Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/soDYuNYDLVQ84_QDXmc9FEEaiA0.roa
File: soDYuNYDLVQ84_QDXmc9FEEaiA0.roa (raw, json)
Hash identifier: D3VlYZsr52+aiOEMbII3DOebgPlRbP0lY8cSOYQRdYw=
Subject key identifier: B2:80:D8:B8:D6:03:2D:54:3C:E3:F4:03:5E:67:3D:14:41:1A:88:0D
Certificate issuer: /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial: 03B76EE6
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/soDYuNYDLVQ84_QDXmc9FEEaiA0.roa
Signing time: Sat 01 Jan 2022 09:59:52 +0000
ROA not before: Sat 01 Jan 2022 09:59:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12857
IP address blocks: 2a00:b400::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62353126 (0x3b76ee6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Validity
Not Before: Jan 1 09:59:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b280d8b8d6032d543ce3f4035e673d14411a880d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4f:bb:54:4f:74:09:1e:dd:de:04:92:e9:f3:
0e:71:70:99:e1:e5:bc:0e:92:d6:17:34:0b:b2:e6:
14:d0:7e:52:72:2f:51:a9:67:3a:e8:63:22:b6:e7:
9d:41:19:3c:dd:ba:4a:7e:1b:38:02:0d:b4:57:70:
c1:ec:7d:68:bd:5d:24:09:a5:d4:76:ea:b7:38:ca:
d0:50:71:bb:be:e2:05:23:2f:ed:b7:ba:f6:c0:3a:
55:38:f3:ab:e2:ee:87:b2:85:a5:57:ef:f0:0f:4a:
78:63:b6:8a:a9:fb:db:67:31:67:91:cf:b6:2e:12:
dc:08:19:8a:22:1c:24:3a:70:16:cd:da:14:16:7b:
16:18:83:53:ec:eb:18:08:4c:c8:00:68:b7:46:65:
5d:cb:a6:9b:61:24:84:55:ef:19:a1:a3:bb:fd:0e:
6f:ca:9a:cc:f1:8d:c4:72:33:0c:00:af:0d:2b:3c:
1d:f7:b7:19:74:91:a7:93:11:65:38:53:06:b2:1f:
f5:69:e9:13:bd:5b:7e:92:7c:a9:b0:b6:bb:f1:e3:
bc:95:08:5b:d7:22:7b:2f:24:0b:8d:a7:52:fa:14:
c3:cd:63:1d:71:5d:2e:e0:88:b5:fa:41:a9:1b:26:
e4:9f:c6:7a:46:4f:9e:ab:38:c8:3d:e5:ba:0c:78:
b9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:80:D8:B8:D6:03:2D:54:3C:E3:F4:03:5E:67:3D:14:41:1A:88:0D
X509v3 Authority Key Identifier:
keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/soDYuNYDLVQ84_QDXmc9FEEaiA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:b400::/29
Signature Algorithm: sha256WithRSAEncryption
84:8d:99:b4:74:3d:40:10:bd:7e:76:12:7d:13:cc:b1:fc:d4:
32:ae:c6:8d:ef:6b:ee:63:3a:7d:33:7c:8b:ab:24:f9:b7:dd:
5a:a6:02:9b:c2:da:5e:cd:53:57:77:32:77:19:aa:63:12:df:
da:da:60:e9:bd:f8:d6:24:04:13:8d:02:5a:c9:14:81:cf:c4:
90:07:c6:c2:f8:c3:5e:bb:88:5b:8f:d2:e0:d3:69:97:5d:2d:
52:04:cc:e7:53:ed:b1:3e:ee:05:08:6f:57:4e:38:c1:20:62:
5f:47:e5:f9:56:b5:6a:9a:87:b7:ea:bd:e6:ad:86:e2:a2:cc:
5e:67:2f:b6:b5:fa:39:05:79:e4:34:23:c5:ce:cf:7b:2e:cc:
32:e9:6c:48:bf:65:2e:39:e8:9b:68:2d:a7:3b:dd:87:47:39:
f9:4d:29:0e:6e:81:60:90:51:e0:3e:53:55:ed:9b:b8:d7:a8:
af:a2:f1:61:10:02:32:ab:9b:6c:60:0c:47:38:cf:60:9b:e5:
56:7d:1b:ff:45:bb:81:c2:72:a6:04:15:85:9a:43:66:9f:e6:
30:f3:4a:76:85:5f:c6:20:f2:8f:e8:7c:e9:3d:8b:f5:db:34:
7e:3f:09:ac:bf:d8:fb:ff:20:32:d4:f1:6e:1c:bf:ca:e3:e6:
eb:e7:32:0b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEA7du5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjhkMmY2NGMzMzc0NjVlZDM4ZGE1ZjdjYzQ1ODRkZjg3ZDRhNzQ0MB4XDTIyMDEw
MTA5NTk1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjI4MGQ4YjhkNjAz
MmQ1NDNjZTNmNDAzNWU2NzNkMTQ0MTFhODgwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRPu1RPdAke3d4EkunzDnFwmeHlvA6S1hc0C7LmFNB+UnIv
UalnOuhjIrbnnUEZPN26Sn4bOAINtFdwwex9aL1dJAml1HbqtzjK0FBxu77iBSMv
7be69sA6VTjzq+Luh7KFpVfv8A9KeGO2iqn722cxZ5HPti4S3AgZiiIcJDpwFs3a
FBZ7FhiDU+zrGAhMyABot0ZlXcumm2EkhFXvGaGju/0Ob8qazPGNxHIzDACvDSs8
Hfe3GXSRp5MRZThTBrIf9WnpE71bfpJ8qbC2u/HjvJUIW9ciey8kC42nUvoUw81j
HXFdLuCItfpBqRsm5J/GekZPnqs4yD3lugx4uWcCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSygNi41gMtVDzj9ANeZz0UQRqIDTAfBgNVHSMEGDAWgBRmjS9kwzdGXtON
pffMRYTfh9SnRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pvMHZaTU0zUmw3VGphWDN6RVdFMzRmVXAwUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvODI4YjBmLTgwZTgtNDI3Yi05NzFkLTM4YmJjZmFlZTZjZS8x
L3NvRFl1TllETFZRODRfUURYbWM5RkVFYWlBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
ODI4YjBmLTgwZTgtNDI3Yi05NzFkLTM4YmJjZmFlZTZjZS8xL1pvMHZaTU0zUmw3
VGphWDN6RVdFMzRmVXAwUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoAtAAwDQYJKoZIhvcNAQELBQAD
ggEBAISNmbR0PUAQvX52En0TzLH81DKuxo3va+5jOn0zfIurJPm33VqmApvC2l7N
U1d3MncZqmMS39raYOm9+NYkBBONAlrJFIHPxJAHxsL4w167iFuP0uDTaZddLVIE
zOdT7bE+7gUIb1dOOMEgYl9H5flWtWqah7fqveathuKizF5nL7a1+jkFeeQ0I8XO
z3suzDLpbEi/ZS456JtoLac73YdHOflNKQ5ugWCQUeA+U1Xtm7jXqK+i8WEQAjKr
m2xgDEc4z2Cb5VZ9G/9Fu4HCcqYEFYWaQ2af5jDzSnaFX8Yg8o/ofOk9i/XbNH4/
Cay/2Pv/IDLU8W4cv8rj5uvnMgs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:18 2025 by rpki-client