Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/dxXEEepUzQHMqtnM5MuupnqKsNM.roa
File: dxXEEepUzQHMqtnM5MuupnqKsNM.roa (raw, json)
Hash identifier: xTPBN7m0oFjim9V+1HhlIgeI8FzycMetBOIRvcQRazc=
Subject key identifier: 77:15:C4:11:EA:54:CD:01:CC:AA:D9:CC:E4:CB:AE:A6:7A:8A:B0:D3
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAEC40EBBCDA13E0BE447D1164B2D8
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/dxXEEepUzQHMqtnM5MuupnqKsNM.roa
Signing time: Sun 01 Jan 2023 14:44:53 +0000
ROA not before: Sun 01 Jan 2023 14:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51570
IP address blocks: 2a02:2698:6c00::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ec:40:eb:bc:da:13:e0:be:44:7d:11:64:b2:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7715c411ea54cd01ccaad9cce4cbaea67a8ab0d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d5:41:94:0d:18:0f:08:db:2d:4b:52:5b:32:
df:3c:20:0f:6d:64:60:f3:10:08:d1:9c:71:a3:ec:
a5:1f:9b:ba:3a:85:5c:16:bc:74:d3:d1:27:67:92:
b8:59:9b:77:de:76:08:b3:0d:f6:44:c6:9c:60:fb:
34:72:f1:7c:9a:ce:a8:08:a2:4a:5d:02:90:2d:4b:
15:0b:cc:cc:54:64:db:ea:f5:bc:97:71:5b:18:40:
fa:a3:b4:12:cc:93:e7:5a:4f:48:2e:27:8e:18:6f:
4b:77:0e:0e:e8:6e:2b:c2:40:45:4c:5f:ba:92:5c:
e0:9d:39:13:12:23:c6:10:1d:de:8f:4d:8f:03:be:
f9:56:33:64:23:2e:15:ec:ef:1e:1d:b2:39:0c:12:
ea:fe:cd:ac:26:b5:a7:70:15:fd:07:ff:9a:4c:44:
64:0e:cc:65:c8:d1:d4:4b:39:4f:d9:07:e4:d5:eb:
ea:0f:2f:59:75:27:32:8f:e5:61:9e:44:fc:bf:76:
03:26:81:f5:c2:33:d4:8a:a7:6d:70:7c:21:c8:40:
fd:81:a5:24:2e:bb:3c:e0:e4:2e:35:b9:cc:c7:e9:
d4:b9:a7:b9:45:cd:da:46:89:f6:ff:0d:6c:52:56:
fd:9a:02:10:1d:89:4a:90:fa:b1:2c:09:1c:a3:ec:
e2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:15:C4:11:EA:54:CD:01:CC:AA:D9:CC:E4:CB:AE:A6:7A:8A:B0:D3
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/dxXEEepUzQHMqtnM5MuupnqKsNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:6c00::/38
Signature Algorithm: sha256WithRSAEncryption
21:a0:cf:21:32:b6:88:19:e1:f0:93:62:86:16:55:8f:51:eb:
e6:78:e3:3c:a8:76:d6:64:65:67:69:f2:80:5c:42:78:f8:a4:
53:8c:a6:3d:d8:77:2b:d1:eb:9c:5f:13:6b:59:11:4c:28:3f:
09:9e:31:64:e1:7e:15:02:0e:c1:6c:63:73:57:12:ce:8c:67:
84:81:7c:05:b2:02:db:8f:ad:b2:b8:90:37:bb:4b:4d:e4:31:
7b:81:4e:c7:cb:2d:34:b2:8b:a7:e9:b5:51:4e:0d:8c:8b:99:
f0:80:01:31:8a:96:6b:02:91:9b:ab:9f:90:8f:51:22:9f:1f:
a8:85:f9:32:af:32:e7:c1:72:b7:d8:c8:b5:10:da:5f:2f:53:
48:5b:d1:55:30:d9:5d:20:e3:2f:06:9b:29:29:32:53:82:ef:
55:ef:2f:61:ec:72:d1:8d:71:eb:09:9d:c7:58:20:3b:45:75:
79:50:78:e6:29:73:cf:99:e4:cd:b4:9a:be:2c:20:f2:b9:03:
8a:3c:c7:e4:09:a6:fe:35:76:81:6d:ed:92:8f:b1:86:68:0f:
aa:f9:e8:1d:3a:3e:4b:36:41:a8:ed:10:a8:ac:89:9a:c1:14:
90:db:d3:b3:20:b5:76:6d:09:bf:a5:df:6b:6f:1e:3a:3e:e5:
1c:6b:9e:4e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyuxA67zaE+C+RH0RZLLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzE1YzQxMWVhNTRjZDAxY2NhYWQ5Y2NlNGNiYWVhNjdhOGFiMGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdVBlA0YDwjbLUtSWzLfPCAPbWRg
8xAI0Zxxo+ylH5u6OoVcFrx009EnZ5K4WZt33nYIsw32RMacYPs0cvF8ms6oCKJK
XQKQLUsVC8zMVGTb6vW8l3FbGED6o7QSzJPnWk9ILieOGG9Ldw4O6G4rwkBFTF+6
klzgnTkTEiPGEB3ej02PA775VjNkIy4V7O8eHbI5DBLq/s2sJrWncBX9B/+aTERk
DsxlyNHUSzlP2Qfk1evqDy9ZdScyj+VhnkT8v3YDJoH1wjPUiqdtcHwhyED9gaUk
Lrs84OQuNbnMx+nUuae5Rc3aRon2/w1sUlb9mgIQHYlKkPqxLAkco+ziiwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHcVxBHqVM0BzKrZzOTLrqZ6irDTMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvZHhYRUVlcFV6UUhNcXRuTTVNdXVwbnFLc05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmGww
DQYJKoZIhvcNAQELBQADggEBACGgzyEytogZ4fCTYoYWVY9R6+Z44zyodtZkZWdp
8oBcQnj4pFOMpj3YdyvR65xfE2tZEUwoPwmeMWThfhUCDsFsY3NXEs6MZ4SBfAWy
AtuPrbK4kDe7S03kMXuBTsfLLTSyi6fptVFODYyLmfCAATGKlmsCkZurn5CPUSKf
H6iF+TKvMufBcrfYyLUQ2l8vU0hb0VUw2V0g4y8GmykpMlOC71XvL2HsctGNcesJ
ncdYIDtFdXlQeOYpc8+Z5M20mr4sIPK5A4o8x+QJpv41doFt7ZKPsYZoD6r56B06
Pks2QajtEKisiZrBFJDb07MgtXZtCb+l32tvHjo+5Rxrnk4=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:53 2025 by rpki-client