Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/C_jTfdxiW0ET_rXlhzNUGTs6_VA.roa
File: C_jTfdxiW0ET_rXlhzNUGTs6_VA.roa (raw, json)
Hash identifier: KSzyAOlcQhLXycte0GdxPjT8uoRVRAmUTNAoBH5mj1M=
Subject key identifier: 0B:F8:D3:7D:DC:62:5B:41:13:FE:B5:E5:87:33:54:19:3B:3A:FD:50
Certificate issuer: /CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Certificate serial: 045D5DA4
Authority key identifier: 93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/C_jTfdxiW0ET_rXlhzNUGTs6_VA.roa
Signing time: Mon 21 Feb 2022 15:59:43 +0000
ROA not before: Mon 21 Feb 2022 15:59:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 2a01:bb24::/56 maxlen: 56
2a01:bb24:1::/48 maxlen: 56
2a01:bb22::/33 maxlen: 33
2a01:bb22:8000::/33 maxlen: 33
2a01:bb24:2::/56 maxlen: 56
2a01:bb23:8000::/33 maxlen: 33
2a01:bb23::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73227684 (0x45d5da4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Validity
Not Before: Feb 21 15:59:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bf8d37ddc625b4113feb5e5873354193b3afd50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9c:36:ef:2a:28:13:93:eb:91:77:9b:7f:ea:
dd:d7:86:91:8d:05:2f:57:54:eb:b3:95:5d:0a:8f:
2f:6b:39:ad:81:26:e0:23:17:77:d9:71:7d:59:86:
09:34:1c:72:85:e1:15:f7:08:e8:f3:b8:1a:5e:8d:
d0:35:2f:ec:6d:1e:ec:8f:ba:31:cc:2d:5f:13:87:
d9:ee:0b:3b:ab:ee:57:c7:5f:31:7c:aa:34:be:9a:
16:7e:f7:6d:38:0b:2d:95:b1:67:97:ea:d2:2e:4d:
15:f2:25:c7:e1:b5:d1:f4:5c:55:81:2d:51:18:77:
5a:be:ac:24:22:f5:01:ea:9e:18:42:e4:e7:f5:37:
15:56:35:33:52:21:34:97:96:d4:3d:e6:7a:b1:5d:
14:1b:da:2a:ca:b1:cb:04:65:02:ba:ff:a3:02:ba:
7e:f1:f7:a6:02:1f:89:ee:5e:7f:fa:21:3b:c9:8b:
ad:52:6f:74:a7:50:65:46:da:86:71:14:35:29:a4:
fe:d7:a1:c8:71:b9:1a:db:3c:12:b7:70:36:ab:a5:
7e:3e:c4:19:a7:a3:7e:e4:d1:3c:06:c9:13:74:c5:
f9:eb:93:e8:df:1b:cf:96:25:6c:07:68:7a:19:04:
df:95:46:c3:45:68:05:ac:53:98:68:a8:74:61:ac:
cb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F8:D3:7D:DC:62:5B:41:13:FE:B5:E5:87:33:54:19:3B:3A:FD:50
X509v3 Authority Key Identifier:
keyid:93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/C_jTfdxiW0ET_rXlhzNUGTs6_VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:bb22::-2a01:bb24:0:ff:ffff:ffff:ffff:ffff
2a01:bb24:1::-2a01:bb24:2:ff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
05:5a:49:70:9b:70:6d:e9:d2:7b:a2:0c:a7:59:73:20:fd:20:
55:8c:e7:0a:98:b8:15:4f:3a:d8:18:03:31:b6:4c:15:a6:5c:
e1:8e:d2:fb:03:77:a0:2c:5a:dc:cb:c7:5a:44:d2:b8:4c:64:
3e:12:a9:2c:9a:1e:d8:ab:18:e3:45:f5:e2:64:3b:08:a4:2f:
08:5c:ba:ae:38:58:bf:30:1d:f1:eb:0e:ad:29:97:20:5d:62:
83:8e:80:a3:00:3c:1b:48:35:ef:c5:29:07:44:c9:fc:cf:ee:
ee:77:0a:94:12:49:1e:b3:27:83:03:1d:ba:48:cd:68:6b:cb:
99:8f:c8:4d:bc:63:31:b2:50:7b:e1:09:b7:3d:12:a8:a3:6d:
66:7c:d8:18:41:68:7e:8a:e8:8f:da:70:c0:ea:21:3d:fb:de:
dc:b8:02:8f:0e:70:0f:af:99:59:ed:0a:c7:d3:37:9f:7d:7f:
d3:b9:9f:87:f0:b8:ba:b3:5e:8c:fd:54:d9:af:4a:c2:54:22:
c6:b9:20:5c:7e:24:fe:ab:cc:ce:be:b0:a2:3c:e7:a6:71:a9:
e3:3a:05:ec:31:49:f4:a0:99:8c:62:da:54:ac:8a:1e:d5:1b:
8f:1e:41:3c:76:fc:df:77:6a:3e:7a:d6:6a:b9:ae:7a:b2:ea:
4c:ed:5e:3f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBF1dpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzUwMzA2MWUxYWU1MDNlYzYzZDk3MGIzMDg3NWRkOTNmZmFiYmRmMB4XDTIyMDIy
MTE1NTk0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJmOGQzN2RkYzYy
NWI0MTEzZmViNWU1ODczMzU0MTkzYjNhZmQ1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2cNu8qKBOT65F3m3/q3deGkY0FL1dU67OVXQqPL2s5rYEm
4CMXd9lxfVmGCTQccoXhFfcI6PO4Gl6N0DUv7G0e7I+6McwtXxOH2e4LO6vuV8df
MXyqNL6aFn73bTgLLZWxZ5fq0i5NFfIlx+G10fRcVYEtURh3Wr6sJCL1AeqeGELk
5/U3FVY1M1IhNJeW1D3merFdFBvaKsqxywRlArr/owK6fvH3pgIfie5ef/ohO8mL
rVJvdKdQZUbahnEUNSmk/tehyHG5Gts8ErdwNqulfj7EGaejfuTRPAbJE3TF+euT
6N8bz5YlbAdoehkE35VGw0VoBaxTmGiodGGsyx8CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQL+NN93GJbQRP+teWHM1QZOzr9UDAfBgNVHSMEGDAWgBSTUDBh4a5QPsY9
lwswh13ZP/q73zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2sxQXdZZUd1VUQ3R1BaY0xNSWRkMlRfNnU5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYTc2YWMxLTVmMjItNDdkMS1iOGMxLWM2MjNlZDhmMmYyOC8x
L0NfalRmZHhpVzBFVF9yWGxoek5VR1RzNl9WQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
YTc2YWMxLTVmMjItNDdkMS1iOGMxLWM2MjNlZDhmMmYyOC8xL2sxQXdZZUd1VUQ3
R1BaY0xNSWRkMlRfNnU5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAIwKDARAwUBKgG7IgMIACoBuyQAAAAwEwMH
ACoBuyQAAQMIACoBuyQAAgAwDQYJKoZIhvcNAQELBQADggEBAAVaSXCbcG3p0nui
DKdZcyD9IFWM5wqYuBVPOtgYAzG2TBWmXOGO0vsDd6AsWtzLx1pE0rhMZD4SqSya
HtirGONF9eJkOwikLwhcuq44WL8wHfHrDq0plyBdYoOOgKMAPBtINe/FKQdEyfzP
7u53CpQSSR6zJ4MDHbpIzWhry5mPyE28YzGyUHvhCbc9EqijbWZ82BhBaH6K6I/a
cMDqIT373ty4Ao8OcA+vmVntCsfTN599f9O5n4fwuLqzXoz9VNmvSsJUIsa5IFx+
JP6rzM6+sKI856ZxqeM6BewxSfSgmYxi2lSsih7VG48eQTx2/N93aj561mq5rnqy
6kztXj8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:45 2025 by rpki-client