Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/vSseZ_QKkuYA__wU4hMoCEbvBhA.roa
File: vSseZ_QKkuYA__wU4hMoCEbvBhA.roa (raw, json)
Hash identifier: SiTCwshFgD081UNROnfXISwixbjUD7DK2jHjv7h7/GI=
Subject key identifier: BD:2B:1E:67:F4:0A:92:E6:00:FF:FC:14:E2:13:28:08:46:EF:06:10
Certificate issuer: /CN=219885ea020e65006314ee9480def3b3efc039e3
Certificate serial: 091B96D6
Authority key identifier: 21:98:85:EA:02:0E:65:00:63:14:EE:94:80:DE:F3:B3:EF:C0:39:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IZiF6gIOZQBjFO6UgN7zs-_AOeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/vSseZ_QKkuYA__wU4hMoCEbvBhA.roa
Signing time: Sat 01 Jan 2022 06:00:55 +0000
ROA not before: Sat 01 Jan 2022 06:00:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51559
IP address blocks: 2a0a:db00:2::/48 maxlen: 48
2a0a:db00:d::/48 maxlen: 48
2a0a:db00:8::/48 maxlen: 48
2a0a:db00:3::/48 maxlen: 48
2a0a:db00:6::/48 maxlen: 48
2a0a:db00:1::/48 maxlen: 48
2a0a:db00:c::/48 maxlen: 48
2a0a:db00:7::/48 maxlen: 48
2a0a:db00:a::/48 maxlen: 48
2a0a:db00:5::/48 maxlen: 48
2a0a:db00::/48 maxlen: 48
2a0a:db00:b::/48 maxlen: 48
2a0a:db00:e::/48 maxlen: 48
2a0a:db00:9::/48 maxlen: 48
2a0a:db00:4::/48 maxlen: 48
2a0a:db00::/29 maxlen: 29
2a0a:db00:f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152803030 (0x91b96d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=219885ea020e65006314ee9480def3b3efc039e3
Validity
Not Before: Jan 1 06:00:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd2b1e67f40a92e600fffc14e213280846ef0610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5d:c8:30:7e:5d:11:23:84:a7:c1:d4:b8:8e:
98:57:9e:a1:a4:02:d5:8d:fb:d5:e7:e6:6a:7b:ea:
20:04:d9:e4:d0:40:b1:5b:0e:ad:d9:2e:a0:56:33:
3b:ac:55:13:b2:cc:2d:85:5e:af:2e:65:49:e4:ad:
85:08:e1:11:63:d8:4a:4d:d3:60:f1:e2:86:a7:2e:
01:62:ca:aa:d8:d8:32:bf:8f:28:0b:09:f1:56:bc:
54:4f:fc:96:2f:89:01:5b:d1:61:ca:66:76:60:67:
b3:ab:95:7a:2d:fa:f3:f3:d0:c0:45:be:b8:d1:08:
1a:1d:3d:8b:dc:74:ab:0d:d5:f5:08:7d:29:0a:01:
f2:dc:e0:b8:7f:e7:2e:ef:1d:a7:d2:de:0a:3a:d0:
72:b9:60:9d:36:e5:40:12:57:76:61:31:a6:45:cd:
ec:91:50:a5:88:40:eb:a0:a8:8a:70:7a:1f:b8:ca:
f7:21:80:8c:35:58:c8:ac:8b:48:47:c8:47:b5:7f:
cf:c7:a3:53:2a:f5:1c:8e:3e:ee:22:e7:90:e8:34:
13:0c:5e:83:b6:85:10:5c:fc:01:46:6a:46:d8:34:
86:ca:5a:a0:85:28:26:a2:c1:2a:0a:35:18:9d:17:
37:b7:0a:5e:6e:a7:39:26:48:7f:8d:51:35:98:f7:
48:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2B:1E:67:F4:0A:92:E6:00:FF:FC:14:E2:13:28:08:46:EF:06:10
X509v3 Authority Key Identifier:
keyid:21:98:85:EA:02:0E:65:00:63:14:EE:94:80:DE:F3:B3:EF:C0:39:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IZiF6gIOZQBjFO6UgN7zs-_AOeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/vSseZ_QKkuYA__wU4hMoCEbvBhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/IZiF6gIOZQBjFO6UgN7zs-_AOeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:db00::/29
Signature Algorithm: sha256WithRSAEncryption
32:a2:d4:ab:20:98:10:88:15:e8:1f:d2:bb:b9:ba:a3:48:94:
67:88:44:2d:28:df:7c:97:15:a1:62:13:15:cc:f8:30:38:23:
18:b5:42:b6:cc:55:13:2a:60:ad:8c:84:1a:e6:63:99:bc:6a:
49:95:e2:58:a4:02:8c:9e:ad:e6:2d:2b:18:31:9f:fb:03:ce:
ed:76:93:ea:99:d2:9b:75:8f:18:a6:43:40:6c:a3:ed:92:b8:
90:0e:5a:f3:58:18:24:ed:36:4c:a0:e2:99:e6:1a:d1:58:ef:
72:cc:80:d2:63:73:9e:a9:88:93:7d:d1:f5:0d:3d:07:fb:52:
b2:11:e2:58:1e:47:58:1a:21:5a:e4:77:85:31:43:41:ac:12:
b1:07:5e:e3:bd:8d:24:b6:9c:39:ee:8c:2b:72:48:c5:bd:5f:
02:b6:86:9c:07:4e:59:58:32:e9:6c:86:f4:76:75:34:d3:ce:
57:cf:a5:f1:32:c2:7b:c7:19:c8:03:22:9b:71:a7:92:40:52:
ff:75:60:b0:b9:4a:98:b1:69:c6:8f:e8:17:84:b0:24:a4:98:
81:64:50:40:af:d6:fa:cb:3c:fc:cb:13:f3:93:fd:e9:e3:8e:
1a:16:03:3d:62:be:32:fb:95:11:5d:59:39:77:f6:4d:58:cb:
1e:72:1d:30
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECRuW1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTk4ODVlYTAyMGU2NTAwNjMxNGVlOTQ4MGRlZjNiM2VmYzAzOWUzMB4XDTIyMDEw
MTA2MDA1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQyYjFlNjdmNDBh
OTJlNjAwZmZmYzE0ZTIxMzI4MDg0NmVmMDYxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5dyDB+XREjhKfB1LiOmFeeoaQC1Y371efmanvqIATZ5NBA
sVsOrdkuoFYzO6xVE7LMLYVery5lSeSthQjhEWPYSk3TYPHihqcuAWLKqtjYMr+P
KAsJ8Va8VE/8li+JAVvRYcpmdmBns6uVei368/PQwEW+uNEIGh09i9x0qw3V9Qh9
KQoB8tzguH/nLu8dp9LeCjrQcrlgnTblQBJXdmExpkXN7JFQpYhA66CoinB6H7jK
9yGAjDVYyKyLSEfIR7V/z8ejUyr1HI4+7iLnkOg0Ewxeg7aFEFz8AUZqRtg0hspa
oIUoJqLBKgo1GJ0XN7cKXm6nOSZIf41RNZj3SDECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBS9Kx5n9AqS5gD//BTiEygIRu8GEDAfBgNVHSMEGDAWgBQhmIXqAg5lAGMU
7pSA3vOz78A54zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0laaUY2Z0lPWlFCakZPNlVnTjd6cy1fQU9lTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvZmUwNGFjLWExOTAtNDgwNC05MTNjLWZmYzAyNTgzMWY0Zi8x
L3ZTc2VaX1FLa3VZQV9fd1U0aE1vQ0VidkJoQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
ZmUwNGFjLWExOTAtNDgwNC05MTNjLWZmYzAyNTgzMWY0Zi8xL0laaUY2Z0lPWlFC
akZPNlVnTjd6cy1fQU9lTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoK2wAwDQYJKoZIhvcNAQELBQAD
ggEBADKi1KsgmBCIFegf0ru5uqNIlGeIRC0o33yXFaFiExXM+DA4Ixi1QrbMVRMq
YK2MhBrmY5m8akmV4likAoyereYtKxgxn/sDzu12k+qZ0pt1jximQ0Bso+2SuJAO
WvNYGCTtNkyg4pnmGtFY73LMgNJjc56piJN90fUNPQf7UrIR4lgeR1gaIVrkd4Ux
Q0GsErEHXuO9jSS2nDnujCtySMW9XwK2hpwHTllYMulshvR2dTTTzlfPpfEywnvH
GcgDIptxp5JAUv91YLC5SpixacaP6BeEsCSkmIFkUECv1vrLPPzLE/OT/enjjhoW
Az1ivjL7lRFdWTl39k1Yyx5yHTA=
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:06:24 2025 by rpki-client