Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/U7D5vfpPIRIXaaHDknVBiWgexLc.roa
File: U7D5vfpPIRIXaaHDknVBiWgexLc.roa (raw, json)
Hash identifier: WBTNQKF2NPpFWxlz/OVGNN/kTQVCx7RwwPLt90GgLM4=
Subject key identifier: 53:B0:F9:BD:FA:4F:21:12:17:69:A1:C3:92:75:41:89:68:1E:C4:B7
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 3DF7269E
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/U7D5vfpPIRIXaaHDknVBiWgexLc.roa
Signing time: Fri 11 Mar 2022 14:43:14 +0000
ROA not before: Fri 11 Mar 2022 14:43:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397516
IP address blocks: 2a01:488:bb0f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1039607454 (0x3df7269e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Mar 11 14:43:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53b0f9bdfa4f21121769a1c392754189681ec4b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0b:9a:de:d4:26:a7:71:79:4c:5e:a0:1b:f8:
72:0e:ce:a4:d1:fe:e6:49:df:88:35:b3:b0:34:a3:
dd:80:a6:4c:e7:61:8c:51:68:50:8a:55:91:41:5b:
4a:4c:e8:90:ae:f9:22:af:ba:a8:b6:bd:69:62:57:
bf:aa:11:72:43:cf:c1:ae:59:e3:5d:13:4a:01:48:
9b:51:8b:50:af:25:bb:3b:4b:46:55:e0:ba:db:8b:
39:42:e7:57:4c:08:ec:e6:fe:1f:12:02:18:3f:c4:
f6:b2:5c:08:f8:06:b3:d2:b8:e4:f9:75:75:10:9f:
f6:fd:80:f7:3d:e0:0b:f8:82:78:dd:2f:e0:ec:75:
75:10:2d:7d:16:b5:08:a6:59:85:5d:45:00:64:32:
62:68:68:7d:2b:b8:ba:b5:61:d6:2e:47:6d:3b:f8:
e1:f1:37:97:16:81:0d:60:03:38:4a:61:d9:97:04:
cd:8c:c4:0f:6c:b4:37:6a:f9:92:7d:2e:11:09:eb:
92:89:16:f2:d9:c3:b8:82:a9:db:6b:9e:d0:ac:86:
a4:ad:f2:fa:8c:e2:37:49:63:8b:8e:25:72:81:2a:
7f:47:1e:5a:7f:83:f1:e5:b7:c5:9c:87:76:50:ee:
ff:f1:29:84:84:60:88:be:82:e2:bf:3f:a5:55:16:
23:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B0:F9:BD:FA:4F:21:12:17:69:A1:C3:92:75:41:89:68:1E:C4:B7
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/U7D5vfpPIRIXaaHDknVBiWgexLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb0f::/48
Signature Algorithm: sha256WithRSAEncryption
8c:e2:4a:43:4b:ad:61:89:68:8a:1b:86:ac:a9:57:cc:9b:5d:
e7:bf:db:d6:67:9e:3c:2b:44:f6:41:e1:39:9f:6e:73:33:f6:
3b:bd:37:a3:99:de:ee:63:31:94:92:0a:c7:67:d6:43:a5:aa:
f7:29:2b:1f:57:e4:ca:4e:83:b8:bb:f7:84:fd:f6:4f:4e:1b:
d9:b8:fa:a1:86:d8:53:a5:3d:01:55:1b:9e:05:3e:51:ff:9e:
a9:94:54:01:59:3a:6c:5b:9e:aa:30:07:63:0a:5c:c0:60:dc:
28:a8:4c:88:e1:06:06:85:d8:ec:7d:65:72:ef:4c:22:de:55:
43:5f:5e:ef:7c:22:31:a4:1b:a0:99:e0:2b:ea:21:08:bf:a0:
1e:57:7c:1a:26:06:15:11:94:ab:79:1f:0a:a7:b9:56:e2:7d:
69:9c:d5:8f:bd:e9:86:ca:d6:e9:64:33:99:9d:dc:ac:36:46:
23:14:c1:92:8f:2d:c9:f3:c2:10:be:b0:74:42:84:85:f4:34:
cb:a5:46:39:cc:5e:51:59:67:a3:56:bf:eb:9b:f8:fb:9b:7d:
11:12:d6:d2:8c:cc:11:de:41:ab:4b:14:41:23:e1:1b:1a:ab:
b3:1d:15:7e:d1:d8:3c:27:b4:d6:26:47:b5:a9:aa:87:65:9d:
f8:38:c3:2b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEPfcmnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTZlZDBmYjdiMzIwODMyYWMxNTgwNTM0YzdiMjYzZjMwNGU5ODFiMB4XDTIyMDMx
MTE0NDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNiMGY5YmRmYTRm
MjExMjE3NjlhMWMzOTI3NTQxODk2ODFlYzRiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANELmt7UJqdxeUxeoBv4cg7OpNH+5knfiDWzsDSj3YCmTOdh
jFFoUIpVkUFbSkzokK75Iq+6qLa9aWJXv6oRckPPwa5Z410TSgFIm1GLUK8luztL
RlXgutuLOULnV0wI7Ob+HxICGD/E9rJcCPgGs9K45Pl1dRCf9v2A9z3gC/iCeN0v
4Ox1dRAtfRa1CKZZhV1FAGQyYmhofSu4urVh1i5HbTv44fE3lxaBDWADOEph2ZcE
zYzED2y0N2r5kn0uEQnrkokW8tnDuIKp22ue0KyGpK3y+oziN0lji44lcoEqf0ce
Wn+D8eW3xZyHdlDu//EphIRgiL6C4r8/pVUWI3UCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRTsPm9+k8hEhdpocOSdUGJaB7EtzAfBgNVHSMEGDAWgBS6btD7ezIIMqwV
gFNMeyY/ME6YGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtN1EtM3N5Q0RLc0ZZQlRUSHNtUHpCT21Ccy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvNDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8x
L1U3RDV2ZnBQSVJJWGFhSERrblZCaVdnZXhMYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
NDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8xL3VtN1EtM3N5Q0RL
c0ZZQlRUSHNtUHpCT21Ccy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBIi7DzANBgkqhkiG9w0BAQsF
AAOCAQEAjOJKQ0utYYloihuGrKlXzJtd57/b1meePCtE9kHhOZ9uczP2O703o5ne
7mMxlJIKx2fWQ6Wq9ykrH1fkyk6DuLv3hP32T04b2bj6oYbYU6U9AVUbngU+Uf+e
qZRUAVk6bFueqjAHYwpcwGDcKKhMiOEGBoXY7H1lcu9MIt5VQ19e73wiMaQboJng
K+ohCL+gHld8GiYGFRGUq3kfCqe5VuJ9aZzVj73phsrW6WQzmZ3crDZGIxTBko8t
yfPCEL6wdEKEhfQ0y6VGOcxeUVlno1a/65v4+5t9ERLW0ozMEd5Bq0sUQSPhGxqr
sx0VftHYPCe01iZHtamqh2Wd+DjDKw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:11 2025 by rpki-client