Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/tWacIQAyiCQeD4IdsA3zLyV0qRs.roa
File: tWacIQAyiCQeD4IdsA3zLyV0qRs.roa (raw, json)
Hash identifier: CQQdpuSm/ppaXT2vILVKzCwnDG0blqGzCxArrF2a1Ig=
Subject key identifier: B5:66:9C:21:00:32:88:24:1E:0F:82:1D:B0:0D:F3:2F:25:74:A9:1B
Certificate issuer: /CN=1b68656126198373d07886bf4ab8fb06b9006780
Certificate serial: 0185701EEA292FC8A8814F22C138AEA173EF
Authority key identifier: 1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/tWacIQAyiCQeD4IdsA3zLyV0qRs.roa
Signing time: Mon 02 Jan 2023 01:35:52 +0000
ROA not before: Mon 02 Jan 2023 01:35:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59566
IP address blocks: 2a0e:1bc1:2000::/35 maxlen: 35
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:ea:29:2f:c8:a8:81:4f:22:c1:38:ae:a1:73:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b68656126198373d07886bf4ab8fb06b9006780
Validity
Not Before: Jan 2 01:35:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5669c21003288241e0f821db00df32f2574a91b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c6:85:16:b9:18:a2:0b:e4:47:bc:28:29:11:
33:1c:f0:aa:75:97:3a:b8:c8:57:ed:a1:9b:21:1e:
ae:50:97:34:55:b2:c0:6e:0d:28:df:42:30:35:ea:
a0:94:2c:6f:71:ca:c2:41:c7:3d:ce:9a:a5:75:05:
be:c2:42:c8:89:3a:f1:fb:9f:64:45:60:31:86:bd:
89:1a:5b:32:be:23:f0:a7:31:35:bf:85:db:1f:c0:
6e:b9:bb:46:9d:a8:e4:ad:bc:44:64:48:e4:4d:26:
e6:2a:4c:e6:75:3d:59:1f:a4:15:ab:22:ea:8b:26:
15:dd:86:ef:11:8e:65:5d:e6:62:64:17:ea:a5:f5:
00:27:2b:2e:9d:fa:2f:24:3b:50:5b:68:38:0c:19:
db:00:a5:82:34:07:68:1d:f9:df:1e:81:f3:9a:b4:
8b:78:32:eb:35:3f:dd:9c:88:82:f3:67:97:65:c2:
7c:ca:9f:e0:4c:10:2d:fd:24:12:b6:6d:3e:22:0a:
e2:41:ee:78:8f:ea:81:c3:76:b8:3d:10:f7:6a:dc:
82:44:83:52:ee:7c:cf:d0:f0:59:be:8c:44:df:9b:
0b:ab:bf:64:96:99:0e:19:63:f5:c1:33:75:46:ff:
5b:12:be:cd:16:90:2a:e7:6d:43:d5:bd:1a:79:a3:
31:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:66:9C:21:00:32:88:24:1E:0F:82:1D:B0:0D:F3:2F:25:74:A9:1B
X509v3 Authority Key Identifier:
keyid:1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/tWacIQAyiCQeD4IdsA3zLyV0qRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1bc1:2000::/35
Signature Algorithm: sha256WithRSAEncryption
09:05:4a:ac:4c:b5:8e:ee:d2:87:9a:eb:eb:4d:1d:f8:6e:06:
6a:54:27:ec:44:f9:15:26:3c:6d:fc:94:7a:f0:4a:6f:69:2d:
1e:60:63:95:45:ab:25:29:1f:29:27:07:db:77:71:69:7e:50:
0e:ae:13:84:55:c7:61:73:b5:96:3d:b6:11:da:6f:4b:0d:71:
c0:d2:c7:93:a4:20:1a:d2:18:d5:e5:46:a0:94:8f:77:df:2c:
b2:79:e4:31:4d:86:30:ae:59:e9:dc:e6:6a:4a:15:8a:38:9e:
f1:79:6a:84:14:da:b1:0f:4e:e5:87:c5:75:b2:9e:83:dd:1b:
3d:d9:3d:38:4a:1d:59:7a:f4:09:38:93:31:e7:79:ea:a9:21:
8f:d5:65:e3:10:93:63:f5:9b:36:d5:d9:10:55:02:a8:24:b6:
b8:9c:5a:bf:9d:8d:f8:00:54:cc:54:62:0f:ba:3a:f3:c2:a8:
ae:70:4e:05:22:8f:e2:0e:36:da:83:19:a0:f1:19:38:b2:24:
b9:5c:53:52:cd:cb:90:e6:4a:e2:8c:46:5d:2c:b4:4c:68:31:
52:67:b6:9b:37:db:5b:65:e6:45:97:7a:e4:57:4c:fb:ee:4c:
99:38:39:2f:10:fb:25:4f:07:1f:45:f6:69:a5:f0:d4:ec:54:
c7:c0:05:98
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwHuopL8iogU8iwTiuoXPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjg2NTYxMjYxOTgzNzNkMDc4ODZiZjRhYjhmYjA2Yjkw
MDY3ODAwHhcNMjMwMTAyMDEzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTY2OWMyMTAwMzI4ODI0MWUwZjgyMWRiMDBkZjMyZjI1NzRhOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosaFFrkYogvkR7woKREzHPCqdZc6
uMhX7aGbIR6uUJc0VbLAbg0o30IwNeqglCxvccrCQcc9zpqldQW+wkLIiTrx+59k
RWAxhr2JGlsyviPwpzE1v4XbH8BuubtGnajkrbxEZEjkTSbmKkzmdT1ZH6QVqyLq
iyYV3YbvEY5lXeZiZBfqpfUAJysunfovJDtQW2g4DBnbAKWCNAdoHfnfHoHzmrSL
eDLrNT/dnIiC82eXZcJ8yp/gTBAt/SQStm0+IgriQe54j+qBw3a4PRD3atyCRINS
7nzP0PBZvoxE35sLq79klpkOGWP1wTN1Rv9bEr7NFpAq521D1b0aeaMxHQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLVmnCEAMogkHg+CHbAN8y8ldKkbMB8GA1UdIwQY
MBaAFBtoZWEmGYNz0HiGv0q4+wa5AGeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODIt
MjM5ODcwNGFiNTBjLzEvdFdhY0lRQXlpQ1FlRDRJZHNBM3pMeVYwcVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODItMjM5ODcwNGFiNTBj
LzEvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKg4bwSAw
DQYJKoZIhvcNAQELBQADggEBAAkFSqxMtY7u0oea6+tNHfhuBmpUJ+xE+RUmPG38
lHrwSm9pLR5gY5VFqyUpHyknB9t3cWl+UA6uE4RVx2FztZY9thHab0sNccDSx5Ok
IBrSGNXlRqCUj3ffLLJ55DFNhjCuWenc5mpKFYo4nvF5aoQU2rEPTuWHxXWynoPd
Gz3ZPThKHVl69Ak4kzHneeqpIY/VZeMQk2P1mzbV2RBVAqgktricWr+djfgAVMxU
Yg+6OvPCqK5wTgUij+IONtqDGaDxGTiyJLlcU1LNy5DmSuKMRl0stExoMVJntps3
21tl5kWXeuRXTPvuTJk4OS8Q+yVPBx9F9mml8NTsVMfABZg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:10 2025 by rpki-client