Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/3ccb85-918b-4de8-bda2-9c8bba664ff0/1/png_ien38y7VYTAUHtOhiiqnmAo.roa
File: png_ien38y7VYTAUHtOhiiqnmAo.roa (raw, json)
Hash identifier: IaHd6jnld5dXeVlbq4drZoFN25M13Y3xO2DZeBZYc/A=
Subject key identifier: A6:78:3F:89:E9:F7:F3:2E:D5:61:30:14:1E:D3:A1:8A:2A:A7:98:0A
Certificate issuer: /CN=ac89af60986e6d958322fb026c6b65aeec949a0d
Certificate serial: 018B6FCD202F58570044E2DABA41AA7E9549
Authority key identifier: AC:89:AF:60:98:6E:6D:95:83:22:FB:02:6C:6B:65:AE:EC:94:9A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rImvYJhubZWDIvsCbGtlruyUmg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/3ccb85-918b-4de8-bda2-9c8bba664ff0/1/png_ien38y7VYTAUHtOhiiqnmAo.roa
Signing time: Fri 27 Oct 2023 06:23:15 +0000
ROA not before: Fri 27 Oct 2023 06:23:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216458
IP address blocks: 2a13:ce40:6666::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6f:cd:20:2f:58:57:00:44:e2:da:ba:41:aa:7e:95:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac89af60986e6d958322fb026c6b65aeec949a0d
Validity
Not Before: Oct 27 06:23:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6783f89e9f7f32ed56130141ed3a18a2aa7980a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ab:d3:d6:b5:b6:43:8c:d6:ae:1e:c4:b6:55:
9c:03:62:4d:aa:b6:51:ff:48:02:cc:d0:38:d4:a4:
d4:78:bb:51:fd:f4:c3:3a:35:3b:96:66:2c:ca:9f:
c8:1f:a1:31:a3:34:7a:11:53:ee:a8:5e:36:34:c1:
65:50:58:aa:d6:ad:5d:ef:08:a5:5a:54:1e:8f:ea:
c3:f0:86:3c:bc:41:55:6f:5d:ed:b9:f9:23:b0:a2:
26:8f:bc:ed:2a:24:0a:c5:41:e1:14:1b:2b:b7:a2:
a6:dd:aa:dd:dc:e7:b0:43:20:58:81:b8:f8:d2:97:
9c:56:2d:12:7e:d6:84:79:3c:68:e0:0d:f5:f9:cb:
cc:47:30:5e:1f:c6:61:0b:15:75:8e:e6:89:3a:a1:
9d:bb:79:8b:31:9a:82:be:21:86:af:8d:8f:5e:de:
0c:47:10:b4:47:fb:95:22:3f:d4:f4:2a:24:4d:20:
85:61:8f:be:5e:88:aa:f2:96:c2:62:92:69:24:68:
9c:d3:cc:f4:3a:18:c0:b2:6f:73:0a:20:48:1a:0f:
75:58:9e:3a:b9:87:36:d0:1e:e1:20:47:9b:64:ff:
94:ed:5a:24:ba:04:cc:6a:d0:7e:19:8e:16:7d:10:
7f:b9:80:d9:3b:49:73:52:25:08:c4:43:3e:0a:bd:
54:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:78:3F:89:E9:F7:F3:2E:D5:61:30:14:1E:D3:A1:8A:2A:A7:98:0A
X509v3 Authority Key Identifier:
keyid:AC:89:AF:60:98:6E:6D:95:83:22:FB:02:6C:6B:65:AE:EC:94:9A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rImvYJhubZWDIvsCbGtlruyUmg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3ccb85-918b-4de8-bda2-9c8bba664ff0/1/png_ien38y7VYTAUHtOhiiqnmAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3ccb85-918b-4de8-bda2-9c8bba664ff0/1/rImvYJhubZWDIvsCbGtlruyUmg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ce40:6666::/48
Signature Algorithm: sha256WithRSAEncryption
8d:ec:5d:1a:40:14:e5:55:98:5d:d9:dd:7a:14:27:fc:b9:98:
1f:3a:a9:4d:42:1e:59:43:97:23:56:eb:d1:e2:db:83:75:04:
de:6a:bc:5f:14:c5:66:dd:94:9d:64:a1:79:f8:8c:1b:2a:8f:
c5:5e:26:58:a2:a1:a9:21:2b:61:a4:c4:77:04:04:b0:66:7a:
79:fc:ec:8f:10:be:52:a6:66:e1:29:05:f9:82:85:89:51:54:
b1:a6:11:8b:16:de:ad:e0:43:87:d1:ea:52:27:5b:1f:73:c8:
f6:34:54:4f:0f:31:50:48:de:71:55:f4:bf:9e:64:4e:c9:57:
f1:58:90:f2:d8:41:4b:79:ad:5e:a2:27:1a:8f:81:ad:5c:21:
31:47:d4:92:28:b4:54:ba:e7:51:58:bd:fa:ee:ff:fe:63:e9:
0b:d0:70:e4:be:03:50:2b:9e:79:e7:0e:f2:31:df:4a:ce:e8:
45:c2:4a:44:05:17:b4:50:71:6d:a4:84:d4:1d:6f:66:79:b4:
70:c6:18:16:fb:1c:07:1c:55:34:00:19:37:54:a1:f5:c8:63:
c2:df:29:d3:64:aa:e8:83:df:93:fa:9d:06:93:c7:2a:df:a6:
64:00:a2:12:81:09:06:3f:ef:dc:e9:7c:84:90:66:9b:24:7d:
4c:a5:d9:d1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtvzSAvWFcAROLaukGqfpVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjODlhZjYwOTg2ZTZkOTU4MzIyZmIwMjZjNmI2NWFlZWM5
NDlhMGQwHhcNMjMxMDI3MDYyMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjc4M2Y4OWU5ZjdmMzJlZDU2MTMwMTQxZWQzYTE4YTJhYTc5ODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKvT1rW2Q4zWrh7EtlWcA2JNqrZR
/0gCzNA41KTUeLtR/fTDOjU7lmYsyp/IH6ExozR6EVPuqF42NMFlUFiq1q1d7wil
WlQej+rD8IY8vEFVb13tufkjsKImj7ztKiQKxUHhFBsrt6Km3ard3OewQyBYgbj4
0pecVi0SftaEeTxo4A31+cvMRzBeH8ZhCxV1juaJOqGdu3mLMZqCviGGr42PXt4M
RxC0R/uVIj/U9CokTSCFYY++Xoiq8pbCYpJpJGic08z0OhjAsm9zCiBIGg91WJ46
uYc20B7hIEebZP+U7VokugTMatB+GY4WfRB/uYDZO0lzUiUIxEM+Cr1UGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKZ4P4np9/Mu1WEwFB7ToYoqp5gKMB8GA1UdIwQY
MBaAFKyJr2CYbm2VgyL7AmxrZa7slJoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckltdllKaHViWldESXZzQ2JHdGxydXlVbWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zY2NiODUtOTE4Yi00ZGU4LWJkYTIt
OWM4YmJhNjY0ZmYwLzEvcG5nX2llbjM4eTdWWVRBVUh0T2hpaXFubUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zY2NiODUtOTE4Yi00ZGU4LWJkYTItOWM4YmJhNjY0ZmYw
LzEvckltdllKaHViWldESXZzQ2JHdGxydXlVbWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPOQGZm
MA0GCSqGSIb3DQEBCwUAA4IBAQCN7F0aQBTlVZhd2d16FCf8uZgfOqlNQh5ZQ5cj
VuvR4tuDdQTearxfFMVm3ZSdZKF5+IwbKo/FXiZYoqGpISthpMR3BASwZnp5/OyP
EL5SpmbhKQX5goWJUVSxphGLFt6t4EOH0epSJ1sfc8j2NFRPDzFQSN5xVfS/nmRO
yVfxWJDy2EFLea1eoicaj4GtXCExR9SSKLRUuudRWL367v/+Y+kL0HDkvgNQK555
5w7yMd9KzuhFwkpEBRe0UHFtpITUHW9mebRwxhgW+xwHHFU0ABk3VKH1yGPC3ynT
ZKrog9+T+p0Gk8cq36ZkAKISgQkGP+/c6XyEkGabJH1MpdnR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:32 2025 by rpki-client