Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/xkkaj2HQaLy1_JaF5H5m0Nwv7wA.roa
File: xkkaj2HQaLy1_JaF5H5m0Nwv7wA.roa (raw, json)
Hash identifier: K1WcXGB7gVFSwskIoVhHJFU9Gdt/3+R8bRucvO+SRtA=
Subject key identifier: C6:49:1A:8F:61:D0:68:BC:B5:FC:96:85:E4:7E:66:D0:DC:2F:EF:00
Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f
Certificate serial: 018BB910561D03FDFADF7B9E7E2E000F7524
Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/xkkaj2HQaLy1_JaF5H5m0Nwv7wA.roa
Signing time: Fri 10 Nov 2023 11:48:57 +0000
ROA not before: Fri 10 Nov 2023 11:48:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a04:5b82:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:10:56:1d:03:fd:fa:df:7b:9e:7e:2e:00:0f:75:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f
Validity
Not Before: Nov 10 11:48:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6491a8f61d068bcb5fc9685e47e66d0dc2fef00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:19:6e:96:78:e5:e3:cf:a5:9b:87:57:46:
f6:fb:9b:76:a2:87:9a:98:a9:4e:3e:38:a3:3a:e3:
70:88:f3:08:d0:8c:e7:2f:79:55:ce:d6:62:79:37:
12:d9:cf:81:62:f8:77:8d:65:60:fd:f1:f4:a4:d7:
92:72:8b:c1:0b:c0:88:60:73:4e:32:d7:37:c6:36:
17:a0:d3:f9:07:a8:f5:ff:61:7b:e0:36:c4:4c:14:
84:ce:97:83:db:3b:bb:a2:2c:e0:be:48:14:dc:5b:
0e:39:ab:74:a2:77:bb:f8:a3:c2:a1:cc:43:93:6e:
29:92:e1:35:eb:d1:3c:bf:51:87:a1:ab:19:db:95:
83:64:3c:80:e0:be:95:56:d0:6d:4e:30:46:99:33:
56:37:a9:5f:91:0a:fe:e4:6d:bc:95:a5:0d:6b:87:
32:4e:c1:bd:d5:48:fc:49:0b:5d:8e:e9:78:c9:dd:
f5:82:2d:87:0a:84:89:26:34:07:f1:f8:74:16:4b:
f6:a6:25:52:8d:cf:8c:90:2c:e3:79:03:cf:d3:28:
c4:63:45:96:5c:5b:6a:a1:80:ef:3b:8c:ec:41:9b:
e7:c0:30:54:c0:82:5a:5e:95:1d:5f:d5:ef:21:85:
3a:73:60:27:97:63:4b:5b:e5:6f:25:12:76:8d:4c:
b1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:49:1A:8F:61:D0:68:BC:B5:FC:96:85:E4:7E:66:D0:DC:2F:EF:00
X509v3 Authority Key Identifier:
keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/xkkaj2HQaLy1_JaF5H5m0Nwv7wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5b82:2000::/48
Signature Algorithm: sha256WithRSAEncryption
b5:ca:19:e8:0a:04:75:d3:19:03:e1:e2:7c:1b:b9:ed:ef:9f:
4c:40:2d:d7:f6:27:3b:5e:7c:ae:d9:d9:3d:93:c0:13:0e:c0:
3a:6e:99:a8:88:6f:38:b9:92:84:1b:0c:aa:2d:98:bb:53:b9:
9a:02:bc:eb:5a:cb:47:72:84:bc:51:3a:3b:31:21:68:9c:8d:
9d:a3:c1:1a:24:a3:98:44:36:3c:c6:bd:7d:64:c8:26:8c:ea:
31:30:a8:72:d1:d6:f3:77:2e:8f:8a:e3:e0:69:52:2c:42:b7:
7a:db:cd:c6:c5:3a:e7:9d:30:07:54:45:78:48:82:70:52:03:
2f:72:52:84:25:f8:af:03:18:16:1f:c5:6d:e3:f8:0a:25:24:
e2:c1:8e:65:4c:8d:78:e1:92:8d:16:7c:11:83:2b:09:c6:68:
79:78:96:26:22:56:96:a8:72:79:90:07:ba:30:d7:d8:a4:32:
f0:72:15:b0:c8:3d:cc:a3:0e:c9:0b:25:1f:e2:55:79:c9:f3:
ee:b9:78:11:b4:68:d6:ec:1a:75:ac:c5:4f:17:84:39:2d:d1:
f3:7e:78:41:b8:cb:6c:e5:c3:e0:29:7d:17:8c:50:d2:28:93:
56:1d:a7:4c:e1:0d:f3:e2:ce:f8:ee:ef:c2:f8:24:bc:27:ab:
81:37:ca:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYu5EFYdA/3633uefi4AD3UkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1
MTNhMGYwHhcNMjMxMTEwMTE0ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ5MWE4ZjYxZDA2OGJjYjVmYzk2ODVlNDdlNjZkMGRjMmZlZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXYZbpZ45ePPpZuHV0b2+5t2ooea
mKlOPjijOuNwiPMI0IznL3lVztZieTcS2c+BYvh3jWVg/fH0pNeScovBC8CIYHNO
Mtc3xjYXoNP5B6j1/2F74DbETBSEzpeD2zu7oizgvkgU3FsOOat0one7+KPCocxD
k24pkuE169E8v1GHoasZ25WDZDyA4L6VVtBtTjBGmTNWN6lfkQr+5G28laUNa4cy
TsG91Uj8SQtdjul4yd31gi2HCoSJJjQH8fh0Fkv2piVSjc+MkCzjeQPP0yjEY0WW
XFtqoYDvO4zsQZvnwDBUwIJaXpUdX9XvIYU6c2Anl2NLW+VvJRJ2jUyxKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMZJGo9h0Gi8tfyWheR+ZtDcL+8AMB8GA1UdIwQY
MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt
MWQyMWQxYmNlM2ZlLzEveGtrYWoySFFhTHkxX0phRjVINW0wTnd2N3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl
LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgRbgiAA
MA0GCSqGSIb3DQEBCwUAA4IBAQC1yhnoCgR10xkD4eJ8G7nt759MQC3X9ic7Xnyu
2dk9k8ATDsA6bpmoiG84uZKEGwyqLZi7U7maArzrWstHcoS8UTo7MSFonI2do8Ea
JKOYRDY8xr19ZMgmjOoxMKhy0dbzdy6PiuPgaVIsQrd6283GxTrnnTAHVEV4SIJw
UgMvclKEJfivAxgWH8Vt4/gKJSTiwY5lTI144ZKNFnwRgysJxmh5eJYmIlaWqHJ5
kAe6MNfYpDLwchWwyD3Mow7JCyUf4lV5yfPuuXgRtGjW7Bp1rMVPF4Q5LdHzfnhB
uMts5cPgKX0XjFDSKJNWHadM4Q3z4s747u/C+CS8J6uBN8pv
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:27 2025 by rpki-client