Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/p5kePVjvkry7r6R0ih8O9Rrch1U.roa
File: p5kePVjvkry7r6R0ih8O9Rrch1U.roa (raw, json)
Hash identifier: AfQeZwsIqHJHdNZM1wWXvGPKmAse33ubkxXjohZyos8=
Subject key identifier: A7:99:1E:3D:58:EF:92:BC:BB:AF:A4:74:8A:1F:0E:F5:1A:DC:87:55
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 018BFC3FCDC56F46079854B925A00B567E28
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/p5kePVjvkry7r6R0ih8O9Rrch1U.roa
Signing time: Thu 23 Nov 2023 12:55:21 +0000
ROA not before: Thu 23 Nov 2023 12:55:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 2a05:63c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:3f:cd:c5:6f:46:07:98:54:b9:25:a0:0b:56:7e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Nov 23 12:55:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7991e3d58ef92bcbbafa4748a1f0ef51adc8755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c0:37:54:54:3f:02:4d:96:92:75:ba:18:ce:
7e:dc:9d:35:a8:06:87:88:51:70:1e:c5:f2:7f:64:
86:9b:75:a0:60:db:67:97:25:3b:c9:8b:ab:34:3e:
f9:b0:2f:a5:fc:64:80:97:38:27:f3:bd:ae:fa:3c:
90:f0:b7:1d:4f:32:aa:d1:19:d6:70:ed:8f:26:3e:
b2:63:24:b2:15:be:f5:29:3e:84:58:dd:95:59:de:
f1:e7:8f:5b:43:29:c8:fe:29:8e:4a:f7:77:91:03:
09:1b:bb:13:50:ec:64:c3:3a:d4:7d:a5:95:5f:fc:
6c:ce:a4:d6:b0:c3:38:21:db:92:96:5d:d8:cd:cf:
e4:25:85:d2:34:15:a0:63:88:1c:72:2d:c4:34:3a:
51:22:6b:86:94:ac:06:68:68:05:9c:98:54:18:04:
26:10:0b:05:89:14:ff:43:77:11:b1:c1:b8:05:15:
2c:a1:3a:97:33:f9:4e:d8:20:03:89:0d:95:48:bc:
58:bb:a5:12:6b:bd:3e:e7:62:b4:cc:e6:cd:0f:cf:
f7:5f:9b:52:8c:e7:e5:22:19:74:eb:7f:dd:9f:5b:
2b:70:4b:64:a2:82:c1:67:87:1d:3c:9f:e2:b6:03:
0c:94:3e:61:bc:4f:4f:9e:f5:b0:89:35:d1:e1:de:
76:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:99:1E:3D:58:EF:92:BC:BB:AF:A4:74:8A:1F:0E:F5:1A:DC:87:55
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/p5kePVjvkry7r6R0ih8O9Rrch1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:bd:40:69:35:d6:eb:a9:a7:45:c2:34:bd:23:71:ae:a0:fc:
ee:d4:aa:95:e4:87:14:b4:a2:05:d6:ba:97:c6:44:a2:77:0a:
82:0c:e5:9f:69:66:fd:22:d0:2b:62:55:97:d2:24:7d:33:f4:
1f:b6:f0:47:a2:78:96:f8:04:52:bc:ca:8b:1c:f5:f7:fd:dc:
46:d4:dc:9c:08:e5:ce:0b:31:71:41:d1:8e:ac:d0:31:37:4b:
50:95:fb:63:0a:aa:a4:fa:b9:e9:89:f3:89:f8:bf:96:8d:8a:
75:43:08:a8:95:ec:5c:5a:fc:5d:f0:4c:db:42:88:1e:4f:29:
c7:ee:0f:07:44:b1:1e:3b:64:56:69:50:71:0e:dd:88:a6:2b:
c9:ed:46:59:6a:b4:e4:40:11:c0:cb:a7:4b:53:0a:11:2f:a0:
36:f9:f7:b0:22:cb:a9:50:5b:b7:e5:78:d5:41:eb:85:07:f0:
7d:91:6f:89:62:56:ed:92:48:71:aa:67:9b:c3:52:3c:f4:f8:
7d:c0:dd:8d:62:ef:f1:fc:55:b4:58:d9:89:ad:4e:e4:e1:00:
29:3d:c8:ed:68:72:34:49:e0:34:c9:a6:57:57:7f:dd:41:64:
6f:22:6b:ee:a6:fe:ad:57:8c:72:0d:d8:9a:62:eb:45:70:46:
a4:b6:18:f1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYv8P83Fb0YHmFS5JaALVn4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjMxMTIzMTI1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzk5MWUzZDU4ZWY5MmJjYmJhZmE0NzQ4YTFmMGVmNTFhZGM4NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocA3VFQ/Ak2WknW6GM5+3J01qAaH
iFFwHsXyf2SGm3WgYNtnlyU7yYurND75sC+l/GSAlzgn872u+jyQ8LcdTzKq0RnW
cO2PJj6yYySyFb71KT6EWN2VWd7x549bQynI/imOSvd3kQMJG7sTUOxkwzrUfaWV
X/xszqTWsMM4IduSll3Yzc/kJYXSNBWgY4gcci3ENDpRImuGlKwGaGgFnJhUGAQm
EAsFiRT/Q3cRscG4BRUsoTqXM/lO2CADiQ2VSLxYu6USa70+52K0zObND8/3X5tS
jOflIhl063/dn1srcEtkooLBZ4cdPJ/itgMMlD5hvE9PnvWwiTXR4d52vwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKeZHj1Y75K8u6+kdIofDvUa3IdVMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvcDVrZVBWanZrcnk3cjZSMGloOE85UnJjaDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgVjwDAN
BgkqhkiG9w0BAQsFAAOCAQEAfr1AaTXW66mnRcI0vSNxrqD87tSqleSHFLSiBda6
l8ZEoncKggzln2lm/SLQK2JVl9IkfTP0H7bwR6J4lvgEUrzKixz19/3cRtTcnAjl
zgsxcUHRjqzQMTdLUJX7YwqqpPq56Ynzifi/lo2KdUMIqJXsXFr8XfBM20KIHk8p
x+4PB0SxHjtkVmlQcQ7diKYrye1GWWq05EARwMunS1MKES+gNvn3sCLLqVBbt+V4
1UHrhQfwfZFviWJW7ZJIcapnm8NSPPT4fcDdjWLv8fxVtFjZia1O5OEAKT3I7Why
NEngNMmmV1d/3UFkbyJr7qb+rVeMcg3YmmLrRXBGpLYY8Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:27 2025 by rpki-client