Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/2nslUt2ksapg2nMTEh9X_b48emA.roa
File: 2nslUt2ksapg2nMTEh9X_b48emA.roa (raw, json)
Hash identifier: l8iGbaeAQQRHhAeFs04X1jhGJsFLatkfiMXodVIhJeE=
Subject key identifier: DA:7B:25:52:DD:A4:B1:AA:60:DA:73:13:12:1F:57:FD:BE:3C:7A:60
Certificate issuer: /CN=0b5caf262fdbfcc5ff30e28a5104646e27a89262
Certificate serial: 0185728C881E6FD509F699F10DF7CECF131D
Authority key identifier: 0B:5C:AF:26:2F:DB:FC:C5:FF:30:E2:8A:51:04:64:6E:27:A8:92:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1yvJi_b_MX_MOKKUQRkbieokmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/2nslUt2ksapg2nMTEh9X_b48emA.roa
Signing time: Mon 02 Jan 2023 12:54:50 +0000
ROA not before: Mon 02 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12414
IP address blocks: 2a05:b2c2::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:88:1e:6f:d5:09:f6:99:f1:0d:f7:ce:cf:13:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b5caf262fdbfcc5ff30e28a5104646e27a89262
Validity
Not Before: Jan 2 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da7b2552dda4b1aa60da7313121f57fdbe3c7a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2c:b8:43:da:26:6d:60:3d:ef:99:76:43:f0:
d8:e8:d4:09:78:96:43:58:c1:f1:ef:b1:50:d3:c1:
f0:af:42:77:77:e4:24:e3:ab:41:2e:2f:94:c4:7d:
d0:7b:f9:d4:f7:81:34:08:fa:1b:19:5e:66:0e:87:
b6:12:66:b3:f5:2c:5a:8f:b6:7b:d2:0e:b0:aa:ad:
48:95:68:a4:a1:18:10:26:c5:27:85:90:c1:4e:eb:
30:f7:c9:74:30:6b:47:0c:92:81:d9:c2:36:81:a1:
da:50:02:38:81:db:36:90:dd:26:26:57:7b:1d:5b:
02:29:7f:c7:32:74:0b:cd:d7:5a:79:7b:5c:b3:87:
8b:80:aa:ad:fe:3a:30:da:d4:65:9a:f6:3e:66:1f:
b7:e0:52:20:35:37:1d:ab:8a:3f:f0:c9:31:85:d9:
3e:f9:2e:a6:cd:54:b7:46:05:81:ae:c0:a3:0a:2b:
23:6a:40:7c:69:b2:89:4c:f2:dd:82:dd:91:67:b2:
3c:35:cd:d5:aa:90:0e:a7:4b:32:2a:72:fb:29:2b:
46:53:34:bc:d5:9b:5f:ac:ed:ab:05:1e:36:a7:88:
30:b6:e5:94:c5:f8:b6:ef:43:54:14:1c:23:5e:b9:
6c:06:9b:17:b2:9b:c4:6c:96:54:a6:02:5e:eb:43:
a0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7B:25:52:DD:A4:B1:AA:60:DA:73:13:12:1F:57:FD:BE:3C:7A:60
X509v3 Authority Key Identifier:
keyid:0B:5C:AF:26:2F:DB:FC:C5:FF:30:E2:8A:51:04:64:6E:27:A8:92:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1yvJi_b_MX_MOKKUQRkbieokmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/2nslUt2ksapg2nMTEh9X_b48emA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/C1yvJi_b_MX_MOKKUQRkbieokmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b2c2::/31
Signature Algorithm: sha256WithRSAEncryption
48:16:b0:45:55:41:c1:91:f0:db:b5:53:5f:2b:d8:81:a3:bf:
0c:a4:52:15:c9:2e:27:dc:be:94:e4:fe:04:73:e6:9e:63:97:
cf:05:7d:c6:de:f4:35:07:78:bc:fa:aa:b6:82:e5:6e:0a:02:
16:84:69:f0:7a:b5:ba:85:cc:61:c0:ef:f8:97:9e:96:7c:19:
79:ef:b7:54:d5:69:58:12:f6:be:ac:a2:bc:4e:a1:c5:e1:eb:
f6:15:13:2b:95:ce:f8:94:a8:70:c8:f4:37:8b:13:b0:e3:87:
f8:40:76:e6:d9:a6:2d:64:0e:6f:85:d4:d1:64:db:44:05:20:
e1:60:aa:de:c2:55:f6:45:d9:6a:38:2a:3f:2b:14:97:5e:3c:
1a:18:81:d0:23:a1:ba:55:db:fd:47:a3:6c:1e:91:33:b1:58:
37:e2:a7:56:0c:9a:76:ee:65:cd:35:ee:b2:e2:62:c7:62:dc:
cd:a6:08:b3:85:bb:01:da:5b:19:14:6f:0b:8c:c7:22:46:57:
94:45:ca:f4:f0:37:08:52:7a:a5:72:f5:f9:ef:8f:5a:4e:b1:
1f:dd:64:49:45:e6:75:45:f4:a8:c9:63:2a:36:3b:77:0c:42:
a2:a8:10:79:33:81:b4:46:b4:95:41:0f:68:54:34:b8:86:34:
63:fd:37:13
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyjIgeb9UJ9pnxDffOzxMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWNhZjI2MmZkYmZjYzVmZjMwZTI4YTUxMDQ2NDZlMjdh
ODkyNjIwHhcNMjMwMTAyMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTdiMjU1MmRkYTRiMWFhNjBkYTczMTMxMjFmNTdmZGJlM2M3YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiy4Q9ombWA975l2Q/DY6NQJeJZD
WMHx77FQ08Hwr0J3d+Qk46tBLi+UxH3Qe/nU94E0CPobGV5mDoe2Emaz9Sxaj7Z7
0g6wqq1IlWikoRgQJsUnhZDBTusw98l0MGtHDJKB2cI2gaHaUAI4gds2kN0mJld7
HVsCKX/HMnQLzddaeXtcs4eLgKqt/jow2tRlmvY+Zh+34FIgNTcdq4o/8Mkxhdk+
+S6mzVS3RgWBrsCjCisjakB8abKJTPLdgt2RZ7I8Nc3VqpAOp0syKnL7KStGUzS8
1ZtfrO2rBR42p4gwtuWUxfi270NUFBwjXrlsBpsXspvEbJZUpgJe60OgPwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNp7JVLdpLGqYNpzExIfV/2+PHpgMB8GA1UdIwQY
MBaAFAtcryYv2/zF/zDiilEEZG4nqJJiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzF5dkppX2JfTVhfTU9LS1VRUmtiaWVva21JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mNGI4ZTktNjg2ZC00MWJlLTk4OTEt
ZGYxZTk1ZDdlZGQ5LzEvMm5zbFV0MmtzYXBnMm5NVEVoOVhfYjQ4ZW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mNGI4ZTktNjg2ZC00MWJlLTk4OTEtZGYxZTk1ZDdlZGQ5
LzEvQzF5dkppX2JfTVhfTU9LS1VRUmtiaWVva21JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKgWywjAN
BgkqhkiG9w0BAQsFAAOCAQEASBawRVVBwZHw27VTXyvYgaO/DKRSFckuJ9y+lOT+
BHPmnmOXzwV9xt70NQd4vPqqtoLlbgoCFoRp8Hq1uoXMYcDv+JeelnwZee+3VNVp
WBL2vqyivE6hxeHr9hUTK5XO+JSocMj0N4sTsOOH+EB25tmmLWQOb4XU0WTbRAUg
4WCq3sJV9kXZajgqPysUl148GhiB0COhulXb/UejbB6RM7FYN+KnVgyadu5lzTXu
suJix2LczaYIs4W7AdpbGRRvC4zHIkZXlEXK9PA3CFJ6pXL1+e+PWk6xH91kSUXm
dUX0qMljKjY7dwxCoqgQeTOBtEa0lUEPaFQ0uIY0Y/03Ew==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:37:18 2025 by rpki-client