhV
AX/+igtPHOJmFPLZFDnEG4uvSDy3X1+BQjHRvmDUAPBblrwCYRz9tfGAlMoFCE78
tKvLxgbhoiLz0B186EkGThimeQLv1qmCeYkGoJl0OvxobwRaSlxSVOkKBm3V
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:00 2025 by rpki-client