Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/oVOsXy4qZ6GH8vh4ntaw6_lfdDE.roa
File: oVOsXy4qZ6GH8vh4ntaw6_lfdDE.roa (raw, json)
Hash identifier: cCeNDJRcMguLhQnswgJc9dUCwZkq6D4lyRU0d5qYWPU=
Subject key identifier: A1:53:AC:5F:2E:2A:67:A1:87:F2:F8:78:9E:D6:B0:EB:F9:5F:74:31
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01882345FD082156C655C1CB5ABEF6631363
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/oVOsXy4qZ6GH8vh4ntaw6_lfdDE.roa
Signing time: Tue 16 May 2023 06:36:09 +0000
ROA not before: Tue 16 May 2023 06:36:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 2a0d:4180::/29 maxlen: 29
2a0e:2b00::/29 maxlen: 29
2a10:9c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:23:45:fd:08:21:56:c6:55:c1:cb:5a:be:f6:63:13:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: May 16 06:36:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a153ac5f2e2a67a187f2f8789ed6b0ebf95f7431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:53:8f:7f:dc:5e:12:0d:b6:cc:26:bd:04:3d:
46:6f:64:fc:d2:a3:b1:7c:bd:01:a7:32:ef:29:cf:
a5:7f:8b:43:ef:93:9a:b6:23:bb:65:bf:51:71:4a:
ab:46:08:83:46:ab:2b:c6:c8:63:4e:11:a7:99:8f:
27:46:fe:14:60:98:8b:df:7b:db:ab:31:46:cb:5d:
44:b2:db:ac:88:15:76:41:ff:17:6f:fe:1b:92:45:
c3:ba:b0:c5:9c:ec:fd:f2:e9:e3:8d:f8:cf:fc:ee:
14:08:9e:5c:c6:aa:d0:51:32:be:7a:5c:f2:9e:e4:
d4:1e:00:b6:73:2f:b8:af:6e:38:e8:3c:b5:68:70:
bb:6f:25:06:b7:18:a8:b8:88:7d:9d:3e:69:be:26:
fa:62:c8:0d:bf:de:e1:38:10:bc:45:e2:0b:a5:86:
d4:92:71:47:36:fe:ca:a9:04:6d:8e:44:e2:25:0c:
f5:18:1f:ec:96:e3:91:f7:24:5d:23:f9:90:4b:9b:
0f:49:cd:b2:d3:2e:6c:ae:54:e1:b9:67:35:ff:64:
63:18:1c:d9:e7:eb:19:4a:f3:6b:89:39:c3:ce:91:
22:97:1f:ef:36:42:85:2c:b0:58:8d:60:b8:95:90:
10:40:34:02:e9:8e:0a:f6:94:24:2a:1e:5f:79:17:
74:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:53:AC:5F:2E:2A:67:A1:87:F2:F8:78:9E:D6:B0:EB:F9:5F:74:31
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/oVOsXy4qZ6GH8vh4ntaw6_lfdDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:4180::/29
2a0e:2b00::/29
2a10:9c0::/29
Signature Algorithm: sha256WithRSAEncryption
26:e0:ba:ea:22:bc:0a:e5:cb:34:b1:8c:fc:9b:59:86:39:f9:
36:99:7a:3e:c6:88:4a:ff:e4:46:f7:22:2a:d5:a9:bc:28:61:
98:07:6a:52:c9:39:50:d1:46:3b:d7:6a:6b:dc:54:08:be:3e:
e2:5f:45:a2:ba:de:34:f7:c5:da:70:f0:cb:60:8e:97:fa:16:
78:09:25:6f:11:af:55:5b:11:5c:43:da:ea:76:84:79:4f:d3:
2c:6b:de:9e:38:a3:cb:04:60:c4:72:0b:aa:5b:5c:8b:d2:cd:
13:de:d6:9f:96:ad:ab:85:26:fc:c3:2c:bf:9f:e8:ff:0f:57:
72:60:42:f4:71:e6:74:bc:46:d4:ff:f5:6d:fd:d3:b3:49:e9:
56:5e:0a:9a:d2:4e:27:d1:c8:7d:81:14:c5:c3:37:2c:06:c6:
f4:ec:61:dd:66:3c:54:75:27:02:e5:db:05:7f:3d:60:91:04:
9e:1d:20:3a:5b:f9:e4:ec:a0:80:5c:57:b8:b6:7e:8f:3a:cc:
bd:69:87:d4:19:33:3a:f2:d3:00:59:5d:75:9d:fd:33:bb:9a:
c9:b7:e6:38:be:22:f8:0c:ca:26:7b:94:1a:7d:38:94:4e:42:
40:80:a2:fd:7c:e8:97:58:58:68:4a:9e:c2:66:35:40:2b:f2:
a3:40:be:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgjRf0IIVbGVcHLWr72YxNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMwNTE2MDYzNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTUzYWM1ZjJlMmE2N2ExODdmMmY4Nzg5ZWQ2YjBlYmY5NWY3NDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplOPf9xeEg22zCa9BD1Gb2T80qOx
fL0BpzLvKc+lf4tD75OatiO7Zb9RcUqrRgiDRqsrxshjThGnmY8nRv4UYJiL33vb
qzFGy11EstusiBV2Qf8Xb/4bkkXDurDFnOz98unjjfjP/O4UCJ5cxqrQUTK+elzy
nuTUHgC2cy+4r2446Dy1aHC7byUGtxiouIh9nT5pvib6YsgNv97hOBC8ReILpYbU
knFHNv7KqQRtjkTiJQz1GB/sluOR9yRdI/mQS5sPSc2y0y5srlThuWc1/2RjGBzZ
5+sZSvNriTnDzpEilx/vNkKFLLBYjWC4lZAQQDQC6Y4K9pQkKh5feRd0WwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKFTrF8uKmehh/L4eJ7WsOv5X3QxMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvb1ZPc1h5NHFaNkdIOHZoNG50YXc2X2xmZERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg1BgAMF
AyoOKwADBQMqEAnAMA0GCSqGSIb3DQEBCwUAA4IBAQAm4LrqIrwK5cs0sYz8m1mG
Ofk2mXo+xohK/+RG9yIq1am8KGGYB2pSyTlQ0UY712pr3FQIvj7iX0Wiut4098Xa
cPDLYI6X+hZ4CSVvEa9VWxFcQ9rqdoR5T9Msa96eOKPLBGDEcguqW1yL0s0T3taf
lq2rhSb8wyy/n+j/D1dyYEL0ceZ0vEbU//Vt/dOzSelWXgqa0k4n0ch9gRTFwzcs
Bsb07GHdZjxUdScC5dsFfz1gkQSeHSA6W/nk7KCAXFe4tn6POsy9aYfUGTM68tMA
WV11nf0zu5rJt+Y4viL4DMome5QafTiUTkJAgKL9fOiXWFhoSp7CZjVAK/KjQL6R
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:21 2025 by rpki-client