Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/D8nYD8DhvsPclSMRy3RymGUvt4A.roa
File: D8nYD8DhvsPclSMRy3RymGUvt4A.roa (raw, json)
Hash identifier: wy1lksUbVfSbCqiEBwtd8XlL2MS34tJbPVLUOF8zK8o=
Subject key identifier: 0F:C9:D8:0F:C0:E1:BE:C3:DC:95:23:11:CB:74:72:98:65:2F:B7:80
Certificate issuer: /CN=bcce590711ae7fcb016eeb7376b0a7fc7661cb13
Certificate serial: 1B2ECA6B
Authority key identifier: BC:CE:59:07:11:AE:7F:CB:01:6E:EB:73:76:B0:A7:FC:76:61:CB:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vM5ZBxGuf8sBbutzdrCn_HZhyxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/D8nYD8DhvsPclSMRy3RymGUvt4A.roa
Signing time: Sat 01 Jan 2022 10:58:50 +0000
ROA not before: Sat 01 Jan 2022 10:58:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19541
IP address blocks: 2a00:ad40:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 456051307 (0x1b2eca6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcce590711ae7fcb016eeb7376b0a7fc7661cb13
Validity
Not Before: Jan 1 10:58:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fc9d80fc0e1bec3dc952311cb747298652fb780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:71:06:53:02:ad:f9:e7:0d:fe:24:a5:06:97:
f7:be:51:21:4c:0a:1b:36:53:2b:03:e1:bd:0f:25:
86:fa:74:6e:09:1f:bf:50:91:b2:41:7c:13:5f:87:
12:83:d8:0f:48:8a:dc:94:35:8f:bf:03:6d:5a:e2:
85:36:99:c3:2b:90:c6:fa:76:e0:a0:ce:f2:f2:eb:
3d:c0:77:d4:d5:ce:ed:ae:25:21:39:03:57:63:e7:
6f:f6:5a:da:51:d5:1c:31:0e:7a:d7:65:76:70:fe:
c0:d0:3f:ca:2c:ea:5a:a9:ed:48:89:af:b6:5e:30:
1d:5b:06:da:7d:0e:1d:90:2b:d7:a1:0a:32:66:8d:
5d:61:93:02:23:31:c3:75:bf:76:6f:db:c2:a0:15:
e2:e5:fc:5d:74:46:1c:89:b2:98:2c:b2:d8:c6:50:
0a:ab:58:ef:1e:31:b1:9d:52:7f:a5:19:9e:c8:2b:
fc:93:bf:1f:2e:98:e5:f9:68:76:94:a2:47:c5:af:
df:af:26:ef:10:6b:35:9f:8d:02:38:ef:ac:23:ec:
12:21:05:28:0d:7b:c1:02:4f:af:8f:65:1b:d3:d8:
5f:4f:dd:e0:28:15:7a:3b:01:4d:d2:87:c7:64:02:
ac:29:fd:f0:32:0f:26:49:84:1f:cb:ff:15:f7:f5:
c7:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C9:D8:0F:C0:E1:BE:C3:DC:95:23:11:CB:74:72:98:65:2F:B7:80
X509v3 Authority Key Identifier:
keyid:BC:CE:59:07:11:AE:7F:CB:01:6E:EB:73:76:B0:A7:FC:76:61:CB:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vM5ZBxGuf8sBbutzdrCn_HZhyxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/D8nYD8DhvsPclSMRy3RymGUvt4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/vM5ZBxGuf8sBbutzdrCn_HZhyxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ad40:100::/40
Signature Algorithm: sha256WithRSAEncryption
73:ed:e8:91:32:04:de:33:09:f4:f1:c3:4e:85:5b:6c:b3:00:
e2:df:a0:7f:13:ef:e7:84:0d:b6:44:36:a4:5f:4f:d6:85:c1:
79:5a:af:58:57:97:e5:5f:ec:85:cc:9a:05:08:24:bf:dc:22:
38:a1:fa:bd:11:98:13:5e:2a:1d:6f:42:ef:69:0e:f9:8f:79:
c2:6c:fe:bb:81:9f:c1:04:87:a6:32:6e:66:f9:90:ee:6f:1c:
62:33:36:22:11:2c:22:4c:06:eb:08:fd:45:fc:d7:a4:26:f9:
14:1b:fb:73:6c:75:c9:bc:42:bc:26:d0:4e:e9:3f:56:ba:77:
a2:c9:0b:31:56:dd:65:aa:cf:27:2f:f0:fa:20:e1:c0:96:f6:
17:29:69:fd:0c:1d:3e:b7:ad:18:9f:ca:7e:3b:4c:c3:8d:6f:
ea:8e:e4:90:7b:d8:1f:4e:e1:ff:3d:ec:69:54:b8:5a:ee:6d:
c5:90:21:ca:8c:73:de:0c:5e:e0:38:bb:e6:ca:e8:30:9a:80:
e5:34:1e:50:12:b8:a1:c4:05:05:eb:6f:8c:9f:fb:e7:f7:b5:
74:51:31:40:99:7e:cf:11:54:5d:49:80:ce:a5:e3:a7:56:64:
ba:a0:db:a5:d1:3e:e8:99:fe:90:a1:c1:47:ec:30:82:78:16:
21:9a:f0:aa
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEGy7KazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Y2NlNTkwNzExYWU3ZmNiMDE2ZWViNzM3NmIwYTdmYzc2NjFjYjEzMB4XDTIyMDEw
MTEwNTg1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZjOWQ4MGZjMGUx
YmVjM2RjOTUyMzExY2I3NDcyOTg2NTJmYjc4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhxBlMCrfnnDf4kpQaX975RIUwKGzZTKwPhvQ8lhvp0bgkf
v1CRskF8E1+HEoPYD0iK3JQ1j78DbVrihTaZwyuQxvp24KDO8vLrPcB31NXO7a4l
ITkDV2Pnb/Za2lHVHDEOetdldnD+wNA/yizqWqntSImvtl4wHVsG2n0OHZAr16EK
MmaNXWGTAiMxw3W/dm/bwqAV4uX8XXRGHImymCyy2MZQCqtY7x4xsZ1Sf6UZnsgr
/JO/Hy6Y5flodpSiR8Wv368m7xBrNZ+NAjjvrCPsEiEFKA17wQJPr49lG9PYX0/d
4CgVejsBTdKHx2QCrCn98DIPJkmEH8v/Fff1x5cCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQPydgPwOG+w9yVIxHLdHKYZS+3gDAfBgNVHSMEGDAWgBS8zlkHEa5/ywFu
63N2sKf8dmHLEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZNNVpCeEd1ZjhzQmJ1dHpkckNuX0haaHl4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvYWM2YjkxLWVkYWYtNDQ4Ni05MzRlLTA1ZGI0OTdhYzQ1NS8x
L0Q4bllEOERodnNQY2xTTVJ5M1J5bUdVdnQ0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
YWM2YjkxLWVkYWYtNDQ4Ni05MzRlLTA1ZGI0OTdhYzQ1NS8xL3ZNNVpCeEd1Zjhz
QmJ1dHpkckNuX0haaHl4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoArUABMA0GCSqGSIb3DQEBCwUA
A4IBAQBz7eiRMgTeMwn08cNOhVtsswDi36B/E+/nhA22RDakX0/WhcF5Wq9YV5fl
X+yFzJoFCCS/3CI4ofq9EZgTXiodb0LvaQ75j3nCbP67gZ/BBIemMm5m+ZDubxxi
MzYiESwiTAbrCP1F/NekJvkUG/tzbHXJvEK8JtBO6T9WuneiyQsxVt1lqs8nL/D6
IOHAlvYXKWn9DB0+t60Yn8p+O0zDjW/qjuSQe9gfTuH/PexpVLha7m3FkCHKjHPe
DF7gOLvmyugwmoDlNB5QErihxAUF62+Mn/vn97V0UTFAmX7PEVRdSYDOpeOnVmS6
oNul0T7omf6QocFH7DCCeBYhmvCq
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:55:48 2025 by rpki-client