Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/P58wLJwB_Ws2s1mHjQfQlwF2FL4.roa
File: P58wLJwB_Ws2s1mHjQfQlwF2FL4.roa (raw, json)
Hash identifier: Glh+bBc5OcPFwiBkQfKuDEb16fTQurGAQzIulXHEA3k=
Subject key identifier: 3F:9F:30:2C:9C:01:FD:6B:36:B3:59:87:8D:07:D0:97:01:76:14:BE
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 092ADDE3
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/P58wLJwB_Ws2s1mHjQfQlwF2FL4.roa
Signing time: Sat 01 Jan 2022 12:58:45 +0000
ROA not before: Sat 01 Jan 2022 12:58:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34533
IP address blocks: 2a02:2698:6800::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153804259 (0x92adde3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:58:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f9f302c9c01fd6b36b359878d07d097017614be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b3:99:be:71:de:ec:1f:9e:69:e7:e9:b0:7b:
87:03:dc:9f:ed:4a:e5:70:47:e4:89:5c:79:a0:8f:
b3:a6:e2:fc:6e:46:2a:d3:5b:24:e4:f7:c1:93:db:
7e:f7:86:2b:ca:37:9e:6c:a5:92:32:b5:f4:67:ed:
f6:10:b9:48:37:03:91:3f:86:8e:35:86:2a:bd:4b:
cf:04:2b:3d:bd:bc:5b:c9:fa:b9:c2:3a:2e:1c:1d:
11:a7:e9:88:82:e4:d7:a3:cf:89:d0:48:44:4a:e8:
f4:60:00:54:63:dc:12:cd:05:f0:58:e3:67:99:0b:
c0:44:a4:08:e1:73:81:cf:f0:d3:cf:d5:e7:3b:51:
71:6b:d1:0c:09:47:b5:7d:b0:27:9c:ea:e3:00:04:
bf:af:2d:51:22:6c:d6:01:a4:3f:13:21:08:d4:5a:
f3:2e:13:52:be:15:43:2a:b8:4b:95:7e:bc:4b:24:
40:f9:16:2b:ef:40:12:a0:fa:93:00:07:39:6d:a6:
29:a8:fd:11:57:97:3a:04:96:b9:ad:64:a9:d1:0f:
92:26:74:e9:0c:b1:a5:80:12:b7:14:79:0f:43:19:
c3:4d:83:04:98:3e:7b:12:1c:81:8a:db:e4:f3:10:
ae:a1:18:27:85:e3:b1:04:5b:1b:fd:d0:2c:04:22:
a5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:9F:30:2C:9C:01:FD:6B:36:B3:59:87:8D:07:D0:97:01:76:14:BE
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/P58wLJwB_Ws2s1mHjQfQlwF2FL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:6800::/38
Signature Algorithm: sha256WithRSAEncryption
0c:e0:b7:83:98:4a:f8:81:14:d1:92:97:3f:52:ee:6c:40:81:
14:38:fa:44:36:35:86:28:67:3b:16:56:05:95:d5:39:30:4b:
11:48:15:d9:3b:fc:14:8a:51:5b:32:21:5c:72:dd:fe:ca:56:
ab:25:b7:35:60:f9:28:e0:4d:a1:6f:6f:0c:83:ad:ba:f2:6f:
da:a4:3d:20:19:78:e6:c6:22:3b:c0:6c:6d:d8:b3:f1:d1:51:
c5:af:8d:e9:22:08:da:f0:88:c4:2d:b7:aa:08:57:f5:04:96:
90:7c:42:a4:04:ae:b7:5e:60:18:46:be:b1:cf:e3:b7:08:42:
6c:5a:53:b8:19:6b:0a:d4:15:58:bc:c7:68:b9:61:c0:35:2c:
a4:22:7e:32:4b:eb:73:c2:d8:5f:72:e8:a3:3b:1c:4a:10:7f:
55:07:32:88:f6:2f:da:0d:06:99:9f:b0:ed:57:10:76:86:31:
31:84:16:01:1e:95:c3:56:e5:d8:59:2d:71:db:e1:6e:9f:1d:
66:be:f2:b9:14:1d:85:6a:15:ca:7a:d2:b8:eb:e6:e9:37:7f:
8d:d3:a7:7c:6c:a6:94:31:57:17:1d:ae:8a:31:cf:59:85:72:
f5:24:57:b4:08:26:85:d4:0b:15:55:ca:bf:56:cb:dd:b6:c2:
aa:20:3a:05
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECSrd4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y5ZjMwMmM5YzAx
ZmQ2YjM2YjM1OTg3OGQwN2QwOTcwMTc2MTRiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMezmb5x3uwfnmnn6bB7hwPcn+1K5XBH5IlceaCPs6bi/G5G
KtNbJOT3wZPbfveGK8o3nmylkjK19Gft9hC5SDcDkT+GjjWGKr1LzwQrPb28W8n6
ucI6LhwdEafpiILk16PPidBIREro9GAAVGPcEs0F8FjjZ5kLwESkCOFzgc/w08/V
5ztRcWvRDAlHtX2wJ5zq4wAEv68tUSJs1gGkPxMhCNRa8y4TUr4VQyq4S5V+vEsk
QPkWK+9AEqD6kwAHOW2mKaj9EVeXOgSWua1kqdEPkiZ06QyxpYAStxR5D0MZw02D
BJg+exIcgYrb5PMQrqEYJ4XjsQRbG/3QLAQipXkCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQ/nzAsnAH9azazWYeNB9CXAXYUvjAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L1A1OHdMSndCX1dzMnMxbUhqUWZRbHdGMkZMNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioCJphoMA0GCSqGSIb3DQEBCwUA
A4IBAQAM4LeDmEr4gRTRkpc/Uu5sQIEUOPpENjWGKGc7FlYFldU5MEsRSBXZO/wU
ilFbMiFcct3+ylarJbc1YPko4E2hb28Mg6268m/apD0gGXjmxiI7wGxt2LPx0VHF
r43pIgja8IjELbeqCFf1BJaQfEKkBK63XmAYRr6xz+O3CEJsWlO4GWsK1BVYvMdo
uWHANSykIn4yS+tzwthfcuijOxxKEH9VBzKI9i/aDQaZn7DtVxB2hjExhBYBHpXD
VuXYWS1x2+Funx1mvvK5FB2FahXKetK46+bpN3+N06d8bKaUMVcXHa6KMc9ZhXL1
JFe0CCaF1AsVVcq/VsvdtsKqIDoF
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:29 2025 by rpki-client