Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/vpijgrykrgK6XREc-CjKB8hZuKw.roa
File: vpijgrykrgK6XREc-CjKB8hZuKw.roa (raw, json)
Hash identifier: z+7lm75FU3DnXEJrQYCge8CVNLmRR82O6ioNo712p7Y=
Subject key identifier: BE:98:A3:82:BC:A4:AE:02:BA:5D:11:1C:F8:28:CA:07:C8:59:B8:AC
Certificate issuer: /CN=1732f334d8abb68ef822546d8f6f8e81563c6fd9
Certificate serial: 018A7F0C612F920E8CE990836A3D9F9BABC5
Authority key identifier: 17:32:F3:34:D8:AB:B6:8E:F8:22:54:6D:8F:6F:8E:81:56:3C:6F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FzLzNNirto74IlRtj2-OgVY8b9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/vpijgrykrgK6XREc-CjKB8hZuKw.roa
Signing time: Sun 10 Sep 2023 12:23:52 +0000
ROA not before: Sun 10 Sep 2023 12:23:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53358
IP address blocks: 2a13:1d40::/30 maxlen: 30
2a13:1d44::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7f:0c:61:2f:92:0e:8c:e9:90:83:6a:3d:9f:9b:ab:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1732f334d8abb68ef822546d8f6f8e81563c6fd9
Validity
Not Before: Sep 10 12:23:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be98a382bca4ae02ba5d111cf828ca07c859b8ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f4:e3:d9:67:98:79:db:95:9c:74:7d:8b:97:
1d:39:57:ac:70:b1:e1:75:c9:cb:fb:ca:f3:c3:9a:
51:66:71:f0:d9:c0:23:ba:6e:06:6a:85:b1:97:63:
71:dc:52:3c:a9:9f:a7:56:7c:22:b3:4b:66:be:89:
58:13:7f:61:4d:85:08:01:7a:7e:9d:40:82:2f:40:
f1:82:31:2b:ce:61:82:a8:03:43:f7:0f:10:02:bb:
d2:4f:4d:3e:98:af:07:04:90:5f:93:9a:9c:ad:b7:
20:0d:ac:0e:56:8c:d2:af:1e:b6:c8:66:9a:eb:f1:
de:35:85:15:0f:f8:ef:8b:79:ae:0a:ad:65:df:ad:
e3:10:de:8b:f9:5f:26:bc:6f:de:e3:c8:40:0e:3e:
34:df:dc:7f:1d:07:e9:38:7f:f6:d5:bc:e1:d3:58:
8b:11:ea:26:b7:39:4d:7a:f2:1c:42:9e:74:58:f1:
7c:8f:f4:75:bf:81:4a:29:eb:4f:06:a9:79:65:fc:
f3:df:61:1a:ac:a0:13:f4:49:4f:4a:af:a7:a1:f4:
46:b5:74:94:da:0f:11:be:dc:c2:9e:9e:36:9b:f6:
f4:f4:bd:36:07:71:08:96:25:55:7d:25:f8:d0:e5:
fa:a6:c7:f4:f3:ec:12:28:26:fa:b1:8f:9e:94:fb:
05:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:98:A3:82:BC:A4:AE:02:BA:5D:11:1C:F8:28:CA:07:C8:59:B8:AC
X509v3 Authority Key Identifier:
keyid:17:32:F3:34:D8:AB:B6:8E:F8:22:54:6D:8F:6F:8E:81:56:3C:6F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FzLzNNirto74IlRtj2-OgVY8b9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/vpijgrykrgK6XREc-CjKB8hZuKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/FzLzNNirto74IlRtj2-OgVY8b9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
50:4b:be:8b:17:81:38:ef:4a:c3:c8:69:de:52:4e:09:97:7d:
5c:72:26:e9:ab:51:7a:50:a1:f7:75:c9:e9:80:9c:6f:e3:e8:
be:ce:53:66:a1:7f:56:5a:4f:9b:f6:9f:df:7d:b8:e8:4d:9d:
3c:8d:38:de:16:a9:7d:d1:a4:36:7c:97:3d:d7:0d:4d:fd:73:
00:fd:4e:aa:d8:5f:b9:b0:e2:8f:6c:f0:46:14:7d:79:ac:8e:
8b:c4:51:65:f8:ea:1a:2a:90:7c:1c:d4:2a:dd:d2:e9:17:12:
2b:2f:fd:f5:30:6c:36:93:dc:88:d2:3d:0a:41:3e:2e:c6:ab:
18:a4:2e:76:a6:a8:81:12:b8:28:62:5e:f2:41:09:59:4f:28:
ac:40:2b:ac:0f:17:36:49:6b:73:6b:d0:87:b6:47:76:09:2d:
f9:81:7f:b9:de:58:2c:49:32:d9:69:b5:21:c9:18:0a:3b:33:
f6:0c:9f:d9:62:9e:3c:da:ea:e4:62:59:f1:7e:ca:87:12:89:
59:83:fc:d0:43:02:db:4e:13:f1:e0:35:63:22:66:ae:61:da:
e9:15:e5:5b:32:30:b9:1d:dd:07:d3:62:9e:6a:0b:b2:f0:a7:
cb:9a:59:80:0b:86:ca:fa:5f:33:3e:13:ce:5c:f8:21:f7:2c:
f3:42:e7:0b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYp/DGEvkg6M6ZCDaj2fm6vFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MzJmMzM0ZDhhYmI2OGVmODIyNTQ2ZDhmNmY4ZTgxNTYz
YzZmZDkwHhcNMjMwOTEwMTIyMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTk4YTM4MmJjYTRhZTAyYmE1ZDExMWNmODI4Y2EwN2M4NTliOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfTj2WeYeduVnHR9i5cdOVescLHh
dcnL+8rzw5pRZnHw2cAjum4GaoWxl2Nx3FI8qZ+nVnwis0tmvolYE39hTYUIAXp+
nUCCL0DxgjErzmGCqAND9w8QArvST00+mK8HBJBfk5qcrbcgDawOVozSrx62yGaa
6/HeNYUVD/jvi3muCq1l363jEN6L+V8mvG/e48hADj4039x/HQfpOH/21bzh01iL
EeomtzlNevIcQp50WPF8j/R1v4FKKetPBql5Zfzz32EarKAT9ElPSq+nofRGtXSU
2g8RvtzCnp42m/b09L02B3EIliVVfSX40OX6psf08+wSKCb6sY+elPsFowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL6Yo4K8pK4Cul0RHPgoygfIWbisMB8GA1UdIwQY
MBaAFBcy8zTYq7aO+CJUbY9vjoFWPG/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnpMek5OaXJ0bzc0SWxSdGoyLU9nVlk4YjlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83YmM4ZGEtY2I4Mi00YWJjLWIyZjAt
MTNiNGI4MGM1NGJhLzEvdnBpamdyeWtyZ0s2WFJFYy1DaktCOGhadUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83YmM4ZGEtY2I4Mi00YWJjLWIyZjAtMTNiNGI4MGM1NGJh
LzEvRnpMek5OaXJ0bzc0SWxSdGoyLU9nVlk4YjlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMdQDAN
BgkqhkiG9w0BAQsFAAOCAQEAUEu+ixeBOO9Kw8hp3lJOCZd9XHIm6atRelCh93XJ
6YCcb+Povs5TZqF/VlpPm/af33246E2dPI043hapfdGkNnyXPdcNTf1zAP1Oqthf
ubDij2zwRhR9eayOi8RRZfjqGiqQfBzUKt3S6RcSKy/99TBsNpPciNI9CkE+Lsar
GKQudqaogRK4KGJe8kEJWU8orEArrA8XNklrc2vQh7ZHdgkt+YF/ud5YLEky2Wm1
IckYCjsz9gyf2WKePNrq5GJZ8X7KhxKJWYP80EMC204T8eA1YyJmrmHa6RXlWzIw
uR3dB9NinmoLsvCny5pZgAuGyvpfMz4Tzlz4Ifcs80LnCw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:58 2025 by rpki-client