Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/_5UF_3bPsoKJlS1Cu2s8JwAitlg.roa
File: _5UF_3bPsoKJlS1Cu2s8JwAitlg.roa (raw, json)
Hash identifier: qxSo6w7rUjZZEuKSdjpLpWWFiF8m997bksGCK/xFNnE=
Subject key identifier: FF:95:05:FF:76:CF:B2:82:89:95:2D:42:BB:6B:3C:27:00:22:B6:58
Certificate issuer: /CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Certificate serial: 01856DDD46E81909E89BFFF62FE085CC7F2C
Authority key identifier: A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/_5UF_3bPsoKJlS1Cu2s8JwAitlg.roa
Signing time: Sun 01 Jan 2023 15:04:56 +0000
ROA not before: Sun 01 Jan 2023 15:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9201
IP address blocks: 2001:1405::/32 maxlen: 32
2001:1400:ffee::/48 maxlen: 48
2001:1407::/32 maxlen: 32
2001:1400::/29 maxlen: 29
2001:1401::/32 maxlen: 32
2001:1406::/32 maxlen: 32
2001:1404::/32 maxlen: 32
2001:1402::/32 maxlen: 32
2001:1403::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:46:e8:19:09:e8:9b:ff:f6:2f:e0:85:cc:7f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Validity
Not Before: Jan 1 15:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff9505ff76cfb28289952d42bb6b3c270022b658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:10:e1:f7:46:e7:cd:f5:86:25:de:ea:3b:06:
9c:30:bc:29:9b:4c:5b:fd:48:87:3d:b8:95:c4:fc:
e0:e2:68:03:eb:38:f8:7a:22:b7:f1:27:a9:04:ea:
09:84:5f:bc:20:e7:02:22:9c:ba:fb:04:8d:c2:f9:
f9:4c:7c:f4:0e:05:92:2e:5a:b8:56:fc:ee:cd:8c:
e8:e9:dd:ee:20:16:3e:a6:fe:81:3d:d9:96:c2:22:
52:d6:ce:c8:db:f2:6f:64:8f:37:03:96:18:50:7e:
da:67:ed:0c:72:d7:5e:d7:ba:a0:18:41:5e:ae:81:
41:4f:6b:1e:77:0c:27:c3:5a:cb:fc:d6:60:08:57:
64:94:00:cd:36:51:a0:90:61:c5:13:8f:cb:54:ed:
66:c1:51:a7:d0:50:80:b9:47:e1:de:b3:58:54:56:
03:a7:7f:83:d9:6a:a8:1f:28:14:fd:08:8f:e1:5a:
a1:70:6e:a1:92:8b:ae:cb:a8:bb:37:8e:30:15:ba:
ad:55:d5:f3:0a:68:4d:ab:05:7a:be:c6:9c:fb:bf:
73:98:c8:2a:b4:39:e8:5c:3a:97:02:e3:a8:1b:61:
75:c7:85:20:1d:c5:d3:dc:4b:67:ce:d7:77:43:7f:
8e:2a:11:74:7a:64:5d:b9:79:1c:fb:5d:e2:ab:74:
ad:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:95:05:FF:76:CF:B2:82:89:95:2D:42:BB:6B:3C:27:00:22:B6:58
X509v3 Authority Key Identifier:
keyid:A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/_5UF_3bPsoKJlS1Cu2s8JwAitlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/qCybwtLaz9bxMNhahP7eq_F5pWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1400::/29
Signature Algorithm: sha256WithRSAEncryption
52:0f:8f:f0:33:10:55:41:58:82:79:f6:bd:78:af:04:03:13:
92:9e:e8:df:91:80:ee:b4:32:ab:65:53:d0:97:22:f6:2a:cc:
59:55:73:69:00:27:f3:ff:d8:fd:e6:f9:0f:84:2b:65:e5:94:
8a:35:18:a6:4b:5a:88:cb:ab:83:5a:5e:f4:fd:15:fd:e6:b3:
57:49:ca:f8:fc:88:39:60:1e:c1:a2:47:25:ea:a2:f2:aa:43:
73:95:ac:d1:be:0e:80:8e:7f:20:34:53:da:6f:f0:ba:8a:95:
b3:b9:02:f5:e4:fd:07:88:e2:64:a6:87:d2:ea:fb:7d:d3:c6:
6d:47:fa:6d:7a:a8:1a:d2:83:8b:09:f7:5d:c8:50:1e:92:da:
27:82:04:53:d6:81:81:f1:90:4a:bf:50:68:a7:d9:2f:b9:f2:
75:c1:19:a6:48:47:e1:58:59:f8:5c:bc:18:51:e3:f3:21:dd:
3f:49:8d:08:a1:e5:a1:88:8f:db:9b:5c:64:e8:3a:2c:43:61:
1a:09:7b:23:8a:eb:72:42:17:6c:78:57:b0:ab:81:1c:92:69:
c8:a1:8c:11:d7:32:2e:7d:68:46:14:14:87:62:b8:86:8e:83:
96:d7:19:47:d0:73:1e:f0:ad:70:fc:9f:3d:96:91:fd:c2:0a:
a6:cb:82:d6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVt3UboGQnom//2L+CFzH8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MmM5YmMyZDJkYWNmZDZmMTMwZDg1YTg0ZmVkZWFiZjE3
OWE1NjcwHhcNMjMwMTAxMTUwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjk1MDVmZjc2Y2ZiMjgyODk5NTJkNDJiYjZiM2MyNzAwMjJiNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBDh90bnzfWGJd7qOwacMLwpm0xb
/UiHPbiVxPzg4mgD6zj4eiK38SepBOoJhF+8IOcCIpy6+wSNwvn5THz0DgWSLlq4
VvzuzYzo6d3uIBY+pv6BPdmWwiJS1s7I2/JvZI83A5YYUH7aZ+0Mctde17qgGEFe
roFBT2sedwwnw1rL/NZgCFdklADNNlGgkGHFE4/LVO1mwVGn0FCAuUfh3rNYVFYD
p3+D2WqoHygU/QiP4VqhcG6hkouuy6i7N44wFbqtVdXzCmhNqwV6vsac+79zmMgq
tDnoXDqXAuOoG2F1x4UgHcXT3Etnztd3Q3+OKhF0emRduXkc+13iq3StNwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFP+VBf92z7KCiZUtQrtrPCcAIrZYMB8GA1UdIwQY
MBaAFKgsm8LS2s/W8TDYWoT+3qvxeaVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUN5Ynd0TGF6OWJ4TU5oYWhQN2VxX0Y1cFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYjkxODUtNDBiNS00OTBiLTlhZjgt
NTVjMTQwYzlmNTRmLzEvXzVVRl8zYlBzb0tKbFMxQ3UyczhKd0FpdGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYjkxODUtNDBiNS00OTBiLTlhZjgtNTVjMTQwYzlmNTRm
LzEvcUN5Ynd0TGF6OWJ4TU5oYWhQN2VxX0Y1cFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAEUADAN
BgkqhkiG9w0BAQsFAAOCAQEAUg+P8DMQVUFYgnn2vXivBAMTkp7o35GA7rQyq2VT
0Jci9irMWVVzaQAn8//Y/eb5D4QrZeWUijUYpktaiMurg1pe9P0V/eazV0nK+PyI
OWAewaJHJeqi8qpDc5Ws0b4OgI5/IDRT2m/wuoqVs7kC9eT9B4jiZKaH0ur7fdPG
bUf6bXqoGtKDiwn3XchQHpLaJ4IEU9aBgfGQSr9QaKfZL7nydcEZpkhH4VhZ+Fy8
GFHj8yHdP0mNCKHloYiP25tcZOg6LENhGgl7I4rrckIXbHhXsKuBHJJpyKGMEdcy
Ln1oRhQUh2K4ho6DltcZR9BzHvCtcPyfPZaR/cIKpsuC1g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:16 2025 by rpki-client