Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/0a9ff2-7df8-43f3-a31f-bcdbb542cb5a/1/Aj6DKVtVWYR0pGfNPzv6-DbOXhw.roa
File: Aj6DKVtVWYR0pGfNPzv6-DbOXhw.roa (raw, json)
Hash identifier: tiwzBWWXS8KZ+W8ESe6hVWQbmFC4U88SXuWCourdjzM=
Subject key identifier: 02:3E:83:29:5B:55:59:84:74:A4:67:CD:3F:3B:FA:F8:36:CE:5E:1C
Certificate issuer: /CN=f75b02a29c766e5b13b3eb176a971c12dde1d4ce
Certificate serial: 01856CB83CF698A7829C28DCAE9BC9F01242
Authority key identifier: F7:5B:02:A2:9C:76:6E:5B:13:B3:EB:17:6A:97:1C:12:DD:E1:D4:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/91sCopx2blsTs-sXapccEt3h1M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/0a9ff2-7df8-43f3-a31f-bcdbb542cb5a/1/Aj6DKVtVWYR0pGfNPzv6-DbOXhw.roa
Signing time: Sun 01 Jan 2023 09:44:51 +0000
ROA not before: Sun 01 Jan 2023 09:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39145
IP address blocks: 88.82.96.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:3c:f6:98:a7:82:9c:28:dc:ae:9b:c9:f0:12:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75b02a29c766e5b13b3eb176a971c12dde1d4ce
Validity
Not Before: Jan 1 09:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=023e83295b55598474a467cd3f3bfaf836ce5e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b7:b2:00:9d:7f:a2:27:ce:75:a3:ba:28:3b:
cd:56:f0:d9:6d:5a:d3:71:a6:9c:1f:22:d2:f5:43:
08:7c:f4:2d:11:21:b9:a1:cf:85:e4:d6:1d:cf:2c:
f9:13:a5:ad:1a:37:5f:28:61:9d:08:9b:fa:4d:36:
31:2b:e9:e6:76:2c:0f:24:03:6e:28:79:e2:07:9e:
21:7b:2a:92:67:75:df:e0:51:fe:8c:42:fd:2f:9f:
93:bb:f9:07:00:41:86:5d:72:d7:9e:12:51:de:6a:
81:3e:56:b3:1c:ab:9e:f8:08:83:aa:0f:fc:c5:eb:
4c:ba:f6:ad:c5:3e:e5:61:b5:74:c9:65:da:a7:42:
63:af:be:94:51:f4:22:48:72:e2:6b:d7:b5:ce:3e:
67:3a:c0:44:b9:6f:5d:31:f9:7f:3e:79:43:1e:a9:
07:c2:65:55:90:dd:6c:95:d1:38:cb:0f:68:94:0c:
b3:f0:f3:39:ce:e4:86:66:1d:63:ff:03:9b:73:53:
9e:8c:40:b6:3b:a6:10:5e:64:14:6d:d9:7f:e8:ef:
ac:62:33:c9:d7:d3:a7:90:75:6d:c4:c3:79:b0:75:
11:e8:e7:d0:84:b9:03:db:0a:b3:2e:04:a0:eb:2a:
01:90:4b:f1:fb:d4:02:e5:f2:a5:a1:53:82:64:8e:
fc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:3E:83:29:5B:55:59:84:74:A4:67:CD:3F:3B:FA:F8:36:CE:5E:1C
X509v3 Authority Key Identifier:
keyid:F7:5B:02:A2:9C:76:6E:5B:13:B3:EB:17:6A:97:1C:12:DD:E1:D4:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/91sCopx2blsTs-sXapccEt3h1M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0a9ff2-7df8-43f3-a31f-bcdbb542cb5a/1/Aj6DKVtVWYR0pGfNPzv6-DbOXhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0a9ff2-7df8-43f3-a31f-bcdbb542cb5a/1/91sCopx2blsTs-sXapccEt3h1M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.82.96.0/19
Signature Algorithm: sha256WithRSAEncryption
2d:1e:60:9f:c5:8a:df:81:d8:f9:c1:66:cc:ee:3e:16:8a:d8:
37:a7:65:87:36:c7:f9:92:2a:74:d2:9e:59:fa:c8:83:cd:90:
41:5f:ac:6e:ec:a0:f5:bb:90:6f:4b:a3:ef:b1:41:17:d4:5c:
96:1f:a4:4c:fa:19:9f:99:1c:8d:da:55:a1:73:9f:72:be:20:
4b:48:86:3b:18:65:a5:b3:db:36:89:6c:1a:48:66:6d:b7:71:
b5:ef:87:fa:d0:c6:96:ed:04:83:a2:11:85:79:0f:35:dd:87:
37:aa:94:ca:74:86:c0:90:f5:f9:f0:c8:60:b0:7d:9c:d5:2f:
12:7f:3b:90:de:30:d1:da:98:bb:67:ac:45:00:72:fb:88:90:
05:38:a8:cd:7a:c5:92:19:41:a6:d8:94:31:b4:2a:3f:e4:5e:
c6:31:c5:21:c0:d9:63:f2:39:63:2d:da:86:ab:06:15:6d:b5:
2d:a4:6d:aa:d8:56:90:d5:ed:9a:ad:cd:18:bc:5e:1e:dd:28:
fd:9e:fb:b2:c1:44:5d:74:ec:80:aa:07:61:9e:dd:f1:eb:0a:
47:b5:26:e6:47:28:da:c8:b8:05:9d:e4:9e:f9:fd:39:1d:ac:
b4:b8:de:14:2a:f0:d7:85:eb:af:04:56:77:a5:1a:b8:29:0f:
7f:ad:03:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuDz2mKeCnCjcrpvJ8BJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWIwMmEyOWM3NjZlNWIxM2IzZWIxNzZhOTcxYzEyZGRl
MWQ0Y2UwHhcNMjMwMTAxMDk0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjNlODMyOTViNTU1OTg0NzRhNDY3Y2QzZjNiZmFmODM2Y2U1ZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7eyAJ1/oifOdaO6KDvNVvDZbVrT
caacHyLS9UMIfPQtESG5oc+F5NYdzyz5E6WtGjdfKGGdCJv6TTYxK+nmdiwPJANu
KHniB54heyqSZ3Xf4FH+jEL9L5+Tu/kHAEGGXXLXnhJR3mqBPlazHKue+AiDqg/8
xetMuvatxT7lYbV0yWXap0Jjr76UUfQiSHLia9e1zj5nOsBEuW9dMfl/PnlDHqkH
wmVVkN1sldE4yw9olAyz8PM5zuSGZh1j/wObc1OejEC2O6YQXmQUbdl/6O+sYjPJ
19OnkHVtxMN5sHUR6OfQhLkD2wqzLgSg6yoBkEvx+9QC5fKloVOCZI783wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAI+gylbVVmEdKRnzT87+vg2zl4cMB8GA1UdIwQY
MBaAFPdbAqKcdm5bE7PrF2qXHBLd4dTOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTFzQ29weDJibHNUcy1zWGFwY2NFdDNoMU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8wYTlmZjItN2RmOC00M2YzLWEzMWYt
YmNkYmI1NDJjYjVhLzEvQWo2REtWdFZXWVIwcEdmTlB6djYtRGJPWGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8wYTlmZjItN2RmOC00M2YzLWEzMWYtYmNkYmI1NDJjYjVh
LzEvOTFzQ29weDJibHNUcy1zWGFwY2NFdDNoMU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFWFJgMA0G
CSqGSIb3DQEBCwUAA4IBAQAtHmCfxYrfgdj5wWbM7j4Witg3p2WHNsf5kip00p5Z
+siDzZBBX6xu7KD1u5BvS6PvsUEX1FyWH6RM+hmfmRyN2lWhc59yviBLSIY7GGWl
s9s2iWwaSGZtt3G174f60MaW7QSDohGFeQ813Yc3qpTKdIbAkPX58MhgsH2c1S8S
fzuQ3jDR2pi7Z6xFAHL7iJAFOKjNesWSGUGm2JQxtCo/5F7GMcUhwNlj8jljLdqG
qwYVbbUtpG2q2FaQ1e2arc0YvF4e3Sj9nvuywURddOyAqgdhnt3x6wpHtSbmRyja
yLgFneSe+f05Hay0uN4UKvDXheuvBFZ3pRq4KQ9/rQNg
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:10:45 2025 by rpki-client