Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/jRbm5ySzgECe-vPQ3noK_UtkMi8.roa
File: jRbm5ySzgECe-vPQ3noK_UtkMi8.roa (raw, json)
Hash identifier: qGQbC7f0Rgu6pf/NYaUD/DjcpVo3jnbxiBqyY020oMA=
Subject key identifier: 8D:16:E6:E7:24:B3:80:40:9E:FA:F3:D0:DE:7A:0A:FD:4B:64:32:2F
Certificate issuer: /CN=12133a6523e2ed0a0c9a36ea8a7c6f0e72a5dd64
Certificate serial: 018ACB9644D172CAD2AC7386F00E7201B2B3
Authority key identifier: 12:13:3A:65:23:E2:ED:0A:0C:9A:36:EA:8A:7C:6F:0E:72:A5:DD:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/jRbm5ySzgECe-vPQ3noK_UtkMi8.roa
Signing time: Mon 25 Sep 2023 09:05:37 +0000
ROA not before: Mon 25 Sep 2023 09:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47254
IP address blocks: 2a02:d1c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:96:44:d1:72:ca:d2:ac:73:86:f0:0e:72:01:b2:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12133a6523e2ed0a0c9a36ea8a7c6f0e72a5dd64
Validity
Not Before: Sep 25 09:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d16e6e724b380409efaf3d0de7a0afd4b64322f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2b:4f:c4:36:75:fb:86:09:8c:7f:b2:53:d6:
c7:4f:02:ae:0a:b0:cb:f9:cf:0a:af:c0:cf:62:cc:
e7:43:43:ac:d0:f0:79:29:03:c6:5c:e1:f7:af:65:
56:58:d0:6e:05:ba:7c:c9:21:91:76:5a:9f:f9:06:
85:ed:61:bf:38:cc:31:2c:0f:90:5d:12:5a:6b:f0:
21:b4:b7:4d:89:f6:85:a0:7a:37:01:67:10:d5:24:
a5:ff:2b:c3:fa:a9:64:7c:a4:6c:20:72:88:58:a7:
57:52:b2:80:86:a9:06:df:4f:e3:94:84:a9:bc:fd:
b7:b6:ac:3f:74:6a:de:23:17:d4:a0:8b:08:c5:aa:
c7:9e:3a:f3:5d:ec:67:72:b8:91:bc:e1:63:ee:aa:
fa:de:c7:29:f5:9d:48:7f:c8:8e:94:ae:64:3c:de:
c3:3e:54:78:90:e7:19:0e:cb:0d:e1:87:95:75:0e:
be:0c:41:10:de:a6:48:4a:3e:2b:18:68:c8:68:db:
a4:8a:bc:07:8b:34:57:6c:47:e0:c7:1b:77:9b:6a:
e3:0c:57:89:5c:85:78:3d:a0:6c:25:98:ef:f2:92:
d4:2f:d8:46:ba:44:98:5c:ad:16:c9:80:3e:2e:c1:
03:ff:2e:19:b3:ab:37:8a:cc:fa:d8:82:97:28:45:
30:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:16:E6:E7:24:B3:80:40:9E:FA:F3:D0:DE:7A:0A:FD:4B:64:32:2F
X509v3 Authority Key Identifier:
keyid:12:13:3A:65:23:E2:ED:0A:0C:9A:36:EA:8A:7C:6F:0E:72:A5:DD:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/jRbm5ySzgECe-vPQ3noK_UtkMi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:a2:b0:2c:4a:d9:9b:39:fc:df:1b:d4:a6:df:7d:c1:7f:f4:
d4:8e:64:b0:b2:d6:4d:40:c9:18:67:4d:d9:60:30:53:a0:4a:
3d:7e:9a:73:f8:d3:f3:c2:64:60:c8:a7:0c:3d:44:18:c9:2e:
8c:33:3c:e5:73:dc:c9:b9:94:0b:12:08:8f:0e:cd:d8:5f:68:
1a:56:44:bc:fd:b5:20:36:9f:b3:50:8c:61:99:d6:0d:0a:b3:
80:a5:ac:87:ee:50:66:2e:16:66:72:db:3e:e6:1c:8f:a8:3d:
ec:7c:5e:a5:6a:db:d5:7a:7b:ab:9a:55:69:f2:4a:7b:83:62:
65:fe:99:14:08:20:5e:91:c2:49:a4:37:36:42:35:98:cc:b2:
73:08:7b:bf:83:98:87:9e:26:04:6c:6f:b4:f0:c6:bf:09:2d:
9a:de:be:ba:50:80:d5:27:f1:67:1b:e2:30:25:70:9b:8f:ec:
c6:8a:67:51:96:67:9d:da:61:da:dd:a8:ac:06:d5:7f:8d:6a:
f2:d8:bb:4b:d5:b1:c5:3c:16:dd:e3:1e:43:bc:88:ea:82:79:
ce:8c:0f:ac:4a:69:52:27:65:37:27:a3:96:36:ee:e6:1d:c8:
3e:34:c8:ab:ac:ec:ac:31:be:3e:fe:03:01:97:5b:5e:e6:e3:
55:c8:51:3a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYrLlkTRcsrSrHOG8A5yAbKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTMzYTY1MjNlMmVkMGEwYzlhMzZlYThhN2M2ZjBlNzJh
NWRkNjQwHhcNMjMwOTI1MDkwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDE2ZTZlNzI0YjM4MDQwOWVmYWYzZDBkZTdhMGFmZDRiNjQzMjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCtPxDZ1+4YJjH+yU9bHTwKuCrDL
+c8Kr8DPYsznQ0Os0PB5KQPGXOH3r2VWWNBuBbp8ySGRdlqf+QaF7WG/OMwxLA+Q
XRJaa/AhtLdNifaFoHo3AWcQ1SSl/yvD+qlkfKRsIHKIWKdXUrKAhqkG30/jlISp
vP23tqw/dGreIxfUoIsIxarHnjrzXexncriRvOFj7qr63scp9Z1If8iOlK5kPN7D
PlR4kOcZDssN4YeVdQ6+DEEQ3qZISj4rGGjIaNukirwHizRXbEfgxxt3m2rjDFeJ
XIV4PaBsJZjv8pLUL9hGukSYXK0WyYA+LsED/y4Zs6s3isz62IKXKEUwNQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFI0W5ucks4BAnvrz0N56Cv1LZDIvMB8GA1UdIwQY
MBaAFBITOmUj4u0KDJo26op8bw5ypd1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhNNlpTUGk3UW9NbWpicWlueHZEbktsM1dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85MzRlYzMtYjc2YS00MGQwLThhM2Et
ODI0NzI5YWI0YjlhLzEvalJibTV5U3pnRUNlLXZQUTNub0tfVXRrTWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85MzRlYzMtYjc2YS00MGQwLThhM2EtODI0NzI5YWI0Yjlh
LzEvRWhNNlpTUGk3UW9NbWpicWlueHZEbktsM1dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgLRwDAN
BgkqhkiG9w0BAQsFAAOCAQEAK6KwLErZmzn83xvUpt99wX/01I5ksLLWTUDJGGdN
2WAwU6BKPX6ac/jT88JkYMinDD1EGMkujDM85XPcybmUCxIIjw7N2F9oGlZEvP21
IDafs1CMYZnWDQqzgKWsh+5QZi4WZnLbPuYcj6g97HxepWrb1Xp7q5pVafJKe4Ni
Zf6ZFAggXpHCSaQ3NkI1mMyycwh7v4OYh54mBGxvtPDGvwktmt6+ulCA1SfxZxvi
MCVwm4/sxopnUZZnndph2t2orAbVf41q8ti7S9WxxTwW3eMeQ7yI6oJ5zowPrEpp
UidlNyejljbu5h3IPjTIq6zsrDG+Pv4DAZdbXubjVchROg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:06 2025 by rpki-client