Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/B0p7JNcJGJkci522xyKjawbePsQ.roa
File: B0p7JNcJGJkci522xyKjawbePsQ.roa (raw, json)
Hash identifier: OCeuubuLxXh6Tk/SHTcDf0asr2b0sGDvcGU+QJIhfUM=
Subject key identifier: 07:4A:7B:24:D7:09:18:99:1C:8B:9D:B6:C7:22:A3:6B:06:DE:3E:C4
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0948CDBF
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/B0p7JNcJGJkci522xyKjawbePsQ.roa
Signing time: Sat 01 Jan 2022 12:59:00 +0000
ROA not before: Sat 01 Jan 2022 12:59:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57026
IP address blocks: 2a02:2698:8c00::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155766207 (0x948cdbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:59:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=074a7b24d70918991c8b9db6c722a36b06de3ec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8e:02:1b:95:e0:01:f2:4f:27:72:64:3c:95:
49:e0:c6:d0:db:47:75:b6:82:66:03:27:41:a1:b1:
f4:87:bc:66:60:b1:78:6e:bb:99:58:b8:7f:bd:b0:
a0:e1:9b:4c:e0:a9:b1:26:61:b8:49:1f:c5:c6:11:
1b:fe:bd:8f:43:71:ad:b8:2b:18:a7:fa:d3:bf:02:
84:f1:70:6b:b0:10:19:8d:5e:4e:76:92:58:13:d5:
20:0e:9a:0a:95:e1:cb:20:2c:aa:f4:9d:55:33:84:
dc:90:9e:6a:33:3e:36:f9:76:e3:17:01:41:d8:ea:
03:67:eb:f7:81:cf:bf:78:e2:e3:a0:e1:3c:d0:58:
58:08:03:63:11:95:2c:c0:24:2b:7f:78:0f:b3:80:
80:cd:81:50:e6:ab:97:d2:8a:fe:dd:a2:60:b2:9f:
2b:4e:81:38:2a:3c:83:19:ec:be:b0:30:45:51:f7:
76:18:b7:41:6d:1f:a8:59:bf:ce:6f:b5:bb:c2:85:
1f:b6:84:b4:8a:af:19:9e:c2:6c:b8:73:4b:8f:92:
a8:3e:11:07:60:41:a5:ee:36:5d:85:09:1d:93:3c:
a3:4c:d2:a7:dd:b5:11:ef:15:4e:58:01:cd:9f:60:
5a:67:d6:6f:df:b8:50:67:61:1a:99:88:ae:ff:63:
03:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:4A:7B:24:D7:09:18:99:1C:8B:9D:B6:C7:22:A3:6B:06:DE:3E:C4
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/B0p7JNcJGJkci522xyKjawbePsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
81:1b:93:55:cc:15:6d:ab:9b:d7:fc:39:76:32:1f:b1:5c:48:
e8:71:c3:27:aa:b5:aa:65:9a:6f:57:f8:d6:b9:60:bb:e1:2e:
6a:b5:df:7f:52:eb:55:8a:5e:28:34:7d:7f:9d:c6:85:3f:e4:
42:13:6d:16:2d:29:33:0b:55:da:a4:c4:83:97:fd:85:c5:d1:
a9:b9:a7:63:f6:d1:d5:8d:10:79:79:46:04:59:15:d5:b6:68:
28:ee:5d:e5:49:5b:7b:5b:25:cf:e1:af:6e:63:7d:9c:a6:e8:
03:39:0b:b7:00:07:55:10:81:dc:9c:3b:93:dd:a9:80:41:2f:
d8:6c:12:21:31:63:15:6e:24:91:6a:23:00:61:06:8a:09:67:
2c:09:b3:c9:9c:ed:02:35:51:a8:7c:54:ea:55:9d:f9:79:eb:
e5:3b:ef:49:a2:70:fd:86:29:3e:5a:bb:04:d5:12:3e:a4:2a:
1f:ea:fb:3d:39:45:76:2c:23:0c:a5:76:93:9a:bc:ed:3c:d6:
72:41:10:93:96:df:a6:ed:7d:38:1d:c7:f5:ea:86:b3:58:20:
5b:84:4b:ec:9c:c9:ba:ad:b0:47:3a:ae:62:b8:11:90:57:41:
68:02:4b:a0:63:86:5d:da:df:53:dc:0f:d4:41:e0:0f:0a:98:
08:bf:87:21
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECUjNvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDc0YTdiMjRkNzA5
MTg5OTFjOGI5ZGI2YzcyMmEzNmIwNmRlM2VjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWOAhuV4AHyTydyZDyVSeDG0NtHdbaCZgMnQaGx9Ie8ZmCx
eG67mVi4f72woOGbTOCpsSZhuEkfxcYRG/69j0NxrbgrGKf6078ChPFwa7AQGY1e
TnaSWBPVIA6aCpXhyyAsqvSdVTOE3JCeajM+Nvl24xcBQdjqA2fr94HPv3ji46Dh
PNBYWAgDYxGVLMAkK394D7OAgM2BUOarl9KK/t2iYLKfK06BOCo8gxnsvrAwRVH3
dhi3QW0fqFm/zm+1u8KFH7aEtIqvGZ7CbLhzS4+SqD4RB2BBpe42XYUJHZM8o0zS
p921Ee8VTlgBzZ9gWmfWb9+4UGdhGpmIrv9jA3MCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQHSnsk1wkYmRyLnbbHIqNrBt4+xDAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L0IwcDdKTmNKR0prY2k1MjJ4eUtqYXdiZVBzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioCJpiMMA0GCSqGSIb3DQEBCwUA
A4IBAQCBG5NVzBVtq5vX/Dl2Mh+xXEjoccMnqrWqZZpvV/jWuWC74S5qtd9/UutV
il4oNH1/ncaFP+RCE20WLSkzC1XapMSDl/2FxdGpuadj9tHVjRB5eUYEWRXVtmgo
7l3lSVt7WyXP4a9uY32cpugDOQu3AAdVEIHcnDuT3amAQS/YbBIhMWMVbiSRaiMA
YQaKCWcsCbPJnO0CNVGofFTqVZ35eevlO+9JonD9hik+WrsE1RI+pCof6vs9OUV2
LCMMpXaTmrztPNZyQRCTlt+m7X04Hcf16oazWCBbhEvsnMm6rbBHOq5iuBGQV0Fo
AkugY4Zd2t9T3A/UQeAPCpgIv4ch
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:38:58 2025 by rpki-client