Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/bKuUl55eu-wPSFHTNRg1_7QmfLM.roa
File: bKuUl55eu-wPSFHTNRg1_7QmfLM.roa (raw, json)
Hash identifier: cVRdVN6ijYF0SUCCbMgGV4OC0c8DVvzgWe1GtPoJEDI=
Subject key identifier: 6C:AB:94:97:9E:5E:BB:EC:0F:48:51:D3:35:18:35:FF:B4:26:7C:B3
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 0185708C903D41E6E7BA2B859A5A3F735808
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/bKuUl55eu-wPSFHTNRg1_7QmfLM.roa
Signing time: Mon 02 Jan 2023 03:35:38 +0000
ROA not before: Mon 02 Jan 2023 03:35:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3308
IP address blocks: 2001:2010::/31 maxlen: 31
2001:2000:1000::/40 maxlen: 40
2001:2012::/32 maxlen: 32
2001:2092::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:90:3d:41:e6:e7:ba:2b:85:9a:5a:3f:73:58:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 2 03:35:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cab94979e5ebbec0f4851d3351835ffb4267cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:aa:df:71:3c:f0:7f:62:84:d8:5a:66:d3:4b:
cd:05:a6:5e:72:9a:0b:5d:2c:03:aa:b8:c1:ec:ee:
86:2f:fe:5b:73:f7:4b:36:bb:df:69:8b:f2:9b:b8:
ef:b2:b1:db:fe:0c:07:1d:0e:b2:31:0e:3d:e6:3b:
c5:a1:ca:68:41:14:9e:68:9f:8e:64:e6:76:0f:ef:
92:90:60:c4:0b:d8:ef:9f:92:d4:57:a5:4c:e8:f0:
73:4b:d0:74:13:c2:7a:ea:c0:42:f2:5c:af:50:41:
5d:40:5b:8c:a6:0a:8d:f3:4b:cd:b5:cd:56:ca:d0:
bb:4e:b7:6b:8f:2c:77:73:24:e1:b4:10:a7:4d:6c:
29:54:f0:02:18:6b:5c:2e:b2:97:72:f5:2f:90:c7:
25:0e:5b:c6:85:3a:0d:be:08:bd:c7:95:81:b9:5f:
d3:7f:e7:23:68:76:ec:d0:0d:f2:fd:ed:4e:57:12:
3c:db:00:64:80:d7:4a:d0:41:3b:a5:f5:a5:69:0f:
b4:f3:64:67:6b:93:1f:99:b1:16:ed:27:f1:f4:31:
c7:b6:ca:30:d8:fe:6a:26:8b:24:94:c7:75:00:8a:
62:db:91:fe:d8:22:78:23:11:2d:96:e3:b1:3b:17:
d0:c4:a8:d3:f9:83:5a:e5:64:70:e6:b4:4c:c0:d3:
5c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AB:94:97:9E:5E:BB:EC:0F:48:51:D3:35:18:35:FF:B4:26:7C:B3
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/bKuUl55eu-wPSFHTNRg1_7QmfLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000:1000::/40
2001:2010::-2001:2012:ffff:ffff:ffff:ffff:ffff:ffff
2001:2092::/32
Signature Algorithm: sha256WithRSAEncryption
60:a0:bd:7d:9b:88:96:e9:c6:2b:71:c1:a1:c6:cf:dc:c3:6f:
3a:5a:4c:0d:c7:2b:97:de:38:4b:ba:8c:bc:20:fd:1a:f8:2e:
b6:3d:a6:2d:00:58:75:8b:f5:0c:8f:44:d3:5e:ba:14:d0:f7:
c7:e2:6a:26:a0:45:03:fb:14:9a:b9:8d:60:3a:c0:b9:78:35:
8f:e4:d4:88:92:18:a2:e0:b9:83:31:a9:ad:a1:40:5b:7a:00:
01:9d:0a:a3:57:3b:da:80:ad:b8:e9:34:f0:46:3b:19:f2:a7:
79:54:82:ad:40:5f:98:b2:e6:59:f2:bd:54:80:d3:ba:dc:6e:
f9:cc:b9:f4:d2:3e:31:ff:f7:f9:e0:5c:a1:ab:49:ec:71:de:
77:b9:63:b0:8f:5e:26:17:fd:26:20:4c:40:a3:bd:ed:4c:49:
a0:0a:fc:2e:26:56:17:3a:66:24:9a:88:64:01:4b:fa:53:50:
c2:32:af:dc:f7:43:43:e3:c4:83:a4:c3:ef:88:f2:1e:72:77:
c3:c9:c7:c6:b4:51:3f:8d:09:e8:14:3a:26:99:1c:c9:0e:72:
3b:7e:f1:43:13:56:e7:3c:41:d2:06:0d:93:39:53:ab:16:f7:
f0:a7:fe:35:20:66:37:4d:0b:e5:49:ff:02:ad:85:2d:8e:35:
b2:49:85:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVwjJA9QebnuiuFmlo/c1gIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjMwMTAyMDMzNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2FiOTQ5NzllNWViYmVjMGY0ODUxZDMzNTE4MzVmZmI0MjY3Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmarfcTzwf2KE2Fpm00vNBaZecpoL
XSwDqrjB7O6GL/5bc/dLNrvfaYvym7jvsrHb/gwHHQ6yMQ495jvFocpoQRSeaJ+O
ZOZ2D++SkGDEC9jvn5LUV6VM6PBzS9B0E8J66sBC8lyvUEFdQFuMpgqN80vNtc1W
ytC7Trdrjyx3cyThtBCnTWwpVPACGGtcLrKXcvUvkMclDlvGhToNvgi9x5WBuV/T
f+cjaHbs0A3y/e1OVxI82wBkgNdK0EE7pfWlaQ+082Rna5MfmbEW7Sfx9DHHtsow
2P5qJosklMd1AIpi25H+2CJ4IxEtluOxOxfQxKjT+YNa5WRw5rRMwNNcrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyrlJeeXrvsD0hR0zUYNf+0JnyzMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvYkt1VWw1NWV1LXdQU0ZIVE5SZzFfN1FtZkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAAjAfAwYAIAEgABAw
DgMFBCABIBADBQAgASASAwUAIAEgkjANBgkqhkiG9w0BAQsFAAOCAQEAYKC9fZuI
lunGK3HBocbP3MNvOlpMDccrl944S7qMvCD9Gvgutj2mLQBYdYv1DI9E0166FND3
x+JqJqBFA/sUmrmNYDrAuXg1j+TUiJIYouC5gzGpraFAW3oAAZ0Ko1c72oCtuOk0
8EY7GfKneVSCrUBfmLLmWfK9VIDTutxu+cy59NI+Mf/3+eBcoatJ7HHed7ljsI9e
Jhf9JiBMQKO97UxJoAr8LiZWFzpmJJqIZAFL+lNQwjKv3PdDQ+PEg6TD74jyHnJ3
w8nHxrRRP40J6BQ6JpkcyQ5yO37xQxNW5zxB0gYNkzlTqxb38Kf+NSBmN00L5Un/
Aq2FLY41skmFgw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:27:37 2025 by rpki-client