Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/iwcbNmxiF1wTxTmw3hJnAazwDNI.roa
File: iwcbNmxiF1wTxTmw3hJnAazwDNI.roa (raw, json)
Hash identifier: kkAOL6yqU+EOdsfNnn2LNWx+dDHZodGXSou8b/BC+tc=
Subject key identifier: 8B:07:1B:36:6C:62:17:5C:13:C5:39:B0:DE:12:67:01:AC:F0:0C:D2
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAF18A6E581EA25B4094C55EE6F411
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/iwcbNmxiF1wTxTmw3hJnAazwDNI.roa
Signing time: Sun 01 Jan 2023 14:44:54 +0000
ROA not before: Sun 01 Jan 2023 14:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57378
IP address blocks: 2a02:2698:6000::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f1:8a:6e:58:1e:a2:5b:40:94:c5:5e:e6:f4:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b071b366c62175c13c539b0de126701acf00cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e2:60:64:98:22:f3:38:cc:e6:11:5f:4d:9e:
cd:8b:04:51:92:3e:ca:ad:d2:36:26:c7:e4:24:c3:
cb:05:ba:1f:19:30:30:65:53:40:65:b5:fe:f6:9e:
b3:5c:b1:52:83:f4:49:87:d6:cd:ec:1a:a5:9d:b2:
62:a3:52:65:e7:44:25:83:09:2d:43:f0:95:55:61:
20:7e:77:67:a1:c0:d5:f4:25:92:28:19:98:cd:56:
d7:ff:54:63:96:ce:09:ad:92:98:b2:cc:65:07:c2:
c7:b9:3b:2c:90:4b:0b:a8:51:2d:63:89:21:26:58:
73:d1:4f:b6:8c:12:71:57:76:ec:ba:83:f1:84:38:
bd:97:af:d5:d5:d2:61:c5:3c:6f:25:14:81:b0:9b:
f2:83:6c:0c:31:62:33:34:a1:33:a2:ad:cd:71:d4:
bf:13:e8:4f:2a:9c:bd:69:81:69:65:5a:b4:f2:14:
7a:54:6a:90:c4:a1:a6:9c:09:cd:3a:77:b5:4a:84:
f6:2c:46:b3:9f:a4:cc:d4:ac:77:3b:f6:d1:2b:57:
ab:53:33:b0:90:2d:81:ac:7e:ad:ed:94:5e:d1:08:
53:25:d1:14:40:81:50:cc:f9:bd:8a:cb:a9:0e:2c:
4e:a6:84:54:ac:0b:65:da:b8:a4:25:ad:a6:d1:b9:
b2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:07:1B:36:6C:62:17:5C:13:C5:39:B0:DE:12:67:01:AC:F0:0C:D2
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/iwcbNmxiF1wTxTmw3hJnAazwDNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:6000::/38
Signature Algorithm: sha256WithRSAEncryption
55:c3:29:78:88:64:38:81:fe:c4:bb:ce:70:fa:33:be:3f:bf:
86:81:05:8f:5d:6c:8c:ab:d4:15:5d:98:34:60:16:68:36:0e:
0d:67:1e:7f:68:57:d8:6f:de:17:3d:ba:ab:d1:1f:26:fc:27:
36:64:d8:e5:80:b3:1f:8a:fa:f8:21:62:46:7d:28:0c:67:bb:
e6:11:b0:54:a3:36:dc:6f:b3:e3:48:41:21:ee:ca:42:64:b9:
30:9f:1c:c9:3b:ef:0e:3b:d6:b2:ab:56:a0:f3:17:86:de:ca:
2e:46:60:51:28:77:e5:06:e4:c2:4a:46:16:f9:e8:b5:e8:2c:
60:c3:d0:96:08:6e:a2:a8:8d:dd:b2:d5:ba:bc:34:16:5d:41:
77:5f:17:aa:ce:c8:f2:99:2f:1f:b7:5a:da:a0:d9:f4:6f:de:
c0:17:dc:75:f9:7b:c1:25:68:12:c8:f6:5e:2c:ce:24:b8:e8:
eb:9c:85:58:1f:2f:73:35:7f:4b:0c:83:e5:2c:da:da:6b:49:
9e:7f:1c:8d:15:88:b1:e2:06:96:fa:aa:b8:b7:51:13:a7:04:
eb:db:15:a3:1d:9f:62:17:d5:35:36:fd:da:eb:24:e1:33:53:
1e:db:2c:2d:d2:b8:3f:7f:48:61:3d:d6:87:f8:14:82:e4:26:
46:79:99:46
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyvGKblgeoltAlMVe5vQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjA3MWIzNjZjNjIxNzVjMTNjNTM5YjBkZTEyNjcwMWFjZjAwY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOJgZJgi8zjM5hFfTZ7NiwRRkj7K
rdI2JsfkJMPLBbofGTAwZVNAZbX+9p6zXLFSg/RJh9bN7BqlnbJio1Jl50Qlgwkt
Q/CVVWEgfndnocDV9CWSKBmYzVbX/1Rjls4JrZKYssxlB8LHuTsskEsLqFEtY4kh
Jlhz0U+2jBJxV3bsuoPxhDi9l6/V1dJhxTxvJRSBsJvyg2wMMWIzNKEzoq3NcdS/
E+hPKpy9aYFpZVq08hR6VGqQxKGmnAnNOne1SoT2LEazn6TM1Kx3O/bRK1erUzOw
kC2BrH6t7ZRe0QhTJdEUQIFQzPm9isupDixOpoRUrAtl2rikJa2m0bmyqQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIsHGzZsYhdcE8U5sN4SZwGs8AzSMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvaXdjYk5teGlGMXdUeFRtdzNoSm5BYXp3RE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmGAw
DQYJKoZIhvcNAQELBQADggEBAFXDKXiIZDiB/sS7znD6M74/v4aBBY9dbIyr1BVd
mDRgFmg2Dg1nHn9oV9hv3hc9uqvRHyb8JzZk2OWAsx+K+vghYkZ9KAxnu+YRsFSj
Ntxvs+NIQSHuykJkuTCfHMk77w471rKrVqDzF4beyi5GYFEod+UG5MJKRhb56LXo
LGDD0JYIbqKojd2y1bq8NBZdQXdfF6rOyPKZLx+3Wtqg2fRv3sAX3HX5e8ElaBLI
9l4sziS46OuchVgfL3M1f0sMg+Us2tprSZ5/HI0ViLHiBpb6qri3UROnBOvbFaMd
n2IX1TU2/drrJOEzUx7bLC3SuD9/SGE91of4FILkJkZ5mUY=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:51 2025 by rpki-client