Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/581e68-4d45-40eb-89d9-8816fba8be12/1/AE2NhIKdn5Du9y1RC7GLNDQLv0w.roa
File: AE2NhIKdn5Du9y1RC7GLNDQLv0w.roa (raw, json)
Hash identifier: EKwcgPu7EPEwt2a3psVcfo/QlFx+3dxHqNHaa/naTSU=
Subject key identifier: 00:4D:8D:84:82:9D:9F:90:EE:F7:2D:51:0B:B1:8B:34:34:0B:BF:4C
Certificate issuer: /CN=3ea99f00000beeb9f1b2854ba50ec7b88126dba9
Certificate serial: 0189BB3F380B13A978536E376B538A15006D
Authority key identifier: 3E:A9:9F:00:00:0B:EE:B9:F1:B2:85:4B:A5:0E:C7:B8:81:26:DB:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqmfAAAL7rnxsoVLpQ7HuIEm26k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/581e68-4d45-40eb-89d9-8816fba8be12/1/AE2NhIKdn5Du9y1RC7GLNDQLv0w.roa
Signing time: Thu 03 Aug 2023 11:53:49 +0000
ROA not before: Thu 03 Aug 2023 11:53:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211146
IP address blocks: 2a0b:f500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:3f:38:0b:13:a9:78:53:6e:37:6b:53:8a:15:00:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea99f00000beeb9f1b2854ba50ec7b88126dba9
Validity
Not Before: Aug 3 11:53:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=004d8d84829d9f90eef72d510bb18b34340bbf4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:aa:21:b4:bd:8d:fe:77:c7:b3:83:1e:70:4c:
6e:d0:b7:a0:71:9d:de:9a:d1:b7:e1:9d:b9:e4:ce:
ef:a6:cf:fb:65:74:ac:cc:94:b4:55:1a:54:8e:17:
d8:14:af:72:fc:60:9b:b1:e1:a9:d0:16:ce:3d:16:
1c:e9:2c:7d:a3:e2:05:14:65:5c:26:cc:56:d2:85:
24:ac:7a:3f:69:4f:d4:b1:2d:4a:62:12:86:87:29:
1d:cb:69:3b:21:fc:38:1c:dd:23:f4:2c:7e:49:a5:
a5:7b:13:b6:7a:bf:a4:e5:79:0a:d7:5e:a0:2b:41:
ec:d8:be:25:53:0a:80:88:32:bc:21:b9:b4:b2:48:
b9:a9:b8:a4:af:cb:fe:48:77:02:82:5e:9d:a1:4e:
3b:12:7c:36:5c:05:ec:38:05:0c:75:91:7f:c3:b2:
12:c0:76:b1:48:35:9f:1e:ea:e1:a1:67:5f:83:48:
ab:39:95:ad:02:b4:9b:42:51:89:2b:68:9d:3b:40:
b1:42:1d:1d:3c:3a:90:97:7b:39:18:ad:f2:dd:9f:
1e:59:5a:a6:f8:9b:47:cd:92:3e:6c:62:84:0c:cc:
85:af:5f:b4:94:26:67:fb:04:34:86:e8:ed:fe:8b:
98:8c:8c:eb:b1:53:7c:d6:40:dd:e9:85:1e:2a:65:
a4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4D:8D:84:82:9D:9F:90:EE:F7:2D:51:0B:B1:8B:34:34:0B:BF:4C
X509v3 Authority Key Identifier:
keyid:3E:A9:9F:00:00:0B:EE:B9:F1:B2:85:4B:A5:0E:C7:B8:81:26:DB:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqmfAAAL7rnxsoVLpQ7HuIEm26k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/581e68-4d45-40eb-89d9-8816fba8be12/1/AE2NhIKdn5Du9y1RC7GLNDQLv0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/581e68-4d45-40eb-89d9-8816fba8be12/1/PqmfAAAL7rnxsoVLpQ7HuIEm26k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:f500::/29
Signature Algorithm: sha256WithRSAEncryption
0b:30:8f:ed:fe:4b:3d:9c:ef:26:93:08:48:97:dd:51:3f:ab:
14:db:ef:6d:9a:c3:32:5e:68:c7:da:c3:76:f1:cb:d4:f6:0b:
bf:54:3e:46:f2:83:1a:33:ab:a9:6c:6e:63:6d:b7:46:10:2d:
2d:3b:8b:b9:76:74:44:bb:f5:d3:30:e8:16:9b:0e:23:91:87:
f8:67:e4:1b:f8:35:7a:9e:0e:13:f4:92:57:ea:a5:2f:a6:ba:
db:6f:0a:56:b3:6e:d9:b7:fc:2f:10:9f:40:34:5f:79:58:3d:
a7:53:7b:f9:77:3c:3c:cf:14:b1:89:57:eb:41:4e:ba:f3:15:
be:46:fd:36:da:c3:b4:e4:3d:80:f7:49:9b:d9:da:ab:ae:29:
31:0e:35:0f:4d:f6:e1:df:65:70:55:03:55:70:ac:38:a2:c1:
ba:8c:0b:97:2d:45:70:3c:75:64:71:26:80:4f:7f:ec:21:1d:
c5:fc:18:79:62:c0:94:52:72:92:f1:11:b7:69:9c:67:d2:0b:
25:8d:90:69:71:9c:34:85:b9:d2:39:9e:ee:bb:82:bd:3d:8f:
8a:cf:0c:ff:97:2f:5d:b1:6f:8b:79:1c:73:7b:25:14:b4:38:
32:65:5f:be:fe:82:e2:dc:f8:d8:40:54:0d:f2:ad:6a:71:d1:
fa:6a:eb:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYm7PzgLE6l4U243a1OKFQBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTk5ZjAwMDAwYmVlYjlmMWIyODU0YmE1MGVjN2I4ODEy
NmRiYTkwHhcNMjMwODAzMTE1MzQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDRkOGQ4NDgyOWQ5ZjkwZWVmNzJkNTEwYmIxOGIzNDM0MGJiZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaohtL2N/nfHs4MecExu0LegcZ3e
mtG34Z255M7vps/7ZXSszJS0VRpUjhfYFK9y/GCbseGp0BbOPRYc6Sx9o+IFFGVc
JsxW0oUkrHo/aU/UsS1KYhKGhykdy2k7Ifw4HN0j9Cx+SaWlexO2er+k5XkK116g
K0Hs2L4lUwqAiDK8Ibm0ski5qbikr8v+SHcCgl6doU47Enw2XAXsOAUMdZF/w7IS
wHaxSDWfHurhoWdfg0irOZWtArSbQlGJK2idO0CxQh0dPDqQl3s5GK3y3Z8eWVqm
+JtHzZI+bGKEDMyFr1+0lCZn+wQ0hujt/ouYjIzrsVN81kDd6YUeKmWkNQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFABNjYSCnZ+Q7vctUQuxizQ0C79MMB8GA1UdIwQY
MBaAFD6pnwAAC+658bKFS6UOx7iBJtupMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFtZkFBQUw3cm54c29WTHBRN0h1SUVtMjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS81ODFlNjgtNGQ0NS00MGViLTg5ZDkt
ODgxNmZiYThiZTEyLzEvQUUyTmhJS2RuNUR1OXkxUkM3R0xORFFMdjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS81ODFlNjgtNGQ0NS00MGViLTg5ZDktODgxNmZiYThiZTEy
LzEvUHFtZkFBQUw3cm54c29WTHBRN0h1SUVtMjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgv1ADAN
BgkqhkiG9w0BAQsFAAOCAQEACzCP7f5LPZzvJpMISJfdUT+rFNvvbZrDMl5ox9rD
dvHL1PYLv1Q+RvKDGjOrqWxuY223RhAtLTuLuXZ0RLv10zDoFpsOI5GH+GfkG/g1
ep4OE/SSV+qlL6a6228KVrNu2bf8LxCfQDRfeVg9p1N7+Xc8PM8UsYlX60FOuvMV
vkb9NtrDtOQ9gPdJm9naq64pMQ41D0324d9lcFUDVXCsOKLBuowLly1FcDx1ZHEm
gE9/7CEdxfwYeWLAlFJykvERt2mcZ9ILJY2QaXGcNIW50jme7ruCvT2Pis8M/5cv
XbFvi3kcc3slFLQ4MmVfvv6C4tz42EBUDfKtanHR+mrrtQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:25 2025 by rpki-client