Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/AQmEsDlziGYrFUJPxNmeh7y9JmY.roa
File: AQmEsDlziGYrFUJPxNmeh7y9JmY.roa (raw, json)
Hash identifier: 3sxOZoGI4ko6boyBs4o1u4JENAZZP626llIPla8h9tY=
Subject key identifier: 01:09:84:B0:39:73:88:66:2B:15:42:4F:C4:D9:9E:87:BC:BD:26:66
Certificate issuer: /CN=bcce590711ae7fcb016eeb7376b0a7fc7661cb13
Certificate serial: 01856F024F10691C0D21C16F376251960A2D
Authority key identifier: BC:CE:59:07:11:AE:7F:CB:01:6E:EB:73:76:B0:A7:FC:76:61:CB:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vM5ZBxGuf8sBbutzdrCn_HZhyxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/AQmEsDlziGYrFUJPxNmeh7y9JmY.roa
Signing time: Sun 01 Jan 2023 20:25:00 +0000
ROA not before: Sun 01 Jan 2023 20:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197872
IP address blocks: 2a00:ad40:20::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4f:10:69:1c:0d:21:c1:6f:37:62:51:96:0a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcce590711ae7fcb016eeb7376b0a7fc7661cb13
Validity
Not Before: Jan 1 20:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=010984b0397388662b15424fc4d99e87bcbd2666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:01:f8:29:9d:e1:50:e8:15:05:ef:2f:5c:db:
5d:0e:00:5e:cc:bd:30:39:46:8d:85:90:b6:17:0e:
0f:02:d0:90:ba:8f:56:fd:87:2d:4e:4e:67:df:18:
4b:bf:7f:95:d5:31:f5:da:f7:f5:5b:ed:87:04:e6:
c1:59:d9:1a:fe:1a:f6:37:a6:0c:8f:d4:5c:c2:da:
09:70:c7:9d:a9:e6:d6:8e:9e:0e:1b:73:90:7f:e2:
f2:a7:1f:83:fc:2f:cb:64:f0:c7:0a:52:77:bd:74:
26:d7:0d:0c:83:02:fe:b0:28:4f:ba:c4:0e:6e:69:
b4:8a:f6:f5:26:21:32:17:1b:d5:b9:20:c3:0e:6a:
0f:3e:18:3c:9b:93:31:04:a4:51:ed:7a:0f:69:cd:
ed:72:d2:f0:db:f6:f9:f3:0d:be:7f:b6:dc:83:d4:
3e:f5:b8:c6:ef:13:7f:b5:20:85:86:74:21:32:ab:
d4:dd:cf:6d:7b:11:96:2f:96:da:42:23:cc:97:74:
e7:9b:d3:fc:8d:f2:41:be:a6:cc:a7:56:49:c3:12:
f1:a7:88:79:23:bc:31:93:b0:e0:ef:ff:16:ad:d9:
8b:ce:dc:51:94:6d:d7:fd:49:14:40:e8:b4:4a:80:
84:82:3a:59:b2:aa:bc:64:2c:36:66:7a:b4:16:9f:
10:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:09:84:B0:39:73:88:66:2B:15:42:4F:C4:D9:9E:87:BC:BD:26:66
X509v3 Authority Key Identifier:
keyid:BC:CE:59:07:11:AE:7F:CB:01:6E:EB:73:76:B0:A7:FC:76:61:CB:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vM5ZBxGuf8sBbutzdrCn_HZhyxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/AQmEsDlziGYrFUJPxNmeh7y9JmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/vM5ZBxGuf8sBbutzdrCn_HZhyxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ad40:20::/44
Signature Algorithm: sha256WithRSAEncryption
64:85:ae:1b:35:72:db:77:db:62:47:2b:83:ca:8a:7f:65:08:
7e:62:d2:55:1d:ee:49:b3:07:6d:12:cc:fe:41:b4:5d:1f:e5:
74:ca:68:6e:14:8b:7d:2d:a0:6e:52:6f:e3:40:d0:82:1a:df:
7a:e0:b5:07:bb:7a:7a:2d:80:a2:8d:c9:1e:f1:c4:6f:68:63:
cf:9c:15:c3:35:d8:00:04:46:95:4d:aa:fd:ff:54:b7:bd:76:
99:22:77:61:83:b8:b4:fb:ca:f0:c2:b3:c6:29:28:56:3e:8b:
92:e0:85:c8:62:e1:79:b8:c0:6a:a1:d6:73:db:9f:63:8b:2b:
ad:52:b9:8d:4c:55:af:cc:f6:a4:c9:0f:6f:1f:2b:40:dd:93:
b5:5e:e7:2c:56:37:86:74:ad:11:d3:2e:23:94:e8:1f:45:d5:
a7:73:43:fc:d3:dc:52:36:67:43:2e:0b:e4:f3:07:ba:00:f4:
6e:26:66:c4:14:37:85:d0:6c:e5:94:c5:ee:49:4e:c3:44:c1:
47:e0:c1:74:7b:8b:c0:e0:75:46:ba:4e:d4:29:f6:bf:06:21:
f4:ca:80:bb:d7:ab:ba:d7:e4:7b:ac:50:e7:2f:1f:f5:bc:ec:
46:e4:1a:11:43:b6:26:89:63:ec:27:57:37:b8:c4:8c:0e:d9:
46:62:4e:15
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvAk8QaRwNIcFvN2JRlgotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2U1OTA3MTFhZTdmY2IwMTZlZWI3Mzc2YjBhN2ZjNzY2
MWNiMTMwHhcNMjMwMTAxMjAyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTA5ODRiMDM5NzM4ODY2MmIxNTQyNGZjNGQ5OWU4N2JjYmQyNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngH4KZ3hUOgVBe8vXNtdDgBezL0w
OUaNhZC2Fw4PAtCQuo9W/YctTk5n3xhLv3+V1TH12vf1W+2HBObBWdka/hr2N6YM
j9RcwtoJcMedqebWjp4OG3OQf+Lypx+D/C/LZPDHClJ3vXQm1w0MgwL+sChPusQO
bmm0ivb1JiEyFxvVuSDDDmoPPhg8m5MxBKRR7XoPac3tctLw2/b58w2+f7bcg9Q+
9bjG7xN/tSCFhnQhMqvU3c9texGWL5baQiPMl3Tnm9P8jfJBvqbMp1ZJwxLxp4h5
I7wxk7Dg7/8WrdmLztxRlG3X/UkUQOi0SoCEgjpZsqq8ZCw2Znq0Fp8QvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAEJhLA5c4hmKxVCT8TZnoe8vSZmMB8GA1UdIwQY
MBaAFLzOWQcRrn/LAW7rc3awp/x2YcsTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk01WkJ4R3VmOHNCYnV0emRyQ25fSFpoeXhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hYzZiOTEtZWRhZi00NDg2LTkzNGUt
MDVkYjQ5N2FjNDU1LzEvQVFtRXNEbHppR1lyRlVKUHhObWVoN3k5Sm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hYzZiOTEtZWRhZi00NDg2LTkzNGUtMDVkYjQ5N2FjNDU1
LzEvdk01WkJ4R3VmOHNCYnV0emRyQ25fSFpoeXhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgCtQAAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBkha4bNXLbd9tiRyuDyop/ZQh+YtJVHe5Jswdt
Esz+QbRdH+V0ymhuFIt9LaBuUm/jQNCCGt964LUHu3p6LYCijcke8cRvaGPPnBXD
NdgABEaVTar9/1S3vXaZIndhg7i0+8rwwrPGKShWPouS4IXIYuF5uMBqodZz259j
iyutUrmNTFWvzPakyQ9vHytA3ZO1XucsVjeGdK0R0y4jlOgfRdWnc0P809xSNmdD
Lgvk8we6APRuJmbEFDeF0GzllMXuSU7DRMFH4MF0e4vA4HVGuk7UKfa/BiH0yoC7
16u61+R7rFDnLx/1vOxG5BoRQ7YmiWPsJ1c3uMSMDtlGYk4V
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:22:28 2025 by rpki-client