Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/46bJNUPi6d4DUahGAksYwhJ7NSA.roa
File: 46bJNUPi6d4DUahGAksYwhJ7NSA.roa (raw, json)
Hash identifier: 3sTAv0Z4s6Ig7PwCvfB3LnajlkhpYS973ihEqlQoZLU=
Subject key identifier: E3:A6:C9:35:43:E2:E9:DE:03:51:A8:46:02:4B:18:C2:12:7B:35:20
Certificate issuer: /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial: 018572DED56DDD3DFEE7C1708008A7FBAFAC
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/46bJNUPi6d4DUahGAksYwhJ7NSA.roa
Signing time: Mon 02 Jan 2023 14:24:44 +0000
ROA not before: Mon 02 Jan 2023 14:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12857
IP address blocks: 2a00:b400::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:d5:6d:dd:3d:fe:e7:c1:70:80:08:a7:fb:af:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Validity
Not Before: Jan 2 14:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3a6c93543e2e9de0351a846024b18c2127b3520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:03:1b:07:67:9c:03:7c:bd:62:ea:66:83:4e:
e1:41:94:ac:d1:06:03:d3:9f:71:78:4e:4c:07:26:
c2:7c:20:e1:70:87:28:96:28:9a:dd:d5:fd:6e:3a:
e5:3e:b8:f8:6c:a8:3e:17:aa:86:d0:86:ee:0c:c1:
49:53:dc:b1:a2:1e:aa:58:00:80:ae:d5:5b:69:5b:
69:ee:04:88:16:70:21:c1:5a:50:03:7e:bc:7c:4d:
54:cc:8b:4b:c5:45:45:6a:82:3b:5b:dd:ca:d3:83:
1b:ba:2c:b9:ef:e9:9a:33:97:72:c1:f8:99:fe:f0:
49:c7:fa:d5:9d:57:e5:c3:f1:4e:16:5c:48:6f:73:
57:55:8e:c9:7d:8f:ef:e1:65:33:67:63:41:48:8f:
d8:63:43:fe:9f:4a:fb:11:96:34:e8:f6:d3:d1:ba:
e2:f1:ff:2c:02:05:c6:b2:5e:33:03:78:37:12:db:
7f:ba:c2:dc:0e:b4:e7:f6:8d:91:28:d4:b5:fa:ae:
33:b0:e6:ab:cb:ee:4b:ab:11:95:5a:25:fd:d9:eb:
30:ea:81:2c:c5:e8:0e:d2:b8:0f:d6:85:f5:aa:be:
95:7b:3f:90:09:f7:e9:00:f0:87:d9:0f:75:56:1d:
65:fd:cc:d3:99:c5:84:57:51:be:05:04:0b:1a:0a:
7c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:A6:C9:35:43:E2:E9:DE:03:51:A8:46:02:4B:18:C2:12:7B:35:20
X509v3 Authority Key Identifier:
keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/46bJNUPi6d4DUahGAksYwhJ7NSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:b400::/29
Signature Algorithm: sha256WithRSAEncryption
24:1a:58:e1:95:ca:74:36:32:3d:c8:a2:a3:53:91:cd:1a:c3:
03:37:1b:bf:60:20:4b:d6:4b:08:ee:bf:64:52:01:bf:d7:d4:
1a:3c:08:6c:54:29:d7:63:0c:5e:93:21:bf:09:e3:8d:14:60:
1e:9d:b8:fb:ad:12:c9:29:53:13:52:9c:88:97:e8:29:c9:25:
b3:36:77:d0:42:55:de:c0:dc:a6:90:28:a5:5c:07:ab:ef:4a:
73:0d:d2:c5:48:fb:ca:8f:a0:16:ce:b5:87:c9:f8:b9:42:2e:
02:dc:6b:4c:cc:41:37:6f:bd:23:64:31:e9:45:a9:ef:2a:71:
16:35:c5:d3:f1:13:c2:1f:5a:5b:fb:4b:9d:9d:20:53:d5:db:
99:4c:a4:85:aa:0a:0e:4e:df:19:fe:f1:b9:97:d5:14:3b:71:
e0:ad:bf:16:e6:86:68:fa:47:76:16:33:84:6f:3c:ce:bf:5e:
71:30:df:83:cc:8e:75:b7:65:6a:b1:83:0c:eb:da:0f:61:8e:
5e:f7:1e:da:e3:14:58:16:b5:d8:b1:5c:26:45:31:49:6a:54:
fc:89:d3:43:f2:0c:de:d1:34:de:89:31:b7:43:1b:6c:eb:52:
9a:16:18:db:f4:ef:ac:78:2d:cb:24:b8:0a:b4:fc:36:16:09:
81:89:5a:e0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVy3tVt3T3+58FwgAin+6+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQyZjY0YzMzNzQ2NWVkMzhkYTVmN2NjNDU4NGRmODdk
NGE3NDQwHhcNMjMwMTAyMTQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2E2YzkzNTQzZTJlOWRlMDM1MWE4NDYwMjRiMThjMjEyN2IzNTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAMbB2ecA3y9Yupmg07hQZSs0QYD
059xeE5MBybCfCDhcIcoliia3dX9bjrlPrj4bKg+F6qG0IbuDMFJU9yxoh6qWACA
rtVbaVtp7gSIFnAhwVpQA368fE1UzItLxUVFaoI7W93K04Mbuiy57+maM5dywfiZ
/vBJx/rVnVflw/FOFlxIb3NXVY7JfY/v4WUzZ2NBSI/YY0P+n0r7EZY06PbT0bri
8f8sAgXGsl4zA3g3Ett/usLcDrTn9o2RKNS1+q4zsOary+5LqxGVWiX92esw6oEs
xegO0rgP1oX1qr6Vez+QCffpAPCH2Q91Vh1l/czTmcWEV1G+BQQLGgp8FwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOOmyTVD4uneA1GoRgJLGMISezUgMB8GA1UdIwQY
MBaAFGaNL2TDN0Ze042l98xFhN+H1KdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQt
MzhiYmNmYWVlNmNlLzEvNDZiSk5VUGk2ZDREVWFoR0Frc1l3aEo3TlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQtMzhiYmNmYWVlNmNl
LzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgC0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAJBpY4ZXKdDYyPciio1ORzRrDAzcbv2AgS9ZLCO6/
ZFIBv9fUGjwIbFQp12MMXpMhvwnjjRRgHp24+60SySlTE1KciJfoKcklszZ30EJV
3sDcppAopVwHq+9Kcw3SxUj7yo+gFs61h8n4uUIuAtxrTMxBN2+9I2Qx6UWp7ypx
FjXF0/ETwh9aW/tLnZ0gU9XbmUykhaoKDk7fGf7xuZfVFDtx4K2/FuaGaPpHdhYz
hG88zr9ecTDfg8yOdbdlarGDDOvaD2GOXvce2uMUWBa12LFcJkUxSWpU/InTQ/IM
3tE03okxt0MbbOtSmhYY2/TvrHgtyyS4CrT8NhYJgYla4A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:18 2025 by rpki-client