Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/mbe8S2x_qYSBCpD7PvSxk2AXoMw.roa
File: mbe8S2x_qYSBCpD7PvSxk2AXoMw.roa (raw, json)
Hash identifier: IEgPcgIAkKn4NmX+61eP/GtiLqhT3cEs8U22ALgKyUk=
Subject key identifier: 99:B7:BC:4B:6C:7F:A9:84:81:0A:90:FB:3E:F4:B1:93:60:17:A0:CC
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 093986A2
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/mbe8S2x_qYSBCpD7PvSxk2AXoMw.roa
Signing time: Sat 01 Jan 2022 12:58:53 +0000
ROA not before: Sat 01 Jan 2022 12:58:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49048
IP address blocks: 2a02:2698:7400::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154764962 (0x93986a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:58:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99b7bc4b6c7fa984810a90fb3ef4b1936017a0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:50:2a:c0:0e:44:d5:e2:fc:0c:44:9d:4e:32:
36:2a:14:61:73:6a:3f:00:d7:46:b8:3c:4c:48:d0:
53:ff:43:54:2d:76:42:69:fb:14:58:4b:b8:3d:21:
e1:a2:5a:ff:fe:6e:fa:b9:14:51:18:7f:01:d3:8b:
74:16:ae:d3:31:9b:e5:32:f2:23:0c:c7:07:41:90:
ad:93:6c:f0:17:0d:69:d4:ab:e5:b6:79:db:f1:db:
24:b1:eb:8f:55:c2:ca:f6:d6:95:36:b4:0e:dd:97:
b6:ba:b3:df:50:22:bd:66:97:31:09:1a:07:1c:08:
3c:fc:06:1d:a5:4d:ea:00:2e:ed:dd:30:99:e8:5c:
38:3b:78:03:ff:fb:48:69:ea:b7:ef:62:79:d7:6c:
7f:3c:dd:39:2a:d5:cc:a0:1f:75:c5:1e:4a:b8:63:
18:6e:35:59:22:6c:82:c9:7c:0b:7a:a8:b7:77:76:
01:85:b9:c2:b4:99:91:8f:10:ce:e4:3c:37:7a:9b:
bf:39:83:3e:b4:c0:08:3e:5d:25:e1:5e:9d:9e:f8:
a7:22:8e:9d:8f:75:b8:f6:d3:0a:f9:cc:81:59:bc:
8c:0b:d6:4f:c0:6b:c7:74:c3:1d:ab:b0:ee:d3:e3:
a9:4e:9d:8b:6a:81:8c:e4:c5:5d:cf:e3:7f:e2:c8:
3c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B7:BC:4B:6C:7F:A9:84:81:0A:90:FB:3E:F4:B1:93:60:17:A0:CC
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/mbe8S2x_qYSBCpD7PvSxk2AXoMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:7400::/38
Signature Algorithm: sha256WithRSAEncryption
7e:bc:39:f7:07:d1:63:71:55:6e:70:d5:23:6d:30:70:ce:f1:
e7:b2:1d:49:45:be:93:9b:e4:ce:36:2e:27:81:36:12:20:56:
fe:67:d3:e5:75:37:9a:59:49:e0:bf:a9:f9:1e:47:8f:7d:0f:
fe:d1:5c:f6:44:3f:d1:0b:bb:71:78:03:5b:97:ba:25:0f:ae:
d6:89:60:2a:5d:24:45:df:42:23:32:93:36:78:41:76:4a:7f:
60:3e:d3:d6:99:40:19:b0:dc:f4:95:a4:e7:95:00:b3:23:8d:
84:28:18:2a:27:68:86:4d:f6:8d:4a:de:ad:c2:53:c6:b9:f5:
4c:10:97:87:4a:33:65:b6:58:ee:c1:ff:3c:19:71:9d:7c:64:
b2:6d:62:32:01:74:7c:7d:57:90:43:64:11:7e:dd:fd:cc:e9:
25:8a:94:5a:6f:7d:98:d6:df:d3:27:1e:ef:f2:d1:8e:8d:01:
49:d0:d2:79:56:9f:73:6b:22:a1:4a:b9:f3:28:84:98:f5:ff:
2b:78:28:07:9c:42:47:38:c0:f3:e1:a9:06:ba:52:10:f4:e8:
0e:c4:e9:ae:96:80:39:83:9e:d0:4f:35:7a:6d:43:25:23:03:
cd:09:f0:a6:72:39:ff:c0:b8:44:4b:97:c8:e6:01:24:ef:2d:
12:ce:fd:2f
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECTmGojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTliN2JjNGI2Yzdm
YTk4NDgxMGE5MGZiM2VmNGIxOTM2MDE3YTBjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxQKsAORNXi/AxEnU4yNioUYXNqPwDXRrg8TEjQU/9DVC12
Qmn7FFhLuD0h4aJa//5u+rkUURh/AdOLdBau0zGb5TLyIwzHB0GQrZNs8BcNadSr
5bZ52/HbJLHrj1XCyvbWlTa0Dt2Xtrqz31AivWaXMQkaBxwIPPwGHaVN6gAu7d0w
mehcODt4A//7SGnqt+9ieddsfzzdOSrVzKAfdcUeSrhjGG41WSJsgsl8C3qot3d2
AYW5wrSZkY8QzuQ8N3qbvzmDPrTACD5dJeFenZ74pyKOnY91uPbTCvnMgVm8jAvW
T8Brx3TDHauw7tPjqU6di2qBjOTFXc/jf+LIPBMCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSZt7xLbH+phIEKkPs+9LGTYBegzDAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L21iZThTMnhfcVlTQkNwRDdQdlN4azJBWG9Ndy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioCJph0MA0GCSqGSIb3DQEBCwUA
A4IBAQB+vDn3B9FjcVVucNUjbTBwzvHnsh1JRb6Tm+TONi4ngTYSIFb+Z9PldTea
WUngv6n5HkePfQ/+0Vz2RD/RC7txeANbl7olD67WiWAqXSRF30IjMpM2eEF2Sn9g
PtPWmUAZsNz0laTnlQCzI42EKBgqJ2iGTfaNSt6twlPGufVMEJeHSjNltljuwf88
GXGdfGSybWIyAXR8fVeQQ2QRft39zOklipRab32Y1t/TJx7v8tGOjQFJ0NJ5Vp9z
ayKhSrnzKISY9f8reCgHnEJHOMDz4akGulIQ9OgOxOmuloA5g57QTzV6bUMlIwPN
CfCmcjn/wLhES5fI5gEk7y0Szv0v
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:03 2025 by rpki-client