Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/iIREspu3zISHpfv2h3oYGJvG0EY.roa
File: iIREspu3zISHpfv2h3oYGJvG0EY.roa (raw, json)
Hash identifier: YxvljgxT9ubD+MT9ykCMarzLvRv/x8skaP1BmOg+cx8=
Subject key identifier: 88:84:44:B2:9B:B7:CC:84:87:A5:FB:F6:87:7A:18:18:9B:C6:D0:46
Certificate issuer: /CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Certificate serial: 0184F6E73E18388136CC5670C5A0E27DBB86
Authority key identifier: C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/iIREspu3zISHpfv2h3oYGJvG0EY.roa
Signing time: Fri 09 Dec 2022 12:41:00 +0000
ROA not before: Fri 09 Dec 2022 12:41:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38937
IP address blocks: 2a03:6100:6100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:e7:3e:18:38:81:36:cc:56:70:c5:a0:e2:7d:bb:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Validity
Not Before: Dec 9 12:41:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=888444b29bb7cc8487a5fbf6877a18189bc6d046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5c:a9:a4:ed:ec:f6:8e:24:cb:8f:c0:cf:48:
97:60:ac:12:b6:bf:ba:bf:91:19:35:14:0f:ea:34:
f2:f1:4a:59:10:b4:68:0c:bf:52:f0:42:6d:36:40:
c4:d8:37:9f:6e:27:bb:86:ef:5b:9a:fe:36:e1:12:
0a:03:1c:aa:c9:dc:55:9b:1c:5c:dd:80:a1:15:0f:
d7:96:b8:c9:8e:60:98:06:e8:56:13:ec:ad:ca:db:
0f:b9:cd:b6:53:1b:d0:ab:07:f2:8f:43:1b:06:cf:
09:2b:6d:71:59:1c:33:1d:b0:21:29:38:bb:83:22:
01:66:dd:fa:85:04:8d:39:a2:69:74:1c:35:d2:f7:
b7:58:b8:c6:ee:ea:a7:e0:50:c4:f4:65:48:a4:19:
ba:26:ed:c4:b8:93:fa:1b:a2:2c:00:9d:d4:db:2d:
88:e5:4a:71:15:0d:68:e2:50:1b:00:e4:81:17:81:
4b:13:5f:fa:4e:dc:c5:8e:3d:47:bb:81:7e:e1:91:
96:7c:3c:41:89:e2:26:2f:fc:2d:90:fb:d1:1d:83:
08:c8:68:3d:ca:03:4d:c7:89:e8:c5:54:9b:a6:14:
be:c4:78:e1:0a:44:89:3b:fe:eb:a9:d9:e9:13:ab:
da:61:d1:22:48:a6:be:d5:71:3e:68:f2:94:63:7b:
01:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:84:44:B2:9B:B7:CC:84:87:A5:FB:F6:87:7A:18:18:9B:C6:D0:46
X509v3 Authority Key Identifier:
keyid:C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/iIREspu3zISHpfv2h3oYGJvG0EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/wk1b087qqweGzhUaMXja3BB78oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:6100:6100::/48
Signature Algorithm: sha256WithRSAEncryption
38:90:d9:aa:60:86:28:fe:8d:b8:b7:53:27:22:1f:e3:03:10:
72:e8:a0:72:cd:41:8d:9f:7b:98:78:f2:da:14:90:5b:59:aa:
c2:83:01:05:dc:08:bb:a7:a2:05:2a:bd:30:ce:77:6c:1d:ea:
67:cf:47:eb:53:19:27:bb:ab:4e:71:74:01:42:c0:7d:c1:07:
a1:e8:08:32:b6:e0:ab:75:50:af:fc:a2:45:04:eb:af:61:8c:
10:08:42:ab:8c:b0:ae:b4:f0:76:16:40:59:b9:4e:b3:66:70:
3a:d0:b9:b0:9a:b0:bf:96:0c:d8:e6:87:95:ba:3a:31:b3:d8:
aa:ec:ff:f0:71:cb:41:74:de:7d:35:c4:e4:ac:be:d2:9a:18:
bd:b8:4c:ec:7d:3a:54:a0:34:00:00:6d:9a:44:20:6d:a9:66:
d7:e6:54:3e:46:16:78:02:a5:5e:51:2a:c6:9a:65:22:e6:bb:
26:6a:ac:01:34:0b:78:80:4c:cc:90:12:d2:53:3a:a6:b0:74:
a0:b4:60:f4:bd:55:17:79:ba:bc:63:5e:b9:49:81:7c:25:04:
14:0a:54:4f:75:1b:53:5e:eb:02:af:3d:25:d6:de:b7:9e:56:
32:77:91:48:32:13:ad:eb:bc:9c:bb:f1:8b:58:ea:19:71:e8:
88:ae:87:c6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYT25z4YOIE2zFZwxaDifbuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNGQ1YmQzY2VlYWFiMDc4NmNlMTUxYTMxNzhkYWRjMTA3
YmYyODAwHhcNMjIxMjA5MTI0MTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODg0NDRiMjliYjdjYzg0ODdhNWZiZjY4NzdhMTgxODliYzZkMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFyppO3s9o4ky4/Az0iXYKwStr+6
v5EZNRQP6jTy8UpZELRoDL9S8EJtNkDE2Defbie7hu9bmv424RIKAxyqydxVmxxc
3YChFQ/XlrjJjmCYBuhWE+ytytsPuc22UxvQqwfyj0MbBs8JK21xWRwzHbAhKTi7
gyIBZt36hQSNOaJpdBw10ve3WLjG7uqn4FDE9GVIpBm6Ju3EuJP6G6IsAJ3U2y2I
5UpxFQ1o4lAbAOSBF4FLE1/6TtzFjj1Hu4F+4ZGWfDxBieImL/wtkPvRHYMIyGg9
ygNNx4noxVSbphS+xHjhCkSJO/7rqdnpE6vaYdEiSKa+1XE+aPKUY3sBJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIiERLKbt8yEh6X79od6GBibxtBGMB8GA1UdIwQY
MBaAFMJNW9PO6qsHhs4VGjF42twQe/KAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEt
NDFkODIzMjlmMjZkLzEvaUlSRXNwdTN6SVNIcGZ2Mmgzb1lHSnZHMEVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEtNDFkODIzMjlmMjZk
LzEvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNhAGEA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4kNmqYIYo/o24t1MnIh/jAxBy6KByzUGNn3uY
ePLaFJBbWarCgwEF3Ai7p6IFKr0wzndsHepnz0frUxknu6tOcXQBQsB9wQeh6Agy
tuCrdVCv/KJFBOuvYYwQCEKrjLCutPB2FkBZuU6zZnA60LmwmrC/lgzY5oeVujox
s9iq7P/wcctBdN59NcTkrL7Smhi9uEzsfTpUoDQAAG2aRCBtqWbX5lQ+RhZ4AqVe
USrGmmUi5rsmaqwBNAt4gEzMkBLSUzqmsHSgtGD0vVUXebq8Y165SYF8JQQUClRP
dRtTXusCrz0l1t63nlYyd5FIMhOt67ycu/GLWOoZceiIrofG
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:33 2025 by rpki-client