Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CZ7MKddmI613Shsh9SIS3bQH15g.roa
File: CZ7MKddmI613Shsh9SIS3bQH15g.roa (raw, json)
Hash identifier: i0gS/TUd+E9USMWDnBobJK6LE6yGxAbtu42Tfs4C6QA=
Subject key identifier: 09:9E:CC:29:D7:66:23:AD:77:4A:1B:21:F5:22:12:DD:B4:07:D7:98
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 09341D97
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CZ7MKddmI613Shsh9SIS3bQH15g.roa
Signing time: Sat 01 Jan 2022 12:58:49 +0000
ROA not before: Sat 01 Jan 2022 12:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41786
IP address blocks: 2a02:2698:2400::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154410391 (0x9341d97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=099ecc29d76623ad774a1b21f52212ddb407d798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c6:84:6b:d6:7b:d5:c2:3d:d3:85:10:ee:13:
f9:57:bb:b1:51:75:19:eb:b3:83:be:e4:55:64:81:
f9:61:d9:af:ee:cf:07:15:8d:32:74:58:87:37:bc:
85:e5:44:2b:d5:e5:66:d7:de:e0:25:5e:77:ea:62:
56:0f:02:37:a4:db:55:28:eb:54:44:29:9a:eb:da:
a7:c8:da:55:12:d2:2f:98:71:f0:20:eb:1c:5b:0d:
fd:8f:5a:c9:4b:3a:40:15:59:3c:72:2f:bc:94:3a:
1d:05:d1:f2:4e:08:6a:9c:3f:f6:4b:74:56:fb:ec:
ad:65:a2:a7:86:65:40:fd:5c:b1:ec:bb:86:72:b0:
c2:65:bd:ea:84:2e:af:2b:8e:4b:66:48:65:9d:dc:
51:0f:88:c3:2c:8b:45:a4:23:0c:2d:7b:a4:7f:ad:
c2:f2:94:5f:96:22:c6:b0:ce:ad:f3:8f:fe:d5:51:
89:e8:93:de:43:3d:c2:40:1e:b7:4c:c5:84:ea:f0:
f3:47:2a:a5:f6:8c:9f:bf:dd:fa:43:42:56:2e:4f:
25:2b:cf:15:8b:9a:89:4e:72:b5:29:9f:5e:64:4e:
d3:52:67:23:f9:26:18:a2:ff:8e:91:a3:7c:b6:39:
1f:31:ca:b5:b8:c0:10:8f:b1:8b:b2:51:d4:dd:77:
d2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9E:CC:29:D7:66:23:AD:77:4A:1B:21:F5:22:12:DD:B4:07:D7:98
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CZ7MKddmI613Shsh9SIS3bQH15g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:2400::/38
Signature Algorithm: sha256WithRSAEncryption
88:3f:cb:98:f5:c2:d0:e9:17:3c:bd:55:bb:63:81:b9:5f:50:
48:44:c9:54:b9:40:da:2b:a6:ee:1e:64:40:d4:3f:5e:e8:b6:
18:eb:fb:89:65:33:24:36:5d:2b:ac:2b:5c:d1:d6:25:42:f7:
e1:d5:61:7b:00:a3:40:c2:57:10:70:b3:23:0e:e4:4c:7f:2e:
aa:38:44:94:37:57:e8:64:fc:62:47:15:c9:d0:4b:8e:2f:8c:
a9:92:9b:33:66:db:23:b6:8e:09:07:72:c3:ef:f7:f3:7a:cb:
03:fc:9c:11:09:77:7f:99:8b:d8:13:d1:2c:df:b2:ba:12:39:
17:2b:ff:11:e3:e8:dc:b3:b9:94:c1:1d:e0:27:49:c8:20:d0:
f2:f1:07:95:c4:64:51:9c:b4:1c:63:70:45:83:67:20:dc:df:
aa:9e:5e:63:ed:c8:96:2b:d3:f0:01:74:ef:4a:f1:06:62:30:
f1:f0:91:f9:df:c1:98:bf:34:b8:a3:9c:59:36:08:09:29:19:
a5:6f:32:72:d2:a3:74:52:23:11:0b:10:e3:d1:0a:46:6e:89:
01:42:ab:99:5f:70:30:a2:9c:a1:d6:d9:6f:ee:74:71:23:b7:
9d:bd:51:06:08:d5:68:8d:14:12:28:10:96:f5:a7:9d:c8:3c:
bb:2b:4e:98
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECTQdlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk5ZWNjMjlkNzY2
MjNhZDc3NGExYjIxZjUyMjEyZGRiNDA3ZDc5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7GhGvWe9XCPdOFEO4T+Ve7sVF1Geuzg77kVWSB+WHZr+7P
BxWNMnRYhze8heVEK9XlZtfe4CVed+piVg8CN6TbVSjrVEQpmuvap8jaVRLSL5hx
8CDrHFsN/Y9ayUs6QBVZPHIvvJQ6HQXR8k4Iapw/9kt0VvvsrWWip4ZlQP1csey7
hnKwwmW96oQuryuOS2ZIZZ3cUQ+IwyyLRaQjDC17pH+twvKUX5YixrDOrfOP/tVR
ieiT3kM9wkAet0zFhOrw80cqpfaMn7/d+kNCVi5PJSvPFYuaiU5ytSmfXmRO01Jn
I/kmGKL/jpGjfLY5HzHKtbjAEI+xi7JR1N130l0CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQJnswp12YjrXdKGyH1IhLdtAfXmDAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L0NaN01LZGRtSTYxM1Noc2g5U0lTM2JRSDE1Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioCJpgkMA0GCSqGSIb3DQEBCwUA
A4IBAQCIP8uY9cLQ6Rc8vVW7Y4G5X1BIRMlUuUDaK6buHmRA1D9e6LYY6/uJZTMk
Nl0rrCtc0dYlQvfh1WF7AKNAwlcQcLMjDuRMfy6qOESUN1foZPxiRxXJ0EuOL4yp
kpszZtsjto4JB3LD7/fzessD/JwRCXd/mYvYE9Es37K6EjkXK/8R4+jcs7mUwR3g
J0nIINDy8QeVxGRRnLQcY3BFg2cg3N+qnl5j7ciWK9PwAXTvSvEGYjDx8JH538GY
vzS4o5xZNggJKRmlbzJy0qN0UiMRCxDj0QpGbokBQquZX3Awopyh1tlv7nRxI7ed
vVEGCNVojRQSKBCW9aedyDy7K06Y
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:23 2025 by rpki-client