Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/vB7ipblwR3tjunLxnzqaVKv16AQ.roa
File: vB7ipblwR3tjunLxnzqaVKv16AQ.roa (raw, json)
Hash identifier: 7Rx10vNvsKOYI1tD6KOeNhfws/V6ToDBWupmItSiaI8=
Subject key identifier: BC:1E:E2:A5:B9:70:47:7B:63:BA:72:F1:9F:3A:9A:54:AB:F5:E8:04
Certificate issuer: /CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Certificate serial: 01857321F98D147F42874D7874AA05F9EBF7
Authority key identifier: C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/vB7ipblwR3tjunLxnzqaVKv16AQ.roa
Signing time: Mon 02 Jan 2023 15:38:04 +0000
ROA not before: Mon 02 Jan 2023 15:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38937
IP address blocks: 2a03:6100:6100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:f9:8d:14:7f:42:87:4d:78:74:aa:05:f9:eb:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Validity
Not Before: Jan 2 15:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc1ee2a5b970477b63ba72f19f3a9a54abf5e804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a8:22:6f:86:64:e9:3a:43:a9:6f:5c:c8:06:
a6:8e:bc:41:03:8c:f5:1b:68:97:22:cc:10:11:55:
56:9a:c3:50:72:e6:50:0d:f6:9d:35:30:f4:e2:ec:
48:38:5b:ab:09:a6:8c:2b:91:35:63:e0:f7:6f:7f:
34:e4:91:f2:d9:51:46:3c:88:e9:a9:b1:fb:fd:54:
8d:fd:9a:60:2e:16:0c:06:96:6a:8b:f9:06:6a:21:
bd:7d:6b:27:49:5a:56:eb:81:20:9d:7c:3f:13:f3:
52:29:4c:02:d0:bf:1c:2a:0b:4f:ac:47:cc:04:8e:
af:23:58:c8:70:64:ba:d1:71:3f:dd:e9:c0:97:c9:
de:77:bc:10:29:8e:ff:81:1e:e9:fe:d6:ee:56:5c:
a8:bc:0d:45:2b:2f:2f:f6:34:3a:b4:64:14:57:9b:
77:47:3a:b6:b0:ed:4a:63:27:a5:0a:31:33:e9:4f:
34:1c:6a:0c:aa:d3:65:d8:e1:db:52:43:5d:93:06:
8d:2f:e4:4d:1c:f8:fb:7e:ea:a3:0f:6d:26:8d:3b:
d8:a2:ec:b9:d9:5b:53:a0:4b:01:e7:f4:3d:83:0c:
81:d3:de:6e:b7:2a:82:b3:ec:c5:b7:78:49:5c:ca:
df:1b:d8:e9:c7:2b:6a:4c:d1:d0:1d:8e:f6:cb:e5:
33:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1E:E2:A5:B9:70:47:7B:63:BA:72:F1:9F:3A:9A:54:AB:F5:E8:04
X509v3 Authority Key Identifier:
keyid:C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/vB7ipblwR3tjunLxnzqaVKv16AQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/wk1b087qqweGzhUaMXja3BB78oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:6100:6100::/48
Signature Algorithm: sha256WithRSAEncryption
52:2c:fd:64:df:9f:3e:33:c2:bd:e2:c1:79:d8:1d:45:53:5b:
50:53:54:02:29:b9:98:08:bd:7f:80:cb:ca:43:0a:a3:f8:28:
86:1d:44:0d:22:d6:03:71:99:d4:47:c9:cc:7f:ca:bc:92:d5:
d9:88:60:54:f1:a2:da:6b:18:2b:08:f5:d4:67:e1:04:fa:f6:
c9:2d:7c:9c:1e:4c:5c:70:81:e9:5a:f1:aa:dd:72:ae:e4:af:
d2:86:22:75:d3:7e:ac:e9:1a:73:1d:63:ab:ab:e7:63:16:d8:
10:d0:18:ed:16:5a:bd:71:4f:6e:86:a3:d9:f8:49:ec:1b:f3:
e5:d1:59:2d:39:65:3e:75:79:23:4b:65:23:ec:06:eb:a5:6b:
84:a1:7c:a8:6d:5d:eb:ce:b6:ad:5e:ac:50:25:c7:3f:0a:77:
a2:10:2c:0b:12:7a:26:76:bd:a3:fa:fb:d1:d7:56:ec:66:3d:
23:90:01:1f:09:95:83:e8:dd:7c:0c:81:9a:39:63:11:39:f6:
ff:6e:5d:31:41:7a:d1:5a:9e:72:20:d1:a4:10:7e:79:66:ef:
19:88:46:77:b6:a0:61:22:17:88:ce:3c:08:d0:64:b4:d9:f6:
29:7d:75:c3:ba:ef:d3:9d:f4:78:5f:1f:c0:22:9c:c2:33:95:
a8:63:40:9f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzIfmNFH9Ch014dKoF+ev3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNGQ1YmQzY2VlYWFiMDc4NmNlMTUxYTMxNzhkYWRjMTA3
YmYyODAwHhcNMjMwMTAyMTUzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFlZTJhNWI5NzA0NzdiNjNiYTcyZjE5ZjNhOWE1NGFiZjVlODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqgib4Zk6TpDqW9cyAamjrxBA4z1
G2iXIswQEVVWmsNQcuZQDfadNTD04uxIOFurCaaMK5E1Y+D3b3805JHy2VFGPIjp
qbH7/VSN/ZpgLhYMBpZqi/kGaiG9fWsnSVpW64EgnXw/E/NSKUwC0L8cKgtPrEfM
BI6vI1jIcGS60XE/3enAl8ned7wQKY7/gR7p/tbuVlyovA1FKy8v9jQ6tGQUV5t3
Rzq2sO1KYyelCjEz6U80HGoMqtNl2OHbUkNdkwaNL+RNHPj7fuqjD20mjTvYouy5
2VtToEsB5/Q9gwyB095utyqCs+zFt3hJXMrfG9jpxytqTNHQHY72y+UzewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLwe4qW5cEd7Y7py8Z86mlSr9egEMB8GA1UdIwQY
MBaAFMJNW9PO6qsHhs4VGjF42twQe/KAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEt
NDFkODIzMjlmMjZkLzEvdkI3aXBibHdSM3RqdW5MeG56cWFWS3YxNkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEtNDFkODIzMjlmMjZk
LzEvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNhAGEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBSLP1k358+M8K94sF52B1FU1tQU1QCKbmYCL1/
gMvKQwqj+CiGHUQNItYDcZnUR8nMf8q8ktXZiGBU8aLaaxgrCPXUZ+EE+vbJLXyc
HkxccIHpWvGq3XKu5K/ShiJ1036s6RpzHWOrq+djFtgQ0BjtFlq9cU9uhqPZ+Ens
G/Pl0VktOWU+dXkjS2Uj7AbrpWuEoXyobV3rzratXqxQJcc/CneiECwLEnomdr2j
+vvR11bsZj0jkAEfCZWD6N18DIGaOWMROfb/bl0xQXrRWp5yINGkEH55Zu8ZiEZ3
tqBhIheIzjwI0GS02fYpfXXDuu/TnfR4Xx/AIpzCM5WoY0Cf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:41 2025 by rpki-client