Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/1L1lPtcTqn3YAQHhdDYJK4NvenQ.roa
File: 1L1lPtcTqn3YAQHhdDYJK4NvenQ.roa (raw, json)
Hash identifier: BW4ACwMG2jpsrFOvFFwFGHCnPLVNQ2RyYnB8VhUHQog=
Subject key identifier: D4:BD:65:3E:D7:13:AA:7D:D8:01:01:E1:74:36:09:2B:83:6F:7A:74
Certificate issuer: /CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Certificate serial: 0184E2F6B020FD2731E6471588927EC58C03
Authority key identifier: AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/1L1lPtcTqn3YAQHhdDYJK4NvenQ.roa
Signing time: Mon 05 Dec 2022 15:45:28 +0000
ROA not before: Mon 05 Dec 2022 15:45:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42695
IP address blocks: 2a07:2440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:f6:b0:20:fd:27:31:e6:47:15:88:92:7e:c5:8c:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Validity
Not Before: Dec 5 15:45:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4bd653ed713aa7dd80101e17436092b836f7a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:31:cf:aa:5c:c0:74:b2:ef:2d:8d:e5:a8:
4b:57:55:fb:6d:f9:4a:4d:5e:5b:bd:98:9d:7d:2f:
2b:83:02:a4:d0:5f:ec:e5:be:e0:1c:6e:84:55:21:
73:a2:27:16:a9:cf:23:f9:69:9c:18:d5:2e:70:0a:
86:09:b8:a2:d7:44:ae:ab:e1:bc:2c:2f:80:19:33:
d4:15:f6:40:2d:37:d1:ee:fa:39:c0:35:04:7f:0b:
5e:e7:32:d4:1f:63:28:bf:60:9b:52:0b:3c:32:41:
eb:7c:ac:06:48:de:70:15:57:cb:32:95:11:66:fd:
7c:ba:8e:ad:05:ae:d9:fc:c8:08:d2:28:09:e9:34:
59:df:ef:0e:65:66:2f:c1:82:53:85:a5:d5:cf:24:
a0:1b:83:d2:b6:fd:06:51:a3:51:95:f2:18:59:8d:
e0:3c:dd:c2:25:e4:99:6a:6b:93:a7:e7:a0:88:42:
75:c9:6f:75:9b:89:1b:33:8e:c7:00:d7:a5:d8:62:
89:05:73:49:f5:64:50:ae:28:6d:d8:56:b1:fb:a0:
a6:c7:a2:9f:93:a1:85:b8:6f:7e:52:da:a2:f0:9e:
19:6f:6f:18:84:97:60:fa:60:4b:2a:3b:84:be:d1:
b4:83:da:0b:4a:92:6d:5d:67:24:d4:16:cf:3e:ac:
83:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:BD:65:3E:D7:13:AA:7D:D8:01:01:E1:74:36:09:2B:83:6F:7A:74
X509v3 Authority Key Identifier:
keyid:AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/1L1lPtcTqn3YAQHhdDYJK4NvenQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2440::/29
Signature Algorithm: sha256WithRSAEncryption
87:9c:d8:d3:42:ab:04:33:38:40:54:6d:c1:ba:c5:41:e9:fe:
d1:4c:95:fd:3d:7f:0e:e0:b2:e0:57:18:2d:a1:09:ee:05:4c:
56:4a:24:86:26:78:ef:d7:4f:d4:81:7e:f8:23:11:1d:ed:09:
4e:0f:24:bb:a7:07:13:b6:3a:5e:4f:83:38:77:23:5f:44:c7:
1f:0d:a6:7d:20:21:c6:6a:04:c8:03:a6:ca:98:1e:8c:43:68:
6d:9d:72:4c:df:5a:67:a4:07:11:dd:75:be:b6:d9:d4:a7:dc:
7f:2e:53:d6:8a:ae:16:6b:d3:87:51:e6:89:77:84:7d:93:7b:
e8:72:b9:cb:d9:7c:d4:47:c9:af:ee:95:70:6f:95:d4:00:05:
4f:6f:cc:bd:bf:3f:17:8d:5a:e2:80:c5:bb:52:b6:ad:e4:81:
53:c2:0c:2b:67:75:c7:55:73:d7:a3:f4:c5:22:cb:65:1b:4e:
00:d1:72:c4:3d:2b:6b:9c:3f:c7:17:03:a7:b6:31:3c:41:bb:
e6:d6:7a:a6:30:3f:98:c8:c2:fb:6c:a1:69:44:28:85:16:89:
71:f1:f2:ae:18:93:dc:61:49:60:36:3b:19:07:18:d4:70:5b:
6f:1d:ef:99:f9:92:0b:93:12:d5:62:0c:05:dc:92:0e:01:13:
c9:81:dd:af
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTi9rAg/Scx5kcViJJ+xYwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWFhYjEzNDI3YWQ4YzAwNzJhZTA4ZDliYjgwYWJjMTlk
M2Y5ODQwHhcNMjIxMjA1MTU0NTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGJkNjUzZWQ3MTNhYTdkZDgwMTAxZTE3NDM2MDkyYjgzNmY3YTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV8xz6pcwHSy7y2N5ahLV1X7bflK
TV5bvZidfS8rgwKk0F/s5b7gHG6EVSFzoicWqc8j+WmcGNUucAqGCbii10Suq+G8
LC+AGTPUFfZALTfR7vo5wDUEfwte5zLUH2Mov2CbUgs8MkHrfKwGSN5wFVfLMpUR
Zv18uo6tBa7Z/MgI0igJ6TRZ3+8OZWYvwYJThaXVzySgG4PStv0GUaNRlfIYWY3g
PN3CJeSZamuTp+egiEJ1yW91m4kbM47HANel2GKJBXNJ9WRQriht2Fax+6Cmx6Kf
k6GFuG9+Utqi8J4Zb28YhJdg+mBLKjuEvtG0g9oLSpJtXWck1BbPPqyDuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNS9ZT7XE6p92AEB4XQ2CSuDb3p0MB8GA1UdIwQY
MBaAFKuaqxNCetjAByrgjZu4CrwZ0/mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmIt
MzkyNjAzMTljN2JkLzEvMUwxbFB0Y1RxbjNZQVFIaGREWUpLNE52ZW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmItMzkyNjAzMTljN2Jk
LzEvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgckQDAN
BgkqhkiG9w0BAQsFAAOCAQEAh5zY00KrBDM4QFRtwbrFQen+0UyV/T1/DuCy4FcY
LaEJ7gVMVkokhiZ479dP1IF++CMRHe0JTg8ku6cHE7Y6Xk+DOHcjX0THHw2mfSAh
xmoEyAOmypgejENobZ1yTN9aZ6QHEd11vrbZ1Kfcfy5T1oquFmvTh1HmiXeEfZN7
6HK5y9l81EfJr+6VcG+V1AAFT2/Mvb8/F41a4oDFu1K2reSBU8IMK2d1x1Vz16P0
xSLLZRtOANFyxD0ra5w/xxcDp7YxPEG75tZ6pjA/mMjC+2yhaUQohRaJcfHyrhiT
3GFJYDY7GQcY1HBbbx3vmfmSC5MS1WIMBdySDgETyYHdrw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:56:06 2025 by rpki-client