Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/_TtJS0UhyoUWjXR9PMpc1IdAdZE.roa
File: _TtJS0UhyoUWjXR9PMpc1IdAdZE.roa (raw, json)
Hash identifier: 9FXIoNkqusXerdVz52jOaEN+QpGjgAyOYUyiyjoano4=
Subject key identifier: FD:3B:49:4B:45:21:CA:85:16:8D:74:7D:3C:CA:5C:D4:87:40:75:91
Certificate issuer: /CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Certificate serial: 17317E28
Authority key identifier: 01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/_TtJS0UhyoUWjXR9PMpc1IdAdZE.roa
Signing time: Sat 01 Jan 2022 13:04:23 +0000
ROA not before: Sat 01 Jan 2022 13:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25295
IP address blocks: 2a00:fb8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 389119528 (0x17317e28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Validity
Not Before: Jan 1 13:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd3b494b4521ca85168d747d3cca5cd487407591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3a:3c:6a:fb:40:e0:fa:69:2b:2b:64:80:fd:
9c:2b:ca:2c:b6:b4:62:47:75:02:aa:64:3f:c3:cf:
dc:12:a3:5e:17:6a:a9:c9:b3:75:87:8e:34:31:39:
aa:1c:04:cf:92:fd:f9:33:1c:b4:ac:de:1b:1c:ad:
12:13:84:11:1a:69:82:52:0c:f0:58:5f:2c:95:07:
27:78:3f:fc:5a:25:64:be:c0:01:f6:b0:5f:12:3d:
9f:89:e5:32:0f:59:55:54:57:6b:5b:dd:39:d3:b7:
38:0f:a7:cc:fc:34:b4:d4:48:01:0f:18:67:dc:b2:
02:18:e2:fe:ca:f6:f2:10:97:a6:fc:17:e2:df:f5:
77:a3:2a:52:99:e7:13:2e:e2:a4:ed:b6:5c:c5:2f:
c1:bc:06:9c:a0:37:f1:43:c9:66:f4:1a:61:fa:cb:
f9:ff:3e:87:39:4e:61:07:52:f3:6a:b5:d9:52:93:
75:ea:f8:60:3e:30:1f:21:89:01:dc:c7:df:67:c9:
39:b8:a9:63:03:69:94:7a:b6:74:db:00:12:e9:55:
dd:03:d0:a8:83:51:a7:4a:ef:8b:7c:0f:02:b9:ea:
9e:7b:55:6c:4f:36:ec:88:66:67:40:bb:b9:be:25:
73:b9:f0:e3:ce:fb:a2:f9:ac:b6:ce:7b:f5:92:95:
83:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3B:49:4B:45:21:CA:85:16:8D:74:7D:3C:CA:5C:D4:87:40:75:91
X509v3 Authority Key Identifier:
keyid:01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/_TtJS0UhyoUWjXR9PMpc1IdAdZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:fb8::/32
Signature Algorithm: sha256WithRSAEncryption
7c:bd:0e:61:81:99:7b:30:82:ca:ed:da:91:ac:f3:93:70:76:
fe:91:6e:9a:af:a0:49:b2:cb:44:23:47:7a:2d:2c:da:df:fe:
d7:a7:b1:67:ac:8f:3a:d3:26:49:1a:ac:64:fc:57:f3:57:88:
16:9f:aa:b0:b3:81:3b:e2:4b:ee:a1:d0:15:87:3d:ef:47:67:
13:09:71:4b:eb:26:73:3a:a2:08:e6:b5:15:34:de:2c:e0:78:
86:03:92:71:0a:ff:85:99:06:da:f0:5e:61:8a:29:c8:bf:52:
24:8f:76:d9:65:f3:45:e5:29:54:b2:9f:cc:12:6b:6d:21:a9:
7e:f2:50:1f:95:41:0b:87:a6:75:3d:f5:41:cb:6b:60:4a:55:
82:cb:35:63:9e:6c:4c:b1:c0:d8:11:9b:82:f8:cc:98:ea:99:
2e:64:fa:e7:ca:be:a3:80:20:fc:a1:77:db:cc:fe:89:04:4e:
02:c5:6d:4f:d0:6a:04:83:4c:8b:1d:a3:d7:19:21:b5:dc:fa:
ed:10:4b:ee:0b:15:f9:99:03:a8:08:08:75:de:08:a9:55:63:
59:1c:99:69:fd:ee:4b:b3:d2:98:42:44:c2:8c:37:78:24:7e:
d7:b4:69:81:df:68:3c:15:8e:6e:c1:ab:ec:63:59:1e:3c:72:
64:23:72:29
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEFzF+KDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWQxYTEzNTNmN2Y4YjUwNWZjOTg3NTBlODY3ODdmNGUwNDY0MzJlMB4XDTIyMDEw
MTEzMDQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQzYjQ5NGI0NTIx
Y2E4NTE2OGQ3NDdkM2NjYTVjZDQ4NzQwNzU5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALo6PGr7QOD6aSsrZID9nCvKLLa0Ykd1AqpkP8PP3BKjXhdq
qcmzdYeONDE5qhwEz5L9+TMctKzeGxytEhOEERppglIM8FhfLJUHJ3g//FolZL7A
AfawXxI9n4nlMg9ZVVRXa1vdOdO3OA+nzPw0tNRIAQ8YZ9yyAhji/sr28hCXpvwX
4t/1d6MqUpnnEy7ipO22XMUvwbwGnKA38UPJZvQaYfrL+f8+hzlOYQdS82q12VKT
der4YD4wHyGJAdzH32fJObipYwNplHq2dNsAEulV3QPQqINRp0rvi3wPArnqnntV
bE827IhmZ0C7ub4lc7nw4877ovmsts579ZKVg30CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT9O0lLRSHKhRaNdH08ylzUh0B1kTAfBgNVHSMEGDAWgBQB0aE1P3+LUF/J
h1DoZ4f04EZDLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FkR2hOVDlfaTFCZnlZZFE2R2VIOU9CR1F5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvYjEzOTNkLWNjYTgtNGE5Ny04MWFhLTY0M2E0MTU5YWI0Ni8x
L19UdEpTMFVoeW9VV2pYUjlQTXBjMUlkQWRaRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
YjEzOTNkLWNjYTgtNGE5Ny04MWFhLTY0M2E0MTU5YWI0Ni8xL0FkR2hOVDlfaTFC
ZnlZZFE2R2VIOU9CR1F5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoAD7gwDQYJKoZIhvcNAQELBQAD
ggEBAHy9DmGBmXswgsrt2pGs85Nwdv6RbpqvoEmyy0QjR3otLNrf/tensWesjzrT
JkkarGT8V/NXiBafqrCzgTviS+6h0BWHPe9HZxMJcUvrJnM6ogjmtRU03izgeIYD
knEK/4WZBtrwXmGKKci/UiSPdtll80XlKVSyn8wSa20hqX7yUB+VQQuHpnU99UHL
a2BKVYLLNWOebEyxwNgRm4L4zJjqmS5k+ufKvqOAIPyhd9vM/okETgLFbU/QagSD
TIsdo9cZIbXc+u0QS+4LFfmZA6gICHXeCKlVY1kcmWn97kuz0phCRMKMN3gkfte0
aYHfaDwVjm7Bq+xjWR48cmQjcik=
-----END CERTIFICATE-----
Generated at Thu Feb 20 15:28:13 2025 by rpki-client