Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/dF3XOkp-QCjojmhqQRT5RdfGBxc.roa
File: dF3XOkp-QCjojmhqQRT5RdfGBxc.roa (raw, json)
Hash identifier: eL/3pK0PQ+c/K5hdbNCr++aOOLNwQ9277j/AAbd3VEk=
Subject key identifier: 74:5D:D7:3A:4A:7E:40:28:E8:8E:68:6A:41:14:F9:45:D7:C6:07:17
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAEAF79A01E5F3114E2084E66555B8
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/dF3XOkp-QCjojmhqQRT5RdfGBxc.roa
Signing time: Sun 01 Jan 2023 14:44:53 +0000
ROA not before: Sun 01 Jan 2023 14:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50544
IP address blocks: 2a02:2698:3000::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ea:f7:9a:01:e5:f3:11:4e:20:84:e6:65:55:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=745dd73a4a7e4028e88e686a4114f945d7c60717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:50:de:81:db:f6:cb:f8:ef:4e:c8:f7:3c:
06:7d:07:5f:65:bb:15:38:da:97:56:e6:5a:23:54:
d5:23:02:74:ff:4d:ae:ca:65:da:d5:93:d4:4d:aa:
fb:ad:c8:6c:47:94:7e:79:6c:dc:6d:ad:8a:82:30:
ff:1c:ac:2b:81:a0:4c:e5:1e:bd:7a:36:98:95:f9:
77:e5:aa:4f:e1:2a:91:f0:4d:58:b0:47:ec:be:e9:
6e:8f:f3:c0:c0:c4:01:5d:80:d7:91:4f:18:7b:b8:
27:07:34:35:32:27:94:ee:18:0f:b5:7e:49:63:9d:
67:b6:79:2d:e3:bc:c2:d4:e4:46:a0:a7:20:2b:56:
51:66:88:a8:fb:32:f7:bb:0e:42:25:28:75:4d:c7:
f9:62:f4:ac:3c:4b:67:22:f0:46:e7:b8:21:28:9e:
d6:00:a8:4e:05:44:ff:7e:8f:fa:5d:bd:31:aa:85:
9b:15:ee:61:dd:23:1a:b9:7b:34:61:46:d3:cd:a9:
58:2b:42:9f:4b:c7:97:5c:9b:0f:48:99:1b:12:ee:
7c:bb:5f:d7:73:73:6f:39:89:c9:0f:6f:14:30:d5:
cf:89:8e:9d:53:58:c5:a9:23:a1:b5:51:1e:96:a0:
cc:e7:fe:13:ee:67:7d:be:81:e6:e0:4f:e1:8a:62:
20:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5D:D7:3A:4A:7E:40:28:E8:8E:68:6A:41:14:F9:45:D7:C6:07:17
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/dF3XOkp-QCjojmhqQRT5RdfGBxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:3000::/38
Signature Algorithm: sha256WithRSAEncryption
08:90:22:56:af:8f:70:2e:d8:ca:0e:cd:ec:19:c0:79:c6:b2:
bd:de:e6:a2:78:c1:bd:2c:33:ed:23:e1:bb:6d:9d:15:33:10:
9f:96:d1:11:1f:30:74:e2:4b:ce:f4:0f:31:56:08:60:18:c4:
25:2e:d2:1f:a1:1f:3f:21:aa:b6:0e:ec:b6:c3:22:7d:88:78:
05:85:5a:58:ed:51:98:ba:c8:16:8f:5c:7c:9e:9d:16:82:0f:
55:a2:ff:44:56:dd:03:64:9b:f9:1a:3f:2b:4c:3b:4a:92:7e:
34:98:3e:fd:c3:7f:86:72:87:18:3d:58:b7:6a:88:b0:01:bb:
0c:65:8b:e9:14:1f:34:db:c9:15:25:41:5d:f6:d1:25:05:88:
76:1c:a0:51:47:26:33:0c:80:35:ea:37:24:ca:61:e4:0e:ca:
d0:8f:0a:f4:58:13:84:0a:64:5e:b8:58:f5:2f:2e:77:d8:64:
b0:b6:5a:74:c9:02:08:bd:62:d1:ea:40:cd:4a:1d:f0:50:be:
90:07:e9:a6:86:4c:51:5e:ef:1f:f3:35:97:25:88:70:ce:78:
bb:eb:b8:91:d6:6c:a0:41:2c:7b:81:cc:63:10:ee:10:27:48:
50:6b:7c:26:d2:0d:99:48:29:ad:fb:d0:d7:a6:4c:9b:f0:13:
9f:e2:2f:3a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyur3mgHl8xFOIITmZVW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDVkZDczYTRhN2U0MDI4ZTg4ZTY4NmE0MTE0Zjk0NWQ3YzYwNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQRQ3oHb9sv4707I9zwGfQdfZbsV
ONqXVuZaI1TVIwJ0/02uymXa1ZPUTar7rchsR5R+eWzcba2KgjD/HKwrgaBM5R69
ejaYlfl35apP4SqR8E1YsEfsvuluj/PAwMQBXYDXkU8Ye7gnBzQ1MieU7hgPtX5J
Y51ntnkt47zC1ORGoKcgK1ZRZoio+zL3uw5CJSh1Tcf5YvSsPEtnIvBG57ghKJ7W
AKhOBUT/fo/6Xb0xqoWbFe5h3SMauXs0YUbTzalYK0KfS8eXXJsPSJkbEu58u1/X
c3NvOYnJD28UMNXPiY6dU1jFqSOhtVEelqDM5/4T7md9voHm4E/himIgIwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHRd1zpKfkAo6I5oakEU+UXXxgcXMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvZEYzWE9rcC1RQ2pvam1ocVFSVDVSZGZHQnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmDAw
DQYJKoZIhvcNAQELBQADggEBAAiQIlavj3Au2MoOzewZwHnGsr3e5qJ4wb0sM+0j
4bttnRUzEJ+W0REfMHTiS870DzFWCGAYxCUu0h+hHz8hqrYO7LbDIn2IeAWFWljt
UZi6yBaPXHyenRaCD1Wi/0RW3QNkm/kaPytMO0qSfjSYPv3Df4Zyhxg9WLdqiLAB
uwxli+kUHzTbyRUlQV320SUFiHYcoFFHJjMMgDXqNyTKYeQOytCPCvRYE4QKZF64
WPUvLnfYZLC2WnTJAgi9YtHqQM1KHfBQvpAH6aaGTFFe7x/zNZcliHDOeLvruJHW
bKBBLHuBzGMQ7hAnSFBrfCbSDZlIKa370NemTJvwE5/iLzo=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:41 2025 by rpki-client