Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/2Tg668wC6TEiheQ3CAAxH6TMptg.roa
File: 2Tg668wC6TEiheQ3CAAxH6TMptg.roa (raw, json)
Hash identifier: dnDMtr0IfEqCmgQO8ns86juLFmrQCSOZJBYKiO4hjZA=
Subject key identifier: D9:38:3A:EB:CC:02:E9:31:22:85:E4:37:08:00:31:1F:A4:CC:A6:D8
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 01856D418B1C9ED7C5D16D9DBAEAD9EA61DE
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/2Tg668wC6TEiheQ3CAAxH6TMptg.roa
Signing time: Sun 01 Jan 2023 12:14:50 +0000
ROA not before: Sun 01 Jan 2023 12:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28839
IP address blocks: 2a01:190:15ee::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:8b:1c:9e:d7:c5:d1:6d:9d:ba:ea:d9:ea:61:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 12:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9383aebcc02e9312285e4370800311fa4cca6d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a6:34:97:35:a0:6a:9e:3e:fb:60:2a:0b:43:
fc:a1:4b:4c:eb:44:c3:a1:4b:98:72:5d:78:f4:46:
06:12:85:1b:60:7f:f3:08:69:c6:a0:c3:6e:32:f6:
0e:87:5c:f7:78:70:37:ed:75:7c:72:21:31:d8:91:
51:6a:2b:cb:2c:be:a8:ec:6b:c9:91:b2:26:44:ef:
5c:7c:5c:f0:f8:cf:db:40:4b:b4:4c:fc:c5:f0:51:
c0:aa:77:47:ea:cb:dd:80:54:cf:b5:f0:ac:57:28:
b4:44:b6:6a:d6:2a:f1:49:ad:c1:d6:64:ca:ef:4b:
2f:71:00:02:af:c5:c1:df:82:c9:25:14:4d:67:ad:
c7:47:d7:f8:d0:33:a7:7f:6f:81:b4:f3:5a:0e:39:
71:ce:ca:51:6e:d9:0f:da:0d:6a:11:77:e7:f6:50:
58:a6:c4:1a:13:34:1e:46:72:74:b6:c6:56:bb:c5:
d7:53:a7:1a:50:f6:32:9e:63:b9:b1:4d:fa:7d:ea:
cf:58:3e:b7:f5:78:fa:da:a7:a2:e3:89:72:e2:ea:
ae:78:47:54:a0:9a:cb:e2:18:0c:1b:41:1b:08:9b:
d5:62:f2:08:59:3e:ea:db:2a:e8:d6:f7:6c:a2:75:
68:d6:9b:63:83:b3:14:d8:ab:c8:ed:e5:1a:76:06:
c3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:38:3A:EB:CC:02:E9:31:22:85:E4:37:08:00:31:1F:A4:CC:A6:D8
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/2Tg668wC6TEiheQ3CAAxH6TMptg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:190:15ee::/48
Signature Algorithm: sha256WithRSAEncryption
4f:a3:5f:b3:1f:47:82:30:fa:d5:77:87:fd:f2:81:17:8e:5e:
56:2b:82:a9:2b:3b:d0:8e:ad:30:e5:b3:f1:fb:3c:5f:6b:19:
3f:03:77:08:1c:bc:89:1e:36:23:31:ab:de:5d:36:c8:2e:39:
89:36:0d:31:38:49:1b:5f:22:44:3f:fe:f6:18:bd:29:4d:60:
d5:ba:c2:f7:c8:05:af:09:35:b0:06:7a:96:e7:3b:25:e3:fc:
d7:3d:ba:2e:b7:84:54:b6:c8:27:2d:ff:59:61:bb:f4:33:85:
02:dc:3e:d1:24:7d:81:7a:13:7f:8f:95:60:b6:b9:53:1c:7b:
91:a2:9c:61:c2:1e:09:ed:46:ba:de:2f:2c:20:94:64:f7:64:
f0:0e:6d:9f:25:9b:25:76:ef:a0:55:50:dc:95:8c:70:93:da:
dc:d0:9d:b2:fd:b9:96:99:1b:ba:51:90:ee:55:88:2a:78:97:
04:8b:b2:b3:d9:fe:9d:04:33:33:36:3e:9c:ca:5a:61:24:bb:
f2:45:be:33:34:31:c5:32:21:89:80:7a:4c:c5:b0:be:21:0e:
c3:76:f9:f7:73:3a:b4:ff:61:a1:f7:d8:56:53:b2:dc:ac:ef:
a6:2c:98:48:03:88:d7:cc:66:7e:b7:db:e4:e0:f7:9d:d6:a6:
30:00:40:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtQYscntfF0W2duurZ6mHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjMwMTAxMTIxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTM4M2FlYmNjMDJlOTMxMjI4NWU0MzcwODAwMzExZmE0Y2NhNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqY0lzWgap4++2AqC0P8oUtM60TD
oUuYcl149EYGEoUbYH/zCGnGoMNuMvYOh1z3eHA37XV8ciEx2JFRaivLLL6o7GvJ
kbImRO9cfFzw+M/bQEu0TPzF8FHAqndH6svdgFTPtfCsVyi0RLZq1irxSa3B1mTK
70svcQACr8XB34LJJRRNZ63HR9f40DOnf2+BtPNaDjlxzspRbtkP2g1qEXfn9lBY
psQaEzQeRnJ0tsZWu8XXU6caUPYynmO5sU36ferPWD639Xj62qei44ly4uqueEdU
oJrL4hgMG0EbCJvVYvIIWT7q2yro1vdsonVo1ptjg7MU2KvI7eUadgbDVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNk4OuvMAukxIoXkNwgAMR+kzKbYMB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvMlRnNjY4d0M2VEVpaGVRM0NBQXhINlRNcHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEBkBXu
MA0GCSqGSIb3DQEBCwUAA4IBAQBPo1+zH0eCMPrVd4f98oEXjl5WK4KpKzvQjq0w
5bPx+zxfaxk/A3cIHLyJHjYjMaveXTbILjmJNg0xOEkbXyJEP/72GL0pTWDVusL3
yAWvCTWwBnqW5zsl4/zXPbout4RUtsgnLf9ZYbv0M4UC3D7RJH2BehN/j5VgtrlT
HHuRopxhwh4J7Ua63i8sIJRk92TwDm2fJZsldu+gVVDclYxwk9rc0J2y/bmWmRu6
UZDuVYgqeJcEi7Kz2f6dBDMzNj6cylphJLvyRb4zNDHFMiGJgHpMxbC+IQ7Ddvn3
czq0/2Gh99hWU7LcrO+mLJhIA4jXzGZ+t9vk4Ped1qYwAEAq
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:38:46 2025 by rpki-client