Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/rSDyPIueftyJMYsuQL4rcMLARmY.roa
File: rSDyPIueftyJMYsuQL4rcMLARmY.roa (raw, json)
Hash identifier: YpoLZ+o7AJeb4oIlSqU56Ue54AHFIg8PG2FwvRGJYXk=
Subject key identifier: AD:20:F2:3C:8B:9E:7E:DC:89:31:8B:2E:40:BE:2B:70:C2:C0:46:66
Certificate issuer: /CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1
Certificate serial: 018571276D2DEC7FF429482EC7A62462E692
Authority key identifier: 32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/rSDyPIueftyJMYsuQL4rcMLARmY.roa
Signing time: Mon 02 Jan 2023 06:24:47 +0000
ROA not before: Mon 02 Jan 2023 06:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208354
IP address blocks: 2a0c:8500::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:6d:2d:ec:7f:f4:29:48:2e:c7:a6:24:62:e6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1
Validity
Not Before: Jan 2 06:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad20f23c8b9e7edc89318b2e40be2b70c2c04666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:09:ae:b3:4b:4c:df:46:9c:ec:f4:47:32:64:
60:61:89:c9:24:94:0f:fe:dc:14:6f:4c:c5:da:92:
63:7c:64:85:96:0e:ca:60:f8:01:68:65:fa:0a:4a:
53:a0:80:ed:fb:ac:d7:4e:20:04:96:79:bb:4f:7e:
65:6d:f7:56:b4:41:42:3f:25:92:76:ff:a3:11:b6:
19:78:e7:a5:3e:c7:a5:c2:f1:ea:6e:fa:29:03:fc:
ca:ca:04:c1:6e:2e:bd:c4:2e:32:d8:3a:ca:f6:d6:
9a:b9:89:a9:62:1b:51:1d:f5:74:87:74:67:94:c8:
e2:b9:22:f9:fc:1f:a6:6e:86:75:12:84:93:16:47:
4f:7b:4b:84:8e:bb:1a:5f:43:e7:92:b8:c0:f0:4d:
e5:45:72:e2:90:d4:58:f8:c7:05:ca:e9:b2:f0:bc:
98:24:14:7b:cf:35:97:0d:62:09:c2:c7:9e:af:d5:
87:cb:40:27:63:12:0e:39:a2:55:18:88:a6:64:0b:
ed:8e:98:5a:be:40:84:51:7a:82:24:8e:c9:a7:a7:
32:83:51:ca:39:e0:90:f5:64:97:bd:87:b3:25:7b:
61:85:42:74:27:fc:2b:69:a6:33:55:74:96:c5:2c:
6c:36:19:0f:94:13:24:30:8c:4f:3b:82:d7:b9:86:
60:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:20:F2:3C:8B:9E:7E:DC:89:31:8B:2E:40:BE:2B:70:C2:C0:46:66
X509v3 Authority Key Identifier:
keyid:32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/rSDyPIueftyJMYsuQL4rcMLARmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:8500::/29
Signature Algorithm: sha256WithRSAEncryption
aa:de:1a:e4:6b:b7:b9:07:5f:ff:4e:01:2b:10:7e:8c:c4:67:
d8:0e:69:41:95:f6:50:43:cd:68:24:e5:f9:98:96:ae:0b:f8:
b5:2c:a3:9c:63:78:83:77:6e:6f:29:17:95:6b:18:5b:90:4f:
63:99:23:f4:e3:33:c4:ff:db:f7:92:b8:2d:81:d5:84:d3:aa:
10:f0:ac:5a:8d:11:c3:cc:ba:40:90:57:cc:1f:89:46:2a:bf:
9b:22:64:62:57:36:2e:ae:a9:59:d4:03:89:c9:c9:69:f8:28:
56:4a:98:b5:59:8f:4c:e3:a3:a3:24:93:d2:63:69:6b:61:88:
12:99:ff:ae:de:c3:37:8a:b2:ef:63:c2:a1:5c:db:fb:1c:a1:
8f:62:d6:9b:ad:e1:f8:f7:2e:ec:8a:32:7e:5e:69:03:58:3c:
89:ef:f5:0e:58:fc:4a:a3:91:86:f6:ca:80:ae:5a:7e:a5:43:
83:81:3b:44:df:d3:6c:df:ab:9b:39:4a:bd:a0:be:49:c9:c5:
4b:79:5c:4c:b4:88:36:4d:91:26:b2:b1:cf:af:e1:40:48:28:
83:ce:75:ea:15:ed:a1:ce:61:3f:c4:50:ad:13:82:3a:bd:f0:
a3:64:a7:74:f7:79:67:3f:6d:db:36:28:ac:99:f3:dc:c8:6a:
30:cd:19:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxJ20t7H/0KUgux6YkYuaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNGM3MTA0NmM1NDlmYjNjN2Q0ZWJjNGNmOTUxOWQwMDJl
NzZkZjEwHhcNMjMwMTAyMDYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDIwZjIzYzhiOWU3ZWRjODkzMThiMmU0MGJlMmI3MGMyYzA0NjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAmus0tM30ac7PRHMmRgYYnJJJQP
/twUb0zF2pJjfGSFlg7KYPgBaGX6CkpToIDt+6zXTiAElnm7T35lbfdWtEFCPyWS
dv+jEbYZeOelPselwvHqbvopA/zKygTBbi69xC4y2DrK9taauYmpYhtRHfV0h3Rn
lMjiuSL5/B+mboZ1EoSTFkdPe0uEjrsaX0PnkrjA8E3lRXLikNRY+McFyumy8LyY
JBR7zzWXDWIJwseer9WHy0AnYxIOOaJVGIimZAvtjphavkCEUXqCJI7Jp6cyg1HK
OeCQ9WSXvYezJXthhUJ0J/wraaYzVXSWxSxsNhkPlBMkMIxPO4LXuYZgxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK0g8jyLnn7ciTGLLkC+K3DCwEZmMB8GA1UdIwQY
MBaAFDJMcQRsVJ+zx9TrxM+VGdAC523xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUt
N2NmZWFmMDg2ZTE0LzEvclNEeVBJdWVmdHlKTVlzdVFMNHJjTUxBUm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUtN2NmZWFmMDg2ZTE0
LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgyFADAN
BgkqhkiG9w0BAQsFAAOCAQEAqt4a5Gu3uQdf/04BKxB+jMRn2A5pQZX2UEPNaCTl
+ZiWrgv4tSyjnGN4g3dubykXlWsYW5BPY5kj9OMzxP/b95K4LYHVhNOqEPCsWo0R
w8y6QJBXzB+JRiq/myJkYlc2Lq6pWdQDicnJafgoVkqYtVmPTOOjoyST0mNpa2GI
Epn/rt7DN4qy72PCoVzb+xyhj2LWm63h+Pcu7Ioyfl5pA1g8ie/1Dlj8SqORhvbK
gK5afqVDg4E7RN/TbN+rmzlKvaC+ScnFS3lcTLSINk2RJrKxz6/hQEgog8516hXt
oc5hP8RQrROCOr3wo2SndPd5Zz9t2zYorJnz3MhqMM0ZcA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:32 2025 by rpki-client