Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/mDbsMrapFGJT9LmIygAmkYoK30I.roa
File: mDbsMrapFGJT9LmIygAmkYoK30I.roa (raw, json)
Hash identifier: JOxbyEmQDWbDIHUSBzRdmj/aLNLMHfxSjlWfs3Go4Dc=
Subject key identifier: 98:36:EC:32:B6:A9:14:62:53:F4:B9:88:CA:00:26:91:8A:0A:DF:42
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 01856E2FD6116AA8B41382C836E632627466
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/mDbsMrapFGJT9LmIygAmkYoK30I.roa
Signing time: Sun 01 Jan 2023 16:35:06 +0000
ROA not before: Sun 01 Jan 2023 16:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210266
IP address blocks: 2a01:b960:2307::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:d6:11:6a:a8:b4:13:82:c8:36:e6:32:62:74:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 16:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9836ec32b6a9146253f4b988ca0026918a0adf42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:90:cc:bb:3b:7d:f9:a6:58:f6:f9:59:d4:e0:
fd:e0:42:79:4a:fb:63:8d:a6:c1:f0:56:5d:5b:c6:
80:50:9d:39:44:9b:77:12:00:9a:11:15:0a:5c:97:
95:1b:fd:52:e7:32:9e:20:2f:39:1e:12:9d:4b:54:
f4:0d:d9:38:0d:12:08:9c:d1:be:f1:6c:be:76:99:
cc:ec:fa:f3:c4:cb:92:ae:a6:d8:26:12:09:7d:cc:
57:e6:22:1f:00:37:1b:84:64:16:02:30:d2:39:7c:
7f:d3:52:d7:ea:3a:83:d1:45:79:cb:da:d4:21:65:
14:e0:f7:f1:5c:dd:1c:84:1a:b0:1e:8e:60:4c:ce:
aa:27:69:a5:95:56:6b:c7:94:62:c8:77:37:f7:f6:
08:ac:9c:98:24:91:b6:41:53:2e:ac:dd:d3:d6:f3:
e7:8a:ad:e4:cc:37:fb:82:43:ab:f6:b0:ae:fa:55:
20:af:eb:80:b3:5f:1c:81:0d:c2:34:72:b0:4a:53:
76:dc:03:c6:15:d5:49:8c:71:ec:55:5f:d7:a8:f7:
3f:e9:1e:ac:af:75:ff:59:1e:f1:46:7e:d6:9c:21:
ed:af:35:c9:9d:c0:7a:07:6b:e7:66:3a:34:a6:b1:
80:00:b3:21:9e:53:85:2a:77:1f:0b:43:1a:b0:29:
31:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:36:EC:32:B6:A9:14:62:53:F4:B9:88:CA:00:26:91:8A:0A:DF:42
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/mDbsMrapFGJT9LmIygAmkYoK30I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:2307::/48
Signature Algorithm: sha256WithRSAEncryption
2a:3f:22:f7:9e:f0:19:2c:a8:b8:0d:7b:56:ff:f5:43:5d:cb:
55:98:b9:bd:9d:1e:7e:e8:ef:50:ee:cf:2b:e7:6a:3f:fd:8e:
27:47:35:fe:88:20:28:4d:44:83:06:08:b9:dc:30:9b:54:44:
86:c5:11:31:ed:0d:2b:d1:4a:d7:db:fe:a4:ca:72:d9:06:d3:
f5:e6:d1:51:ff:2e:fb:99:6b:b7:a2:df:70:12:d1:e0:68:38:
97:27:c1:10:c8:47:0f:f7:76:00:20:bc:5b:78:7e:e7:ab:57:
e0:69:a1:f6:a0:53:04:ef:b6:c4:ab:7c:5a:fc:5c:b1:d2:d0:
6b:a8:b9:48:39:81:f6:09:d4:81:4d:35:4b:ff:18:0c:07:d5:
d3:1c:97:0f:b8:7b:8e:4e:8b:ef:85:35:94:de:d4:01:40:10:
a0:13:8a:c4:79:7a:eb:81:03:9b:bc:2f:72:5e:08:bf:1d:1d:
76:d1:b7:bc:78:57:da:28:53:41:99:a8:e8:23:ad:f5:28:cf:
79:e9:ea:f3:96:2f:87:93:13:40:31:bc:fc:d7:17:0c:67:1e:
f0:c9:57:c7:1a:6a:3f:a6:93:9f:3f:fb:71:57:cf:34:a6:46:
ff:6b:dd:6f:9d:c1:d4:4f:3d:bc:39:17:59:8d:2a:a7:75:18:
b6:b5:89:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuL9YRaqi0E4LINuYyYnRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjMwMTAxMTYzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM2ZWMzMmI2YTkxNDYyNTNmNGI5ODhjYTAwMjY5MThhMGFkZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5DMuzt9+aZY9vlZ1OD94EJ5Svtj
jabB8FZdW8aAUJ05RJt3EgCaERUKXJeVG/1S5zKeIC85HhKdS1T0Ddk4DRIInNG+
8Wy+dpnM7PrzxMuSrqbYJhIJfcxX5iIfADcbhGQWAjDSOXx/01LX6jqD0UV5y9rU
IWUU4PfxXN0chBqwHo5gTM6qJ2mllVZrx5RiyHc39/YIrJyYJJG2QVMurN3T1vPn
iq3kzDf7gkOr9rCu+lUgr+uAs18cgQ3CNHKwSlN23APGFdVJjHHsVV/XqPc/6R6s
r3X/WR7xRn7WnCHtrzXJncB6B2vnZjo0prGAALMhnlOFKncfC0MasCkxewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJg27DK2qRRiU/S5iMoAJpGKCt9CMB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvbURic01yYXBGR0pUOUxtSXlnQW1rWW9LMzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCMH
MA0GCSqGSIb3DQEBCwUAA4IBAQAqPyL3nvAZLKi4DXtW//VDXctVmLm9nR5+6O9Q
7s8r52o//Y4nRzX+iCAoTUSDBgi53DCbVESGxREx7Q0r0UrX2/6kynLZBtP15tFR
/y77mWu3ot9wEtHgaDiXJ8EQyEcP93YAILxbeH7nq1fgaaH2oFME77bEq3xa/Fyx
0tBrqLlIOYH2CdSBTTVL/xgMB9XTHJcPuHuOTovvhTWU3tQBQBCgE4rEeXrrgQOb
vC9yXgi/HR120be8eFfaKFNBmajoI631KM956erzli+HkxNAMbz81xcMZx7wyVfH
Gmo/ppOfP/txV880pkb/a91vncHUTz28ORdZjSqndRi2tYmJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:13 2025 by rpki-client