Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/_1DatGUMRLHAvpAYeWLpMCysUus.roa
File: _1DatGUMRLHAvpAYeWLpMCysUus.roa (raw, json)
Hash identifier: gtzHsflDrFjdFJv6YlVeEE3VP+7hRsEP+mSU+41j6HA=
Subject key identifier: FF:50:DA:B4:65:0C:44:B1:C0:BE:90:18:79:62:E9:30:2C:AC:52:EB
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 01856C53D066539EC840389B49DA81E97926
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/_1DatGUMRLHAvpAYeWLpMCysUus.roa
Signing time: Sun 01 Jan 2023 07:55:10 +0000
ROA not before: Sun 01 Jan 2023 07:55:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202717
IP address blocks: 2a02:bc8:37::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d0:66:53:9e:c8:40:38:9b:49:da:81:e9:79:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Jan 1 07:55:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff50dab4650c44b1c0be90187962e9302cac52eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:93:a0:65:68:d9:93:13:e4:b6:40:9e:d7:4a:
37:1f:0e:39:29:c9:25:94:08:ae:17:0c:c3:f4:8b:
82:ef:38:a3:d9:54:41:9f:8c:8c:91:d6:c9:28:1c:
92:cf:7d:3f:ea:5f:be:00:65:4c:74:f7:ac:8f:73:
c4:d9:0a:9d:55:41:f7:cd:ea:09:fe:b0:40:1e:fb:
e6:5b:42:33:c6:cd:9a:da:9a:ff:b3:fe:0e:a5:84:
a0:1b:ea:71:8c:c8:ea:9f:ca:a0:b0:d3:72:27:f8:
82:46:53:37:8b:52:76:ec:31:55:5b:cb:8d:58:71:
98:53:59:25:39:dc:56:71:68:e2:9f:6e:30:ce:a1:
f3:c7:8d:35:78:a0:9a:fb:56:14:e3:ad:09:5a:95:
ae:15:44:4e:62:ca:e4:5b:b3:c2:98:05:9f:ca:f9:
1a:7f:35:8c:d1:41:4d:4d:c0:56:13:62:05:ce:60:
da:b4:e6:94:92:a7:84:85:f6:2e:cd:40:73:37:ef:
0c:7c:f6:6f:3f:14:bf:ff:28:62:02:50:f3:11:51:
28:3c:f5:63:0c:37:14:29:83:b7:d0:be:6f:7d:9d:
d9:f7:5f:9f:aa:b5:3b:61:e8:ea:bc:f3:0b:02:63:
75:91:97:74:60:8b:33:8e:26:ec:98:4b:16:6b:2e:
9a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:50:DA:B4:65:0C:44:B1:C0:BE:90:18:79:62:E9:30:2C:AC:52:EB
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/_1DatGUMRLHAvpAYeWLpMCysUus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:bc8:37::/48
Signature Algorithm: sha256WithRSAEncryption
a4:62:41:bc:37:63:30:30:e0:9b:35:75:51:6d:b4:9e:c7:e5:
ad:d1:a5:2c:fb:33:8b:09:29:30:22:c7:a6:6e:1b:4e:e6:4a:
02:a0:b7:4f:16:7e:fb:ed:2c:47:c6:b5:df:47:2e:45:5b:f2:
67:84:64:12:14:ad:1f:9f:5c:6d:08:5c:ec:2c:17:bd:93:fb:
a1:49:cf:03:13:16:39:54:f6:3a:55:69:c9:79:db:bb:3c:d2:
eb:0c:dd:f5:93:b0:7a:e4:37:b3:68:6a:cf:5d:66:5d:aa:25:
cc:27:d0:ce:4a:67:9b:b8:25:ad:12:7f:39:1f:6c:d4:5c:60:
62:2e:b4:77:0f:7f:86:c8:a0:94:e9:b5:f6:38:6d:76:e1:c0:
c7:df:e9:50:8f:3f:bd:18:e5:62:f2:86:09:6a:3b:a7:8a:65:
98:96:79:b5:e2:e8:ab:be:f2:1f:27:8d:74:68:55:ff:c1:2a:
d9:2c:c0:3b:ea:07:c4:5e:ef:03:0d:36:f1:07:da:84:4a:25:
23:e8:d1:a6:24:7a:2c:6c:d9:48:a8:63:a0:9f:c5:d4:be:bf:
6c:64:80:3a:98:99:23:7f:fb:0c:3c:22:a8:7b:43:57:2b:45:
9c:10:10:2f:02:49:69:7a:10:7a:37:a8:25:53:67:e2:d9:4c:
c3:e5:4f:6c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsU9BmU57IQDibSdqB6XkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjMwMTAxMDc1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjUwZGFiNDY1MGM0NGIxYzBiZTkwMTg3OTYyZTkzMDJjYWM1MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJOgZWjZkxPktkCe10o3Hw45Kckl
lAiuFwzD9IuC7zij2VRBn4yMkdbJKBySz30/6l++AGVMdPesj3PE2QqdVUH3zeoJ
/rBAHvvmW0Izxs2a2pr/s/4OpYSgG+pxjMjqn8qgsNNyJ/iCRlM3i1J27DFVW8uN
WHGYU1klOdxWcWjin24wzqHzx401eKCa+1YU460JWpWuFUROYsrkW7PCmAWfyvka
fzWM0UFNTcBWE2IFzmDatOaUkqeEhfYuzUBzN+8MfPZvPxS//yhiAlDzEVEoPPVj
DDcUKYO30L5vfZ3Z91+fqrU7YejqvPMLAmN1kZd0YIszjibsmEsWay6a1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP9Q2rRlDESxwL6QGHli6TAsrFLrMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvXzFEYXRHVU1STEhBdnBBWWVXTHBNQ3lzVXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgILyAA3
MA0GCSqGSIb3DQEBCwUAA4IBAQCkYkG8N2MwMOCbNXVRbbSex+Wt0aUs+zOLCSkw
IsembhtO5koCoLdPFn777SxHxrXfRy5FW/JnhGQSFK0fn1xtCFzsLBe9k/uhSc8D
ExY5VPY6VWnJedu7PNLrDN31k7B65DezaGrPXWZdqiXMJ9DOSmebuCWtEn85H2zU
XGBiLrR3D3+GyKCU6bX2OG124cDH3+lQjz+9GOVi8oYJajunimWYlnm14uirvvIf
J410aFX/wSrZLMA76gfEXu8DDTbxB9qESiUj6NGmJHosbNlIqGOgn8XUvr9sZIA6
mJkjf/sMPCKoe0NXK0WcEBAvAklpehB6N6glU2fi2UzD5U9s
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:52 2025 by rpki-client