Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/B3kewzzntU03YV0nlj1kAbeel1U.roa
File: B3kewzzntU03YV0nlj1kAbeel1U.roa (raw, json)
Hash identifier: j7K7hS/eOppGtwehjSQfgsPdQufZYV/9tc9QT/gAErA=
Subject key identifier: 07:79:1E:C3:3C:E7:B5:4D:37:61:5D:27:96:3D:64:01:B7:9E:97:55
Certificate issuer: /CN=bcce590711ae7fcb016eeb7376b0a7fc7661cb13
Certificate serial: 01856F024D057C2B75FAAA88ABB95C0EB56F
Authority key identifier: BC:CE:59:07:11:AE:7F:CB:01:6E:EB:73:76:B0:A7:FC:76:61:CB:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vM5ZBxGuf8sBbutzdrCn_HZhyxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/B3kewzzntU03YV0nlj1kAbeel1U.roa
Signing time: Sun 01 Jan 2023 20:24:59 +0000
ROA not before: Sun 01 Jan 2023 20:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7171
IP address blocks: 2a00:ad40:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4d:05:7c:2b:75:fa:aa:88:ab:b9:5c:0e:b5:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcce590711ae7fcb016eeb7376b0a7fc7661cb13
Validity
Not Before: Jan 1 20:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07791ec33ce7b54d37615d27963d6401b79e9755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cb:14:fd:2f:53:54:09:00:36:b6:c3:be:a5:
c8:98:d6:3d:a1:08:3f:64:05:96:85:93:ed:37:ff:
95:7a:a8:2e:c7:e7:3c:f8:e1:75:3e:16:75:2c:41:
6c:a4:e5:c7:00:cd:43:5a:81:48:2d:03:35:7a:20:
94:77:03:c2:ee:f7:f4:b4:5b:12:84:56:29:4c:7b:
db:47:68:b9:10:3b:62:97:2d:aa:18:67:43:77:96:
c6:db:82:53:4a:ea:56:2f:60:fb:ff:b7:69:4f:39:
d1:6a:ba:5d:e3:bc:be:cf:7a:51:d2:03:55:ac:64:
69:4e:1b:c2:2f:f5:f4:0e:a1:12:00:d0:04:a6:9b:
7e:04:3d:83:45:c7:76:92:84:68:4a:5c:69:87:00:
b3:f9:8d:b6:e2:0a:95:3a:8f:0a:ce:63:18:cb:34:
62:84:7c:89:67:5c:d4:42:7b:26:aa:98:9c:61:db:
f4:46:f8:de:17:a5:69:12:d8:e7:3b:46:5d:35:68:
6e:6d:b9:e8:45:28:5b:48:74:41:d8:41:a6:ea:0b:
81:d0:b7:e2:43:8e:69:50:00:3b:ab:c0:3d:f6:44:
71:22:f3:4d:a7:38:e4:98:18:ea:0a:af:82:47:51:
51:04:07:3e:6f:28:fb:b3:a5:5d:e8:80:e9:01:d8:
0a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:79:1E:C3:3C:E7:B5:4D:37:61:5D:27:96:3D:64:01:B7:9E:97:55
X509v3 Authority Key Identifier:
keyid:BC:CE:59:07:11:AE:7F:CB:01:6E:EB:73:76:B0:A7:FC:76:61:CB:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vM5ZBxGuf8sBbutzdrCn_HZhyxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/B3kewzzntU03YV0nlj1kAbeel1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/vM5ZBxGuf8sBbutzdrCn_HZhyxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ad40:200::/40
Signature Algorithm: sha256WithRSAEncryption
62:90:f6:59:de:8a:89:cd:b4:c1:7d:b9:63:9d:e4:62:7e:18:
b5:b8:35:44:68:f2:96:a7:86:1a:bf:71:d2:eb:fa:d9:19:c9:
fc:61:b4:da:2b:99:4b:a0:64:ce:db:21:43:00:7c:31:a0:97:
1b:34:7c:be:6d:1f:2d:06:5b:4a:c5:e5:9a:5c:f9:f4:5e:7e:
8e:a6:57:cf:89:13:4d:6c:27:f5:5e:bd:05:72:bc:e0:89:82:
23:02:51:5f:be:fd:eb:b7:c4:38:e3:4a:34:90:9d:96:95:70:
1f:eb:81:f9:06:86:4f:63:fb:21:51:56:21:1a:fb:48:41:05:
dc:f5:92:3c:99:26:42:63:42:7e:01:60:f6:61:d2:73:ea:23:
44:ca:10:a7:22:eb:49:d1:16:b2:9d:a8:ee:f2:76:88:84:b6:
ac:89:02:64:c3:9a:89:13:3c:14:3a:88:cb:90:81:41:10:8a:
45:7c:fa:b0:e6:f5:62:02:f1:ab:73:fd:c6:0c:28:39:ad:dc:
50:e5:26:13:f4:53:ce:37:f4:02:75:86:51:0e:27:e9:29:fe:
60:0f:c7:8a:c1:f9:5a:f6:ff:44:66:6c:51:5f:bd:73:ba:40:
06:37:cb:88:58:ec:05:7c:9c:16:0c:d4:79:8c:60:a0:2e:10:
37:00:a3:33
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvAk0FfCt1+qqIq7lcDrVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2U1OTA3MTFhZTdmY2IwMTZlZWI3Mzc2YjBhN2ZjNzY2
MWNiMTMwHhcNMjMwMTAxMjAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzc5MWVjMzNjZTdiNTRkMzc2MTVkMjc5NjNkNjQwMWI3OWU5NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAossU/S9TVAkANrbDvqXImNY9oQg/
ZAWWhZPtN/+Veqgux+c8+OF1PhZ1LEFspOXHAM1DWoFILQM1eiCUdwPC7vf0tFsS
hFYpTHvbR2i5EDtily2qGGdDd5bG24JTSupWL2D7/7dpTznRarpd47y+z3pR0gNV
rGRpThvCL/X0DqESANAEppt+BD2DRcd2koRoSlxphwCz+Y224gqVOo8KzmMYyzRi
hHyJZ1zUQnsmqpicYdv0RvjeF6VpEtjnO0ZdNWhubbnoRShbSHRB2EGm6guB0Lfi
Q45pUAA7q8A99kRxIvNNpzjkmBjqCq+CR1FRBAc+byj7s6Vd6IDpAdgKwwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAd5HsM857VNN2FdJ5Y9ZAG3npdVMB8GA1UdIwQY
MBaAFLzOWQcRrn/LAW7rc3awp/x2YcsTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk01WkJ4R3VmOHNCYnV0emRyQ25fSFpoeXhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hYzZiOTEtZWRhZi00NDg2LTkzNGUt
MDVkYjQ5N2FjNDU1LzEvQjNrZXd6em50VTAzWVYwbmxqMWtBYmVlbDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hYzZiOTEtZWRhZi00NDg2LTkzNGUtMDVkYjQ5N2FjNDU1
LzEvdk01WkJ4R3VmOHNCYnV0emRyQ25fSFpoeXhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgCtQAIw
DQYJKoZIhvcNAQELBQADggEBAGKQ9lneionNtMF9uWOd5GJ+GLW4NURo8panhhq/
cdLr+tkZyfxhtNormUugZM7bIUMAfDGglxs0fL5tHy0GW0rF5Zpc+fRefo6mV8+J
E01sJ/VevQVyvOCJgiMCUV++/eu3xDjjSjSQnZaVcB/rgfkGhk9j+yFRViEa+0hB
Bdz1kjyZJkJjQn4BYPZh0nPqI0TKEKci60nRFrKdqO7ydoiEtqyJAmTDmokTPBQ6
iMuQgUEQikV8+rDm9WIC8atz/cYMKDmt3FDlJhP0U8439AJ1hlEOJ+kp/mAPx4rB
+Vr2/0RmbFFfvXO6QAY3y4hY7AV8nBYM1HmMYKAuEDcAozM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:17:32 2025 by rpki-client