Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/T_3fyUGFDN5s8s7l1GqSjyufMH4.roa
File: T_3fyUGFDN5s8s7l1GqSjyufMH4.roa (raw, json)
Hash identifier: GSbofDsZMnZDcYusOUVhVs8fJU7Zy9uhtI9NxWHjJ3s=
Subject key identifier: 4F:FD:DF:C9:41:85:0C:DE:6C:F2:CE:E5:D4:6A:92:8F:2B:9F:30:7E
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAF24545DCF319DD8FB1EE99EEB739
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/T_3fyUGFDN5s8s7l1GqSjyufMH4.roa
Signing time: Sun 01 Jan 2023 14:44:54 +0000
ROA not before: Sun 01 Jan 2023 14:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59713
IP address blocks: 2a02:2698:3800::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f2:45:45:dc:f3:19:dd:8f:b1:ee:99:ee:b7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ffddfc941850cde6cf2cee5d46a928f2b9f307e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b3:f1:48:6e:d6:50:78:f4:62:9f:af:e7:ea:
44:fd:5f:aa:ef:7e:13:c3:74:cc:28:b5:87:32:85:
37:ab:93:63:89:33:53:8d:af:cd:e2:7e:2c:68:86:
ed:12:ee:3d:15:1e:61:55:8a:77:80:ee:01:e5:3a:
06:69:65:02:f6:20:6c:af:97:e0:b3:13:7b:9e:f7:
53:cc:ae:13:b6:cd:41:ae:82:97:5d:c0:3a:e5:d3:
af:d2:e5:f7:8f:43:2a:36:10:c1:3e:a5:4a:ae:d8:
fe:a1:18:13:80:1c:79:7e:5b:24:04:60:d9:cc:9e:
93:76:03:07:37:76:e9:64:ef:23:e6:f7:28:83:ac:
8c:f4:86:b2:4e:8e:d4:8b:ef:79:ea:8e:8c:8d:0b:
15:5e:7a:04:c5:ed:f7:72:22:a6:b1:7c:ba:af:09:
16:ed:4d:eb:de:c9:aa:8e:1f:71:74:4a:ce:73:7f:
15:9b:ce:d6:42:4e:94:bc:35:92:c7:0a:64:52:f6:
87:41:d2:d2:ee:70:8f:91:87:30:0f:9d:4e:8c:dd:
98:6f:e3:28:dc:52:44:19:02:ed:0d:6b:57:6c:2c:
d9:fe:a5:a4:23:bd:1a:88:bd:5f:50:4d:e3:06:f3:
86:57:e7:f5:1b:0a:33:7f:3f:8c:13:bf:0c:c3:ac:
47:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FD:DF:C9:41:85:0C:DE:6C:F2:CE:E5:D4:6A:92:8F:2B:9F:30:7E
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/T_3fyUGFDN5s8s7l1GqSjyufMH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:3800::/38
Signature Algorithm: sha256WithRSAEncryption
6f:53:93:10:87:ca:73:72:00:53:ae:b7:6b:53:2a:d9:5a:99:
8d:a2:5f:01:5c:81:bc:7f:48:cd:2e:0a:d8:ab:a0:a8:da:21:
f2:f0:b6:fc:22:93:70:29:9a:f5:60:a0:f3:95:f3:58:25:00:
11:f4:d0:00:17:e7:be:65:17:29:4a:fb:25:11:42:f2:87:c4:
09:01:fc:7d:4a:4b:5c:17:8a:d9:c9:e2:e6:d2:b3:9c:5a:98:
f7:d2:e1:bc:8a:b0:9f:22:fb:15:66:68:35:ac:e9:2f:db:13:
f0:d4:a1:41:3d:27:48:02:51:c6:e6:36:5e:5b:4f:7e:ae:73:
cd:ad:e2:ea:53:1a:8e:61:aa:e9:64:33:9c:7b:ef:b0:a6:3e:
2a:ee:ff:89:4d:f3:87:3d:85:e3:47:32:3c:54:03:44:92:d4:
66:3b:72:12:56:cf:c9:93:77:af:c1:dd:6f:fa:91:ee:ac:e8:
ca:05:c2:9b:a3:43:b8:d4:b4:5a:96:d6:41:c2:ec:b5:76:6d:
10:69:48:b4:9e:21:b6:2f:33:15:8a:8c:f4:b8:da:10:5c:81:
64:f9:16:21:32:e1:a9:f9:4b:f6:bd:4c:64:4d:5c:c5:7e:10:
8e:97:46:59:2e:56:41:12:8b:eb:2e:dc:55:33:ec:b4:13:d4:
1a:34:58:b1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyvJFRdzzGd2Pse6Z7rc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmZkZGZjOTQxODUwY2RlNmNmMmNlZTVkNDZhOTI4ZjJiOWYzMDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7PxSG7WUHj0Yp+v5+pE/V+q734T
w3TMKLWHMoU3q5NjiTNTja/N4n4saIbtEu49FR5hVYp3gO4B5ToGaWUC9iBsr5fg
sxN7nvdTzK4Tts1BroKXXcA65dOv0uX3j0MqNhDBPqVKrtj+oRgTgBx5flskBGDZ
zJ6TdgMHN3bpZO8j5vcog6yM9IayTo7Ui+956o6MjQsVXnoExe33ciKmsXy6rwkW
7U3r3smqjh9xdErOc38Vm87WQk6UvDWSxwpkUvaHQdLS7nCPkYcwD51OjN2Yb+Mo
3FJEGQLtDWtXbCzZ/qWkI70aiL1fUE3jBvOGV+f1Gwozfz+ME78Mw6xHqwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFE/938lBhQzebPLO5dRqko8rnzB+MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvVF8zZnlVR0ZETjVzOHM3bDFHcVNqeXVmTUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmDgw
DQYJKoZIhvcNAQELBQADggEBAG9TkxCHynNyAFOut2tTKtlamY2iXwFcgbx/SM0u
CtiroKjaIfLwtvwik3ApmvVgoPOV81glABH00AAX575lFylK+yURQvKHxAkB/H1K
S1wXitnJ4ubSs5xamPfS4byKsJ8i+xVmaDWs6S/bE/DUoUE9J0gCUcbmNl5bT36u
c82t4upTGo5hqulkM5x777CmPiru/4lN84c9heNHMjxUA0SS1GY7chJWz8mTd6/B
3W/6ke6s6MoFwpujQ7jUtFqW1kHC7LV2bRBpSLSeIbYvMxWKjPS42hBcgWT5FiEy
4an5S/a9TGRNXMV+EI6XRlkuVkESi+su3FUz7LQT1Bo0WLE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:23 2025 by rpki-client