Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/PS7OTaZcAKziYvukDl4JP9g1xmo.roa
File: PS7OTaZcAKziYvukDl4JP9g1xmo.roa (raw, json)
Hash identifier: 4kPF6uWtU/VntR1mm37H+8TH9dHwnF0GwP80g3HQW9E=
Subject key identifier: 3D:2E:CE:4D:A6:5C:00:AC:E2:62:FB:A4:0E:5E:09:3F:D8:35:C6:6A
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 018571C3047115FBCAEC8F2B20AC48EAEA3F
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/PS7OTaZcAKziYvukDl4JP9g1xmo.roa
Signing time: Mon 02 Jan 2023 09:14:43 +0000
ROA not before: Mon 02 Jan 2023 09:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211623
IP address blocks: 2a00:1ca8:56::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:04:71:15:fb:ca:ec:8f:2b:20:ac:48:ea:ea:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 2 09:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d2ece4da65c00ace262fba40e5e093fd835c66a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:71:8d:72:47:dc:03:35:2a:a8:ee:6c:ab:f6:
df:75:f9:e6:9d:f4:22:24:77:ea:d7:e5:94:b5:1e:
56:96:04:a2:01:e3:4f:64:22:04:61:89:81:7c:34:
0a:8b:2f:96:02:51:c3:16:95:ef:b7:ad:c9:84:b2:
69:2e:fe:20:a4:4f:1e:c8:fe:c3:2d:c6:18:ea:cb:
86:b5:0a:9b:96:40:dc:c1:6e:db:90:09:ea:51:18:
30:22:bc:2f:b9:ad:c3:ba:7b:90:68:63:78:50:b2:
82:c5:09:7f:f0:1d:ea:b3:90:56:15:0d:77:9b:f2:
7a:5e:14:05:f6:23:34:4d:24:77:23:73:42:4e:7b:
19:50:a2:ad:5f:1c:f8:91:0a:b6:44:dd:d5:aa:11:
4a:a2:26:97:cb:2d:09:3b:31:e7:b7:f2:06:89:72:
a2:3e:c2:c5:d5:cd:ac:4c:fa:36:b6:08:4d:78:48:
19:67:1d:0a:52:72:79:73:80:41:a0:d0:f2:3f:5b:
a4:91:ed:73:6d:c1:c6:cb:cb:a9:2e:52:42:42:12:
8f:b1:8a:c7:7f:f4:af:45:60:49:55:a4:18:ae:80:
b7:be:54:9b:42:3f:fa:58:c6:98:46:ef:6b:cc:48:
53:db:04:6b:13:1a:9a:21:6d:74:eb:de:89:7e:76:
cc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:2E:CE:4D:A6:5C:00:AC:E2:62:FB:A4:0E:5E:09:3F:D8:35:C6:6A
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/PS7OTaZcAKziYvukDl4JP9g1xmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1ca8:56::/48
Signature Algorithm: sha256WithRSAEncryption
7e:28:d7:80:ce:cf:90:1c:d4:03:eb:5a:8c:c2:a0:6b:b7:9f:
aa:c3:65:65:17:79:d6:36:0f:72:5c:8f:04:21:ad:a5:f4:73:
a2:1a:d7:f8:50:8a:24:77:6a:7f:43:50:1a:77:0b:79:88:7c:
94:ce:75:35:a4:a3:2d:24:f7:e6:e8:c1:40:ff:54:64:59:b3:
a2:d1:51:3f:07:32:0a:c7:74:8f:03:47:04:50:68:0d:9b:d8:
76:48:59:1b:e7:bf:71:67:63:ad:0c:bb:0b:35:1b:86:08:e8:
9d:96:fd:e6:2e:4c:e0:c2:10:1e:7d:30:45:24:a8:ee:47:52:
9f:ad:21:c5:34:d3:50:86:c8:cc:39:57:fe:86:c0:db:2d:90:
a7:93:22:98:b2:6c:b8:c6:da:fd:68:29:81:a6:e7:4d:fb:fc:
ba:8a:17:58:7b:66:53:f3:cf:d5:a2:0f:f3:a5:9d:a9:9e:04:
ba:9d:44:5b:6b:c6:c2:3f:0b:32:33:41:b0:8f:34:2a:98:75:
01:93:46:26:9c:c5:f0:c2:44:c8:90:8c:e7:1f:f4:3f:31:09:
c5:1b:65:b0:9e:e8:4a:0b:61:a0:f0:a8:25:b1:7d:92:0c:c5:
21:ee:8b:96:9c:73:32:22:c0:68:99:97:70:c1:aa:5c:07:84:
5a:2b:bf:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxwwRxFfvK7I8rIKxI6uo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjMwMTAyMDkxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDJlY2U0ZGE2NWMwMGFjZTI2MmZiYTQwZTVlMDkzZmQ4MzVjNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXGNckfcAzUqqO5sq/bfdfnmnfQi
JHfq1+WUtR5WlgSiAeNPZCIEYYmBfDQKiy+WAlHDFpXvt63JhLJpLv4gpE8eyP7D
LcYY6suGtQqblkDcwW7bkAnqURgwIrwvua3DunuQaGN4ULKCxQl/8B3qs5BWFQ13
m/J6XhQF9iM0TSR3I3NCTnsZUKKtXxz4kQq2RN3VqhFKoiaXyy0JOzHnt/IGiXKi
PsLF1c2sTPo2tghNeEgZZx0KUnJ5c4BBoNDyP1ukke1zbcHGy8upLlJCQhKPsYrH
f/SvRWBJVaQYroC3vlSbQj/6WMaYRu9rzEhT2wRrExqaIW10696JfnbMYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD0uzk2mXACs4mL7pA5eCT/YNcZqMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvUFM3T1RhWmNBS3ppWXZ1a0RsNEpQOWcxeG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAcqABW
MA0GCSqGSIb3DQEBCwUAA4IBAQB+KNeAzs+QHNQD61qMwqBrt5+qw2VlF3nWNg9y
XI8EIa2l9HOiGtf4UIokd2p/Q1Aadwt5iHyUznU1pKMtJPfm6MFA/1RkWbOi0VE/
BzIKx3SPA0cEUGgNm9h2SFkb579xZ2OtDLsLNRuGCOidlv3mLkzgwhAefTBFJKju
R1KfrSHFNNNQhsjMOVf+hsDbLZCnkyKYsmy4xtr9aCmBpudN+/y6ihdYe2ZT88/V
og/zpZ2pngS6nURba8bCPwsyM0GwjzQqmHUBk0YmnMXwwkTIkIznH/Q/MQnFG2Ww
nuhKC2Gg8KglsX2SDMUh7ouWnHMyIsBomZdwwapcB4RaK7/j
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:28 2025 by rpki-client