Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/xTBQ-obYFDIL77ZI-H5j6jaUbM8.roa
File: xTBQ-obYFDIL77ZI-H5j6jaUbM8.roa (raw, json)
Hash identifier: wg22rNbo3NRuazqSdepb74/nVOyAdvwgWaXdCzx8B5w=
Subject key identifier: C5:30:50:FA:86:D8:14:32:0B:EF:B6:48:F8:7E:63:EA:36:94:6C:CF
Certificate issuer: /CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Certificate serial: 01856F26C36ADECBBB62180F6E88EC4F524D
Authority key identifier: E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/xTBQ-obYFDIL77ZI-H5j6jaUbM8.roa
Signing time: Sun 01 Jan 2023 21:04:49 +0000
ROA not before: Sun 01 Jan 2023 21:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8990
IP address blocks: 2a01:7d80:2000::/35 maxlen: 35
2a01:7d80:a000::/35 maxlen: 35
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:c3:6a:de:cb:bb:62:18:0f:6e:88:ec:4f:52:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Validity
Not Before: Jan 1 21:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c53050fa86d814320befb648f87e63ea36946ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:10:0a:e7:89:8d:36:7a:e6:11:d5:e3:ff:cc:
c7:8f:8c:ce:70:ea:d0:b1:e8:a1:ef:b7:ee:ca:42:
c0:8a:8a:cf:27:c0:4b:bf:95:b9:40:11:04:92:65:
dd:65:c3:b5:78:fc:43:15:b7:fc:b0:1f:1e:14:2d:
6c:28:5e:3b:17:68:eb:dc:5b:38:78:ac:56:c2:3a:
1b:79:83:26:1c:92:94:5b:73:fc:1d:a3:23:9c:e2:
f3:91:32:ea:b5:b5:5a:7c:36:59:56:f1:7a:5b:53:
58:b4:7e:8c:0c:fa:7a:cb:17:eb:d7:17:54:e9:06:
b8:f6:0c:ff:7d:4a:18:46:9a:5b:89:b1:e1:a9:82:
4e:b3:ea:c1:54:36:c5:38:c0:56:99:c4:2c:4e:c7:
87:72:b8:35:c6:b6:28:68:a0:8a:0e:3a:e5:9b:9f:
52:63:b6:85:f4:c3:5a:77:26:6b:54:3e:d9:e0:8e:
8a:7e:eb:72:37:8f:c8:77:51:02:56:66:2c:cb:e8:
ef:ad:22:f3:85:43:2f:24:d7:16:be:51:de:e0:40:
d5:53:37:5e:f9:62:f1:f9:b4:28:4a:ad:b3:af:11:
02:4b:4d:49:a9:a2:d7:b1:3d:56:43:a8:4d:4a:88:
3d:a9:6b:c2:5a:b7:11:6e:2f:4a:34:45:c9:76:1a:
84:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:30:50:FA:86:D8:14:32:0B:EF:B6:48:F8:7E:63:EA:36:94:6C:CF
X509v3 Authority Key Identifier:
keyid:E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/xTBQ-obYFDIL77ZI-H5j6jaUbM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:7d80:2000::/35
2a01:7d80:a000::/35
Signature Algorithm: sha256WithRSAEncryption
12:2c:f9:6c:88:61:58:e9:c9:cf:12:53:9a:5d:ff:ad:8d:ee:
48:9d:e5:e9:38:15:c5:13:e6:1e:14:78:2b:bd:e4:07:fa:7c:
bc:36:9f:80:b5:29:9d:0c:e2:81:a7:b5:32:27:d6:b2:37:67:
aa:77:14:75:3b:de:8a:b9:6f:9f:9c:2d:cf:54:03:79:b7:2f:
b0:86:54:06:87:a9:e3:b0:4b:29:c9:74:d8:41:7c:51:52:83:
0c:b1:10:04:c8:92:94:f0:5d:f0:e6:75:f7:55:0e:b6:88:b7:
0f:13:36:a4:94:73:f8:28:3b:04:24:5d:a8:f3:77:7b:b4:b8:
b5:73:41:07:d7:63:f9:71:68:cb:cc:78:17:b3:a7:b5:39:d8:
27:0b:e6:ef:6f:d1:44:93:c9:2c:13:45:61:e5:b2:27:f8:00:
3b:98:2a:66:e5:68:a5:78:e3:e7:15:74:3d:31:da:9e:e1:08:
db:ff:88:e1:9c:e5:46:bc:3b:5d:e6:5c:e8:a8:60:4d:42:c6:
36:d7:47:cf:02:d9:51:27:e9:cc:65:76:56:eb:77:a2:1c:ca:
a1:97:dd:94:6c:71:fe:37:5a:b4:70:61:ea:52:6e:8e:a6:ab:
b9:fc:e7:e0:ac:dd:2f:db:74:6c:6a:6a:bc:26:17:4b:51:aa:
ef:51:a4:4e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVvJsNq3su7YhgPbojsT1JNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThmNDFmNmIwMmI5M2Y4NWQxYTdiNDhiNDhjZmEzMjJm
MDg4ZjgwHhcNMjMwMTAxMjEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTMwNTBmYTg2ZDgxNDMyMGJlZmI2NDhmODdlNjNlYTM2OTQ2Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRAK54mNNnrmEdXj/8zHj4zOcOrQ
seih77fuykLAiorPJ8BLv5W5QBEEkmXdZcO1ePxDFbf8sB8eFC1sKF47F2jr3Fs4
eKxWwjobeYMmHJKUW3P8HaMjnOLzkTLqtbVafDZZVvF6W1NYtH6MDPp6yxfr1xdU
6Qa49gz/fUoYRppbibHhqYJOs+rBVDbFOMBWmcQsTseHcrg1xrYoaKCKDjrlm59S
Y7aF9MNadyZrVD7Z4I6KfutyN4/Id1ECVmYsy+jvrSLzhUMvJNcWvlHe4EDVUzde
+WLx+bQoSq2zrxECS01JqaLXsT1WQ6hNSog9qWvCWrcRbi9KNEXJdhqEpwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFMUwUPqG2BQyC++2SPh+Y+o2lGzPMB8GA1UdIwQY
MBaAFOHo9B9rArk/hdGntItIz6Mi8Ij4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUt
NTM3YTJiMGI0ZGRhLzEveFRCUS1vYllGRElMNzdaSS1INWo2amFVYk04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUtNTM3YTJiMGI0ZGRh
LzEvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYFKgF9gCAD
BgUqAX2AoDANBgkqhkiG9w0BAQsFAAOCAQEAEiz5bIhhWOnJzxJTml3/rY3uSJ3l
6TgVxRPmHhR4K73kB/p8vDafgLUpnQzigae1MifWsjdnqncUdTveirlvn5wtz1QD
ebcvsIZUBoep47BLKcl02EF8UVKDDLEQBMiSlPBd8OZ191UOtoi3DxM2pJRz+Cg7
BCRdqPN3e7S4tXNBB9dj+XFoy8x4F7OntTnYJwvm72/RRJPJLBNFYeWyJ/gAO5gq
ZuVopXjj5xV0PTHanuEI2/+I4ZzlRrw7XeZc6KhgTULGNtdHzwLZUSfpzGV2Vut3
ohzKoZfdlGxx/jdatHBh6lJujqarufzn4KzdL9t0bGpqvCYXS1Gq71GkTg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:38 2025 by rpki-client