Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/n85yXE6FVewsd2lYg_wf2B3B8pg.roa
File: n85yXE6FVewsd2lYg_wf2B3B8pg.roa (raw, json)
Hash identifier: awaZiVUHPNLupXzr3JrAhACmTcgSXPI6xuHvBHDbnR0=
Subject key identifier: 9F:CE:72:5C:4E:85:55:EC:2C:77:69:58:83:FC:1F:D8:1D:C1:F2:98
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAF0FFBA4D5D454D879E51D51BACE7
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/n85yXE6FVewsd2lYg_wf2B3B8pg.roa
Signing time: Sun 01 Jan 2023 14:44:54 +0000
ROA not before: Sun 01 Jan 2023 14:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57044
IP address blocks: 2a02:2698:800::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f0:ff:ba:4d:5d:45:4d:87:9e:51:d5:1b:ac:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fce725c4e8555ec2c77695883fc1fd81dc1f298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:26:d6:4f:ba:e3:3c:65:df:59:a9:b3:7c:52:
4b:cf:ca:c8:e6:c5:f4:95:44:df:69:aa:c8:8e:3e:
3e:48:27:f3:f3:d6:87:2e:0f:ed:81:ff:94:04:d8:
ac:0a:30:06:b6:04:7c:44:be:d8:b0:15:db:68:c3:
e4:f1:77:82:03:c8:63:ce:03:00:d1:9d:b3:d5:68:
a9:c8:b6:40:fb:3c:16:e1:4a:13:3c:ff:e1:4f:b7:
b9:9f:47:39:31:8c:ba:86:7f:e8:f7:6b:b7:26:78:
71:49:f0:bf:7c:2f:4b:f4:80:0b:b0:26:bf:92:c1:
77:b5:ec:89:1e:7f:54:c3:7a:f1:4c:9a:3a:1f:5a:
e1:5b:85:fe:70:9f:82:5e:af:2a:16:ea:91:82:a3:
0f:49:90:7a:ee:fb:6f:7b:6f:be:71:ff:78:2b:5f:
2a:10:8b:a4:da:63:1c:0e:6a:1c:20:c8:f0:32:84:
85:6d:ca:8f:74:01:3d:e3:b5:43:fd:20:15:e7:04:
17:78:5e:4b:97:25:91:be:05:3a:be:77:77:cf:f5:
ae:9e:ed:4b:d4:f6:51:2c:b0:28:4b:fb:34:72:7a:
fb:c4:ac:bc:26:4a:b0:e7:99:6f:2c:dd:e7:33:d5:
03:58:2e:52:d0:80:20:15:ca:dd:11:e0:65:9c:80:
82:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:CE:72:5C:4E:85:55:EC:2C:77:69:58:83:FC:1F:D8:1D:C1:F2:98
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/n85yXE6FVewsd2lYg_wf2B3B8pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:800::/38
Signature Algorithm: sha256WithRSAEncryption
c9:5d:f9:28:1b:50:ce:70:99:d0:1e:50:3c:1d:94:7c:cf:a9:
db:1c:46:52:ec:04:8b:71:19:a9:8c:a1:7c:f0:7c:1b:cd:55:
fa:c0:77:a5:c4:0a:d8:8b:16:44:cd:fd:06:0d:fd:2c:6c:33:
ee:e9:1b:35:b5:e8:64:a9:27:fe:af:01:51:a8:a8:e7:85:69:
45:84:12:80:49:2f:64:1d:26:f0:14:52:c0:8a:aa:a9:b4:29:
18:3f:7c:b4:06:6c:45:72:fa:12:f3:96:90:67:ca:4a:db:46:
13:c2:bb:7d:d8:65:ea:25:66:f8:3d:bc:2c:04:8c:93:ab:5b:
4d:f5:9d:d1:38:61:7c:30:53:a0:2a:81:76:d5:3e:61:30:b1:
52:d6:85:fd:81:9a:ee:83:a9:ce:67:bd:76:16:65:88:43:44:
65:10:7e:5a:4a:e2:59:f8:5b:5c:5e:99:90:81:df:35:26:8a:
fc:9b:66:c8:7c:26:03:06:79:6e:dc:d2:8c:78:37:45:87:da:
37:89:2f:f0:80:56:61:32:4a:f9:30:de:44:7a:6d:16:55:d4:
92:c6:b2:4c:3b:b7:5a:c2:0b:d7:c0:22:6d:01:73:bc:33:67:
86:90:c4:b8:4e:e5:e7:07:af:e9:77:e3:34:b7:ae:f3:97:5b:
f7:c8:e0:36
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyvD/uk1dRU2HnlHVG6znMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmNlNzI1YzRlODU1NWVjMmM3NzY5NTg4M2ZjMWZkODFkYzFmMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnybWT7rjPGXfWamzfFJLz8rI5sX0
lUTfaarIjj4+SCfz89aHLg/tgf+UBNisCjAGtgR8RL7YsBXbaMPk8XeCA8hjzgMA
0Z2z1WipyLZA+zwW4UoTPP/hT7e5n0c5MYy6hn/o92u3JnhxSfC/fC9L9IALsCa/
ksF3teyJHn9Uw3rxTJo6H1rhW4X+cJ+CXq8qFuqRgqMPSZB67vtve2++cf94K18q
EIuk2mMcDmocIMjwMoSFbcqPdAE947VD/SAV5wQXeF5LlyWRvgU6vnd3z/Wunu1L
1PZRLLAoS/s0cnr7xKy8Jkqw55lvLN3nM9UDWC5S0IAgFcrdEeBlnICCwQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJ/OclxOhVXsLHdpWIP8H9gdwfKYMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvbjg1eVhFNkZWZXdzZDJsWWdfd2YyQjNCOHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmAgw
DQYJKoZIhvcNAQELBQADggEBAMld+SgbUM5wmdAeUDwdlHzPqdscRlLsBItxGamM
oXzwfBvNVfrAd6XECtiLFkTN/QYN/SxsM+7pGzW16GSpJ/6vAVGoqOeFaUWEEoBJ
L2QdJvAUUsCKqqm0KRg/fLQGbEVy+hLzlpBnykrbRhPCu33YZeolZvg9vCwEjJOr
W031ndE4YXwwU6AqgXbVPmEwsVLWhf2Bmu6Dqc5nvXYWZYhDRGUQflpK4ln4W1xe
mZCB3zUmivybZsh8JgMGeW7c0ox4N0WH2jeJL/CAVmEySvkw3kR6bRZV1JLGskw7
t1rCC9fAIm0Bc7wzZ4aQxLhO5ecHr+l34zS3rvOXW/fI4DY=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:43 2025 by rpki-client