Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/497b78-b546-4630-9348-739c85c200b9/1/ERbRRd_-kGMAAtEEJs9BEvFuTls.roa
File: ERbRRd_-kGMAAtEEJs9BEvFuTls.roa (raw, json)
Hash identifier: 5HaBFqwPn2Ra6v9yLlFC9nNqcRBscIc7Kqt7tntlx/U=
Subject key identifier: 11:16:D1:45:DF:FE:90:63:00:02:D1:04:26:CF:41:12:F1:6E:4E:5B
Certificate issuer: /CN=9b60a6a1da0f117804f07fe125387a2adc998965
Certificate serial: 01859592273413911D3097ED62B709F59ADE
Authority key identifier: 9B:60:A6:A1:DA:0F:11:78:04:F0:7F:E1:25:38:7A:2A:DC:99:89:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2CmodoPEXgE8H_hJTh6KtyZiWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/497b78-b546-4630-9348-739c85c200b9/1/ERbRRd_-kGMAAtEEJs9BEvFuTls.roa
Signing time: Mon 09 Jan 2023 08:07:41 +0000
ROA not before: Mon 09 Jan 2023 08:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201397
IP address blocks: 2a12:a9c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:92:27:34:13:91:1d:30:97:ed:62:b7:09:f5:9a:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b60a6a1da0f117804f07fe125387a2adc998965
Validity
Not Before: Jan 9 08:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1116d145dffe90630002d10426cf4112f16e4e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:24:be:43:2f:41:1b:be:33:3f:93:42:75:9f:
0a:be:0b:7f:5d:54:f5:9b:83:b9:78:91:f1:05:52:
7d:28:fb:5f:cc:2a:4b:26:ff:e6:e0:d6:52:96:ab:
ab:b9:c1:bc:fe:3f:fe:34:16:fa:22:47:f6:98:89:
7a:79:f5:d8:76:d9:43:4e:fc:2b:80:00:08:07:bf:
e4:77:6d:29:bd:c4:ec:d2:aa:b5:c8:e1:06:4c:bb:
e2:c1:18:54:6f:12:26:bb:53:77:c3:72:78:b3:97:
80:89:b3:9a:6c:67:50:ea:37:18:83:34:be:3e:40:
bc:e0:0c:15:f2:f7:ab:9c:07:7f:8e:31:99:e0:d5:
39:2b:52:9f:8a:6a:78:c7:23:0b:95:23:5c:b5:6d:
80:ab:de:9d:f4:da:10:4a:be:1b:f3:ae:43:47:64:
de:70:bd:7d:2b:d8:9a:b8:f5:5d:03:71:6c:c1:2b:
4e:99:72:b3:8f:0c:85:3c:7d:b0:64:b7:66:7b:19:
eb:63:9e:96:ee:8e:c0:17:f9:3d:24:aa:a8:a0:24:
03:ec:db:00:13:aa:23:fa:e4:8a:12:d2:89:d3:5d:
43:65:46:d6:1c:12:b1:f2:81:ac:e1:ea:2b:5d:cc:
ea:1f:8e:e9:6d:e6:22:a4:7c:96:d2:69:90:d8:e6:
11:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:16:D1:45:DF:FE:90:63:00:02:D1:04:26:CF:41:12:F1:6E:4E:5B
X509v3 Authority Key Identifier:
keyid:9B:60:A6:A1:DA:0F:11:78:04:F0:7F:E1:25:38:7A:2A:DC:99:89:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2CmodoPEXgE8H_hJTh6KtyZiWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/497b78-b546-4630-9348-739c85c200b9/1/ERbRRd_-kGMAAtEEJs9BEvFuTls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/497b78-b546-4630-9348-739c85c200b9/1/m2CmodoPEXgE8H_hJTh6KtyZiWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a9c0::/29
Signature Algorithm: sha256WithRSAEncryption
4f:a2:35:8c:9a:85:a6:e3:25:0b:0e:20:ae:38:2c:8a:3a:22:
84:7a:8d:fa:fc:8a:8d:64:d5:e8:f5:45:a7:4d:d0:8e:0a:81:
36:5a:8e:a7:62:bd:ca:d2:66:39:e0:59:08:ce:82:1e:5a:f6:
2b:51:a3:45:84:f4:95:30:2f:9e:63:28:b0:3a:f4:d5:9d:0f:
a7:8e:0a:0e:99:d3:9e:0a:c8:b0:d9:28:b6:0e:80:6d:4f:db:
ed:b4:9f:35:d2:a3:e4:13:4c:a2:4b:98:4d:e5:99:44:75:50:
04:5d:51:2e:dd:15:42:8c:b2:38:c5:22:50:2f:f2:d5:40:88:
fe:e6:22:a8:90:6e:e1:ec:f7:73:ed:19:0b:b2:f8:9e:cf:f1:
aa:7d:db:cf:b6:3f:4d:75:ad:ea:86:ab:4a:3c:72:f3:ac:66:
f7:fc:26:ab:e2:ab:2f:da:d8:0f:f1:fd:bc:43:1c:26:58:01:
65:a3:59:b7:1c:5c:ad:e5:ba:d9:cf:ac:cb:6b:87:03:98:8b:
7a:80:87:f4:82:1f:dc:19:8a:0d:6d:b0:9d:61:af:c5:25:49:
66:e7:96:4d:34:c8:a2:a4:7c:4f:2a:75:23:8e:0c:d7:4a:41:
f1:b8:0a:a5:cb:97:c5:46:81:90:cb:bb:0d:dd:61:c9:69:1d:
66:f4:f8:ac
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYWVkic0E5EdMJftYrcJ9ZreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNjBhNmExZGEwZjExNzgwNGYwN2ZlMTI1Mzg3YTJhZGM5
OTg5NjUwHhcNMjMwMTA5MDgwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTE2ZDE0NWRmZmU5MDYzMDAwMmQxMDQyNmNmNDExMmYxNmU0ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyS+Qy9BG74zP5NCdZ8Kvgt/XVT1
m4O5eJHxBVJ9KPtfzCpLJv/m4NZSlqurucG8/j/+NBb6Ikf2mIl6efXYdtlDTvwr
gAAIB7/kd20pvcTs0qq1yOEGTLviwRhUbxImu1N3w3J4s5eAibOabGdQ6jcYgzS+
PkC84AwV8vernAd/jjGZ4NU5K1Kfimp4xyMLlSNctW2Aq96d9NoQSr4b865DR2Te
cL19K9iauPVdA3FswStOmXKzjwyFPH2wZLdmexnrY56W7o7AF/k9JKqooCQD7NsA
E6oj+uSKEtKJ011DZUbWHBKx8oGs4eorXczqH47pbeYipHyW0mmQ2OYRUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBEW0UXf/pBjAALRBCbPQRLxbk5bMB8GA1UdIwQY
MBaAFJtgpqHaDxF4BPB/4SU4eircmYllMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJDbW9kb1BFWGdFOEhfaEpUaDZLdHlaaVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80OTdiNzgtYjU0Ni00NjMwLTkzNDgt
NzM5Yzg1YzIwMGI5LzEvRVJiUlJkXy1rR01BQXRFRUpzOUJFdkZ1VGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80OTdiNzgtYjU0Ni00NjMwLTkzNDgtNzM5Yzg1YzIwMGI5
LzEvbTJDbW9kb1BFWGdFOEhfaEpUaDZLdHlaaVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKpwDAN
BgkqhkiG9w0BAQsFAAOCAQEAT6I1jJqFpuMlCw4grjgsijoihHqN+vyKjWTV6PVF
p03QjgqBNlqOp2K9ytJmOeBZCM6CHlr2K1GjRYT0lTAvnmMosDr01Z0Pp44KDpnT
ngrIsNkotg6AbU/b7bSfNdKj5BNMokuYTeWZRHVQBF1RLt0VQoyyOMUiUC/y1UCI
/uYiqJBu4ez3c+0ZC7L4ns/xqn3bz7Y/TXWt6oarSjxy86xm9/wmq+KrL9rYD/H9
vEMcJlgBZaNZtxxcreW62c+sy2uHA5iLeoCH9IIf3BmKDW2wnWGvxSVJZueWTTTI
oqR8Typ1I44M10pB8bgKpcuXxUaBkMu7Dd1hyWkdZvT4rA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:16 2025 by rpki-client