Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/jUWiPTLi_ELpEItKbN5oLkVvF2U.roa
File: jUWiPTLi_ELpEItKbN5oLkVvF2U.roa (raw, json)
Hash identifier: PydUZOt+/LMlrTnpQzNCj/XfewC2lvLXxZtjiyUPlPs=
Subject key identifier: 8D:45:A2:3D:32:E2:FC:42:E9:10:8B:4A:6C:DE:68:2E:45:6F:17:65
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCADD28CA05184C568BD78DBF7651FB
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/jUWiPTLi_ELpEItKbN5oLkVvF2U.roa
Signing time: Sun 01 Jan 2023 14:44:49 +0000
ROA not before: Sun 01 Jan 2023 14:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39028
IP address blocks: 2a02:2698:8400::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:dd:28:ca:05:18:4c:56:8b:d7:8d:bf:76:51:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d45a23d32e2fc42e9108b4a6cde682e456f1765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8f:1d:a5:d0:6c:76:32:e5:fa:35:85:47:7e:
1f:2f:0c:26:d3:48:23:e9:21:1e:b4:e9:11:b3:83:
d2:98:eb:82:57:c2:b0:a8:88:fa:f3:f4:82:14:8a:
c1:4d:17:07:b2:d8:b3:78:ba:b5:7f:f4:60:fa:3f:
94:14:f1:cf:38:f5:85:a0:9b:f5:83:aa:65:93:3a:
be:01:4c:a8:5c:e0:58:13:4f:6a:ad:3f:ac:90:73:
f3:ba:18:f1:99:2c:35:16:c6:44:2b:8a:f7:16:35:
8d:80:70:4d:1d:6a:af:c2:be:c7:16:d7:8e:f1:05:
83:98:02:93:ad:95:78:74:3f:f9:a2:dc:0a:bb:88:
f7:99:80:cd:59:e0:7b:04:d2:ce:c6:20:4c:24:df:
0a:2a:87:c7:ec:aa:b6:ab:58:d5:69:10:f2:cf:25:
c8:70:b0:53:ef:52:82:60:1b:40:62:af:63:44:22:
f3:01:f8:ce:d3:a0:bc:25:6e:a5:1f:1c:ea:2a:59:
a7:50:c2:0e:e2:ec:6e:19:ca:e4:d5:52:04:19:b6:
56:21:00:10:fb:5e:18:5d:76:ab:f6:96:63:59:a0:
ed:2f:9f:b1:30:c9:65:96:6b:1c:9c:8b:15:bd:8a:
59:56:d5:81:b0:b2:85:3c:36:fb:a8:2d:42:81:49:
9f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:45:A2:3D:32:E2:FC:42:E9:10:8B:4A:6C:DE:68:2E:45:6F:17:65
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/jUWiPTLi_ELpEItKbN5oLkVvF2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:8400::/38
Signature Algorithm: sha256WithRSAEncryption
15:b3:1e:8b:0e:1f:13:00:da:16:8b:f9:e9:15:75:e3:e6:4d:
a7:b0:c9:23:a7:e5:26:7c:12:24:de:ab:5f:ad:3b:b4:be:6d:
d9:ac:9f:83:47:95:5d:58:27:f7:4f:93:f3:cd:f3:19:5c:b3:
18:d7:16:46:55:60:c0:c6:dd:87:d8:57:d4:99:2e:58:96:4b:
04:4b:99:b4:94:b0:0f:97:2b:57:b5:06:5c:6b:1f:ea:65:03:
71:7f:19:ce:09:41:f9:30:bd:54:54:0d:ea:11:f5:81:32:43:
1b:41:5e:c3:56:57:2a:5f:68:67:ea:eb:b5:fe:a6:42:42:32:
1b:33:f5:fa:30:a3:de:5e:bb:c6:bf:b9:c4:f9:bf:e9:78:4c:
44:15:59:8e:93:0a:72:17:74:dd:02:a4:8c:fb:d0:71:56:93:
42:f7:15:fd:2a:8d:87:bb:e3:5d:26:42:e3:d2:e6:0f:5e:8b:
2b:c7:e7:00:40:44:19:72:b5:c6:ae:e3:9c:1c:52:47:7c:1b:
69:63:f0:b8:03:11:ab:3e:90:8e:e2:20:01:8c:19:12:0b:9f:
1f:19:c8:49:5e:67:5d:16:18:0b:56:db:8c:8f:86:d4:a7:fd:
45:32:ca:ef:b5:87:9d:74:d5:05:5e:69:4c:4e:30:a9:86:f7:
2c:42:f7:d2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyt0oygUYTFaL142/dlH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDQ1YTIzZDMyZTJmYzQyZTkxMDhiNGE2Y2RlNjgyZTQ1NmYxNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY8dpdBsdjLl+jWFR34fLwwm00gj
6SEetOkRs4PSmOuCV8KwqIj68/SCFIrBTRcHstizeLq1f/Rg+j+UFPHPOPWFoJv1
g6plkzq+AUyoXOBYE09qrT+skHPzuhjxmSw1FsZEK4r3FjWNgHBNHWqvwr7HFteO
8QWDmAKTrZV4dD/5otwKu4j3mYDNWeB7BNLOxiBMJN8KKofH7Kq2q1jVaRDyzyXI
cLBT71KCYBtAYq9jRCLzAfjO06C8JW6lHxzqKlmnUMIO4uxuGcrk1VIEGbZWIQAQ
+14YXXar9pZjWaDtL5+xMMlllmscnIsVvYpZVtWBsLKFPDb7qC1CgUmf+wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFI1Foj0y4vxC6RCLSmzeaC5FbxdlMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvalVXaVBUTGlfRUxwRUl0S2JONW9Ma1Z2RjJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmIQw
DQYJKoZIhvcNAQELBQADggEBABWzHosOHxMA2haL+ekVdePmTaewySOn5SZ8EiTe
q1+tO7S+bdmsn4NHlV1YJ/dPk/PN8xlcsxjXFkZVYMDG3YfYV9SZLliWSwRLmbSU
sA+XK1e1BlxrH+plA3F/Gc4JQfkwvVRUDeoR9YEyQxtBXsNWVypfaGfq67X+pkJC
Mhsz9fowo95eu8a/ucT5v+l4TEQVWY6TCnIXdN0CpIz70HFWk0L3Ff0qjYe7410m
QuPS5g9eiyvH5wBARBlytcau45wcUkd8G2lj8LgDEas+kI7iIAGMGRILnx8ZyEle
Z10WGAtW24yPhtSn/UUyyu+1h5101QVeaUxOMKmG9yxC99I=
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:16:44 2025 by rpki-client