Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/b7TAAD_lNfOqSGwPyc7ny9WLL30.roa
File: b7TAAD_lNfOqSGwPyc7ny9WLL30.roa (raw, json)
Hash identifier: 9RBXl5MlQR5IHqSNpd0+44Hepz6TUsS9skdgUvKJh28=
Subject key identifier: 6F:B4:C0:00:3F:E5:35:F3:AA:48:6C:0F:C9:CE:E7:CB:D5:8B:2F:7D
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 093224EB
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/b7TAAD_lNfOqSGwPyc7ny9WLL30.roa
Signing time: Sat 01 Jan 2022 12:58:48 +0000
ROA not before: Sat 01 Jan 2022 12:58:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41727
IP address blocks: 2a02:2698:2c00::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154281195 (0x93224eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:58:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fb4c0003fe535f3aa486c0fc9cee7cbd58b2f7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:20:29:22:d0:d8:3d:b5:44:a0:63:f9:e0:3f:
30:fd:69:a7:ed:82:6c:12:21:52:84:9b:1a:6a:0c:
7d:1f:a7:fe:be:9b:28:0a:f6:a1:56:b1:de:24:5c:
e9:bb:d4:da:7d:be:1c:ef:08:d4:72:cc:33:0e:69:
7f:c1:2a:85:21:91:2e:89:11:58:4e:44:fb:b4:ff:
bf:44:20:07:66:84:fe:a0:f4:d0:61:29:ed:f4:b4:
6e:dc:23:29:75:4d:af:46:3a:2e:07:df:90:b9:f9:
a3:35:d3:8c:0a:48:42:c9:3b:4e:76:7f:df:8f:08:
78:98:b3:58:7e:40:a9:f3:15:d5:59:74:5b:36:2c:
52:d4:9d:f1:47:32:fb:13:d0:34:5f:8a:ee:99:af:
ef:4c:79:41:bd:c9:62:59:20:dc:3c:2b:9f:fa:b9:
49:0e:22:1b:53:0c:dc:fd:25:3f:4d:e6:cf:ff:a1:
65:27:0e:98:72:ce:b5:f0:18:67:7a:6a:ca:67:0e:
96:87:26:88:9a:2e:8b:6b:f7:f0:3d:8f:f9:2a:86:
b1:24:ed:92:71:de:6b:93:1d:4d:71:86:b5:c1:b0:
fb:a4:0d:6e:ae:46:59:6b:ba:74:86:1a:9c:87:4d:
d5:1a:a9:cb:b2:a7:44:c0:43:3c:69:d6:d1:29:00:
9d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B4:C0:00:3F:E5:35:F3:AA:48:6C:0F:C9:CE:E7:CB:D5:8B:2F:7D
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/b7TAAD_lNfOqSGwPyc7ny9WLL30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:2c00::/38
Signature Algorithm: sha256WithRSAEncryption
5e:ea:e0:aa:04:d3:4a:c1:41:92:12:0f:5b:f3:4b:5b:2a:34:
b2:9f:69:46:31:de:89:9e:2b:2e:ff:c0:c9:91:09:b3:1f:7e:
63:05:3b:81:c9:6c:6e:2d:c6:09:08:44:17:d5:fc:d5:9d:1c:
59:8d:72:64:69:62:2b:7b:1a:a9:74:5a:2a:0a:6b:79:22:08:
41:04:a7:3c:b2:2c:61:83:81:e0:be:b7:af:29:68:30:ec:79:
ad:45:32:87:ef:77:ab:fa:f4:01:3e:11:28:31:79:0e:c6:08:
69:4b:a7:2f:7d:5a:23:b2:9e:4f:71:20:a0:c1:bf:16:06:af:
14:7f:56:2b:f3:e4:ae:79:89:ea:3a:df:cb:a2:16:3c:e8:74:
3b:1d:26:b6:31:0a:ee:d3:97:77:64:72:d2:46:76:36:35:3e:
89:49:b0:69:04:52:12:5a:df:1a:b3:51:ad:3e:47:6c:d5:30:
6e:44:36:ae:8a:2b:74:a6:69:6a:d9:22:dc:4a:66:c5:17:8b:
2d:74:6c:4b:69:51:4f:7b:52:87:6f:ac:b6:fc:81:51:82:db:
5d:31:bb:6d:ce:b1:10:0a:b9:16:a9:57:fe:46:e1:fe:cd:f8:
f7:ed:f3:7a:51:da:21:97:5f:21:66:35:01:8a:82:44:5b:05:
5e:85:10:29
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECTIk6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZiNGMwMDAzZmU1
MzVmM2FhNDg2YzBmYzljZWU3Y2JkNThiMmY3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEgKSLQ2D21RKBj+eA/MP1pp+2CbBIhUoSbGmoMfR+n/r6b
KAr2oVax3iRc6bvU2n2+HO8I1HLMMw5pf8EqhSGRLokRWE5E+7T/v0QgB2aE/qD0
0GEp7fS0btwjKXVNr0Y6LgffkLn5ozXTjApIQsk7TnZ/348IeJizWH5AqfMV1Vl0
WzYsUtSd8Ucy+xPQNF+K7pmv70x5Qb3JYlkg3Dwrn/q5SQ4iG1MM3P0lP03mz/+h
ZScOmHLOtfAYZ3pqymcOlocmiJoui2v38D2P+SqGsSTtknHea5MdTXGGtcGw+6QN
bq5GWWu6dIYanIdN1Rqpy7KnRMBDPGnW0SkAnUsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRvtMAAP+U186pIbA/JzufL1YsvfTAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L2I3VEFBRF9sTmZPcVNHd1B5YzdueTlXTEwzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioCJpgsMA0GCSqGSIb3DQEBCwUA
A4IBAQBe6uCqBNNKwUGSEg9b80tbKjSyn2lGMd6Jnisu/8DJkQmzH35jBTuByWxu
LcYJCEQX1fzVnRxZjXJkaWIrexqpdFoqCmt5IghBBKc8sixhg4HgvrevKWgw7Hmt
RTKH73er+vQBPhEoMXkOxghpS6cvfVojsp5PcSCgwb8WBq8Uf1Yr8+SueYnqOt/L
ohY86HQ7HSa2MQru05d3ZHLSRnY2NT6JSbBpBFISWt8as1GtPkds1TBuRDauiit0
pmlq2SLcSmbFF4stdGxLaVFPe1KHb6y2/IFRgttdMbttzrEQCrkWqVf+RuH+zfj3
7fN6Udohl18hZjUBioJEWwVehRAp
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:36 2025 by rpki-client