Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/CDBujOs_xXDV-MxhVciDT-5QIZg.roa
File: CDBujOs_xXDV-MxhVciDT-5QIZg.roa (raw, json)
Hash identifier: 2iy8+5HpCRYIBD9fkWi06nzoGLTfk0OQcW259SwdzB8=
Subject key identifier: 08:30:6E:8C:EB:3F:C5:70:D5:F8:CC:61:55:C8:83:4F:EE:50:21:98
Certificate issuer: /CN=b9ab361394683e4f24397cfc8f23eab2c6828dea
Certificate serial: 01852ABBC2AA78CA7C3C1F2949F32AE77E90
Authority key identifier: B9:AB:36:13:94:68:3E:4F:24:39:7C:FC:8F:23:EA:B2:C6:82:8D:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uas2E5RoPk8kOXz8jyPqssaCjeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/CDBujOs_xXDV-MxhVciDT-5QIZg.roa
Signing time: Mon 19 Dec 2022 14:13:46 +0000
ROA not before: Mon 19 Dec 2022 14:13:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 2a13:2e02::/36 maxlen: 48
2a13:2e01::/36 maxlen: 48
2a13:2e00::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:bb:c2:aa:78:ca:7c:3c:1f:29:49:f3:2a:e7:7e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ab361394683e4f24397cfc8f23eab2c6828dea
Validity
Not Before: Dec 19 14:13:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08306e8ceb3fc570d5f8cc6155c8834fee502198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0e:1f:64:73:4c:09:a8:4e:1d:ec:46:7a:3a:
81:c1:6f:62:83:56:b6:51:bf:8b:e0:df:39:5d:58:
7b:51:03:b6:8e:5f:2d:12:f9:67:72:3c:21:a3:60:
cd:98:d3:68:f8:f9:71:49:f3:8a:eb:63:31:c8:fd:
8e:24:52:ea:de:02:d3:83:a0:95:71:27:36:3e:a2:
30:f3:cd:45:a3:31:5c:ab:79:4c:93:e9:59:ad:cd:
b8:2e:87:e2:ee:52:2b:fc:03:49:fe:74:86:43:ac:
43:fb:14:82:ea:34:48:eb:1b:fe:3e:ca:3a:02:4d:
a8:2a:39:29:21:75:09:89:cc:27:13:3b:58:a3:f9:
92:d2:94:20:ec:ee:64:8d:d0:e1:77:10:e5:45:35:
c1:b8:e5:9c:d7:de:64:0d:f2:e4:8a:4c:18:c1:34:
3a:c5:38:b8:8f:e4:4e:59:7e:9d:73:66:dd:75:f4:
cc:05:6f:8d:85:3d:e0:b2:72:d1:cd:01:3a:3b:91:
5b:09:81:55:a6:dd:13:99:d1:18:b2:fa:02:fe:c4:
39:18:d6:00:8d:bd:62:a1:0a:3e:0f:91:37:7f:5a:
5d:30:d6:2d:92:11:cd:b7:95:15:f2:24:b8:ed:8e:
ac:ca:5b:b9:cc:9d:c1:d4:a0:a7:d6:cf:88:52:06:
c0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:30:6E:8C:EB:3F:C5:70:D5:F8:CC:61:55:C8:83:4F:EE:50:21:98
X509v3 Authority Key Identifier:
keyid:B9:AB:36:13:94:68:3E:4F:24:39:7C:FC:8F:23:EA:B2:C6:82:8D:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uas2E5RoPk8kOXz8jyPqssaCjeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/CDBujOs_xXDV-MxhVciDT-5QIZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/uas2E5RoPk8kOXz8jyPqssaCjeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2e00::/36
2a13:2e01::/36
2a13:2e02::/36
Signature Algorithm: sha256WithRSAEncryption
10:9a:b7:ee:42:a2:d1:0a:6e:b1:bc:36:15:01:97:30:45:56:
15:a7:31:1e:35:5c:5c:e7:16:7c:33:04:62:be:8e:47:2b:2a:
40:d4:c7:e3:7b:f8:4c:70:a3:27:cb:73:44:b0:a3:70:be:10:
f5:03:69:f2:8d:69:9c:a0:6f:d8:24:83:f7:2c:42:40:84:e5:
62:f8:8a:c4:1b:7b:84:de:a6:ac:45:ab:44:5d:43:31:32:a0:
11:f9:2d:56:41:6f:0e:16:74:d9:44:9e:9b:b3:cf:bc:6e:c2:
44:72:de:83:45:10:6e:2a:c5:83:58:f9:a1:80:f1:e4:4e:1e:
3a:5d:92:75:07:1a:33:52:24:06:49:61:09:8e:d3:9d:c7:cf:
d1:cf:74:50:89:30:78:79:82:e1:03:82:37:dd:29:17:62:4e:
b5:c6:4a:13:6e:04:06:3b:b8:e0:f0:94:ff:80:3e:37:68:d0:
63:78:7f:da:b9:3a:d8:89:c2:c2:3e:bd:d8:0b:ac:e7:a7:14:
f1:0c:9c:99:53:34:aa:f2:bb:2b:18:7f:e6:2d:ff:38:92:28:
87:ad:9e:c2:c8:a1:8c:ac:4e:44:a5:9a:9d:0c:c5:e0:06:e1:
e3:77:0b:3b:29:df:91:38:47:21:91:8c:b8:43:9a:50:d4:24:
93:91:8c:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUqu8KqeMp8PB8pSfMq536QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YWIzNjEzOTQ2ODNlNGYyNDM5N2NmYzhmMjNlYWIyYzY4
MjhkZWEwHhcNMjIxMjE5MTQxMzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODMwNmU4Y2ViM2ZjNTcwZDVmOGNjNjE1NWM4ODM0ZmVlNTAyMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw4fZHNMCahOHexGejqBwW9ig1a2
Ub+L4N85XVh7UQO2jl8tEvlncjwho2DNmNNo+PlxSfOK62MxyP2OJFLq3gLTg6CV
cSc2PqIw881FozFcq3lMk+lZrc24Lofi7lIr/ANJ/nSGQ6xD+xSC6jRI6xv+Pso6
Ak2oKjkpIXUJicwnEztYo/mS0pQg7O5kjdDhdxDlRTXBuOWc195kDfLkikwYwTQ6
xTi4j+ROWX6dc2bddfTMBW+NhT3gsnLRzQE6O5FbCYFVpt0TmdEYsvoC/sQ5GNYA
jb1ioQo+D5E3f1pdMNYtkhHNt5UV8iS47Y6sylu5zJ3B1KCn1s+IUgbAPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAgwbozrP8Vw1fjMYVXIg0/uUCGYMB8GA1UdIwQY
MBaAFLmrNhOUaD5PJDl8/I8j6rLGgo3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWFzMkU1Um9QazhrT1h6OGp5UHFzc2FDamVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8zNjBlZjktZWMyMC00ZTEzLTk2NDct
ZGRmZWI0MjRhZGY1LzEvQ0RCdWpPc194WERWLU14aFZjaURULTVRSVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8zNjBlZjktZWMyMC00ZTEzLTk2NDctZGRmZWI0MjRhZGY1
LzEvdWFzMkU1Um9QazhrT1h6OGp5UHFzc2FDamVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYEKhMuAAAD
BgQqEy4BAAMGBCoTLgIAMA0GCSqGSIb3DQEBCwUAA4IBAQAQmrfuQqLRCm6xvDYV
AZcwRVYVpzEeNVxc5xZ8MwRivo5HKypA1Mfje/hMcKMny3NEsKNwvhD1A2nyjWmc
oG/YJIP3LEJAhOVi+IrEG3uE3qasRatEXUMxMqAR+S1WQW8OFnTZRJ6bs8+8bsJE
ct6DRRBuKsWDWPmhgPHkTh46XZJ1BxozUiQGSWEJjtOdx8/Rz3RQiTB4eYLhA4I3
3SkXYk61xkoTbgQGO7jg8JT/gD43aNBjeH/auTrYicLCPr3YC6znpxTxDJyZUzSq
8rsrGH/mLf84kiiHrZ7CyKGMrE5EpZqdDMXgBuHjdws7Kd+ROEchkYy4Q5pQ1CST
kYxb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:35 2024 by rpki-client on console-fra.rpki-client.org