Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/8c5dc7-bf41-4008-9cff-2c69985359c0/1/ci2wSFkYIS8Qkn5-9_s3NssoOHc.roa
File: ci2wSFkYIS8Qkn5-9_s3NssoOHc.roa (raw, json)
Hash identifier: c+SsaIU24ZWuDJspJOOWz2yJ7l2OSKUabeOqk9HaEpc=
Subject key identifier: 72:2D:B0:48:59:18:21:2F:10:92:7E:7E:F7:FB:37:36:CB:28:38:77
Certificate issuer: /CN=45aed3d1a1a1e2830d416afa047b95220e814084
Certificate serial: 01884808ED6F45D2D443EB5E5762E3286EF2
Authority key identifier: 45:AE:D3:D1:A1:A1:E2:83:0D:41:6A:FA:04:7B:95:22:0E:81:40:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ra7T0aGh4oMNQWr6BHuVIg6BQIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/8c5dc7-bf41-4008-9cff-2c69985359c0/1/ci2wSFkYIS8Qkn5-9_s3NssoOHc.roa
Signing time: Tue 23 May 2023 09:55:24 +0000
ROA not before: Tue 23 May 2023 09:55:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199699
IP address blocks: 2a13:8f80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:08:ed:6f:45:d2:d4:43:eb:5e:57:62:e3:28:6e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45aed3d1a1a1e2830d416afa047b95220e814084
Validity
Not Before: May 23 09:55:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=722db0485918212f10927e7ef7fb3736cb283877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:df:21:9f:0e:53:06:d1:3e:90:fc:54:c5:9a:
10:d1:f1:c4:a3:ad:2f:b0:90:94:c7:cc:b0:66:32:
0a:b0:e3:55:ef:ee:f3:bb:d1:80:22:60:1d:64:b2:
61:7d:70:4d:1e:fe:ba:38:6c:03:66:dc:4a:3f:d9:
a5:be:00:4c:90:59:d0:0f:d6:23:3f:ca:de:da:f0:
f4:10:73:3e:d3:f5:19:99:e5:c1:ec:f7:86:84:6b:
e3:f4:56:12:aa:f0:e1:f4:e5:74:d2:cc:5f:0f:11:
4f:20:11:04:95:97:1f:b7:bf:80:83:a7:87:0a:3f:
56:f4:eb:36:48:5a:ad:23:03:82:c4:28:bc:bc:d6:
c8:e9:06:39:c3:11:51:19:5b:36:fb:2e:68:9c:5d:
f2:71:2b:3f:1f:ed:1c:5a:e4:05:9a:f3:1b:28:03:
74:2a:47:cb:1b:9a:68:bd:74:30:57:c9:da:cf:77:
6d:46:92:2f:ef:d4:23:24:58:3c:20:ea:9d:4c:79:
2c:87:a6:2f:93:b6:ab:d3:8c:98:c6:c8:98:fb:79:
18:16:8b:a8:3c:6d:9f:a7:30:a3:b0:af:4a:c4:5a:
d3:5d:c0:79:39:6a:e8:6c:89:0d:98:05:48:8f:b3:
bc:74:de:7d:b1:58:af:dc:27:c5:10:d9:ba:f4:4a:
27:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:2D:B0:48:59:18:21:2F:10:92:7E:7E:F7:FB:37:36:CB:28:38:77
X509v3 Authority Key Identifier:
keyid:45:AE:D3:D1:A1:A1:E2:83:0D:41:6A:FA:04:7B:95:22:0E:81:40:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ra7T0aGh4oMNQWr6BHuVIg6BQIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/8c5dc7-bf41-4008-9cff-2c69985359c0/1/ci2wSFkYIS8Qkn5-9_s3NssoOHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/8c5dc7-bf41-4008-9cff-2c69985359c0/1/Ra7T0aGh4oMNQWr6BHuVIg6BQIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:8f80::/29
Signature Algorithm: sha256WithRSAEncryption
a0:7e:cd:c9:5d:1c:b6:dc:ae:65:f0:a9:f3:cf:42:b2:82:a0:
b8:6c:05:08:61:49:c5:80:ea:d5:d2:79:58:e2:57:4f:9c:54:
5f:a9:44:6e:5a:d1:e1:cc:8d:50:51:43:03:22:c2:63:f1:35:
12:c6:29:05:46:d3:5c:84:80:30:90:3e:ce:18:2b:f5:2d:5a:
d4:e5:76:f7:ff:d7:e1:09:be:95:2e:fe:e6:fc:61:ea:93:e2:
66:e0:50:26:ca:7f:62:09:30:55:97:66:11:d5:52:a5:77:04:
5e:56:03:c4:91:45:41:91:6a:4e:82:15:f4:65:94:55:aa:91:
a4:a6:9f:bd:34:dc:84:1d:54:ae:11:ab:61:ff:21:6d:e0:53:
30:d4:85:ae:59:ad:06:bc:8f:d1:61:81:9e:21:cd:3a:fc:4a:
72:ef:bc:c7:21:16:09:80:58:d2:c2:91:fd:00:c1:30:80:83:
a9:ca:92:b2:3f:83:80:ae:be:0a:57:81:56:1e:c4:da:bd:c8:
d7:8b:22:10:58:f9:60:4f:1a:1e:ee:e2:8b:dc:83:0d:a5:e8:
c1:76:10:40:62:40:e4:96:00:69:c4:93:fa:ea:48:ba:01:b4:
ea:17:56:e5:27:65:c0:82:09:b1:da:25:3d:fe:4c:dd:f8:7b:
f9:f8:87:b0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYhICO1vRdLUQ+teV2LjKG7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YWVkM2QxYTFhMWUyODMwZDQxNmFmYTA0N2I5NTIyMGU4
MTQwODQwHhcNMjMwNTIzMDk1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjJkYjA0ODU5MTgyMTJmMTA5MjdlN2VmN2ZiMzczNmNiMjgzODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjN8hnw5TBtE+kPxUxZoQ0fHEo60v
sJCUx8ywZjIKsONV7+7zu9GAImAdZLJhfXBNHv66OGwDZtxKP9mlvgBMkFnQD9Yj
P8re2vD0EHM+0/UZmeXB7PeGhGvj9FYSqvDh9OV00sxfDxFPIBEElZcft7+Ag6eH
Cj9W9Os2SFqtIwOCxCi8vNbI6QY5wxFRGVs2+y5onF3ycSs/H+0cWuQFmvMbKAN0
KkfLG5povXQwV8naz3dtRpIv79QjJFg8IOqdTHksh6Yvk7ar04yYxsiY+3kYFouo
PG2fpzCjsK9KxFrTXcB5OWrobIkNmAVIj7O8dN59sViv3CfFENm69EonSwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHItsEhZGCEvEJJ+fvf7NzbLKDh3MB8GA1UdIwQY
MBaAFEWu09GhoeKDDUFq+gR7lSIOgUCEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmE3VDBhR2g0b01OUVdyNkJIdVZJZzZCUUlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84YzVkYzctYmY0MS00MDA4LTljZmYt
MmM2OTk4NTM1OWMwLzEvY2kyd1NGa1lJUzhRa241LTlfczNOc3NvT0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84YzVkYzctYmY0MS00MDA4LTljZmYtMmM2OTk4NTM1OWMw
LzEvUmE3VDBhR2g0b01OUVdyNkJIdVZJZzZCUUlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOPgDAN
BgkqhkiG9w0BAQsFAAOCAQEAoH7NyV0cttyuZfCp889CsoKguGwFCGFJxYDq1dJ5
WOJXT5xUX6lEblrR4cyNUFFDAyLCY/E1EsYpBUbTXISAMJA+zhgr9S1a1OV29//X
4Qm+lS7+5vxh6pPiZuBQJsp/YgkwVZdmEdVSpXcEXlYDxJFFQZFqToIV9GWUVaqR
pKafvTTchB1UrhGrYf8hbeBTMNSFrlmtBryP0WGBniHNOvxKcu+8xyEWCYBY0sKR
/QDBMICDqcqSsj+DgK6+CleBVh7E2r3I14siEFj5YE8aHu7ii9yDDaXowXYQQGJA
5JYAacST+upIugG06hdW5SdlwIIJsdolPf5M3fh7+fiHsA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:23 2025 by rpki-client