Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/Ksgn8DsaJ7sdS0hqW0qTHnQyEf8.roa
File: Ksgn8DsaJ7sdS0hqW0qTHnQyEf8.roa (raw, json)
Hash identifier: Fh1kij8Rwxi2M+uN8Ct/fzyPGxVISciH7LpwBMb4WYE=
Subject key identifier: 2A:C8:27:F0:3B:1A:27:BB:1D:4B:48:6A:5B:4A:93:1E:74:32:11:FF
Certificate issuer: /CN=8c89801b19aa9728ad4f6bb7185c11f14b9d8d7c
Certificate serial: 01856D5D0F364747A25A7892D82618C52E0E
Authority key identifier: 8C:89:80:1B:19:AA:97:28:AD:4F:6B:B7:18:5C:11:F1:4B:9D:8D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/Ksgn8DsaJ7sdS0hqW0qTHnQyEf8.roa
Signing time: Sun 01 Jan 2023 12:44:53 +0000
ROA not before: Sun 01 Jan 2023 12:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5500
IP address blocks: 2a05:aa40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:0f:36:47:47:a2:5a:78:92:d8:26:18:c5:2e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c89801b19aa9728ad4f6bb7185c11f14b9d8d7c
Validity
Not Before: Jan 1 12:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ac827f03b1a27bb1d4b486a5b4a931e743211ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d8:59:53:03:63:57:d4:a6:79:7a:4c:2a:35:
f1:0f:77:f4:f6:67:30:42:e0:78:e1:5c:e4:39:03:
0b:c7:44:32:c3:89:99:e3:0a:af:3c:4e:0e:84:8e:
de:9e:4d:74:74:86:d3:7e:1a:87:55:08:7c:8b:3a:
a9:28:67:aa:51:77:a8:2c:d0:26:87:0b:92:c4:8e:
67:ea:30:b9:2b:c0:3b:65:08:b6:f4:f1:26:4e:34:
35:0d:3a:3b:6f:97:5f:86:52:b0:98:1f:47:2a:4d:
bf:9d:11:ae:e8:02:7f:b7:17:27:d0:d4:32:64:e9:
67:35:c0:be:bc:b2:ba:0b:c7:1b:85:74:89:87:c1:
5a:0b:72:3d:ad:fc:c4:da:b8:be:2d:5f:2c:0b:10:
fb:ce:4d:31:18:93:1c:fe:12:96:24:6c:7b:2f:01:
78:c1:10:67:4a:42:6e:88:bb:5d:bd:34:c5:0b:4b:
53:e9:66:53:b6:97:49:28:a2:2c:42:48:db:0c:cf:
ab:ee:10:8a:98:ce:12:63:94:f0:2f:d7:1f:9d:bd:
89:53:c8:99:95:b9:96:a5:f1:6c:2c:ec:cf:31:4f:
10:d8:eb:87:88:d3:e5:ab:30:8a:ee:e7:ec:41:60:
f6:57:cb:6b:b7:cf:cc:b9:0b:13:d7:57:69:d1:92:
1a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C8:27:F0:3B:1A:27:BB:1D:4B:48:6A:5B:4A:93:1E:74:32:11:FF
X509v3 Authority Key Identifier:
keyid:8C:89:80:1B:19:AA:97:28:AD:4F:6B:B7:18:5C:11:F1:4B:9D:8D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/Ksgn8DsaJ7sdS0hqW0qTHnQyEf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/jImAGxmqlyitT2u3GFwR8UudjXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
7e:78:98:cd:33:25:0d:47:d6:ef:64:85:ad:14:4b:2a:98:b8:
a3:ee:45:4f:33:48:24:73:4d:ae:83:14:81:5a:e7:85:5c:76:
eb:9c:40:46:21:13:56:3a:21:d9:39:49:8e:32:0c:14:36:76:
87:54:70:75:58:c2:f9:cc:fb:e0:65:59:e6:ce:07:ed:c8:70:
d2:28:0a:f8:05:e4:c4:bf:81:aa:07:2d:0b:be:7b:82:17:fc:
d6:c2:13:08:e1:cc:21:41:fa:3a:46:3d:8c:fb:f5:f4:50:e6:
ca:12:25:dc:6a:70:47:bc:50:c8:54:24:6a:e4:c7:75:38:93:
3e:77:7d:b8:0a:ea:a6:6b:fe:d7:bb:ad:d6:b1:6d:0e:31:ab:
a0:96:55:23:70:0b:be:96:91:a1:a3:e1:fc:30:78:ea:de:ae:
15:6e:d1:06:66:1b:88:e7:eb:f5:6a:54:64:fe:36:b4:94:da:
7e:44:98:b6:97:3a:d7:f1:ea:9a:4e:ef:e3:3d:6e:82:09:4b:
06:04:63:79:07:b3:3c:49:66:f0:3e:ed:ab:1e:9b:48:97:3a:
04:ed:1d:70:e7:db:a5:f0:78:e5:1b:fc:cc:50:14:34:c4:a7:
e7:4e:f3:57:4f:2a:bc:d5:ea:fb:6a:ad:c1:8d:f0:a8:3c:8f:
61:87:b0:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtXQ82R0eiWniS2CYYxS4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODk4MDFiMTlhYTk3MjhhZDRmNmJiNzE4NWMxMWYxNGI5
ZDhkN2MwHhcNMjMwMTAxMTI0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWM4MjdmMDNiMWEyN2JiMWQ0YjQ4NmE1YjRhOTMxZTc0MzIxMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NhZUwNjV9SmeXpMKjXxD3f09mcw
QuB44VzkOQMLx0Qyw4mZ4wqvPE4OhI7enk10dIbTfhqHVQh8izqpKGeqUXeoLNAm
hwuSxI5n6jC5K8A7ZQi29PEmTjQ1DTo7b5dfhlKwmB9HKk2/nRGu6AJ/txcn0NQy
ZOlnNcC+vLK6C8cbhXSJh8FaC3I9rfzE2ri+LV8sCxD7zk0xGJMc/hKWJGx7LwF4
wRBnSkJuiLtdvTTFC0tT6WZTtpdJKKIsQkjbDM+r7hCKmM4SY5TwL9cfnb2JU8iZ
lbmWpfFsLOzPMU8Q2OuHiNPlqzCK7ufsQWD2V8trt8/MuQsT11dp0ZIamwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCrIJ/A7Gie7HUtIaltKkx50MhH/MB8GA1UdIwQY
MBaAFIyJgBsZqpcorU9rtxhcEfFLnY18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakltQUd4bXFseWl0VDJ1M0dGd1I4VXVkalh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zMDY2Y2EtZTAxNy00ZjYxLWFkYzUt
NzI4ZTk5NjdkYWNhLzEvS3NnbjhEc2FKN3NkUzBocVcwcVRIblF5RWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zMDY2Y2EtZTAxNy00ZjYxLWFkYzUtNzI4ZTk5NjdkYWNh
LzEvakltQUd4bXFseWl0VDJ1M0dGd1I4VXVkalh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWqQDAN
BgkqhkiG9w0BAQsFAAOCAQEAfniYzTMlDUfW72SFrRRLKpi4o+5FTzNIJHNNroMU
gVrnhVx265xARiETVjoh2TlJjjIMFDZ2h1RwdVjC+cz74GVZ5s4H7chw0igK+AXk
xL+BqgctC757ghf81sITCOHMIUH6OkY9jPv19FDmyhIl3GpwR7xQyFQkauTHdTiT
Pnd9uArqpmv+17ut1rFtDjGroJZVI3ALvpaRoaPh/DB46t6uFW7RBmYbiOfr9WpU
ZP42tJTafkSYtpc61/Hqmk7v4z1ugglLBgRjeQezPElm8D7tqx6bSJc6BO0dcOfb
pfB45Rv8zFAUNMSn507zV08qvNXq+2qtwY3wqDyPYYewIQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:03 2025 by rpki-client