Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/IjxtzR26iLWzl8gfz7U3nbWzcKU.roa
File: IjxtzR26iLWzl8gfz7U3nbWzcKU.roa (raw, json)
Hash identifier: I3xXIhNYQhZ3HM5KGWNH/oV7iML9wiuMYQGeLJE/II8=
Subject key identifier: 22:3C:6D:CD:1D:BA:88:B5:B3:97:C8:1F:CF:B5:37:9D:B5:B3:70:A5
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018B91868D5D81612003EC5F27A4D460F83C
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/IjxtzR26iLWzl8gfz7U3nbWzcKU.roa
Signing time: Thu 02 Nov 2023 19:33:16 +0000
ROA not before: Thu 02 Nov 2023 19:33:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210842
IP address blocks: 2a05:b0c2::/36 maxlen: 36
2a05:b0c2:1000::/36 maxlen: 36
2a05:b0c2::/35 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:91:86:8d:5d:81:61:20:03:ec:5f:27:a4:d4:60:f8:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Nov 2 19:33:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=223c6dcd1dba88b5b397c81fcfb5379db5b370a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:16:fc:70:42:78:bd:10:ca:59:69:fc:2b:f2:
c2:d5:d2:0f:3e:d1:1c:20:f6:5d:86:62:59:df:d9:
e6:30:1a:df:34:ee:73:5c:b7:11:81:66:98:ba:25:
03:7a:07:01:a8:72:a0:2c:af:02:9a:c3:8a:4b:7f:
b2:36:41:8e:52:91:9a:b0:a8:ef:c8:83:8d:d5:26:
cb:63:04:51:2b:34:74:12:a0:fd:e5:90:b8:44:25:
fd:3b:18:5a:f2:e4:d2:32:2a:de:11:c4:d8:a6:e3:
4b:bd:4d:a7:73:f3:0e:02:db:42:db:dd:72:c2:c9:
61:d0:45:8b:4a:e9:62:50:5d:16:34:e6:50:c2:13:
f6:48:60:30:68:3c:d2:c6:8b:79:77:6f:6e:e9:ab:
14:98:d1:ff:88:15:aa:cb:e6:5e:8e:2b:b6:39:f4:
d9:e1:5c:9b:25:bd:2a:57:88:a8:1a:20:f1:1a:a5:
ca:da:5d:4f:9d:f1:58:09:22:c7:5b:a0:7a:53:54:
61:e5:2b:d0:56:68:94:5e:1e:b7:b9:f1:be:ec:7d:
97:73:a8:71:a7:0b:c4:b1:08:00:b8:b0:dd:f7:1a:
cd:a9:03:ea:9d:9e:c0:87:5b:9b:a8:b3:ab:e5:d4:
85:5b:ec:dd:e9:d5:c0:c7:e8:f9:df:41:4a:fe:77:
d1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3C:6D:CD:1D:BA:88:B5:B3:97:C8:1F:CF:B5:37:9D:B5:B3:70:A5
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/IjxtzR26iLWzl8gfz7U3nbWzcKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c2::/35
Signature Algorithm: sha256WithRSAEncryption
6e:8f:7a:be:d9:d6:f3:f0:e0:3c:36:4b:f8:96:ac:8d:8d:b6:
9f:06:f9:ff:51:3c:c0:e6:9a:9f:83:c0:f4:55:6a:a1:2a:fe:
9e:06:3d:78:f4:9c:4d:aa:25:b6:41:03:25:61:96:ef:8a:17:
2a:86:ba:44:4c:bc:56:98:87:ae:f7:10:4e:f8:4b:41:50:48:
fd:06:c6:06:59:a1:ef:e7:72:bb:58:ca:4e:46:19:30:c7:4e:
95:ba:ee:d8:3c:70:ca:cd:c7:22:2a:29:34:8a:b4:03:4f:55:
61:f4:84:05:75:06:b2:be:93:b9:67:82:04:a9:c5:df:02:3c:
c9:5b:81:70:71:8b:c3:25:5d:12:af:1a:29:8c:2e:18:ff:c1:
d6:41:31:34:f0:e9:35:6d:41:30:14:26:72:90:59:72:a7:ce:
60:53:97:19:01:99:60:80:b4:75:a7:03:9b:58:6e:d3:38:38:
ce:e0:60:b5:6d:b0:5f:e0:06:0c:e3:82:72:d4:4a:9e:f1:b3:
b7:66:38:82:e2:3b:2e:46:d8:bb:47:f3:8d:23:25:af:1c:13:
65:9b:3c:46:d5:b7:45:c4:e2:8b:bb:69:4f:ff:fe:b8:ff:28:
72:80:ee:61:68:40:b3:b4:c4:3e:3b:f2:83:83:b0:46:6f:00:
42:f7:28:e6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYuRho1dgWEgA+xfJ6TUYPg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjMxMTAyMTkzMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjNjNmRjZDFkYmE4OGI1YjM5N2M4MWZjZmI1Mzc5ZGI1YjM3MGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Bb8cEJ4vRDKWWn8K/LC1dIPPtEc
IPZdhmJZ39nmMBrfNO5zXLcRgWaYuiUDegcBqHKgLK8CmsOKS3+yNkGOUpGasKjv
yION1SbLYwRRKzR0EqD95ZC4RCX9Oxha8uTSMireEcTYpuNLvU2nc/MOAttC291y
wslh0EWLSuliUF0WNOZQwhP2SGAwaDzSxot5d29u6asUmNH/iBWqy+Zejiu2OfTZ
4VybJb0qV4ioGiDxGqXK2l1PnfFYCSLHW6B6U1Rh5SvQVmiUXh63ufG+7H2Xc6hx
pwvEsQgAuLDd9xrNqQPqnZ7Ah1ubqLOr5dSFW+zd6dXAx+j530FK/nfRvQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCI8bc0duoi1s5fIH8+1N521s3ClMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvSWp4dHpSMjZpTFd6bDhnZno3VTNuYld6Y0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKgWwwgAw
DQYJKoZIhvcNAQELBQADggEBAG6Per7Z1vPw4Dw2S/iWrI2Ntp8G+f9RPMDmmp+D
wPRVaqEq/p4GPXj0nE2qJbZBAyVhlu+KFyqGukRMvFaYh673EE74S0FQSP0GxgZZ
oe/ncrtYyk5GGTDHTpW67tg8cMrNxyIqKTSKtANPVWH0hAV1BrK+k7lnggSpxd8C
PMlbgXBxi8MlXRKvGimMLhj/wdZBMTTw6TVtQTAUJnKQWXKnzmBTlxkBmWCAtHWn
A5tYbtM4OM7gYLVtsF/gBgzjgnLUSp7xs7dmOILiOy5G2LtH840jJa8cE2WbPEbV
t0XE4ou7aU///rj/KHKA7mFoQLO0xD478oODsEZvAEL3KOY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:04:13 2025 by rpki-client