Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/o6wpIqJQ2NUqf2HRfFL3qa6mub8.roa
File: o6wpIqJQ2NUqf2HRfFL3qa6mub8.roa (raw, json)
Hash identifier: HNrs298OqJR8eu7P3SQUhP21XSxdSIPbk+z5fW31Yh4=
Subject key identifier: A3:AC:29:22:A2:50:D8:D5:2A:7F:61:D1:7C:52:F7:A9:AE:A6:B9:BF
Certificate issuer: /CN=ce37ca3abca5e14ac11bc7f3c1562a64d6391d22
Certificate serial: 01857039936BD1159B4050799346C7EDB16E
Authority key identifier: CE:37:CA:3A:BC:A5:E1:4A:C1:1B:C7:F3:C1:56:2A:64:D6:39:1D:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zjfKOryl4UrBG8fzwVYqZNY5HSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/o6wpIqJQ2NUqf2HRfFL3qa6mub8.roa
Signing time: Mon 02 Jan 2023 02:04:59 +0000
ROA not before: Mon 02 Jan 2023 02:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212748
IP address blocks: 2a0e:b2c4::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:93:6b:d1:15:9b:40:50:79:93:46:c7:ed:b1:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce37ca3abca5e14ac11bc7f3c1562a64d6391d22
Validity
Not Before: Jan 2 02:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3ac2922a250d8d52a7f61d17c52f7a9aea6b9bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6d:07:d6:5e:4c:77:a7:a9:9e:de:6e:2f:91:
f8:f0:c0:e1:8d:4a:37:60:d8:93:8b:30:da:b8:bb:
e1:bb:2d:28:90:15:82:bd:31:80:23:80:ed:49:1d:
09:18:6c:05:b5:ae:58:ad:01:fd:bf:6b:c0:3e:75:
fe:f0:78:09:a4:4e:56:90:e5:af:c2:b5:69:e6:df:
69:69:e9:40:c7:39:a6:33:98:79:91:e9:ef:d0:9c:
47:c9:3c:d9:dd:29:b1:ce:c2:d7:5e:90:4a:7f:fd:
e5:8d:cd:fd:4c:2a:70:b5:1a:81:f9:27:8b:12:f8:
4e:30:ee:aa:aa:70:62:75:2d:6b:8e:0d:62:7c:fb:
65:20:00:84:82:4b:b2:47:07:3a:27:d5:f5:6b:a4:
5e:26:88:d4:a8:6d:7d:68:f4:41:ad:2e:44:db:65:
1e:4b:24:2a:1e:03:80:b7:11:04:ee:24:1c:79:16:
47:03:8a:87:ab:b7:a6:5f:34:8c:67:fb:c0:a4:cb:
66:da:62:20:38:00:ce:fa:cf:a5:03:71:f0:7c:9d:
c0:f7:c8:12:83:19:b6:c0:aa:6f:68:4f:8c:c3:bc:
1a:9a:e7:83:f9:4d:3a:2d:8f:cb:47:23:2d:f8:ac:
4c:6b:06:4f:d0:e2:7e:32:6c:38:78:ce:df:59:31:
e9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AC:29:22:A2:50:D8:D5:2A:7F:61:D1:7C:52:F7:A9:AE:A6:B9:BF
X509v3 Authority Key Identifier:
keyid:CE:37:CA:3A:BC:A5:E1:4A:C1:1B:C7:F3:C1:56:2A:64:D6:39:1D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zjfKOryl4UrBG8fzwVYqZNY5HSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/o6wpIqJQ2NUqf2HRfFL3qa6mub8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/zjfKOryl4UrBG8fzwVYqZNY5HSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b2c4::/30
Signature Algorithm: sha256WithRSAEncryption
0e:8c:7e:f1:c0:77:4d:e3:c9:d3:d5:60:6b:f2:2e:1c:c2:ce:
60:b6:9a:5e:d8:f3:de:bf:b7:48:b0:ae:87:a6:1a:3d:ca:ae:
e8:86:6a:62:98:f3:2d:23:8c:b5:dc:da:df:e3:f0:01:af:85:
f4:77:82:b2:71:3c:af:a1:bf:09:21:56:5a:9b:c5:a4:b0:d7:
72:a8:88:f9:59:4d:f0:e5:87:59:17:ee:a5:f9:79:c4:e8:ac:
e9:4c:3e:b5:46:a6:28:95:03:33:fb:a9:9c:a1:11:5d:52:0d:
46:6b:47:49:a7:86:d6:fb:86:e8:77:cf:69:c0:eb:2c:f4:25:
94:79:47:0a:f7:bb:e6:b0:8f:ec:76:09:60:ef:eb:96:a0:25:
5d:04:3d:3b:85:49:2f:45:c6:3a:4a:e5:43:47:e5:b6:86:f9:
0e:7b:1d:3f:cc:a7:5e:c8:ee:8a:8f:26:e9:0e:30:fa:4f:82:
55:82:2d:f4:3b:bf:d6:2c:37:b5:53:28:ac:80:23:b7:4b:d8:
f0:7e:2d:7d:cd:79:73:35:5a:f4:55:65:4e:d8:a8:3e:26:5e:
83:a7:41:37:89:13:5c:48:57:17:5f:9c:b0:35:25:43:f1:27:
db:08:d7:8a:d7:82:9c:df:b1:7c:13:83:8d:7a:4f:ee:bf:73:
f7:b5:d3:40
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwOZNr0RWbQFB5k0bH7bFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMzdjYTNhYmNhNWUxNGFjMTFiYzdmM2MxNTYyYTY0ZDYz
OTFkMjIwHhcNMjMwMTAyMDIwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2FjMjkyMmEyNTBkOGQ1MmE3ZjYxZDE3YzUyZjdhOWFlYTZiOWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2G0H1l5Md6epnt5uL5H48MDhjUo3
YNiTizDauLvhuy0okBWCvTGAI4DtSR0JGGwFta5YrQH9v2vAPnX+8HgJpE5WkOWv
wrVp5t9paelAxzmmM5h5kenv0JxHyTzZ3SmxzsLXXpBKf/3ljc39TCpwtRqB+SeL
EvhOMO6qqnBidS1rjg1ifPtlIACEgkuyRwc6J9X1a6ReJojUqG19aPRBrS5E22Ue
SyQqHgOAtxEE7iQceRZHA4qHq7emXzSMZ/vApMtm2mIgOADO+s+lA3HwfJ3A98gS
gxm2wKpvaE+Mw7wamueD+U06LY/LRyMt+KxMawZP0OJ+Mmw4eM7fWTHp0wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKOsKSKiUNjVKn9h0XxS96muprm/MB8GA1UdIwQY
MBaAFM43yjq8peFKwRvH88FWKmTWOR0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvempmS09yeWw0VXJCRzhmendWWXFaTlk1SFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZTY2YmYtNTYxYy00ZDU1LTgyNmQt
MDM4MDM1ZDgwYzBiLzEvbzZ3cElxSlEyTlVxZjJIUmZGTDNxYTZtdWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZTY2YmYtNTYxYy00ZDU1LTgyNmQtMDM4MDM1ZDgwYzBi
LzEvempmS09yeWw0VXJCRzhmendWWXFaTlk1SFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKg6yxDAN
BgkqhkiG9w0BAQsFAAOCAQEADox+8cB3TePJ09Vga/IuHMLOYLaaXtjz3r+3SLCu
h6YaPcqu6IZqYpjzLSOMtdza3+PwAa+F9HeCsnE8r6G/CSFWWpvFpLDXcqiI+VlN
8OWHWRfupfl5xOis6Uw+tUamKJUDM/upnKERXVINRmtHSaeG1vuG6HfPacDrLPQl
lHlHCve75rCP7HYJYO/rlqAlXQQ9O4VJL0XGOkrlQ0fltob5DnsdP8ynXsjuio8m
6Q4w+k+CVYIt9Du/1iw3tVMorIAjt0vY8H4tfc15czVa9FVlTtioPiZeg6dBN4kT
XEhXF1+csDUlQ/En2wjXiteCnN+xfBODjXpP7r9z97XTQA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:37 2025 by rpki-client