Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/l_pnSnDNIg7Z7p9kJZHPUTM2ZEQ.roa
File: l_pnSnDNIg7Z7p9kJZHPUTM2ZEQ.roa (raw, json)
Hash identifier: 59NnywH/uc/rZTXL+XP1uCPxPdHLOIuuzE89Y1K2W7c=
Subject key identifier: 97:FA:67:4A:70:CD:22:0E:D9:EE:9F:64:25:91:CF:51:33:36:64:44
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01859862A17ACFF14CB673D81EF1B473AA03
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/l_pnSnDNIg7Z7p9kJZHPUTM2ZEQ.roa
Signing time: Mon 09 Jan 2023 21:14:38 +0000
ROA not before: Mon 09 Jan 2023 21:14:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50058
IP address blocks: 2a09:7240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:98:62:a1:7a:cf:f1:4c:b6:73:d8:1e:f1:b4:73:aa:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 9 21:14:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97fa674a70cd220ed9ee9f642591cf5133366444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:03:38:09:e6:51:30:75:bd:ff:39:2e:a8:38:
06:56:51:4d:41:1a:56:58:0c:9b:58:4c:e6:83:8d:
bf:98:88:83:1a:17:42:64:64:16:6a:0c:4b:e2:b0:
48:1a:5f:89:f1:88:6a:56:af:5e:60:87:70:1d:2c:
15:6b:21:21:bc:61:0e:fa:60:7a:dc:b7:9c:86:57:
2a:f7:11:d3:60:03:bc:bc:5d:13:6d:0b:37:b3:a1:
aa:41:9c:b5:08:c8:3c:8f:1b:5c:11:12:d5:b1:99:
42:b1:c8:60:8f:fe:81:01:76:6e:be:60:30:e8:3a:
ac:2a:53:5e:97:19:fb:2f:50:b9:df:5c:3b:6e:7b:
7d:d5:69:d4:9b:4e:24:e5:af:81:8a:dc:47:eb:4a:
53:40:d2:dd:19:13:e6:83:3f:e1:36:4f:c9:76:3e:
2b:47:9f:51:df:a8:8c:32:b4:c3:4b:b1:fa:87:66:
9e:cf:2b:0f:06:97:7b:aa:a5:48:34:4a:36:79:db:
b0:ae:cf:9c:31:60:7b:b4:fa:30:48:e1:da:2c:59:
23:6a:66:64:83:8f:dc:aa:46:3e:96:d3:78:dd:e8:
c6:14:ea:34:c8:7b:0d:b8:7e:7b:2b:f5:fb:f2:a4:
c5:10:ff:c3:fa:82:68:7d:81:32:a5:f2:db:e6:27:
83:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:FA:67:4A:70:CD:22:0E:D9:EE:9F:64:25:91:CF:51:33:36:64:44
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/l_pnSnDNIg7Z7p9kJZHPUTM2ZEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7240::/29
Signature Algorithm: sha256WithRSAEncryption
71:3b:6f:2c:05:33:17:11:a7:0b:30:ae:22:70:ea:bd:10:7d:
fe:1e:70:9f:f8:7a:83:59:76:96:ec:06:ff:10:99:76:e6:d1:
09:7f:0e:00:74:36:ca:c5:43:88:1f:c4:e2:3a:d1:85:29:9a:
52:c8:8b:8b:b7:c5:6e:2f:cd:5c:6b:c0:55:52:a2:46:b8:e5:
f7:74:02:71:02:7b:9f:bf:52:90:d1:7f:5e:08:96:05:17:52:
3a:27:f1:fa:98:33:1a:7a:fd:dd:17:c3:f4:fb:73:94:b5:59:
09:eb:7e:f5:f2:db:6d:ce:82:3b:1a:86:d3:c1:5d:4c:47:70:
89:87:5c:4f:52:80:e7:41:03:9d:f0:63:e0:d6:92:18:27:7d:
d1:cc:bf:45:05:80:d5:3d:ef:91:a2:24:1b:1d:06:a9:b7:b4:
62:c2:8d:68:18:5c:6c:df:48:64:e3:43:6e:54:42:b3:92:0a:
a6:af:8a:cb:1a:16:e4:f1:08:f3:1b:bc:51:fb:f0:77:64:b5:
0f:df:11:86:77:eb:6d:00:cc:90:a5:6a:37:c4:8c:16:ff:0a:
84:83:2d:b0:41:7c:43:1a:50:84:0f:eb:8c:2a:13:9d:69:e5:
8f:e7:08:f5:1e:28:21:0d:a1:fc:08:e2:9f:ce:1e:23:5c:af:
03:f1:a6:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYWYYqF6z/FMtnPYHvG0c6oDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMwMTA5MjExNDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2ZhNjc0YTcwY2QyMjBlZDllZTlmNjQyNTkxY2Y1MTMzMzY2NDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgM4CeZRMHW9/zkuqDgGVlFNQRpW
WAybWEzmg42/mIiDGhdCZGQWagxL4rBIGl+J8YhqVq9eYIdwHSwVayEhvGEO+mB6
3Lechlcq9xHTYAO8vF0TbQs3s6GqQZy1CMg8jxtcERLVsZlCschgj/6BAXZuvmAw
6DqsKlNelxn7L1C531w7bnt91WnUm04k5a+BitxH60pTQNLdGRPmgz/hNk/Jdj4r
R59R36iMMrTDS7H6h2aezysPBpd7qqVINEo2eduwrs+cMWB7tPowSOHaLFkjamZk
g4/cqkY+ltN43ejGFOo0yHsNuH57K/X78qTFEP/D+oJofYEypfLb5ieDAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJf6Z0pwzSIO2e6fZCWRz1EzNmREMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvbF9wblNuRE5JZzdaN3A5a0paSFBVVE0yWkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKglyQDAN
BgkqhkiG9w0BAQsFAAOCAQEAcTtvLAUzFxGnCzCuInDqvRB9/h5wn/h6g1l2luwG
/xCZdubRCX8OAHQ2ysVDiB/E4jrRhSmaUsiLi7fFbi/NXGvAVVKiRrjl93QCcQJ7
n79SkNF/XgiWBRdSOifx+pgzGnr93RfD9PtzlLVZCet+9fLbbc6COxqG08FdTEdw
iYdcT1KA50EDnfBj4NaSGCd90cy/RQWA1T3vkaIkGx0Gqbe0YsKNaBhcbN9IZOND
blRCs5IKpq+KyxoW5PEI8xu8Ufvwd2S1D98RhnfrbQDMkKVqN8SMFv8KhIMtsEF8
QxpQhA/rjCoTnWnlj+cI9R4oIQ2h/Ajin84eI1yvA/GmrQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:03 2025 by rpki-client