Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/DGWBt0rPkwA4UMBfIpUe_0ZSyGk.roa
File: DGWBt0rPkwA4UMBfIpUe_0ZSyGk.roa (raw, json)
Hash identifier: 5cB2/swPCmT/T++XwRzb+bBQWe0/P8wD4jw+Y7EH1io=
Subject key identifier: 0C:65:81:B7:4A:CF:93:00:38:50:C0:5F:22:95:1E:FF:46:52:C8:69
Certificate issuer: /CN=f3e23abae3cf0b351260d66f32339928fddf2ebb
Certificate serial: 05DF3E53
Authority key identifier: F3:E2:3A:BA:E3:CF:0B:35:12:60:D6:6F:32:33:99:28:FD:DF:2E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8-I6uuPPCzUSYNZvMjOZKP3fLrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/DGWBt0rPkwA4UMBfIpUe_0ZSyGk.roa
Signing time: Wed 04 May 2022 08:43:58 +0000
ROA not before: Wed 04 May 2022 08:43:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208635
IP address blocks: 2a0e:1c40:2000::/48 maxlen: 48
2a0e:1c40:4000::/48 maxlen: 48
2a0e:1c40:1::/48 maxlen: 48
2a0e:1c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98516563 (0x5df3e53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3e23abae3cf0b351260d66f32339928fddf2ebb
Validity
Not Before: May 4 08:43:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c6581b74acf93003850c05f22951eff4652c869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:35:7d:32:2f:62:ef:ad:63:a6:33:18:5e:92:
a5:21:92:71:b2:24:b3:15:9d:84:51:c7:85:e5:0a:
fc:f9:c3:bd:98:a7:e5:2e:22:b6:77:39:fb:2b:02:
49:86:82:62:5a:78:07:56:4e:a1:f3:ca:3a:2c:9c:
02:33:21:96:cb:d4:85:68:12:89:f6:fd:6c:d9:c9:
43:25:75:32:57:f0:1d:b4:27:08:80:e7:0d:db:31:
b5:1b:4f:69:0a:1a:63:46:fc:58:5c:84:49:6f:a7:
69:bb:f0:0d:5c:f6:5f:e0:09:a0:58:8e:12:8c:57:
69:e8:91:c0:14:6b:53:e0:4c:98:64:51:d1:7d:81:
54:56:4f:73:98:5c:19:e2:cb:ea:97:2c:1c:b3:f4:
38:63:c5:b5:87:79:39:dc:81:89:fc:aa:15:85:da:
08:61:de:65:47:d4:38:8d:c2:1d:01:fa:ca:6b:0f:
ab:2a:35:e7:b4:c1:a7:1d:96:96:15:31:33:73:2d:
3a:10:36:eb:3f:6a:21:c4:24:af:b5:cf:c2:b8:36:
b9:40:3b:37:1a:41:45:e9:0a:17:6e:ec:78:5f:00:
39:df:71:64:d8:71:9a:26:61:d7:f7:98:da:66:07:
0c:15:91:18:1e:c9:96:70:d6:96:c3:3f:1b:fe:f1:
f8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:65:81:B7:4A:CF:93:00:38:50:C0:5F:22:95:1E:FF:46:52:C8:69
X509v3 Authority Key Identifier:
keyid:F3:E2:3A:BA:E3:CF:0B:35:12:60:D6:6F:32:33:99:28:FD:DF:2E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8-I6uuPPCzUSYNZvMjOZKP3fLrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/DGWBt0rPkwA4UMBfIpUe_0ZSyGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/8-I6uuPPCzUSYNZvMjOZKP3fLrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c40::/29
Signature Algorithm: sha256WithRSAEncryption
52:c0:00:e3:55:30:89:de:f2:43:23:98:97:e2:f8:cb:c1:bc:
81:f9:dd:2d:3a:fe:0f:a4:0a:ff:04:48:f5:e2:0d:54:c6:f0:
c6:9b:e5:63:60:b8:b8:c2:f5:01:50:9b:c5:1c:ce:87:91:eb:
3d:e2:ec:81:f2:06:ec:97:85:95:9f:42:32:09:d8:c9:29:d5:
40:22:72:0c:6e:95:24:c8:bf:7f:c0:ae:92:f2:dc:58:05:1c:
2e:b0:5e:01:a7:0a:01:74:64:37:db:66:35:18:ee:57:b0:7b:
87:b7:b0:87:4a:89:ac:2e:70:af:da:57:1c:50:55:b0:74:b4:
0f:f2:f7:5a:5b:5e:1d:72:ac:37:10:f7:28:52:ff:e4:ec:d8:
f4:0c:89:f1:98:cb:90:75:76:7d:da:eb:64:4c:c1:19:ae:20:
55:f5:c2:1e:92:6c:a9:ca:8b:a5:c6:62:49:49:aa:a5:62:c9:
4b:9d:82:70:7c:05:60:10:a3:9a:d8:35:df:84:b1:2d:88:85:
f9:05:8b:f9:f4:a2:92:cb:0e:49:96:ad:70:56:3d:04:66:9a:
d1:79:1e:b8:88:b6:dc:ad:33:de:3e:2f:72:19:6d:e4:14:4d:
7f:d8:08:2c:7b:16:f6:5a:a8:84:7c:09:83:2a:eb:59:66:6b:
8c:53:36:8d
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBd8+UzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
M2UyM2FiYWUzY2YwYjM1MTI2MGQ2NmYzMjMzOTkyOGZkZGYyZWJiMB4XDTIyMDUw
NDA4NDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM2NTgxYjc0YWNm
OTMwMDM4NTBjMDVmMjI5NTFlZmY0NjUyYzg2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKY1fTIvYu+tY6YzGF6SpSGScbIksxWdhFHHheUK/PnDvZin
5S4itnc5+ysCSYaCYlp4B1ZOofPKOiycAjMhlsvUhWgSifb9bNnJQyV1MlfwHbQn
CIDnDdsxtRtPaQoaY0b8WFyESW+nabvwDVz2X+AJoFiOEoxXaeiRwBRrU+BMmGRR
0X2BVFZPc5hcGeLL6pcsHLP0OGPFtYd5OdyBifyqFYXaCGHeZUfUOI3CHQH6ymsP
qyo157TBpx2WlhUxM3MtOhA26z9qIcQkr7XPwrg2uUA7NxpBRekKF27seF8AOd9x
ZNhxmiZh1/eY2mYHDBWRGB7JlnDWlsM/G/7x+L8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQMZYG3Ss+TADhQwF8ilR7/RlLIaTAfBgNVHSMEGDAWgBTz4jq6488LNRJg
1m8yM5ko/d8uuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzgtSTZ1dVBQQ3pVU1lOWnZNak9aS1AzZkxycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvMDg2OGFmLWYyZDctNDkwNS04OGQyLTlkYjY2NjU0NDljYi8x
L0RHV0J0MHJQa3dBNFVNQmZJcFVlXzBaU3lHay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
MDg2OGFmLWYyZDctNDkwNS04OGQyLTlkYjY2NjU0NDljYi8xLzgtSTZ1dVBQQ3pV
U1lOWnZNak9aS1AzZkxycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoOHEAwDQYJKoZIhvcNAQELBQAD
ggEBAFLAAONVMIne8kMjmJfi+MvBvIH53S06/g+kCv8ESPXiDVTG8Mab5WNguLjC
9QFQm8UczoeR6z3i7IHyBuyXhZWfQjIJ2Mkp1UAicgxulSTIv3/ArpLy3FgFHC6w
XgGnCgF0ZDfbZjUY7lewe4e3sIdKiawucK/aVxxQVbB0tA/y91pbXh1yrDcQ9yhS
/+Ts2PQMifGYy5B1dn3a62RMwRmuIFX1wh6SbKnKi6XGYklJqqViyUudgnB8BWAQ
o5rYNd+EsS2IhfkFi/n0opLLDkmWrXBWPQRmmtF5HriIttytM94+L3IZbeQUTX/Y
CCx7FvZaqIR8CYMq61lma4xTNo0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:58 2025 by rpki-client