Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ph4xntsikWgvnZB_cIJOndr-3w0.roa
File: ph4xntsikWgvnZB_cIJOndr-3w0.roa (raw, json)
Hash identifier: 1BUayrEKZxiYxkfJ2s6U+NcJWD//GjrZVd7pNE+WJZY=
Subject key identifier: A6:1E:31:9E:DB:22:91:68:2F:9D:90:7F:70:82:4E:9D:DA:FE:DF:0D
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAEEE0D35D31DEC23F0E983765B0E4
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ph4xntsikWgvnZB_cIJOndr-3w0.roa
Signing time: Sun 01 Jan 2023 14:44:53 +0000
ROA not before: Sun 01 Jan 2023 14:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56377
IP address blocks: 2a02:2698:4000::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ee:e0:d3:5d:31:de:c2:3f:0e:98:37:65:b0:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a61e319edb2291682f9d907f70824e9ddafedf0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c8:cd:fb:34:e4:c6:32:2b:77:bf:d6:09:3e:
3a:0d:7f:66:4a:16:04:0e:c6:09:de:bd:40:d7:03:
68:50:e0:54:e2:8f:d2:85:27:04:97:76:d3:cd:f8:
e1:b2:05:b7:6d:15:9e:f5:6b:ff:b7:85:8f:7e:c9:
c4:7f:30:3a:b0:92:68:79:f4:94:e9:98:6c:37:45:
fc:fd:32:d3:5a:6c:c0:ec:82:b9:15:a8:28:7e:b3:
ee:91:7d:3d:76:72:cf:a6:1f:f0:b0:c6:f9:35:0e:
7b:64:87:52:5a:34:2a:05:cb:0b:b1:98:b3:1c:08:
4a:ac:10:b5:0f:4e:06:7e:a7:2f:31:df:20:b2:0a:
6a:19:6e:62:d4:e5:79:73:e6:24:24:ef:9c:15:09:
b4:e5:43:2a:71:45:49:d9:2e:24:63:de:56:20:1b:
f1:5c:c8:03:df:1a:11:9b:8a:63:3c:63:90:e9:c5:
92:b4:5a:d9:ae:05:cc:40:15:a0:8a:da:f7:c4:59:
50:7a:d9:ff:63:cc:1a:d9:2f:1a:c6:e7:dc:2a:14:
b7:7c:50:5b:95:ed:56:0b:7f:30:aa:5c:76:31:16:
7b:83:f3:68:f0:cc:0b:3c:af:d9:c3:c4:bc:36:2c:
6a:77:dd:1b:c2:a1:28:16:39:da:90:d5:74:a3:08:
db:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:1E:31:9E:DB:22:91:68:2F:9D:90:7F:70:82:4E:9D:DA:FE:DF:0D
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ph4xntsikWgvnZB_cIJOndr-3w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:4000::/38
Signature Algorithm: sha256WithRSAEncryption
6f:35:a3:5d:4c:02:81:25:2c:06:2b:2b:fb:a3:e7:88:d5:d6:
71:fe:9a:dc:f0:b4:db:a1:e1:00:15:2d:5c:72:90:43:5f:41:
81:a9:c8:11:55:f6:56:fd:21:f7:20:a0:92:b0:3f:e9:a5:0c:
33:83:f5:41:dd:7f:37:83:a8:8e:8d:2e:2b:ea:bd:e7:33:c0:
22:a6:99:60:cf:df:52:a4:bb:5c:8e:e5:e8:7c:f5:a6:e6:c6:
83:9f:85:0c:c4:b9:2a:96:60:16:4c:e2:77:d0:ad:b5:2d:10:
96:3e:e8:3e:1a:ff:50:f4:25:6c:d9:91:d0:6c:a5:4e:6e:fa:
74:d6:d5:03:09:98:88:b6:c8:4d:78:5b:cd:32:ae:97:42:ac:
96:8c:71:82:de:70:87:3b:98:35:fc:57:75:b4:d1:37:16:78:
83:36:41:53:99:29:68:4a:5f:11:3f:9e:02:07:b7:f2:5b:d1:
f4:df:9b:33:af:95:05:db:44:c4:6e:48:87:f3:5a:24:34:8d:
6a:1a:c1:87:10:d9:91:e2:99:fc:31:5a:92:bd:08:c9:f7:45:
18:54:64:36:a8:37:d5:e0:27:c1:9c:d2:7d:85:49:d2:2f:f8:
41:46:38:d6:a1:f5:79:c5:a9:bc:ff:7e:37:a7:8a:64:a2:bb:
15:6f:da:34
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyu7g010x3sI/Dpg3ZbDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjFlMzE5ZWRiMjI5MTY4MmY5ZDkwN2Y3MDgyNGU5ZGRhZmVkZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocjN+zTkxjIrd7/WCT46DX9mShYE
DsYJ3r1A1wNoUOBU4o/ShScEl3bTzfjhsgW3bRWe9Wv/t4WPfsnEfzA6sJJoefSU
6ZhsN0X8/TLTWmzA7IK5FagofrPukX09dnLPph/wsMb5NQ57ZIdSWjQqBcsLsZiz
HAhKrBC1D04GfqcvMd8gsgpqGW5i1OV5c+YkJO+cFQm05UMqcUVJ2S4kY95WIBvx
XMgD3xoRm4pjPGOQ6cWStFrZrgXMQBWgitr3xFlQetn/Y8wa2S8axufcKhS3fFBb
le1WC38wqlx2MRZ7g/No8MwLPK/Zw8S8Nixqd90bwqEoFjnakNV0owjbgQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKYeMZ7bIpFoL52Qf3CCTp3a/t8NMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvcGg0eG50c2lrV2d2blpCX2NJSk9uZHItM3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmEAw
DQYJKoZIhvcNAQELBQADggEBAG81o11MAoElLAYrK/uj54jV1nH+mtzwtNuh4QAV
LVxykENfQYGpyBFV9lb9IfcgoJKwP+mlDDOD9UHdfzeDqI6NLivqveczwCKmmWDP
31Kku1yO5eh89abmxoOfhQzEuSqWYBZM4nfQrbUtEJY+6D4a/1D0JWzZkdBspU5u
+nTW1QMJmIi2yE14W80yrpdCrJaMcYLecIc7mDX8V3W00TcWeIM2QVOZKWhKXxE/
ngIHt/Jb0fTfmzOvlQXbRMRuSIfzWiQ0jWoawYcQ2ZHimfwxWpK9CMn3RRhUZDao
N9XgJ8Gc0n2FSdIv+EFGONah9XnFqbz/fjenimSiuxVv2jQ=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:28 2025 by rpki-client