Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/rWs0MGS06GFcpkQ08pf_AQkPEic.roa
File: rWs0MGS06GFcpkQ08pf_AQkPEic.roa (raw, json)
Hash identifier: akSlTFE9w3fsT60SCh/QKGFUHIdPirFzyR+uqNSx3Bg=
Subject key identifier: AD:6B:34:30:64:B4:E8:61:5C:A6:44:34:F2:97:FF:01:09:0F:12:27
Certificate issuer: /CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Certificate serial: 018593056340A1E392C323AA8378544972BB
Authority key identifier: D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/rWs0MGS06GFcpkQ08pf_AQkPEic.roa
Signing time: Sun 08 Jan 2023 20:14:41 +0000
ROA not before: Sun 08 Jan 2023 20:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211603
IP address blocks: 2a0f:4d00:1::/48 maxlen: 48
2a0f:4d00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:93:05:63:40:a1:e3:92:c3:23:aa:83:78:54:49:72:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Validity
Not Before: Jan 8 20:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad6b343064b4e8615ca64434f297ff01090f1227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5b:51:7a:c9:cf:d4:d4:bb:44:01:46:ce:a6:
5d:4c:57:32:46:82:b1:a0:a8:c3:28:57:d6:93:37:
89:4a:2d:3e:1c:fc:ec:03:13:3b:97:e4:91:3a:4a:
45:1c:06:03:8f:0b:32:52:5d:87:78:bf:1a:36:ea:
ef:86:4d:df:d6:b9:11:b5:c4:fd:64:01:ed:5f:53:
02:06:78:1e:0d:ae:e5:f9:d1:b8:05:30:08:a7:3e:
bb:2b:18:4d:b1:75:ed:97:03:f8:95:df:95:06:25:
38:fa:ff:2e:a4:e3:77:6b:73:ec:d4:2b:f5:03:7a:
60:0e:f3:cb:5b:26:2d:b6:ad:31:5b:09:f4:99:38:
01:1c:3a:2e:22:54:12:27:26:8f:1f:0a:65:55:e5:
d0:1f:e8:6d:e8:e8:88:8b:22:1d:1e:bf:ef:6c:77:
19:2a:01:75:de:42:54:51:01:49:1d:70:fe:04:93:
1a:57:0c:e9:06:f7:1b:7d:64:d7:67:68:d2:4f:ee:
ae:de:8d:2d:6e:72:ae:3e:3e:1f:d0:22:74:a2:c3:
d1:ce:8c:67:60:f8:c2:a8:dd:88:0e:c1:d4:e4:8a:
ab:a1:0d:58:07:67:b8:b6:76:81:88:d5:b0:c5:45:
1b:53:e3:9a:bb:87:ab:44:7e:54:7b:b7:7a:88:f3:
2b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:6B:34:30:64:B4:E8:61:5C:A6:44:34:F2:97:FF:01:09:0F:12:27
X509v3 Authority Key Identifier:
keyid:D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/rWs0MGS06GFcpkQ08pf_AQkPEic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4d00::/29
Signature Algorithm: sha256WithRSAEncryption
15:4e:6a:12:4c:29:83:ad:a4:11:bc:49:42:74:30:55:67:d7:
2b:f4:e8:26:57:c2:1c:8e:e6:fe:59:88:d1:e1:c1:01:4b:d3:
f2:af:b8:27:7e:b0:a2:0f:dd:9d:e2:e1:f8:42:fd:4a:ba:21:
3f:28:f2:bf:bb:2e:37:47:d6:f5:8b:41:76:fa:a7:eb:c2:1c:
21:c3:2b:eb:63:c0:b7:03:71:bd:1c:ad:07:bc:9c:07:97:31:
6a:1b:97:c0:f0:a0:a6:13:90:90:4c:dd:1f:fa:0f:b9:80:c7:
e2:3c:30:87:66:47:01:01:10:85:29:c2:1d:73:19:fa:cb:45:
68:ed:ab:0b:c1:a8:e3:4b:a3:3d:85:79:4e:a9:b1:a7:6d:b3:
54:26:02:c0:c5:bc:9a:68:8b:14:6f:eb:93:9e:1a:4d:38:d8:
e0:77:51:9c:72:cd:65:e0:70:82:1d:fb:ea:b2:86:2b:24:63:
02:06:c5:de:c3:ad:4f:82:6b:bb:b1:78:0d:ec:5d:fd:1e:65:
77:ff:37:f0:6f:c0:d2:aa:61:aa:0b:a0:c5:35:dc:3f:c5:b7:
eb:2a:fe:f8:d0:4b:81:17:d5:1c:5c:28:a4:73:3e:02:ea:9f:
3e:e3:5b:46:d6:36:e0:05:de:25:6c:f9:2d:e5:d3:23:68:d4:
0e:70:e9:4f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYWTBWNAoeOSwyOqg3hUSXK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2IyMjEzMGFhOWE3NzM0MjU0NzY5ZWMxM2JmZTE3MWZh
MWUyOGIwHhcNMjMwMTA4MjAxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDZiMzQzMDY0YjRlODYxNWNhNjQ0MzRmMjk3ZmYwMTA5MGYxMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVtResnP1NS7RAFGzqZdTFcyRoKx
oKjDKFfWkzeJSi0+HPzsAxM7l+SROkpFHAYDjwsyUl2HeL8aNurvhk3f1rkRtcT9
ZAHtX1MCBngeDa7l+dG4BTAIpz67KxhNsXXtlwP4ld+VBiU4+v8upON3a3Ps1Cv1
A3pgDvPLWyYttq0xWwn0mTgBHDouIlQSJyaPHwplVeXQH+ht6OiIiyIdHr/vbHcZ
KgF13kJUUQFJHXD+BJMaVwzpBvcbfWTXZ2jST+6u3o0tbnKuPj4f0CJ0osPRzoxn
YPjCqN2IDsHU5IqroQ1YB2e4tnaBiNWwxUUbU+Oau4erRH5Ue7d6iPMrGwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK1rNDBktOhhXKZENPKX/wEJDxInMB8GA1UdIwQY
MBaAFNQ7IhMKqadzQlR2nsE7/hcfoeKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEt
YTYzMGMyZWEyM2Y5LzEvcldzME1HUzA2R0ZjcGtRMDhwZl9BUWtQRWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEtYTYzMGMyZWEyM2Y5
LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9NADAN
BgkqhkiG9w0BAQsFAAOCAQEAFU5qEkwpg62kEbxJQnQwVWfXK/ToJlfCHI7m/lmI
0eHBAUvT8q+4J36wog/dneLh+EL9SrohPyjyv7suN0fW9YtBdvqn68IcIcMr62PA
twNxvRytB7ycB5cxahuXwPCgphOQkEzdH/oPuYDH4jwwh2ZHAQEQhSnCHXMZ+stF
aO2rC8Go40ujPYV5Tqmxp22zVCYCwMW8mmiLFG/rk54aTTjY4HdRnHLNZeBwgh37
6rKGKyRjAgbF3sOtT4Jru7F4Dexd/R5ld/838G/A0qphqgugxTXcP8W36yr++NBL
gRfVHFwopHM+AuqfPuNbRtY24AXeJWz5LeXTI2jUDnDpTw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:14 2025 by rpki-client