Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/8BwM2X8640d9CanUXP9aIkqs8Fo.roa
File: 8BwM2X8640d9CanUXP9aIkqs8Fo.roa (raw, json)
Hash identifier: sfeUwHBPcImVN8TaNagMB2cQ3irq8II+SpZlQkCQ6oo=
Subject key identifier: F0:1C:0C:D9:7F:3A:E3:47:7D:09:A9:D4:5C:FF:5A:22:4A:AC:F0:5A
Certificate issuer: /CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Certificate serial: 08DDA557
Authority key identifier: 32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/8BwM2X8640d9CanUXP9aIkqs8Fo.roa
Signing time: Sat 01 Jan 2022 14:58:59 +0000
ROA not before: Sat 01 Jan 2022 14:58:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208753
IP address blocks: 2a09:b280:ff60::/48 maxlen: 48
2a09:b280:ff61::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148743511 (0x8dda557)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Validity
Not Before: Jan 1 14:58:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f01c0cd97f3ae3477d09a9d45cff5a224aacf05a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:91:c8:a9:e6:dd:21:51:8a:e2:ce:5a:ed:90:
a9:ce:4e:a0:46:7d:3f:69:65:12:4c:2f:14:9d:01:
52:3a:77:a1:a1:40:a8:38:9d:df:b3:96:71:1f:2f:
72:28:84:0d:a8:64:dd:ce:1e:04:ee:34:41:92:72:
99:dd:d2:a2:b0:2f:44:f2:47:ae:01:31:91:4a:67:
d1:32:47:02:20:23:c9:4b:0a:7b:fe:7e:8d:fe:4b:
b2:c7:a6:07:e9:8f:67:0b:ab:07:83:05:e5:68:43:
20:bc:d0:83:4c:87:b4:be:0c:47:27:9b:1c:e4:9b:
cc:1c:c3:46:4a:45:98:5f:27:91:bc:dc:a6:ac:b5:
f9:5f:81:83:bc:16:44:b9:f3:fb:ce:ce:2d:19:9b:
6b:a5:00:80:15:75:d4:a3:b9:c4:41:4a:52:2f:03:
0f:73:df:bc:b4:09:6a:c5:94:24:b2:06:4d:55:8f:
e4:0c:4b:c2:5f:e7:e4:62:34:13:a1:6c:48:40:65:
f9:9a:d0:8a:48:40:57:e7:e4:36:3a:7a:fa:c0:93:
f3:b8:cf:e5:2b:b4:9d:d4:6b:49:3b:56:69:08:36:
f9:ba:f7:49:52:7a:70:c6:85:a9:98:87:ca:d3:6b:
25:9b:16:ab:ae:3c:1f:3b:f8:78:a1:8b:7d:f5:a2:
e2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1C:0C:D9:7F:3A:E3:47:7D:09:A9:D4:5C:FF:5A:22:4A:AC:F0:5A
X509v3 Authority Key Identifier:
keyid:32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/8BwM2X8640d9CanUXP9aIkqs8Fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:b280:ff60::/47
Signature Algorithm: sha256WithRSAEncryption
35:eb:0e:3e:90:ac:4b:e7:cd:e6:fb:10:a6:12:2f:fc:cd:bd:
e7:d4:6b:1c:e2:56:e4:7e:24:95:62:bf:81:83:3a:cd:27:fb:
ac:bd:dd:6f:58:2c:2a:d7:b0:56:af:9d:96:2d:50:5a:20:47:
04:d1:cb:34:c6:74:e6:a2:6b:dd:26:06:69:59:77:49:4b:6e:
c7:d9:87:03:b1:cd:3a:0d:94:24:fb:da:97:b5:35:09:a1:ae:
d3:b3:ee:0f:7b:d1:37:47:fe:5e:ec:e1:42:13:7d:44:79:e7:
be:66:e5:45:b9:34:5f:fd:e1:4e:84:aa:34:87:fe:5a:2b:02:
b0:99:69:db:66:de:e4:4d:64:1a:d6:38:3d:00:87:d4:6d:f2:
14:1f:2c:38:f3:41:06:c2:86:34:77:eb:da:e4:49:98:dc:9f:
de:3b:35:9d:90:d2:b1:42:70:f5:85:33:89:a1:9c:a4:13:e3:
60:c7:72:09:4d:d7:40:ee:16:f7:c8:6a:b1:52:48:08:fb:d9:
3d:9b:7b:20:f5:33:d6:9e:9f:6a:23:2e:5d:96:6a:bd:93:93:
96:6c:c9:bf:38:82:e4:ac:7d:0e:89:8c:8f:01:8e:3a:ee:8e:
b6:76:f3:f9:67:20:c1:ce:19:f4:41:07:d1:51:8c:74:a8:fb:
eb:57:37:14
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECN2lVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjUwOGZiNzgxY2E2ZGJkODIyMWYyYzJmOTU0YTNhNzQ0NmIyYjQyMB4XDTIyMDEw
MTE0NTg1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjAxYzBjZDk3ZjNh
ZTM0NzdkMDlhOWQ0NWNmZjVhMjI0YWFjZjA1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSRyKnm3SFRiuLOWu2Qqc5OoEZ9P2llEkwvFJ0BUjp3oaFA
qDid37OWcR8vciiEDahk3c4eBO40QZJymd3SorAvRPJHrgExkUpn0TJHAiAjyUsK
e/5+jf5LssemB+mPZwurB4MF5WhDILzQg0yHtL4MRyebHOSbzBzDRkpFmF8nkbzc
pqy1+V+Bg7wWRLnz+87OLRmba6UAgBV11KO5xEFKUi8DD3PfvLQJasWUJLIGTVWP
5AxLwl/n5GI0E6FsSEBl+ZrQikhAV+fkNjp6+sCT87jP5Su0ndRrSTtWaQg2+br3
SVJ6cMaFqZiHytNrJZsWq648Hzv4eKGLffWi4lUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTwHAzZfzrjR30JqdRc/1oiSqzwWjAfBgNVHSMEGDAWgBQyUI+3gcptvYIh
8sL5VKOnRGsrQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01sQ1B0NEhLYmIyQ0lmTEMtVlNqcDBSckswSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNmMyMDNkLTYyMjEtNDYwYS1hZjQ5LWMxMjIxODc2NTE1NC8x
LzhCd00yWDg2NDBkOUNhblVYUDlhSWtxczhGby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NmMyMDNkLTYyMjEtNDYwYS1hZjQ5LWMxMjIxODc2NTE1NC8xL01sQ1B0NEhLYmIy
Q0lmTEMtVlNqcDBSckswSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASoJsoD/YDANBgkqhkiG9w0BAQsF
AAOCAQEANesOPpCsS+fN5vsQphIv/M2959RrHOJW5H4klWK/gYM6zSf7rL3db1gs
KtewVq+dli1QWiBHBNHLNMZ05qJr3SYGaVl3SUtux9mHA7HNOg2UJPval7U1CaGu
07PuD3vRN0f+XuzhQhN9RHnnvmblRbk0X/3hToSqNIf+WisCsJlp22be5E1kGtY4
PQCH1G3yFB8sOPNBBsKGNHfr2uRJmNyf3js1nZDSsUJw9YUziaGcpBPjYMdyCU3X
QO4W98hqsVJICPvZPZt7IPUz1p6faiMuXZZqvZOTlmzJvziC5Kx9DomMjwGOOu6O
tnbz+Wcgwc4Z9EEH0VGMdKj761c3FA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:34 2025 by rpki-client