Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/vY2GUnmfrSSnJyCfSGPnxv70G2g.roa
File: vY2GUnmfrSSnJyCfSGPnxv70G2g.roa (raw, json)
Hash identifier: lO115djnTEofqxZKUBJzgE7A10XekuO9gIu1/4mkIfg=
Subject key identifier: BD:8D:86:52:79:9F:AD:24:A7:27:20:9F:48:63:E7:C6:FE:F4:1B:68
Certificate issuer: /CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Certificate serial: 01876B152B937F11EB8258251FE42FAEAE93
Authority key identifier: CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/vY2GUnmfrSSnJyCfSGPnxv70G2g.roa
Signing time: Mon 10 Apr 2023 12:12:42 +0000
ROA not before: Mon 10 Apr 2023 12:12:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15774
IP address blocks: 2a02:618::/32 maxlen: 96
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6b:15:2b:93:7f:11:eb:82:58:25:1f:e4:2f:ae:ae:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Validity
Not Before: Apr 10 12:12:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd8d8652799fad24a727209f4863e7c6fef41b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a7:fa:46:1f:f1:bd:fa:c9:ef:c4:dd:59:00:
f0:7c:96:e5:b5:19:8f:eb:e5:3f:b2:f2:72:95:f1:
d1:ed:32:87:6c:fc:b5:b1:35:67:95:7e:c1:d3:bc:
8b:b4:36:e1:ae:e0:b6:22:20:e9:36:59:e5:38:aa:
c2:d8:68:4e:ab:6d:c4:a2:45:0a:b0:c9:29:2c:8f:
8a:59:7f:04:b0:ef:cd:24:3b:1b:c3:77:4e:df:0d:
8c:74:e2:8a:d0:8e:a1:45:b4:41:5e:17:b2:ab:48:
0c:0b:1d:fc:45:1f:6c:15:6a:25:ca:54:80:90:b2:
24:cf:fa:5f:2a:c5:06:a3:a0:7c:19:3d:53:b5:3b:
66:cb:2d:7c:58:24:09:e4:5f:24:25:eb:5c:7b:6c:
ff:e7:8b:7c:3f:de:be:f3:01:66:72:e9:70:05:c5:
79:f2:1b:7a:48:eb:1d:20:8a:b3:d0:4e:00:63:74:
50:92:42:ed:4a:09:66:2e:ad:02:3e:73:33:50:a1:
0c:1d:fc:20:73:12:f2:b6:fe:13:c9:c2:85:9d:ce:
09:af:a3:31:ab:2e:13:e5:e3:79:91:3b:fc:af:7b:
00:11:70:ac:32:db:fc:82:5d:50:bf:5e:0b:3d:c0:
d6:6a:65:f2:f5:a2:3a:97:90:52:b8:a3:b7:d2:14:
88:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8D:86:52:79:9F:AD:24:A7:27:20:9F:48:63:E7:C6:FE:F4:1B:68
X509v3 Authority Key Identifier:
keyid:CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/vY2GUnmfrSSnJyCfSGPnxv70G2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:618::/32
Signature Algorithm: sha256WithRSAEncryption
25:89:05:b8:c9:a8:2f:0c:c6:7e:37:71:ab:51:37:a1:0f:8e:
2c:32:68:3a:3d:60:42:12:5a:61:c9:30:df:32:e6:93:d4:be:
a2:d9:3d:1d:17:50:f7:59:45:c4:d0:5d:3f:cc:e2:80:55:0e:
5a:ae:71:2a:20:7a:57:4d:8c:ba:87:2e:02:cf:e1:29:5a:9a:
bf:e4:1a:1e:d2:60:d4:9b:cf:81:4d:0e:35:7d:6f:73:f2:3b:
bc:3b:11:87:08:75:1f:e2:f0:24:45:ec:5b:dd:a1:fc:63:6c:
a5:eb:3f:b2:28:26:37:ce:d1:8e:5e:40:4c:e4:0c:34:39:f1:
3f:4b:ad:7e:bc:31:c9:68:b3:6a:d3:e8:d7:63:70:59:71:60:
8b:bb:6f:43:65:73:bc:a8:90:ce:f0:d9:df:3c:e0:e8:74:3b:
f1:05:e3:c7:d9:34:88:3c:0c:01:cd:82:82:5e:d2:4c:39:71:
e4:4b:e8:e9:21:dc:eb:0c:2b:ac:5b:f0:69:96:e3:ae:03:e7:
df:71:3c:e8:7f:fd:bc:77:10:0c:98:6e:1d:df:68:cf:10:1e:
65:e1:13:5c:34:7c:ed:86:91:9e:d3:c2:af:e4:c3:3d:b5:9f:
37:15:18:6e:ff:8c:b7:5a:f8:60:74:a9:75:7d:1d:ec:bf:af:
46:27:85:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYdrFSuTfxHrglglH+Qvrq6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNGE3MTdmOGZhMWJiMDM1OTI3NDIyM2FjZGFlMjJiNzBl
NjZiZWMwHhcNMjMwNDEwMTIxMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDhkODY1Mjc5OWZhZDI0YTcyNzIwOWY0ODYzZTdjNmZlZjQxYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqf6Rh/xvfrJ78TdWQDwfJbltRmP
6+U/svJylfHR7TKHbPy1sTVnlX7B07yLtDbhruC2IiDpNlnlOKrC2GhOq23EokUK
sMkpLI+KWX8EsO/NJDsbw3dO3w2MdOKK0I6hRbRBXheyq0gMCx38RR9sFWolylSA
kLIkz/pfKsUGo6B8GT1TtTtmyy18WCQJ5F8kJetce2z/54t8P96+8wFmculwBcV5
8ht6SOsdIIqz0E4AY3RQkkLtSglmLq0CPnMzUKEMHfwgcxLytv4TycKFnc4Jr6Mx
qy4T5eN5kTv8r3sAEXCsMtv8gl1Qv14LPcDWamXy9aI6l5BSuKO30hSI/wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL2NhlJ5n60kpycgn0hj58b+9BtoMB8GA1UdIwQY
MBaAFM9KcX+PobsDWSdCI6za4itw5mvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTkt
NmFhYTZiMDIxNjBkLzEvdlkyR1VubWZyU1NuSnlDZlNHUG54djcwRzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTktNmFhYTZiMDIxNjBk
LzEvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIGGDAN
BgkqhkiG9w0BAQsFAAOCAQEAJYkFuMmoLwzGfjdxq1E3oQ+OLDJoOj1gQhJaYckw
3zLmk9S+otk9HRdQ91lFxNBdP8zigFUOWq5xKiB6V02MuocuAs/hKVqav+QaHtJg
1JvPgU0ONX1vc/I7vDsRhwh1H+LwJEXsW92h/GNspes/sigmN87Rjl5ATOQMNDnx
P0utfrwxyWizatPo12NwWXFgi7tvQ2VzvKiQzvDZ3zzg6HQ78QXjx9k0iDwMAc2C
gl7STDlx5Evo6SHc6wwrrFvwaZbjrgPn33E86H/9vHcQDJhuHd9ozxAeZeETXDR8
7YaRntPCr+TDPbWfNxUYbv+Mt1r4YHSpdX0d7L+vRieFHg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:30 2025 by rpki-client