Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/mRASoDN695q-IpXnPBRbi5L08IQ.roa
File: mRASoDN695q-IpXnPBRbi5L08IQ.roa (raw, json)
Hash identifier: aLWEsbXPJL11zv/WYDvRWi3jJlqZrt1Sla6bEHudu5U=
Subject key identifier: 99:10:12:A0:33:7A:F7:9A:BE:22:95:E7:3C:14:5B:8B:92:F4:F0:84
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 018B74CC1F2621AA5FCB3E6E41E0B13144C6
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/mRASoDN695q-IpXnPBRbi5L08IQ.roa
Signing time: Sat 28 Oct 2023 05:40:16 +0000
ROA not before: Sat 28 Oct 2023 05:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210852
IP address blocks: 2a11:df40::/32 maxlen: 32
2a11:8481::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:74:cc:1f:26:21:aa:5f:cb:3e:6e:41:e0:b1:31:44:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Oct 28 05:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=991012a0337af79abe2295e73c145b8b92f4f084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e5:37:8c:e0:52:9a:67:b3:a5:0b:65:33:7d:
98:1e:ab:b0:6d:33:df:67:b2:9a:4e:6d:9e:cd:6a:
05:f7:6d:84:96:bb:02:f3:e9:59:2d:1c:eb:72:c7:
31:c0:90:f4:1b:cd:05:8b:cc:1f:7d:8f:c5:ab:43:
14:29:6d:3b:d5:d2:5b:e6:30:fd:fb:33:df:32:35:
df:9d:b4:10:40:35:f9:6d:85:79:a1:72:db:4d:f9:
82:f6:dc:56:8e:e5:8e:f3:37:14:73:40:d8:76:a6:
0f:ca:37:6e:51:49:5a:44:0a:06:8d:40:7d:b9:ab:
98:0a:25:26:cb:78:6b:b3:52:d8:2b:b4:83:96:78:
7c:75:59:09:37:a5:02:48:a2:4e:87:d5:e9:31:fd:
82:5a:1f:4d:d9:b0:c6:ac:2b:69:71:d8:5d:18:42:
d9:6f:cc:72:ba:72:ff:4e:88:aa:cb:d1:8a:8f:a9:
de:62:c5:1c:5e:25:63:a8:90:75:8e:c1:38:54:ff:
ad:12:e9:5b:4a:3e:b1:fc:e6:f0:d3:13:b2:2c:41:
d9:ac:c4:03:c0:07:fa:4d:c3:46:68:db:07:46:ed:
a0:c4:cf:6d:af:4d:19:e9:73:ab:d6:74:d7:e8:69:
3a:6f:99:c0:20:70:f0:e8:6d:70:aa:bf:ca:c3:ea:
01:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:10:12:A0:33:7A:F7:9A:BE:22:95:E7:3C:14:5B:8B:92:F4:F0:84
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/mRASoDN695q-IpXnPBRbi5L08IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8481::/32
2a11:df40::/32
Signature Algorithm: sha256WithRSAEncryption
bd:24:f6:be:d1:eb:6c:c0:35:f1:26:5c:49:02:1b:2a:c9:a6:
65:70:34:f7:11:a4:9e:5f:46:47:ac:92:ad:28:8b:36:cb:b4:
2d:a7:9c:87:34:3c:91:80:7a:92:01:ac:8a:7e:01:07:4e:15:
8c:22:00:5d:19:74:b5:a9:c0:5d:0a:84:38:1b:9f:b0:6d:1e:
50:cb:77:55:dc:1b:32:4e:44:8d:61:5f:64:6a:55:95:98:94:
c7:4c:c6:04:ef:35:9d:da:8b:f7:6a:7a:9c:ae:1b:60:17:89:
cf:4c:96:86:54:a1:f3:9b:dc:bd:1b:f1:5b:5a:3f:b4:cf:79:
af:e2:0c:a0:ea:11:fe:1c:49:90:80:4d:4e:e4:1c:d0:de:e7:
a2:75:71:b7:84:a0:e3:ae:e0:56:8f:b7:c7:11:17:d2:22:6c:
b4:92:73:2b:f8:1d:80:d4:28:34:42:91:13:1e:c4:d1:bd:54:
91:b3:50:46:37:c1:47:dc:5f:a6:15:f0:04:85:0a:6c:39:6b:
89:a6:64:42:b4:62:7b:1d:15:91:b6:40:07:87:7c:98:1d:6f:
43:51:61:d6:5a:b0:5b:8c:71:1d:92:eb:da:91:43:24:e2:15:
2a:28:27:b4:e3:57:f9:17:c5:74:cf:a2:c2:c7:4c:2d:c1:c1:
1f:b4:d8:f0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYt0zB8mIapfyz5uQeCxMUTGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjMxMDI4MDU0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTEwMTJhMDMzN2FmNzlhYmUyMjk1ZTczYzE0NWI4YjkyZjRmMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluU3jOBSmmezpQtlM32YHquwbTPf
Z7KaTm2ezWoF922ElrsC8+lZLRzrcscxwJD0G80Fi8wffY/Fq0MUKW071dJb5jD9
+zPfMjXfnbQQQDX5bYV5oXLbTfmC9txWjuWO8zcUc0DYdqYPyjduUUlaRAoGjUB9
uauYCiUmy3hrs1LYK7SDlnh8dVkJN6UCSKJOh9XpMf2CWh9N2bDGrCtpcdhdGELZ
b8xyunL/Toiqy9GKj6neYsUcXiVjqJB1jsE4VP+tEulbSj6x/Obw0xOyLEHZrMQD
wAf6TcNGaNsHRu2gxM9tr00Z6XOr1nTX6Gk6b5nAIHDw6G1wqr/Kw+oBzQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJkQEqAzeveaviKV5zwUW4uS9PCEMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvbVJBU29ETjY5NXEtSXBYblBCUmJpNUwwOElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhGEgQMF
ACoR30AwDQYJKoZIhvcNAQELBQADggEBAL0k9r7R62zANfEmXEkCGyrJpmVwNPcR
pJ5fRkeskq0oizbLtC2nnIc0PJGAepIBrIp+AQdOFYwiAF0ZdLWpwF0KhDgbn7Bt
HlDLd1XcGzJORI1hX2RqVZWYlMdMxgTvNZ3ai/dqepyuG2AXic9MloZUofOb3L0b
8VtaP7TPea/iDKDqEf4cSZCATU7kHNDe56J1cbeEoOOu4FaPt8cRF9IibLSScyv4
HYDUKDRCkRMexNG9VJGzUEY3wUfcX6YV8ASFCmw5a4mmZEK0YnsdFZG2QAeHfJgd
b0NRYdZasFuMcR2S69qRQyTiFSooJ7TjV/kXxXTPosLHTC3BwR+02PA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:08 2025 by rpki-client