Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/rywDnbP57kMZ2JhmDmqFWCBXoiI.roa
File: rywDnbP57kMZ2JhmDmqFWCBXoiI.roa (raw, json)
Hash identifier: rDGXq42HhZRuRux9i6if4vB+Rct46GpPcm38/19omBQ=
Subject key identifier: AF:2C:03:9D:B3:F9:EE:43:19:D8:98:66:0E:6A:85:58:20:57:A2:22
Certificate issuer: /CN=36574be6ae76cd523b33787cfbdb69264263d074
Certificate serial: 0185729ECA221D43B8520F4701961B68286E
Authority key identifier: 36:57:4B:E6:AE:76:CD:52:3B:33:78:7C:FB:DB:69:26:42:63:D0:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NldL5q52zVI7M3h8-9tpJkJj0HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/rywDnbP57kMZ2JhmDmqFWCBXoiI.roa
Signing time: Mon 02 Jan 2023 13:14:46 +0000
ROA not before: Mon 02 Jan 2023 13:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6831
IP address blocks: 2a04:6580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:ca:22:1d:43:b8:52:0f:47:01:96:1b:68:28:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36574be6ae76cd523b33787cfbdb69264263d074
Validity
Not Before: Jan 2 13:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af2c039db3f9ee4319d898660e6a85582057a222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8f:0d:58:11:76:df:75:55:d6:29:7d:9a:b8:
2b:fd:32:d4:2c:c2:33:85:c7:2f:5a:d4:03:f5:ed:
f8:31:02:0b:3b:67:d1:f8:24:c4:67:30:d6:24:9b:
5e:af:2e:80:69:f1:95:82:7b:bf:02:18:d6:5d:34:
62:84:08:b0:42:7e:09:d4:66:cd:21:ef:54:54:96:
53:17:b1:6c:4c:a6:ba:d3:4d:7a:59:5e:5c:37:2b:
80:43:d2:d2:f9:08:4a:a7:be:7b:be:60:ce:cc:b2:
f3:dc:4c:a0:4b:a7:e0:1e:6e:a9:26:74:22:5a:e2:
ca:0c:b5:8f:11:f4:31:d9:1c:0d:fb:b4:5a:3b:8f:
c3:91:a5:83:c3:b9:f5:77:fb:5d:31:5c:ba:5a:b3:
25:06:9f:e3:55:35:bd:b8:25:67:db:71:83:dc:e0:
76:8e:54:50:51:f6:f0:55:d3:63:9a:5e:77:2f:5e:
f0:2a:0e:76:6b:9e:a0:72:93:bb:0b:68:d1:d9:cb:
39:99:71:66:1e:98:2d:72:b3:28:24:82:2c:56:d4:
7f:dd:78:78:e0:bc:80:94:8d:ba:5c:26:35:f8:3f:
02:53:49:56:6e:54:97:ad:e8:d9:fe:fc:7a:b6:3d:
ed:82:79:4f:0e:1c:ab:6d:81:9e:e4:5a:bf:5b:f2:
13:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:2C:03:9D:B3:F9:EE:43:19:D8:98:66:0E:6A:85:58:20:57:A2:22
X509v3 Authority Key Identifier:
keyid:36:57:4B:E6:AE:76:CD:52:3B:33:78:7C:FB:DB:69:26:42:63:D0:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NldL5q52zVI7M3h8-9tpJkJj0HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/rywDnbP57kMZ2JhmDmqFWCBXoiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/NldL5q52zVI7M3h8-9tpJkJj0HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:6580::/29
Signature Algorithm: sha256WithRSAEncryption
25:be:51:26:2d:1c:a6:ee:38:e5:a0:9b:29:8c:36:07:eb:c0:
41:2b:39:24:15:fb:8b:67:6e:a8:f1:81:e2:f3:97:ad:0b:7d:
ea:f6:47:ec:8c:22:4e:14:df:d7:83:8b:14:0c:af:e8:1d:41:
b3:63:b7:fd:b6:74:56:b7:a3:18:2d:43:78:a2:1a:8f:01:6a:
f1:5b:8c:75:a6:b8:46:ac:12:6d:b8:2d:54:bb:4d:29:40:7e:
ec:a8:6e:a5:1d:de:75:5a:2a:ca:1d:79:5f:f5:f8:31:e7:0a:
3d:7a:03:83:34:cd:8d:99:21:39:19:e7:54:81:7e:64:90:c1:
82:a8:25:6f:9a:14:90:15:a0:f8:84:40:3e:a2:2f:3c:d9:7c:
7a:15:18:dd:d5:98:48:af:43:22:e6:d5:8c:d5:19:ef:b3:05:
09:d7:c0:44:02:16:7d:83:95:35:bd:39:e4:1e:e2:6b:39:2a:
f0:96:2c:72:8a:ef:68:74:92:fc:c1:fc:a0:fd:76:40:f6:0b:
e7:18:1e:8e:71:34:2c:fe:6b:cb:75:96:0e:06:7b:ee:ac:08:
ad:14:e9:e5:09:45:3c:04:09:ed:ce:04:f3:12:d5:c9:1a:d6:
92:07:7d:29:d4:1c:3a:94:93:d7:d5:b7:dc:8f:52:d2:65:df:
f8:c8:a3:a2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVynsoiHUO4Ug9HAZYbaChuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NTc0YmU2YWU3NmNkNTIzYjMzNzg3Y2ZiZGI2OTI2NDI2
M2QwNzQwHhcNMjMwMTAyMTMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjJjMDM5ZGIzZjllZTQzMTlkODk4NjYwZTZhODU1ODIwNTdhMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhY8NWBF233VV1il9mrgr/TLULMIz
hccvWtQD9e34MQILO2fR+CTEZzDWJJtery6AafGVgnu/AhjWXTRihAiwQn4J1GbN
Ie9UVJZTF7FsTKa60016WV5cNyuAQ9LS+QhKp757vmDOzLLz3EygS6fgHm6pJnQi
WuLKDLWPEfQx2RwN+7RaO4/DkaWDw7n1d/tdMVy6WrMlBp/jVTW9uCVn23GD3OB2
jlRQUfbwVdNjml53L17wKg52a56gcpO7C2jR2cs5mXFmHpgtcrMoJIIsVtR/3Xh4
4LyAlI26XCY1+D8CU0lWblSXrejZ/vx6tj3tgnlPDhyrbYGe5Fq/W/IT8QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK8sA52z+e5DGdiYZg5qhVggV6IiMB8GA1UdIwQY
MBaAFDZXS+auds1SOzN4fPvbaSZCY9B0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmxkTDVxNTJ6Vkk3TTNoOC05dHBKa0pqMEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS83ZTFkOTQtMTg1NC00NzNkLTg3NTMt
MThkZWQ4MGI0YjVkLzEvcnl3RG5iUDU3a01aMkpobURtcUZXQ0JYb2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS83ZTFkOTQtMTg1NC00NzNkLTg3NTMtMThkZWQ4MGI0YjVk
LzEvTmxkTDVxNTJ6Vkk3TTNoOC05dHBKa0pqMEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgRlgDAN
BgkqhkiG9w0BAQsFAAOCAQEAJb5RJi0cpu445aCbKYw2B+vAQSs5JBX7i2duqPGB
4vOXrQt96vZH7IwiThTf14OLFAyv6B1Bs2O3/bZ0VrejGC1DeKIajwFq8VuMdaa4
RqwSbbgtVLtNKUB+7KhupR3edVoqyh15X/X4MecKPXoDgzTNjZkhORnnVIF+ZJDB
gqglb5oUkBWg+IRAPqIvPNl8ehUY3dWYSK9DIubVjNUZ77MFCdfARAIWfYOVNb05
5B7iazkq8JYscorvaHSS/MH8oP12QPYL5xgejnE0LP5ry3WWDgZ77qwIrRTp5QlF
PAQJ7c4E8xLVyRrWkgd9KdQcOpST19W33I9S0mXf+Mijog==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:51 2025 by rpki-client