Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/rbby4nO9gHA8dOIMx7o9EmdT1Bs.roa
File: rbby4nO9gHA8dOIMx7o9EmdT1Bs.roa (raw, json)
Hash identifier: R6C5O4AYS7vWN1GNwtOQQTvrBRyfO0bK7Z/Qww6CqH4=
Subject key identifier: AD:B6:F2:E2:73:BD:80:70:3C:74:E2:0C:C7:BA:3D:12:67:53:D4:1B
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 0185708C8F57C65DADDD4ACC5134F22D0CCE
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/rbby4nO9gHA8dOIMx7o9EmdT1Bs.roa
Signing time: Mon 02 Jan 2023 03:35:37 +0000
ROA not before: Mon 02 Jan 2023 03:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1759
IP address blocks: 2001:2000:6000::/40 maxlen: 40
2001:2062::/32 maxlen: 32
2001:2003::/32 maxlen: 32
2001:2061::/32 maxlen: 32
2001:2001:6000::/40 maxlen: 40
2001:2060::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:8f:57:c6:5d:ad:dd:4a:cc:51:34:f2:2d:0c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 2 03:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adb6f2e273bd80703c74e20cc7ba3d126753d41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f8:4a:a1:ba:be:6a:28:a8:26:33:41:8f:1f:
3b:91:7b:bd:9f:b2:30:19:7f:db:68:9c:6d:b7:e9:
2d:34:da:31:1a:11:83:97:8d:18:2e:99:a0:92:4f:
0c:db:08:bc:37:70:80:9c:83:b1:87:b7:21:b8:96:
33:fb:b6:be:61:a9:60:8c:fa:9f:ce:e3:c0:7f:98:
81:89:7f:87:6c:95:9a:54:69:51:e8:23:94:41:13:
6a:72:40:35:af:b9:75:12:16:d6:73:34:63:bb:aa:
93:2b:e0:d3:dc:de:27:2b:a6:86:76:3e:3f:ef:77:
5e:da:24:bb:0a:5d:64:c1:8a:83:7b:f7:a5:97:4d:
3a:3b:b5:26:85:ee:9c:1e:ab:67:d0:97:7b:d0:d9:
4d:1a:f2:70:68:37:2e:00:78:3d:34:f9:ae:a5:a0:
d5:90:41:f3:27:68:e6:3e:7d:9c:56:34:6e:27:3c:
f6:4e:b8:5b:09:60:92:ad:8b:21:24:4d:1d:32:a0:
6b:e4:78:30:49:eb:ce:b6:cd:d2:4d:1f:ec:e4:d4:
00:86:7a:dc:19:b9:16:41:84:da:a8:69:9b:1d:ef:
a2:c3:81:d5:0e:c7:4f:ac:76:08:f0:08:09:fc:26:
51:7a:ec:1b:43:c0:17:d6:01:55:dd:0f:bf:41:78:
cb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B6:F2:E2:73:BD:80:70:3C:74:E2:0C:C7:BA:3D:12:67:53:D4:1B
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/rbby4nO9gHA8dOIMx7o9EmdT1Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000:6000::/40
2001:2001:6000::/40
2001:2003::/32
2001:2060::-2001:2062:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
89:bf:d8:38:73:2b:43:ba:38:5d:a3:1d:ac:ee:94:1b:f4:16:
80:cc:95:96:1e:af:f6:e3:38:e2:55:03:3f:bd:05:12:97:61:
38:25:f1:e0:57:63:da:79:19:71:c6:06:c9:97:61:a5:ac:22:
72:6e:74:c4:18:e5:34:b5:75:85:e7:dc:1d:23:25:0a:73:b5:
36:7b:93:93:6c:88:46:63:bf:2e:34:ae:3a:29:87:1c:a0:8c:
54:4d:fb:e3:41:c3:e1:01:56:dc:f9:a9:86:f2:ac:6c:26:87:
51:7b:ee:81:6b:eb:fe:d6:c1:9a:d1:e2:ac:24:98:97:ac:e1:
8d:ad:88:f4:5d:d1:58:ba:49:4a:a5:eb:2e:a7:a8:8c:0e:ab:
30:85:73:51:48:61:22:e6:1a:2e:6d:5f:73:55:e5:76:8f:85:
68:e3:38:f7:78:cc:81:44:d1:42:23:26:cb:45:87:42:c1:e5:
55:44:c0:14:87:27:08:cd:3d:d3:e3:9b:24:eb:9f:b7:b2:99:
2e:68:d0:fa:94:fa:f3:3a:cb:39:5e:c2:67:3e:3f:e9:0b:c8:
2d:34:83:d1:b3:7b:5c:78:1a:29:2c:d2:11:2f:f4:df:b1:db:
da:78:1a:a6:20:77:db:73:99:7b:52:e9:59:74:21:2a:96:27:
2a:19:61:cc
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwjI9Xxl2t3UrMUTTyLQzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjMwMTAyMDMzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGI2ZjJlMjczYmQ4MDcwM2M3NGUyMGNjN2JhM2QxMjY3NTNkNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfhKobq+aiioJjNBjx87kXu9n7Iw
GX/baJxtt+ktNNoxGhGDl40YLpmgkk8M2wi8N3CAnIOxh7chuJYz+7a+YalgjPqf
zuPAf5iBiX+HbJWaVGlR6COUQRNqckA1r7l1EhbWczRju6qTK+DT3N4nK6aGdj4/
73de2iS7Cl1kwYqDe/ell006O7Umhe6cHqtn0Jd70NlNGvJwaDcuAHg9NPmupaDV
kEHzJ2jmPn2cVjRuJzz2TrhbCWCSrYshJE0dMqBr5HgwSevOts3STR/s5NQAhnrc
GbkWQYTaqGmbHe+iw4HVDsdPrHYI8AgJ/CZReuwbQ8AX1gFV3Q+/QXjLUwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK228uJzvYBwPHTiDMe6PRJnU9QbMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvcmJieTRuTzlnSEE4ZE9JTXg3bzlFbWRUMUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAAjAnAwYAIAEgAGAD
BgAgASABYAMFACABIAMwDgMFBSABIGADBQAgASBiMA0GCSqGSIb3DQEBCwUAA4IB
AQCJv9g4cytDujhdox2s7pQb9BaAzJWWHq/24zjiVQM/vQUSl2E4JfHgV2PaeRlx
xgbJl2GlrCJybnTEGOU0tXWF59wdIyUKc7U2e5OTbIhGY78uNK46KYccoIxUTfvj
QcPhAVbc+amG8qxsJodRe+6Ba+v+1sGa0eKsJJiXrOGNrYj0XdFYuklKpesup6iM
DqswhXNRSGEi5houbV9zVeV2j4Vo4zj3eMyBRNFCIybLRYdCweVVRMAUhycIzT3T
45sk65+3spkuaND6lPrzOss5XsJnPj/pC8gtNIPRs3tceBopLNIRL/TfsdvaeBqm
IHfbc5l7UulZdCEqlicqGWHM
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:16:02 2025 by rpki-client