Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/mK4oeESPUCyj76DQer1F1Xa8ZW4.roa
File: mK4oeESPUCyj76DQer1F1Xa8ZW4.roa (raw, json)
Hash identifier: g20cRt6vZ8q8Q88y2ffXIARsL5bhdbE3jvTsICFGZuI=
Subject key identifier: 98:AE:28:78:44:8F:50:2C:A3:EF:A0:D0:7A:BD:45:D5:76:BC:65:6E
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 0184E7B534B4986F1AC23E690C8F571D2A8C
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/mK4oeESPUCyj76DQer1F1Xa8ZW4.roa
Signing time: Tue 06 Dec 2022 13:52:02 +0000
ROA not before: Tue 06 Dec 2022 13:52:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397520
IP address blocks: 2a01:488:bb19::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:b5:34:b4:98:6f:1a:c2:3e:69:0c:8f:57:1d:2a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Dec 6 13:52:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98ae2878448f502ca3efa0d07abd45d576bc656e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:73:69:64:fa:66:00:1a:9f:c9:10:f6:9a:46:
31:d1:5b:c4:c6:8f:c3:42:7f:d8:73:1e:b5:e7:9b:
fc:3c:6a:59:f0:c5:a5:90:99:fe:19:bd:81:13:29:
df:ff:db:51:d5:17:58:b9:bd:43:c7:f6:dd:19:30:
b7:a2:b5:8b:14:c9:eb:d5:55:fe:74:04:ad:a1:c4:
bd:e8:c8:5b:79:6a:e9:ef:a0:3a:b0:c4:a1:aa:18:
04:5b:14:b8:a2:6c:bb:d1:ac:db:e7:b4:0a:a2:df:
ac:39:9e:c2:db:8d:e2:90:d8:e2:17:64:08:ed:03:
77:f6:b7:69:ce:3e:b4:25:dc:16:ce:d8:5c:69:46:
94:2e:54:86:68:3d:ac:5d:57:e5:86:0b:bd:92:94:
7a:77:b7:70:c6:be:89:f4:6e:56:b4:85:05:5d:79:
cc:27:cd:35:a8:39:ef:11:0f:2f:10:67:09:07:89:
36:ce:1a:b3:85:4b:05:e5:00:b8:58:0b:7b:96:e8:
a1:37:3a:0b:3b:54:9b:f0:a9:fc:95:9c:a7:36:fe:
68:f1:eb:0d:bd:53:ec:52:f1:ae:4f:30:83:4c:be:
d1:66:cb:3b:64:18:bb:e5:16:c6:f2:b5:7c:ea:33:
1b:2b:d1:ff:e2:f4:8b:c1:ad:5f:c4:f1:a1:0c:94:
62:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AE:28:78:44:8F:50:2C:A3:EF:A0:D0:7A:BD:45:D5:76:BC:65:6E
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/mK4oeESPUCyj76DQer1F1Xa8ZW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb19::/48
Signature Algorithm: sha256WithRSAEncryption
68:2a:df:18:19:c2:d0:a1:8c:39:91:d5:9e:90:ff:fc:95:d2:
05:48:70:42:6b:ff:4a:ad:53:73:6e:49:3e:0b:5f:cc:da:c0:
02:13:22:db:15:56:e9:28:cf:ef:b2:02:c4:8d:0d:96:1d:7e:
80:be:6a:11:aa:0e:5a:d5:66:21:dc:38:d0:21:d2:5d:01:0d:
4f:1c:11:9a:fd:91:5f:1a:69:82:65:40:10:2d:40:17:d0:61:
a6:83:a3:09:47:5a:c6:8b:81:69:c8:4e:f8:7d:68:09:6b:62:
c3:53:b0:9c:f6:1e:74:7f:9b:26:70:de:9a:90:84:c4:99:a0:
d1:7b:5d:57:2b:cf:dc:a6:dc:f8:61:f5:a1:16:18:39:dd:b1:
42:cd:cb:b7:a5:53:84:0a:8c:d6:41:42:05:7b:95:9b:b0:2f:
0c:03:b7:8a:88:92:9b:ca:62:24:93:7d:24:4d:a7:f7:eb:cf:
96:fd:8c:86:65:bf:ce:d1:f4:d4:61:13:8b:c4:bc:99:c8:ee:
20:21:6c:a0:f3:ce:59:3d:cb:26:0a:05:6e:13:fe:58:37:aa:
98:1a:0f:89:cc:fb:98:57:c9:33:9b:4c:31:23:e2:53:23:2c:
3d:64:96:96:01:5b:72:d0:84:0b:38:63:7b:83:e2:9d:ea:b5:
02:e1:53:47
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTntTS0mG8awj5pDI9XHSqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjIxMjA2MTM1MjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFlMjg3ODQ0OGY1MDJjYTNlZmEwZDA3YWJkNDVkNTc2YmM2NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3NpZPpmABqfyRD2mkYx0VvExo/D
Qn/Ycx6155v8PGpZ8MWlkJn+Gb2BEynf/9tR1RdYub1Dx/bdGTC3orWLFMnr1VX+
dAStocS96MhbeWrp76A6sMShqhgEWxS4omy70azb57QKot+sOZ7C243ikNjiF2QI
7QN39rdpzj60JdwWzthcaUaULlSGaD2sXVflhgu9kpR6d7dwxr6J9G5WtIUFXXnM
J801qDnvEQ8vEGcJB4k2zhqzhUsF5QC4WAt7luihNzoLO1Sb8Kn8lZynNv5o8esN
vVPsUvGuTzCDTL7RZss7ZBi75RbG8rV86jMbK9H/4vSLwa1fxPGhDJRirQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJiuKHhEj1Aso++g0Hq9RdV2vGVuMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvbUs0b2VFU1BVQ3lqNzZEUWVyMUYxWGE4Wlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsZ
MA0GCSqGSIb3DQEBCwUAA4IBAQBoKt8YGcLQoYw5kdWekP/8ldIFSHBCa/9KrVNz
bkk+C1/M2sACEyLbFVbpKM/vsgLEjQ2WHX6AvmoRqg5a1WYh3DjQIdJdAQ1PHBGa
/ZFfGmmCZUAQLUAX0GGmg6MJR1rGi4FpyE74fWgJa2LDU7Cc9h50f5smcN6akITE
maDRe11XK8/cptz4YfWhFhg53bFCzcu3pVOECozWQUIFe5WbsC8MA7eKiJKbymIk
k30kTaf368+W/YyGZb/O0fTUYROLxLyZyO4gIWyg885ZPcsmCgVuE/5YN6qYGg+J
zPuYV8kzm0wxI+JTIyw9ZJaWAVty0IQLOGN7g+Kd6rUC4VNH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:10 2025 by rpki-client