Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/8c5dc7-bf41-4008-9cff-2c69985359c0/1/OIAeDk9RUmhV953hTQSLXtXIlDs.roa
File: OIAeDk9RUmhV953hTQSLXtXIlDs.roa (raw, json)
Hash identifier: Q3YZCxQFHAbXbYq6xIEOBS0N6iw0XsyDXhJtXbcRuJQ=
Subject key identifier: 38:80:1E:0E:4F:51:52:68:55:F7:9D:E1:4D:04:8B:5E:D5:C8:94:3B
Certificate issuer: /CN=45aed3d1a1a1e2830d416afa047b95220e814084
Certificate serial: 018B25DE1E30AF307A82AFE1C0ADFB753447
Authority key identifier: 45:AE:D3:D1:A1:A1:E2:83:0D:41:6A:FA:04:7B:95:22:0E:81:40:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ra7T0aGh4oMNQWr6BHuVIg6BQIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/8c5dc7-bf41-4008-9cff-2c69985359c0/1/OIAeDk9RUmhV953hTQSLXtXIlDs.roa
Signing time: Thu 12 Oct 2023 21:49:55 +0000
ROA not before: Thu 12 Oct 2023 21:49:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199699
IP address blocks: 2a13:8f80::/29 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:25:de:1e:30:af:30:7a:82:af:e1:c0:ad:fb:75:34:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45aed3d1a1a1e2830d416afa047b95220e814084
Validity
Not Before: Oct 12 21:49:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38801e0e4f51526855f79de14d048b5ed5c8943b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fd:d3:fc:55:2b:5e:c3:41:cb:09:1c:43:d7:
7c:4e:67:0b:14:f2:29:c5:87:38:57:f0:34:dd:07:
8b:58:7a:96:49:33:c4:61:64:e9:41:fd:ad:ce:3c:
e9:2e:7f:01:e1:81:1f:d8:89:88:fa:34:da:28:f5:
af:1a:df:da:8a:7c:1f:07:8d:69:d6:60:cf:1d:ee:
4b:2f:ff:7a:2f:f2:59:91:ee:cb:59:9f:c1:58:20:
f5:81:e2:6e:6c:cf:3d:b9:05:44:08:b5:78:1b:43:
06:19:dc:e1:9b:72:20:e6:66:fa:d6:c8:d8:34:ac:
15:ce:f0:72:49:f6:4b:c1:bc:b5:07:1f:39:6c:99:
cd:40:d9:d0:d5:9f:db:82:ac:e4:57:b1:02:a3:4a:
c8:95:87:db:3b:73:18:4d:33:0b:e6:d4:05:7a:29:
9f:7c:5f:09:eb:37:6d:85:d0:ab:70:79:9f:12:b4:
08:78:e5:a9:51:91:9a:b6:d3:62:57:0d:e5:b7:f4:
64:fa:e6:40:66:5c:e0:b7:8d:82:0d:83:33:20:d9:
ae:7f:98:1b:a3:3e:aa:cb:c0:80:20:aa:7f:30:d3:
d8:a0:6d:d1:1b:3c:10:eb:58:e8:6b:28:41:35:1a:
b7:f0:1b:d0:92:1a:a2:cc:3f:38:4c:04:fc:9a:63:
3f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:80:1E:0E:4F:51:52:68:55:F7:9D:E1:4D:04:8B:5E:D5:C8:94:3B
X509v3 Authority Key Identifier:
keyid:45:AE:D3:D1:A1:A1:E2:83:0D:41:6A:FA:04:7B:95:22:0E:81:40:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ra7T0aGh4oMNQWr6BHuVIg6BQIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/8c5dc7-bf41-4008-9cff-2c69985359c0/1/OIAeDk9RUmhV953hTQSLXtXIlDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/8c5dc7-bf41-4008-9cff-2c69985359c0/1/Ra7T0aGh4oMNQWr6BHuVIg6BQIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:8f80::/29
Signature Algorithm: sha256WithRSAEncryption
53:80:03:f3:7a:54:9d:f5:8f:ec:16:36:54:18:ff:07:e2:79:
5b:b8:5c:cf:a4:34:19:f8:e6:83:74:90:35:7b:21:23:99:61:
fc:21:94:9b:a4:e3:07:c5:f3:6d:c7:22:a1:3c:20:18:81:14:
d4:25:63:0a:44:d1:60:31:78:8b:6f:a4:79:07:c3:10:ac:58:
ec:6c:1f:ca:66:d0:52:80:09:61:db:91:56:d6:2c:bf:32:6b:
c9:0f:14:46:1f:30:4f:1a:6e:62:42:55:30:45:01:1e:d4:2a:
43:e4:6e:3e:6c:21:64:de:3c:fa:ba:96:04:d9:ba:d0:64:93:
fe:d5:72:84:63:ef:3d:7a:e4:6d:e3:be:5b:76:52:f0:3b:1b:
23:1f:72:16:e8:75:0a:8f:40:cf:c0:21:bb:0e:7e:b7:57:b2:
3d:90:b4:90:94:c7:da:4a:80:d4:98:7f:43:6a:23:17:9e:8d:
19:1a:a6:a5:c2:69:4d:69:3d:d0:46:7d:7d:ea:10:fb:5a:5e:
a4:9f:32:38:a0:91:4f:b1:95:d2:67:a1:f3:23:ed:2c:04:6d:
d0:8b:e4:fa:8f:12:03:64:63:44:6d:39:c3:06:30:21:66:27:
bb:f2:1f:c7:36:5b:37:47:d7:c1:b8:ba:83:0e:e8:c3:cc:e1:
d0:fe:5e:bc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYsl3h4wrzB6gq/hwK37dTRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YWVkM2QxYTFhMWUyODMwZDQxNmFmYTA0N2I5NTIyMGU4
MTQwODQwHhcNMjMxMDEyMjE0OTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODgwMWUwZTRmNTE1MjY4NTVmNzlkZTE0ZDA0OGI1ZWQ1Yzg5NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/3T/FUrXsNBywkcQ9d8TmcLFPIp
xYc4V/A03QeLWHqWSTPEYWTpQf2tzjzpLn8B4YEf2ImI+jTaKPWvGt/ainwfB41p
1mDPHe5LL/96L/JZke7LWZ/BWCD1geJubM89uQVECLV4G0MGGdzhm3Ig5mb61sjY
NKwVzvBySfZLwby1Bx85bJnNQNnQ1Z/bgqzkV7ECo0rIlYfbO3MYTTML5tQFeimf
fF8J6zdthdCrcHmfErQIeOWpUZGattNiVw3lt/Rk+uZAZlzgt42CDYMzINmuf5gb
oz6qy8CAIKp/MNPYoG3RGzwQ61joayhBNRq38BvQkhqizD84TAT8mmM/hwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDiAHg5PUVJoVfed4U0Ei17VyJQ7MB8GA1UdIwQY
MBaAFEWu09GhoeKDDUFq+gR7lSIOgUCEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmE3VDBhR2g0b01OUVdyNkJIdVZJZzZCUUlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84YzVkYzctYmY0MS00MDA4LTljZmYt
MmM2OTk4NTM1OWMwLzEvT0lBZURrOVJVbWhWOTUzaFRRU0xYdFhJbERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84YzVkYzctYmY0MS00MDA4LTljZmYtMmM2OTk4NTM1OWMw
LzEvUmE3VDBhR2g0b01OUVdyNkJIdVZJZzZCUUlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOPgDAN
BgkqhkiG9w0BAQsFAAOCAQEAU4AD83pUnfWP7BY2VBj/B+J5W7hcz6Q0Gfjmg3SQ
NXshI5lh/CGUm6TjB8XzbccioTwgGIEU1CVjCkTRYDF4i2+keQfDEKxY7GwfymbQ
UoAJYduRVtYsvzJryQ8URh8wTxpuYkJVMEUBHtQqQ+RuPmwhZN48+rqWBNm60GST
/tVyhGPvPXrkbeO+W3ZS8DsbIx9yFuh1Co9Az8Ahuw5+t1eyPZC0kJTH2kqA1Jh/
Q2ojF56NGRqmpcJpTWk90EZ9feoQ+1pepJ8yOKCRT7GV0meh8yPtLARt0Ivk+o8S
A2RjRG05wwYwIWYnu/IfxzZbN0fXwbi6gw7ow8zh0P5evA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:37 2025 by rpki-client