Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ZdpUa3J_VzkDS_WIFepe3RjDSfM.roa
File: ZdpUa3J_VzkDS_WIFepe3RjDSfM.roa (raw, json)
Hash identifier: UUwzD0WEpI69DriSmcGFZV4faFNOsOt+EegUuDzA7H4=
Subject key identifier: 65:DA:54:6B:72:7F:57:39:03:4B:F5:88:15:EA:5E:DD:18:C3:49:F3
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAE4E1473CB4F559CA6C2CC60E568C
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ZdpUa3J_VzkDS_WIFepe3RjDSfM.roa
Signing time: Sun 01 Jan 2023 14:44:51 +0000
ROA not before: Sun 01 Jan 2023 14:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42683
IP address blocks: 2a02:2698:5800::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e4:e1:47:3c:b4:f5:59:ca:6c:2c:c6:0e:56:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65da546b727f5739034bf58815ea5edd18c349f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:70:09:89:ba:c5:6c:1b:e8:ef:44:42:a4:df:
a1:26:2f:9b:4f:33:d0:ef:41:91:43:64:b9:d2:6a:
14:40:8d:16:f8:3a:84:88:86:b4:01:90:40:09:b4:
a9:bf:7c:c8:39:bd:73:0a:4f:36:b3:27:64:2d:90:
8c:e2:a5:1e:9a:b5:52:50:fb:88:28:48:48:a3:3b:
fa:26:bc:0e:9c:94:81:f0:7a:7a:59:cd:d7:39:70:
b1:fc:98:6a:91:5e:9a:08:b4:58:11:9c:d5:dd:d1:
25:f7:bf:9e:8f:98:ba:4d:12:b8:eb:c1:cb:61:02:
88:5f:a4:3b:6e:ad:e9:c6:4e:ec:a2:7b:47:3f:1f:
78:b3:ef:5b:58:91:59:88:06:f6:4c:93:0b:d3:0d:
73:43:2b:4d:36:55:21:99:1f:90:09:73:c8:b4:9a:
d6:1c:25:86:47:2e:12:cb:44:92:e6:9b:8c:7c:25:
9b:76:ba:8c:d9:59:98:57:11:c6:0a:96:0a:f5:60:
0e:a1:d9:7d:80:f2:2a:f1:ff:8c:4d:e1:19:6c:03:
0d:77:6d:9b:a8:27:7f:c4:db:9f:0f:6c:89:68:48:
b0:a6:f5:06:79:c7:4d:75:46:bd:44:83:cf:9b:38:
7f:14:e0:c4:d7:f6:ba:a7:ef:10:9d:7b:83:a4:f6:
eb:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DA:54:6B:72:7F:57:39:03:4B:F5:88:15:EA:5E:DD:18:C3:49:F3
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ZdpUa3J_VzkDS_WIFepe3RjDSfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:5800::/38
Signature Algorithm: sha256WithRSAEncryption
b9:27:b6:cd:90:10:ca:a2:9d:b1:d6:92:60:2f:8d:21:5a:43:
e3:e8:94:0b:26:59:fe:18:84:07:a3:49:6e:01:07:09:b6:76:
c0:58:60:7d:20:a3:6b:2c:4a:b1:01:3a:cc:08:a3:f5:e9:07:
5b:1f:b1:af:15:6d:55:dc:c7:7d:30:05:0e:63:f0:fc:24:8e:
56:f1:94:3b:16:2e:5d:ce:fb:d8:fe:41:4a:68:23:e6:d3:9d:
b3:1d:f6:de:5f:e2:99:cc:55:99:c1:1a:e8:de:a9:bd:ba:f8:
f2:93:18:62:c3:39:f6:e1:df:d8:90:fe:71:bf:d4:5d:35:d8:
8b:2a:73:93:22:14:c5:e4:d7:f0:ee:ae:8f:b2:2d:25:14:1b:
ba:39:84:9e:3e:c7:25:14:b2:f1:83:bc:e6:db:12:dc:25:a0:
cd:61:10:e2:7e:66:ed:a6:38:81:91:4d:9e:fb:c0:d4:6a:3e:
37:fb:e7:df:ca:e8:c7:80:3f:31:b7:02:dd:71:bf:bb:e3:71:
05:3d:de:31:56:9d:85:e9:3d:72:17:de:09:dd:41:0c:46:44:
58:47:72:5f:1e:a3:c9:4c:a2:0c:4f:66:29:a9:d3:47:29:55:
e5:3f:54:5a:38:0f:af:7e:17:91:ed:ec:f4:55:b5:a0:60:80:
42:a4:d5:33
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyuThRzy09VnKbCzGDlaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWRhNTQ2YjcyN2Y1NzM5MDM0YmY1ODgxNWVhNWVkZDE4YzM0OWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7nAJibrFbBvo70RCpN+hJi+bTzPQ
70GRQ2S50moUQI0W+DqEiIa0AZBACbSpv3zIOb1zCk82sydkLZCM4qUemrVSUPuI
KEhIozv6JrwOnJSB8Hp6Wc3XOXCx/JhqkV6aCLRYEZzV3dEl97+ej5i6TRK468HL
YQKIX6Q7bq3pxk7sontHPx94s+9bWJFZiAb2TJML0w1zQytNNlUhmR+QCXPItJrW
HCWGRy4Sy0SS5puMfCWbdrqM2VmYVxHGCpYK9WAOodl9gPIq8f+MTeEZbAMNd22b
qCd/xNufD2yJaEiwpvUGecdNdUa9RIPPmzh/FODE1/a6p+8QnXuDpPbr/wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGXaVGtyf1c5A0v1iBXqXt0Yw0nzMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvWmRwVWEzSl9WemtEU19XSUZlcGUzUmpEU2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmFgw
DQYJKoZIhvcNAQELBQADggEBALknts2QEMqinbHWkmAvjSFaQ+PolAsmWf4YhAej
SW4BBwm2dsBYYH0go2ssSrEBOswIo/XpB1sfsa8VbVXcx30wBQ5j8PwkjlbxlDsW
Ll3O+9j+QUpoI+bTnbMd9t5f4pnMVZnBGujeqb26+PKTGGLDOfbh39iQ/nG/1F01
2Isqc5MiFMXk1/Duro+yLSUUG7o5hJ4+xyUUsvGDvObbEtwloM1hEOJ+Zu2mOIGR
TZ77wNRqPjf759/K6MeAPzG3At1xv7vjcQU93jFWnYXpPXIX3gndQQxGRFhHcl8e
o8lMogxPZimp00cpVeU/VFo4D69+F5Ht7PRVtaBggEKk1TM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:20 2025 by rpki-client