Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/9f5105-12d7-4f6b-9d0d-d977b389d5ab/1/DjRhAR6ibnrLqFsba93HaPX-k54.roa
File: DjRhAR6ibnrLqFsba93HaPX-k54.roa (raw, json)
Hash identifier: Lo1U2eP3K6THTJ6NdOIR5caz245UCP3WC4F+Ayo8sgI=
Subject key identifier: 0E:34:61:01:1E:A2:6E:7A:CB:A8:5B:1B:6B:DD:C7:68:F5:FE:93:9E
Certificate issuer: /CN=f618619ae3c9b59d868bcdfcc7e73d813f8504e5
Certificate serial: 018B66035465506A27493457ED5D62B4F982
Authority key identifier: F6:18:61:9A:E3:C9:B5:9D:86:8B:CD:FC:C7:E7:3D:81:3F:85:04:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9hhhmuPJtZ2Gi838x-c9gT-FBOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/9f5105-12d7-4f6b-9d0d-d977b389d5ab/1/DjRhAR6ibnrLqFsba93HaPX-k54.roa
Signing time: Wed 25 Oct 2023 08:46:16 +0000
ROA not before: Wed 25 Oct 2023 08:46:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216333
IP address blocks: 2a13:d6c0::/32 maxlen: 48
2a13:d6c0:100::/48 maxlen: 48
2a13:d6c0:110::/48 maxlen: 48
2a13:d6c0:20::/48 maxlen: 48
2a13:d6c0:1::/48 maxlen: 48
2a13:d6c0:101::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:03:54:65:50:6a:27:49:34:57:ed:5d:62:b4:f9:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f618619ae3c9b59d868bcdfcc7e73d813f8504e5
Validity
Not Before: Oct 25 08:46:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e3461011ea26e7acba85b1b6bddc768f5fe939e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2d:03:59:b9:97:d9:b4:e0:9a:9d:fa:a2:cb:
5d:76:f8:8f:45:e8:03:dd:43:dd:c0:e3:f4:e2:17:
39:06:57:56:a2:24:4f:63:40:37:61:06:73:7d:23:
e4:f2:a5:a5:77:da:44:e4:75:1f:ae:37:24:9f:ae:
9d:45:01:f3:df:ed:14:f8:8e:05:fa:8e:a1:c5:8a:
26:7e:e4:93:61:97:59:d6:70:c4:96:0c:e1:c4:25:
bb:d2:3f:46:84:4e:90:3f:fa:71:6d:6c:93:76:55:
7a:87:2f:1d:49:12:58:e3:32:ad:84:95:99:25:07:
d8:1b:6e:ec:25:54:79:7b:77:95:3f:bf:2e:51:46:
45:5a:88:f4:8f:7c:23:5f:56:61:5c:2b:7f:4b:72:
4a:b0:d7:20:68:45:73:03:fc:76:bb:81:f1:f0:6e:
14:a7:a4:ce:c6:64:cf:fb:11:a4:5e:34:52:22:e3:
d5:58:98:bf:26:86:94:df:d9:6f:bc:8a:60:e8:66:
f6:98:c3:86:a8:60:3a:d5:70:28:bf:e4:44:45:eb:
89:58:cf:4c:a1:b9:63:a0:93:29:00:ae:32:42:8d:
1e:df:2f:c0:10:70:f4:a1:23:92:24:1b:2a:fd:74:
e8:b0:fa:a5:19:0e:58:4c:92:31:b4:c7:4d:fe:c2:
2d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:34:61:01:1E:A2:6E:7A:CB:A8:5B:1B:6B:DD:C7:68:F5:FE:93:9E
X509v3 Authority Key Identifier:
keyid:F6:18:61:9A:E3:C9:B5:9D:86:8B:CD:FC:C7:E7:3D:81:3F:85:04:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9hhhmuPJtZ2Gi838x-c9gT-FBOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/9f5105-12d7-4f6b-9d0d-d977b389d5ab/1/DjRhAR6ibnrLqFsba93HaPX-k54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/9f5105-12d7-4f6b-9d0d-d977b389d5ab/1/9hhhmuPJtZ2Gi838x-c9gT-FBOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d6c0::/32
Signature Algorithm: sha256WithRSAEncryption
01:89:56:88:da:8b:07:d4:b3:c7:a1:e4:bb:2b:24:c1:fd:13:
99:6c:37:c6:e4:13:8e:a4:c3:f4:2c:4b:ef:11:10:23:5b:fb:
99:dc:be:0a:e7:bb:e2:2c:f0:f8:ff:36:ce:6b:de:6b:54:6c:
05:22:5c:5b:25:50:c1:c3:fc:c7:2b:88:38:51:25:57:a5:fa:
bb:76:b2:e6:34:b8:db:29:38:ff:d6:17:ed:7a:72:45:3d:78:
c2:11:bf:20:ae:c8:bf:fb:7d:67:ac:c9:87:cf:d7:58:1d:31:
bb:2c:b5:b5:78:b8:eb:ca:ad:77:f2:0d:03:ef:ea:01:b2:44:
5d:cd:6c:33:42:85:0e:16:26:eb:49:a6:d7:3f:e7:53:dd:27:
3d:54:f3:0d:18:e6:38:df:43:d4:2d:06:03:ba:6f:72:da:ae:
b1:a0:ac:24:e8:88:2e:5e:98:e9:17:36:0a:09:88:7d:23:dd:
e5:fd:52:19:da:fc:13:6c:24:5e:70:59:d5:79:62:6f:bd:db:
94:ff:42:99:9e:e2:da:75:6e:35:89:dd:dd:63:1b:87:53:63:
97:15:e3:86:48:90:cd:ba:ce:43:7e:4b:7a:2e:2e:47:87:99:
33:0a:8c:3b:8e:15:71:92:0d:c5:3a:d4:56:76:a8:6c:62:66:
67:c8:2d:8b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtmA1RlUGonSTRX7V1itPmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MTg2MTlhZTNjOWI1OWQ4NjhiY2RmY2M3ZTczZDgxM2Y4
NTA0ZTUwHhcNMjMxMDI1MDg0NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTM0NjEwMTFlYTI2ZTdhY2JhODViMWI2YmRkYzc2OGY1ZmU5MzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjC0DWbmX2bTgmp36ostddviPRegD
3UPdwOP04hc5BldWoiRPY0A3YQZzfSPk8qWld9pE5HUfrjckn66dRQHz3+0U+I4F
+o6hxYomfuSTYZdZ1nDElgzhxCW70j9GhE6QP/pxbWyTdlV6hy8dSRJY4zKthJWZ
JQfYG27sJVR5e3eVP78uUUZFWoj0j3wjX1ZhXCt/S3JKsNcgaEVzA/x2u4Hx8G4U
p6TOxmTP+xGkXjRSIuPVWJi/JoaU39lvvIpg6Gb2mMOGqGA61XAov+REReuJWM9M
obljoJMpAK4yQo0e3y/AEHD0oSOSJBsq/XTosPqlGQ5YTJIxtMdN/sItfwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA40YQEeom56y6hbG2vdx2j1/pOeMB8GA1UdIwQY
MBaAFPYYYZrjybWdhovN/MfnPYE/hQTlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWhoaG11UEp0WjJHaTgzOHgtYzlnVC1GQk9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS85ZjUxMDUtMTJkNy00ZjZiLTlkMGQt
ZDk3N2IzODlkNWFiLzEvRGpSaEFSNmlibnJMcUZzYmE5M0hhUFgtazU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS85ZjUxMDUtMTJkNy00ZjZiLTlkMGQtZDk3N2IzODlkNWFi
LzEvOWhoaG11UEp0WjJHaTgzOHgtYzlnVC1GQk9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPWwDAN
BgkqhkiG9w0BAQsFAAOCAQEAAYlWiNqLB9Szx6Hkuyskwf0TmWw3xuQTjqTD9CxL
7xEQI1v7mdy+Cue74izw+P82zmvea1RsBSJcWyVQwcP8xyuIOFElV6X6u3ay5jS4
2yk4/9YX7XpyRT14whG/IK7Iv/t9Z6zJh8/XWB0xuyy1tXi468qtd/INA+/qAbJE
Xc1sM0KFDhYm60mm1z/nU90nPVTzDRjmON9D1C0GA7pvctqusaCsJOiILl6Y6Rc2
CgmIfSPd5f1SGdr8E2wkXnBZ1Xlib73blP9CmZ7i2nVuNYnd3WMbh1NjlxXjhkiQ
zbrOQ35Lei4uR4eZMwqMO44VcZINxTrUVnaobGJmZ8gtiw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:19 2025 by rpki-client