Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/mDDaL_X6QgtMWzVPPspHpBqUNJM.roa
File: mDDaL_X6QgtMWzVPPspHpBqUNJM.roa (raw, json)
Hash identifier: ahqNlcnSCJq4JNjscZMvaX+msOqRcieFo9czCjRYQtc=
Subject key identifier: 98:30:DA:2F:F5:FA:42:0B:4C:5B:35:4F:3E:CA:47:A4:1A:94:34:93
Certificate issuer: /CN=0a23e2f0b064087fd84f048b1fa9997023d599e1
Certificate serial: 09FECF52
Authority key identifier: 0A:23:E2:F0:B0:64:08:7F:D8:4F:04:8B:1F:A9:99:70:23:D5:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CiPi8LBkCH_YTwSLH6mZcCPVmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/mDDaL_X6QgtMWzVPPspHpBqUNJM.roa
Signing time: Sat 01 Jan 2022 10:59:54 +0000
ROA not before: Sat 01 Jan 2022 10:59:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208272
IP address blocks: 2a0b:7980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167694162 (0x9fecf52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a23e2f0b064087fd84f048b1fa9997023d599e1
Validity
Not Before: Jan 1 10:59:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9830da2ff5fa420b4c5b354f3eca47a41a943493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:ae:06:6f:3d:ad:49:b0:b4:f8:4e:be:75:
e3:8d:e4:09:ec:0d:f7:f1:9f:09:db:c7:fd:4f:bc:
f8:76:63:69:33:99:83:b7:f8:6d:27:b5:75:bb:cf:
04:1e:46:84:a9:ea:74:fc:8c:2b:3a:80:90:12:a6:
be:d7:ee:ca:d0:ad:3a:39:a3:fd:86:0a:35:91:a1:
ed:73:4f:d1:5d:ee:c4:04:f4:5b:ad:97:1f:bb:65:
d4:8c:f2:78:88:e7:5d:18:32:ea:02:fd:0e:60:11:
f6:d5:4c:a9:a0:b4:bc:6d:23:3e:3a:84:19:57:c5:
a6:81:76:0c:bf:c8:e0:0e:5f:c5:7f:24:20:65:7a:
06:b5:ad:97:91:d6:5b:0a:80:55:42:ba:b6:6f:d0:
35:ad:e4:cd:b5:7f:a5:71:7b:d8:d2:0e:a8:db:d0:
bf:54:e4:e2:84:65:9f:18:0b:ef:17:2e:cb:aa:8c:
e0:d5:5f:66:46:0b:ee:1b:64:00:33:3b:88:89:16:
3e:c2:3d:f4:96:6f:73:99:4e:72:66:f7:fc:10:da:
5d:5f:df:ed:c9:c1:6b:fb:fc:ce:d9:b9:10:8d:e4:
2e:bc:f2:bc:1d:34:b0:9b:f4:c0:3e:34:30:c1:21:
70:60:5a:32:ef:cc:57:89:66:38:81:1a:b7:76:13:
99:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:30:DA:2F:F5:FA:42:0B:4C:5B:35:4F:3E:CA:47:A4:1A:94:34:93
X509v3 Authority Key Identifier:
keyid:0A:23:E2:F0:B0:64:08:7F:D8:4F:04:8B:1F:A9:99:70:23:D5:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CiPi8LBkCH_YTwSLH6mZcCPVmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/mDDaL_X6QgtMWzVPPspHpBqUNJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/CiPi8LBkCH_YTwSLH6mZcCPVmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:7980::/29
Signature Algorithm: sha256WithRSAEncryption
01:25:7c:ba:fc:90:11:75:09:57:38:d5:d8:ad:ba:64:38:47:
58:d2:d3:26:07:4f:67:4d:82:8f:ea:8c:2e:18:2e:6a:d7:ef:
80:6e:db:c1:62:8a:0c:5e:9e:f0:e4:c3:95:70:b4:4f:74:1c:
69:9c:48:ed:7a:da:f5:ed:34:7f:f5:04:79:0e:2c:85:92:88:
8b:d8:ec:04:ca:e3:7d:25:8e:16:33:a6:cc:29:b3:29:f3:08:
0a:94:66:5c:66:13:f5:c7:ee:61:dd:fa:12:dc:da:a0:f3:d0:
b1:7d:f6:e5:11:ee:c7:cb:86:f2:f6:f5:3b:b7:81:90:95:9d:
2e:95:87:6b:cf:e2:1c:45:bc:53:1c:29:9e:26:47:e1:64:54:
93:ea:24:36:32:69:6d:e0:72:7f:da:e5:91:9e:73:ea:d8:8c:
68:d3:4d:a1:15:ce:0e:76:a1:96:53:dc:9d:5a:a8:57:8b:52:
e0:cf:13:ed:72:1a:2e:e4:de:55:a4:ae:5f:bd:3a:be:e6:84:
54:2f:ee:13:1c:dd:3a:bd:11:97:f8:0d:16:e1:68:08:1a:c4:
75:b5:c3:e7:7c:d9:89:b3:2e:f8:b1:d0:ca:c1:99:e3:bb:81:
5a:a8:d1:9f:31:d9:61:c1:95:15:78:3a:f7:91:1d:44:b8:22:
81:02:03:29
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECf7PUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTIzZTJmMGIwNjQwODdmZDg0ZjA0OGIxZmE5OTk3MDIzZDU5OWUxMB4XDTIyMDEw
MTEwNTk1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgzMGRhMmZmNWZh
NDIwYjRjNWIzNTRmM2VjYTQ3YTQxYTk0MzQ5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKtrgZvPa1JsLT4Tr51443kCewN9/GfCdvH/U+8+HZjaTOZ
g7f4bSe1dbvPBB5GhKnqdPyMKzqAkBKmvtfuytCtOjmj/YYKNZGh7XNP0V3uxAT0
W62XH7tl1IzyeIjnXRgy6gL9DmAR9tVMqaC0vG0jPjqEGVfFpoF2DL/I4A5fxX8k
IGV6BrWtl5HWWwqAVUK6tm/QNa3kzbV/pXF72NIOqNvQv1Tk4oRlnxgL7xcuy6qM
4NVfZkYL7htkADM7iIkWPsI99JZvc5lOcmb3/BDaXV/f7cnBa/v8ztm5EI3kLrzy
vB00sJv0wD40MMEhcGBaMu/MV4lmOIEat3YTmSECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSYMNov9fpCC0xbNU8+ykekGpQ0kzAfBgNVHSMEGDAWgBQKI+LwsGQIf9hP
BIsfqZlwI9WZ4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NpUGk4TEJrQ0hfWVR3U0xINm1aY0NQVm1lRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvYzk4M2FhLWI2MWUtNGVkOC04ZTgxLWJjMWU1NWM2OTc1NS8x
L21ERGFMX1g2UWd0TVd6VlBQc3BIcEJxVU5KTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
Yzk4M2FhLWI2MWUtNGVkOC04ZTgxLWJjMWU1NWM2OTc1NS8xL0NpUGk4TEJrQ0hf
WVR3U0xINm1aY0NQVm1lRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoLeYAwDQYJKoZIhvcNAQELBQAD
ggEBAAElfLr8kBF1CVc41ditumQ4R1jS0yYHT2dNgo/qjC4YLmrX74Bu28Fiigxe
nvDkw5VwtE90HGmcSO162vXtNH/1BHkOLIWSiIvY7ATK430ljhYzpswpsynzCAqU
ZlxmE/XH7mHd+hLc2qDz0LF99uUR7sfLhvL29Tu3gZCVnS6Vh2vP4hxFvFMcKZ4m
R+FkVJPqJDYyaW3gcn/a5ZGec+rYjGjTTaEVzg52oZZT3J1aqFeLUuDPE+1yGi7k
3lWkrl+9Or7mhFQv7hMc3Tq9EZf4DRbhaAgaxHW1w+d82YmzLvix0MrBmeO7gVqo
0Z8x2WHBlRV4OveRHUS4IoECAyk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:53 2025 by rpki-client