Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f99b62-b3e3-4c5d-aa86-d668c53f6612/1/3pNzQ7yfUCwi2Kds3qfS50ybfVk.roa
File: 3pNzQ7yfUCwi2Kds3qfS50ybfVk.roa (raw, json)
Hash identifier: iGLKwmJzudZnmyZy7YphUxBlZ5B5Ow/X8VyHyY+si9g=
Subject key identifier: DE:93:73:43:BC:9F:50:2C:22:D8:A7:6C:DE:A7:D2:E7:4C:9B:7D:59
Certificate issuer: /CN=d0cbf6ba097a76b610c856035bc18de797c2a677
Certificate serial: 018C0C1C29F124CCC43D58A579B5F54A93D9
Authority key identifier: D0:CB:F6:BA:09:7A:76:B6:10:C8:56:03:5B:C1:8D:E7:97:C2:A6:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Mv2ugl6drYQyFYDW8GN55fCpnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f99b62-b3e3-4c5d-aa86-d668c53f6612/1/3pNzQ7yfUCwi2Kds3qfS50ybfVk.roa
Signing time: Sun 26 Nov 2023 14:50:21 +0000
ROA not before: Sun 26 Nov 2023 14:50:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212077
IP address blocks: 2a0f:5840:a1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0c:1c:29:f1:24:cc:c4:3d:58:a5:79:b5:f5:4a:93:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0cbf6ba097a76b610c856035bc18de797c2a677
Validity
Not Before: Nov 26 14:50:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de937343bc9f502c22d8a76cdea7d2e74c9b7d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ce:d4:59:4c:43:fe:5d:97:3f:df:0c:75:3e:
47:d5:b1:2b:d3:2f:fb:39:f8:e6:3a:3b:b8:49:96:
ec:e8:28:5a:06:7d:d4:d2:91:2e:60:3a:e3:1e:52:
97:ab:b1:66:95:38:1c:ca:d8:96:b5:39:24:18:6a:
e9:f9:ea:ef:5b:39:e3:68:3d:7e:10:9a:32:66:d5:
d2:b3:3f:f8:34:33:0b:ee:39:33:11:53:bb:c0:f5:
9d:fb:3a:64:3e:33:20:4f:f3:b7:56:b8:cf:99:70:
de:42:0a:f0:91:1e:e2:26:70:d6:2e:3a:58:a9:c4:
b5:0d:d4:9d:3e:0e:86:8f:a0:6c:61:d0:c1:71:31:
7e:38:45:34:a5:ff:aa:ed:73:a5:da:ad:49:e4:b4:
1a:66:26:07:e8:25:e8:2b:b5:de:fa:fe:73:9f:b9:
01:f1:a5:e0:fd:a5:55:f7:6d:21:5b:f8:ab:55:81:
30:3d:63:3b:a5:99:f2:cf:54:c8:3e:47:b0:a7:36:
ea:db:50:d4:e7:e9:a2:d8:5a:6c:56:ea:62:42:4c:
e9:5b:88:32:b2:d8:06:ba:eb:71:7f:18:3b:61:c5:
5c:d1:7b:aa:92:0c:f7:ad:ed:c6:30:cc:36:fe:49:
99:dd:32:f1:99:66:0b:d7:43:8a:ea:41:0a:64:08:
07:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:93:73:43:BC:9F:50:2C:22:D8:A7:6C:DE:A7:D2:E7:4C:9B:7D:59
X509v3 Authority Key Identifier:
keyid:D0:CB:F6:BA:09:7A:76:B6:10:C8:56:03:5B:C1:8D:E7:97:C2:A6:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Mv2ugl6drYQyFYDW8GN55fCpnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f99b62-b3e3-4c5d-aa86-d668c53f6612/1/3pNzQ7yfUCwi2Kds3qfS50ybfVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f99b62-b3e3-4c5d-aa86-d668c53f6612/1/0Mv2ugl6drYQyFYDW8GN55fCpnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5840:a1::/48
Signature Algorithm: sha256WithRSAEncryption
3b:ed:46:f6:32:6e:6e:12:d8:63:24:b2:52:05:19:e8:d1:81:
97:28:ef:8c:85:33:49:16:32:1f:06:f0:4f:59:50:0e:f5:03:
90:15:96:1c:8e:b0:e1:99:58:2a:15:85:f0:1c:39:4e:31:62:
7c:c4:96:a0:9b:01:35:c0:1c:39:8b:68:48:18:09:c1:5f:78:
6c:61:23:01:51:bc:18:9e:a0:a9:f7:a7:e7:95:b7:5c:9f:52:
c2:9e:33:ac:64:23:85:31:8b:a0:23:47:c3:30:25:93:7b:37:
a4:e1:30:e2:8b:20:aa:ce:1f:99:a5:ab:09:dc:8d:0d:53:1e:
23:ce:cc:3f:cb:e3:d0:3b:5d:78:45:fe:10:55:6d:53:bc:c9:
d9:87:24:e5:ae:4d:4d:78:9d:bb:dc:78:89:4a:16:68:7e:c3:
f0:2d:31:c9:56:44:e4:d7:d3:d4:e5:f3:c1:ab:a8:34:a9:0a:
70:fb:8d:a3:09:0b:dc:07:ee:97:fa:b7:39:64:47:ad:ac:05:
70:ad:ba:84:25:f6:23:53:88:60:2f:47:c6:d3:94:e2:81:24:
df:e0:b0:49:0d:97:ba:e3:f7:c6:7b:ca:16:6b:cd:29:fb:2d:
26:57:89:c6:31:c5:e9:68:94:77:7d:2f:55:50:be:ba:00:12:
30:a4:cd:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwMHCnxJMzEPVilebX1SpPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwY2JmNmJhMDk3YTc2YjYxMGM4NTYwMzViYzE4ZGU3OTdj
MmE2NzcwHhcNMjMxMTI2MTQ1MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTkzNzM0M2JjOWY1MDJjMjJkOGE3NmNkZWE3ZDJlNzRjOWI3ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhc7UWUxD/l2XP98MdT5H1bEr0y/7
OfjmOju4SZbs6ChaBn3U0pEuYDrjHlKXq7FmlTgcytiWtTkkGGrp+ervWznjaD1+
EJoyZtXSsz/4NDML7jkzEVO7wPWd+zpkPjMgT/O3VrjPmXDeQgrwkR7iJnDWLjpY
qcS1DdSdPg6Gj6BsYdDBcTF+OEU0pf+q7XOl2q1J5LQaZiYH6CXoK7Xe+v5zn7kB
8aXg/aVV920hW/irVYEwPWM7pZnyz1TIPkewpzbq21DU5+mi2FpsVupiQkzpW4gy
stgGuutxfxg7YcVc0Xuqkgz3re3GMMw2/kmZ3TLxmWYL10OK6kEKZAgHuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN6Tc0O8n1AsItinbN6n0udMm31ZMB8GA1UdIwQY
MBaAFNDL9roJena2EMhWA1vBjeeXwqZ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME12MnVnbDZkcllReUZZRFc4R041NWZDcG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mOTliNjItYjNlMy00YzVkLWFhODYt
ZDY2OGM1M2Y2NjEyLzEvM3BOelE3eWZVQ3dpMktkczNxZlM1MHliZlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mOTliNjItYjNlMy00YzVkLWFhODYtZDY2OGM1M2Y2NjEy
LzEvME12MnVnbDZkcllReUZZRFc4R041NWZDcG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9YQACh
MA0GCSqGSIb3DQEBCwUAA4IBAQA77Ub2Mm5uEthjJLJSBRno0YGXKO+MhTNJFjIf
BvBPWVAO9QOQFZYcjrDhmVgqFYXwHDlOMWJ8xJagmwE1wBw5i2hIGAnBX3hsYSMB
UbwYnqCp96fnlbdcn1LCnjOsZCOFMYugI0fDMCWTezek4TDiiyCqzh+ZpasJ3I0N
Ux4jzsw/y+PQO114Rf4QVW1TvMnZhyTlrk1NeJ273HiJShZofsPwLTHJVkTk19PU
5fPBq6g0qQpw+42jCQvcB+6X+rc5ZEetrAVwrbqEJfYjU4hgL0fG05TigSTf4LBJ
DZe64/fGe8oWa80p+y0mV4nGMcXpaJR3fS9VUL66ABIwpM3n
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:33:58 2025 by rpki-client