Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/zxdAISi934bcNYZwJ20SNYnlTV0.roa
File: zxdAISi934bcNYZwJ20SNYnlTV0.roa (raw, json)
Hash identifier: MHpajpbL46w8U3e4J+Hd1z9P9vA67Nlc2r5X1Nw7ui0=
Subject key identifier: CF:17:40:21:28:BD:DF:86:DC:35:86:70:27:6D:12:35:89:E5:4D:5D
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAEE1BC215EF504CC2CFE658BB47ED
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/zxdAISi934bcNYZwJ20SNYnlTV0.roa
Signing time: Sun 01 Jan 2023 14:44:53 +0000
ROA not before: Sun 01 Jan 2023 14:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56330
IP address blocks: 2a02:2698:3400::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ee:1b:c2:15:ef:50:4c:c2:cf:e6:58:bb:47:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf17402128bddf86dc358670276d123589e54d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:36:84:36:8c:de:a4:b1:a2:71:5e:81:3a:30:
9d:94:db:7a:26:41:75:a2:d1:e6:1b:99:5b:1d:e9:
12:46:be:d8:87:58:07:b6:cb:68:e5:4d:70:d6:61:
9c:96:69:7a:fa:17:69:84:71:5d:49:cc:bb:a6:87:
08:e3:12:a7:c5:16:30:61:80:e5:15:7a:e8:ac:77:
4a:86:c4:ad:5b:2e:99:f4:6c:89:de:ad:27:43:5a:
76:49:45:82:47:77:74:1e:86:19:50:e2:d1:90:5c:
7f:46:1a:71:f2:cc:9b:d5:79:1d:77:59:59:0c:e5:
30:be:30:68:5f:57:a5:91:c1:f5:f8:13:4d:1a:5c:
9d:25:4c:d6:18:d9:09:8c:90:bf:54:26:20:d7:c0:
93:fb:5f:91:c2:b4:8e:bb:b0:7d:e4:d1:0d:b8:15:
c4:f3:8f:00:12:98:df:bb:7e:be:5e:90:18:67:98:
5a:e8:4d:a8:9c:05:86:48:9c:ad:30:fc:0c:32:78:
6b:60:54:17:a2:a7:18:ba:31:ca:d6:a6:12:aa:ba:
4e:4e:c3:81:f7:96:e3:79:a6:58:78:8a:d7:59:3a:
9a:d1:c7:3b:56:99:62:dd:a0:2e:e3:da:c4:67:28:
77:3e:b6:91:be:99:76:4f:80:d8:33:d9:db:a3:45:
ef:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:17:40:21:28:BD:DF:86:DC:35:86:70:27:6D:12:35:89:E5:4D:5D
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/zxdAISi934bcNYZwJ20SNYnlTV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:3400::/38
Signature Algorithm: sha256WithRSAEncryption
37:c9:26:8b:af:b8:1a:5a:c3:75:5b:45:2d:0c:96:bd:91:3d:
10:8e:77:fa:c3:be:2d:a7:48:7d:3b:bd:ff:c4:a0:7c:35:e3:
5d:12:c3:81:51:d7:02:68:f1:fa:2e:cd:22:50:b0:56:b3:db:
57:53:a0:ea:a2:71:4e:c1:08:44:0c:dc:a3:b7:07:1f:82:62:
06:30:5c:07:ff:ad:a9:63:90:23:39:10:cc:58:d5:cc:35:43:
3e:b6:ae:4a:f7:0a:9d:e5:08:ae:1a:4e:8b:54:d2:37:8d:dd:
e9:1e:d8:48:89:90:eb:1e:94:ab:91:fe:47:4e:a8:03:c1:54:
31:e6:2d:33:15:f4:fc:42:6d:63:55:8b:36:cc:26:f5:6d:ef:
aa:8e:65:b2:25:92:ab:e0:9e:5c:ab:e3:b5:1f:6b:a3:e2:aa:
27:ad:35:31:81:b3:05:c9:70:ea:0e:67:ba:2e:3e:63:e0:aa:
4c:c8:6f:ae:52:76:c7:a7:9f:67:c5:e8:e8:8d:6b:dc:c1:68:
62:0a:0d:25:22:95:b2:88:d0:b6:16:52:bb:91:d2:e0:29:4f:
e2:d3:d8:52:32:3f:93:6d:50:ac:4e:e1:b7:55:ae:31:e7:af:
e8:85:c6:24:2d:b8:23:52:7b:e2:79:b9:08:a2:94:ea:55:ad:
73:b2:69:48
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyu4bwhXvUEzCz+ZYu0ftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjE3NDAyMTI4YmRkZjg2ZGMzNTg2NzAyNzZkMTIzNTg5ZTU0ZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDaENozepLGicV6BOjCdlNt6JkF1
otHmG5lbHekSRr7Yh1gHtsto5U1w1mGclml6+hdphHFdScy7pocI4xKnxRYwYYDl
FXrorHdKhsStWy6Z9GyJ3q0nQ1p2SUWCR3d0HoYZUOLRkFx/Rhpx8syb1Xkdd1lZ
DOUwvjBoX1elkcH1+BNNGlydJUzWGNkJjJC/VCYg18CT+1+RwrSOu7B95NENuBXE
848AEpjfu36+XpAYZ5ha6E2onAWGSJytMPwMMnhrYFQXoqcYujHK1qYSqrpOTsOB
95bjeaZYeIrXWTqa0cc7Vpli3aAu49rEZyh3PraRvpl2T4DYM9nbo0XvfQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFM8XQCEovd+G3DWGcCdtEjWJ5U1dMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvenhkQUlTaTkzNGJjTllad0oyMFNOWW5sVFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmDQw
DQYJKoZIhvcNAQELBQADggEBADfJJouvuBpaw3VbRS0Mlr2RPRCOd/rDvi2nSH07
vf/EoHw1410Sw4FR1wJo8fouzSJQsFaz21dToOqicU7BCEQM3KO3Bx+CYgYwXAf/
raljkCM5EMxY1cw1Qz62rkr3Cp3lCK4aTotU0jeN3eke2EiJkOselKuR/kdOqAPB
VDHmLTMV9PxCbWNVizbMJvVt76qOZbIlkqvgnlyr47Ufa6PiqietNTGBswXJcOoO
Z7ouPmPgqkzIb65Sdsenn2fF6OiNa9zBaGIKDSUilbKI0LYWUruR0uApT+LT2FIy
P5NtUKxO4bdVrjHnr+iFxiQtuCNSe+J5uQiilOpVrXOyaUg=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:19 2025 by rpki-client