Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/k8NIWzxqVPdJuOweh7mz9tMt304.roa
File: k8NIWzxqVPdJuOweh7mz9tMt304.roa (raw, json)
Hash identifier: fubqe+lFSBOEygWK14d6GkJCt/kuWC2iIn75VWeVE4c=
Subject key identifier: 93:C3:48:5B:3C:6A:54:F7:49:B8:EC:1E:87:B9:B3:F6:D3:2D:DF:4E
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C3AB7D49C5B6471A3760965ACA55B6884
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/k8NIWzxqVPdJuOweh7mz9tMt304.roa
Signing time: Tue 05 Dec 2023 16:02:55 +0000
ROA not before: Tue 05 Dec 2023 16:02:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42087
IP address blocks: 2a00:1fa2:80c0::/48 maxlen: 48
2a00:1fa2:ba00::/40 maxlen: 40
2a00:1fa2:baf0::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:b7:d4:9c:5b:64:71:a3:76:09:65:ac:a5:5b:68:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 5 16:02:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93c3485b3c6a54f749b8ec1e87b9b3f6d32ddf4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3b:d7:a8:c4:40:a7:e6:8e:e9:f4:14:68:5e:
ce:05:a1:a8:03:e4:96:a4:0c:64:8e:40:2c:0a:bf:
24:c9:df:6d:6e:e7:fb:63:da:b6:ee:2a:13:cc:2c:
03:c4:36:a2:54:94:9f:c7:67:53:de:8c:fa:ef:93:
b2:d0:6e:56:a7:ff:32:91:d6:a6:b4:e2:ba:26:17:
8d:5b:dd:e2:5e:4c:78:ba:c6:ff:03:46:ec:8e:03:
1b:59:50:82:46:00:99:73:da:32:0f:56:a5:91:6a:
0e:24:68:0a:4c:c4:74:c0:cf:45:d5:56:0b:95:86:
4a:4e:49:41:07:3b:53:b8:a8:af:95:ec:86:0c:61:
b4:fa:5a:3a:68:1c:c4:08:43:59:74:c0:be:a1:90:
19:00:e5:a1:d0:07:e5:df:f4:3a:dd:af:8f:c5:79:
ef:68:51:37:c3:c5:9c:e4:f8:e3:c4:15:9a:e4:ee:
0c:68:c6:2b:f9:53:a9:31:b0:c6:cc:09:52:fd:99:
ae:7c:e0:74:a2:a1:aa:fc:6c:38:1d:ea:c5:2d:f7:
f1:2a:bd:0e:8b:29:b7:80:86:f2:8a:40:6e:29:72:
06:d4:12:b0:f2:ef:9b:3e:53:6a:46:02:f1:a9:ee:
b7:e0:4a:78:e3:d4:bf:5d:bb:d0:71:bc:73:42:68:
8b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:C3:48:5B:3C:6A:54:F7:49:B8:EC:1E:87:B9:B3:F6:D3:2D:DF:4E
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/k8NIWzxqVPdJuOweh7mz9tMt304.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1fa2:80c0::/48
2a00:1fa2:ba00::/40
Signature Algorithm: sha256WithRSAEncryption
5e:3f:50:49:5a:a9:a6:65:ac:82:14:18:b0:c4:43:fd:01:df:
68:3b:1e:72:c9:18:15:e6:30:df:21:14:27:84:ec:83:62:be:
a9:70:2a:17:ad:60:f5:87:7c:fb:1e:61:b4:f2:5c:e2:bd:e2:
91:d7:56:46:b0:3a:2d:1b:17:b0:a0:b0:6f:21:37:1f:20:eb:
93:79:07:2a:93:23:b2:f7:da:76:40:08:21:42:66:bc:82:a3:
7f:6c:8a:17:bf:96:94:e2:cd:e1:78:bf:c2:5c:53:8e:f3:0a:
2d:57:d7:7e:ec:77:65:e0:55:c4:74:2e:95:a3:c8:e3:6a:23:
1f:44:4e:b0:41:f6:ef:6a:8c:92:f2:a6:35:4c:cb:89:fb:4d:
53:27:fb:20:59:57:b1:3d:e9:7f:d5:57:34:eb:99:7a:cc:5b:
78:cf:1c:7b:23:11:a9:fe:58:8f:59:7b:e0:17:fc:83:07:8d:
23:8f:f3:c7:4d:77:b1:43:eb:fb:1e:0e:59:dc:e2:0b:be:7b:
52:c1:8f:b0:a8:4c:a6:d2:a8:84:79:4e:bf:06:65:d1:94:60:
2c:65:f5:cd:af:fb:b8:08:27:13:6b:df:43:45:af:bf:38:c5:
22:64:c8:73:57:a8:be:43:ca:ca:d7:ab:10:95:61:db:1c:11:
a0:6e:95:ad
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYw6t9ScW2Rxo3YJZaylW2iEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA1MTYwMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2MzNDg1YjNjNmE1NGY3NDliOGVjMWU4N2I5YjNmNmQzMmRkZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTvXqMRAp+aO6fQUaF7OBaGoA+SW
pAxkjkAsCr8kyd9tbuf7Y9q27ioTzCwDxDaiVJSfx2dT3oz675Oy0G5Wp/8ykdam
tOK6JheNW93iXkx4usb/A0bsjgMbWVCCRgCZc9oyD1alkWoOJGgKTMR0wM9F1VYL
lYZKTklBBztTuKivleyGDGG0+lo6aBzECENZdMC+oZAZAOWh0Afl3/Q63a+PxXnv
aFE3w8Wc5PjjxBWa5O4MaMYr+VOpMbDGzAlS/ZmufOB0oqGq/Gw4HerFLffxKr0O
iym3gIbyikBuKXIG1BKw8u+bPlNqRgLxqe634Ep449S/XbvQcbxzQmiLEQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFJPDSFs8alT3SbjsHoe5s/bTLd9OMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvazhOSVd6eHFWUGRKdU93ZWg3bXo5dE10MzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKgAfooDA
AwYAKgAforowDQYJKoZIhvcNAQELBQADggEBAF4/UElaqaZlrIIUGLDEQ/0B32g7
HnLJGBXmMN8hFCeE7INivqlwKhetYPWHfPseYbTyXOK94pHXVkawOi0bF7CgsG8h
Nx8g65N5ByqTI7L32nZACCFCZryCo39sihe/lpTizeF4v8JcU47zCi1X137sd2Xg
VcR0LpWjyONqIx9ETrBB9u9qjJLypjVMy4n7TVMn+yBZV7E96X/VVzTrmXrMW3jP
HHsjEan+WI9Ze+AX/IMHjSOP88dNd7FD6/seDlnc4gu+e1LBj7CoTKbSqIR5Tr8G
ZdGUYCxl9c2v+7gIJxNr30NFr784xSJkyHNXqL5DysrXqxCVYdscEaBula0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:10 2025 by rpki-client