Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/XxmYAAWYce6vEphoIwnRXeyaJz4.roa
File: XxmYAAWYce6vEphoIwnRXeyaJz4.roa (raw, json)
Hash identifier: R55ZoeIeQPUQE3vzjtsh5YZS2QPGNMifOtEzkY4DtQ4=
Subject key identifier: 5F:19:98:00:05:98:71:EE:AF:12:98:68:23:09:D1:5D:EC:9A:27:3E
Certificate issuer: /CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Certificate serial: 0187DB8F20EA014306A44991421E811A307C
Authority key identifier: 93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/XxmYAAWYce6vEphoIwnRXeyaJz4.roa
Signing time: Tue 02 May 2023 08:23:22 +0000
ROA not before: Tue 02 May 2023 08:23:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a01:bb22::/33 maxlen: 33
2a01:bb22:8000::/33 maxlen: 33
2a01:bb20::/29 maxlen: 29
2a01:bb24::/32 maxlen: 48
2a01:bb23::/33 maxlen: 33
2a01:bb23:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:8f:20:ea:01:43:06:a4:49:91:42:1e:81:1a:30:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Validity
Not Before: May 2 08:23:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f199800059871eeaf1298682309d15dec9a273e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a9:84:00:02:b4:4a:cc:69:85:b5:6d:e8:80:
a4:11:09:35:c3:2f:a9:91:ed:40:5a:69:ef:2f:82:
78:f0:98:08:ad:90:40:cb:c2:62:65:82:2a:92:f1:
8e:23:64:be:77:ec:41:5c:7d:13:e8:d2:8f:3d:7d:
ff:a0:d8:1b:22:3d:8d:fc:ab:9a:05:4c:a0:ce:32:
2c:d2:ce:6a:6e:37:71:1a:55:04:9d:77:9d:0d:ce:
c3:81:22:c7:b3:1d:fd:a3:52:c2:99:9a:b8:18:1d:
9e:0f:7c:9e:2a:c1:cb:20:05:1c:7f:83:76:cc:6f:
7e:21:4c:23:d8:dc:12:ae:bf:75:67:cc:48:c2:09:
e1:45:d7:fb:4d:df:70:ce:d3:bb:76:d9:3c:e3:a1:
81:48:c5:a2:04:51:54:cd:e3:61:77:34:d5:84:08:
8e:49:14:44:c7:bd:da:c9:88:40:37:37:60:36:86:
e6:f7:fa:1f:16:19:d6:25:90:72:fc:3a:77:1e:7e:
0b:8a:c4:0b:f7:5d:dc:8d:83:3a:a4:35:03:59:f1:
5b:7b:34:31:05:c3:0f:ca:62:06:e0:4c:ce:06:53:
93:46:b4:9c:b1:a2:22:ec:a6:b1:b9:39:e4:9c:7f:
46:17:fd:f3:8d:aa:0b:bd:41:d9:da:ca:82:f9:eb:
e2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:19:98:00:05:98:71:EE:AF:12:98:68:23:09:D1:5D:EC:9A:27:3E
X509v3 Authority Key Identifier:
keyid:93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/XxmYAAWYce6vEphoIwnRXeyaJz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:bb20::/29
Signature Algorithm: sha256WithRSAEncryption
a2:c2:50:22:c9:bb:0c:53:d6:b8:33:cb:ac:87:d7:5f:10:99:
e6:20:d9:ab:83:33:be:c9:f3:c4:e0:80:72:b2:42:65:20:43:
a9:ad:42:33:91:55:8e:a3:31:d3:39:9f:24:cd:d1:17:53:83:
43:53:9c:86:97:04:4e:c0:30:28:dd:d4:f6:f5:38:ce:87:1f:
08:8f:8e:4a:dd:75:74:77:16:b2:6d:2e:b3:fa:92:7f:47:5b:
6b:91:ea:1a:cc:90:d3:f7:e5:d2:b5:a3:57:c1:bf:8b:47:98:
17:fb:c6:a7:f0:bd:f4:65:b0:a4:ef:84:1c:60:75:c9:68:87:
c2:24:3e:7f:92:c5:3c:ed:22:71:42:c1:aa:91:ac:5d:8e:f6:
c6:a6:65:13:17:d4:cb:72:cc:d6:a8:3c:f4:0f:70:51:9b:4e:
37:31:12:76:c4:22:74:c9:e0:d0:3f:6a:1c:12:50:40:d1:7c:
9e:f8:d8:bb:2e:c0:57:af:6b:c4:af:fe:8a:ae:0f:fe:ec:31:
f0:6e:3b:b2:39:51:77:53:a2:7e:6f:1b:91:74:b9:bf:d9:73:
23:38:68:0a:7d:bf:77:02:ce:56:1e:e3:7e:e9:1a:e7:fe:51:
4f:d4:13:dc:44:9a:ae:b3:ef:db:4e:53:40:18:34:a0:07:2b:
d9:5f:90:aa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYfbjyDqAUMGpEmRQh6BGjB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTAzMDYxZTFhZTUwM2VjNjNkOTcwYjMwODc1ZGQ5M2Zm
YWJiZGYwHhcNMjMwNTAyMDgyMzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjE5OTgwMDA1OTg3MWVlYWYxMjk4NjgyMzA5ZDE1ZGVjOWEyNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6mEAAK0SsxphbVt6ICkEQk1wy+p
ke1AWmnvL4J48JgIrZBAy8JiZYIqkvGOI2S+d+xBXH0T6NKPPX3/oNgbIj2N/Kua
BUygzjIs0s5qbjdxGlUEnXedDc7DgSLHsx39o1LCmZq4GB2eD3yeKsHLIAUcf4N2
zG9+IUwj2NwSrr91Z8xIwgnhRdf7Td9wztO7dtk846GBSMWiBFFUzeNhdzTVhAiO
SRREx73ayYhANzdgNobm9/ofFhnWJZBy/Dp3Hn4LisQL913cjYM6pDUDWfFbezQx
BcMPymIG4EzOBlOTRrScsaIi7KaxuTnknH9GF/3zjaoLvUHZ2sqC+eviFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF8ZmAAFmHHurxKYaCMJ0V3smic+MB8GA1UdIwQY
MBaAFJNQMGHhrlA+xj2XCzCHXdk/+rvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEt
YzYyM2VkOGYyZjI4LzEvWHhtWUFBV1ljZTZ2RXBob0l3blJYZXlhSno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEtYzYyM2VkOGYyZjI4
LzEvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgG7IDAN
BgkqhkiG9w0BAQsFAAOCAQEAosJQIsm7DFPWuDPLrIfXXxCZ5iDZq4MzvsnzxOCA
crJCZSBDqa1CM5FVjqMx0zmfJM3RF1ODQ1OchpcETsAwKN3U9vU4zocfCI+OSt11
dHcWsm0us/qSf0dba5HqGsyQ0/fl0rWjV8G/i0eYF/vGp/C99GWwpO+EHGB1yWiH
wiQ+f5LFPO0icULBqpGsXY72xqZlExfUy3LM1qg89A9wUZtONzESdsQidMng0D9q
HBJQQNF8nvjYuy7AV69rxK/+iq4P/uwx8G47sjlRd1Oifm8bkXS5v9lzIzhoCn2/
dwLOVh7jfuka5/5RT9QT3ESarrPv205TQBg0oAcr2V+Qqg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:25 2025 by rpki-client