Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/N7ovOIGwWjcXDQggtnyzhDTSZs4.roa
File: N7ovOIGwWjcXDQggtnyzhDTSZs4.roa (raw, json)
Hash identifier: 23s6SsHiDLeV+NVNDMdd2Nu5S2Y3G44GHJCqstc8RDA=
Subject key identifier: 37:BA:2F:38:81:B0:5A:37:17:0D:08:20:B6:7C:B3:84:34:D2:66:CE
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 018B84D494A1EA1C98FECEAAAC0D938862C7
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/N7ovOIGwWjcXDQggtnyzhDTSZs4.roa
Signing time: Tue 31 Oct 2023 08:23:26 +0000
ROA not before: Tue 31 Oct 2023 08:23:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210107
IP address blocks: 2a0b:8b46::/32 maxlen: 32
2a0b:8b41::/32 maxlen: 32
2a0b:8b43::/32 maxlen: 32
2a0b:8b44::/32 maxlen: 32
2a0b:8b47::/32 maxlen: 32
2a0b:8b40::/32 maxlen: 32
2a0b:8b45::/32 maxlen: 32
2a0b:8b42::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:d4:94:a1:ea:1c:98:fe:ce:aa:ac:0d:93:88:62:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Oct 31 08:23:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37ba2f3881b05a37170d0820b67cb38434d266ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:57:d5:57:09:eb:99:60:e5:4f:d9:9f:a8:de:
15:a9:90:d2:8c:94:60:75:5a:5c:da:b3:fb:f9:f0:
10:cd:d7:a2:89:28:a2:7f:f4:1c:47:2c:e5:21:8c:
ab:11:a5:35:dc:99:26:36:1d:4e:c2:51:65:18:65:
66:c7:c9:67:2e:41:f7:b6:5f:b5:18:a9:72:c0:f0:
c6:78:5f:28:b9:c6:43:e6:68:e5:5e:64:ba:82:ad:
b5:8a:7d:2d:cf:d1:3b:f5:69:57:80:11:9c:2c:a2:
5d:10:69:f8:13:2b:26:ae:c7:4a:37:9d:5a:90:96:
95:d3:b9:8a:ed:70:8f:94:af:20:eb:d8:e0:2b:df:
79:f5:4a:d3:c7:18:8b:6e:0e:f9:b9:ae:6f:f0:13:
41:af:e6:51:7c:d2:1f:d2:ff:70:ce:30:97:27:92:
ac:60:0f:8e:e8:72:92:59:c9:50:b5:34:b6:09:47:
92:c6:a6:00:f3:cb:80:dc:04:12:cf:72:8f:c8:3e:
a1:1d:15:e1:57:a2:c1:f7:c1:39:6a:52:03:ad:64:
f2:60:70:f7:ba:ff:e8:3f:a1:d0:8d:aa:d8:0e:07:
2b:d3:35:93:01:41:bd:b3:6d:f2:5a:cd:44:9e:30:
12:e6:10:ef:d5:13:b0:d4:c9:85:69:55:bf:c8:47:
a8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BA:2F:38:81:B0:5A:37:17:0D:08:20:B6:7C:B3:84:34:D2:66:CE
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/N7ovOIGwWjcXDQggtnyzhDTSZs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
19:e9:4a:09:b0:81:fb:76:02:3d:7a:25:d3:2b:e2:fd:00:ef:
4c:cd:59:aa:11:94:b9:7f:1a:d6:ac:94:ed:19:a4:7e:15:c0:
65:c6:98:bf:c8:e8:4c:e6:f8:b2:42:48:7c:d6:72:62:4a:0f:
0b:da:75:a5:c9:25:fa:93:a5:81:fd:b3:2a:59:15:c4:ee:18:
49:c9:8c:ca:53:0c:20:da:cd:96:87:7a:c6:0c:a7:80:f7:72:
ce:7e:52:4e:df:51:d7:73:4b:e9:1a:b8:3a:af:6c:02:57:cc:
62:c9:29:52:e7:01:79:d1:79:74:17:e9:fc:d7:10:72:bb:ed:
d6:fa:64:42:ee:05:1e:31:ec:78:cc:c0:ed:8f:ec:06:d1:72:
07:f1:b2:3b:ea:b0:63:82:93:da:dc:5d:6a:8c:b6:ba:cd:13:
b0:f1:dc:7b:89:ca:85:59:a8:45:2c:05:87:d7:e8:86:a7:c4:
38:36:46:1d:bd:8b:83:0f:d6:57:6f:c2:83:cb:2c:92:66:42:
9b:53:05:17:4c:0b:1d:06:36:80:60:55:51:dd:7e:e2:c6:eb:
e0:4f:5e:9d:b2:77:a3:f2:b8:88:5c:c2:dc:21:89:51:6b:2c:
33:8a:cb:a1:73:19:dd:8d:83:2a:0b:56:61:3c:61:43:2e:c0:
ce:08:4c:f1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuE1JSh6hyY/s6qrA2TiGLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjMxMDMxMDgyMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2JhMmYzODgxYjA1YTM3MTcwZDA4MjBiNjdjYjM4NDM0ZDI2NmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFfVVwnrmWDlT9mfqN4VqZDSjJRg
dVpc2rP7+fAQzdeiiSiif/QcRyzlIYyrEaU13JkmNh1OwlFlGGVmx8lnLkH3tl+1
GKlywPDGeF8oucZD5mjlXmS6gq21in0tz9E79WlXgBGcLKJdEGn4EysmrsdKN51a
kJaV07mK7XCPlK8g69jgK9959UrTxxiLbg75ua5v8BNBr+ZRfNIf0v9wzjCXJ5Ks
YA+O6HKSWclQtTS2CUeSxqYA88uA3AQSz3KPyD6hHRXhV6LB98E5alIDrWTyYHD3
uv/oP6HQjarYDgcr0zWTAUG9s23yWs1EnjAS5hDv1ROw1MmFaVW/yEeobQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDe6LziBsFo3Fw0IILZ8s4Q00mbOMB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvTjdvdk9JR3dXamNYRFFnZ3RueXpoRFRTWnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKguLQDAN
BgkqhkiG9w0BAQsFAAOCAQEAGelKCbCB+3YCPXol0yvi/QDvTM1ZqhGUuX8a1qyU
7RmkfhXAZcaYv8joTOb4skJIfNZyYkoPC9p1pckl+pOlgf2zKlkVxO4YScmMylMM
INrNlod6xgyngPdyzn5STt9R13NL6Rq4Oq9sAlfMYskpUucBedF5dBfp/NcQcrvt
1vpkQu4FHjHseMzA7Y/sBtFyB/GyO+qwY4KT2txdaoy2us0TsPHce4nKhVmoRSwF
h9fohqfEODZGHb2Lgw/WV2/Cg8sskmZCm1MFF0wLHQY2gGBVUd1+4sbr4E9enbJ3
o/K4iFzC3CGJUWssM4rLoXMZ3Y2DKgtWYTxhQy7AzghM8Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:59 2025 by rpki-client