Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/RSYU8zBAeU9xDW1uLRRPbxokuJA.roa
File: RSYU8zBAeU9xDW1uLRRPbxokuJA.roa (raw, json)
Hash identifier: uO7Ft/ZxgOBHrQhoe7cYh30WSgCJK7+ljtIu8CvJ4Hk=
Subject key identifier: 45:26:14:F3:30:40:79:4F:71:0D:6D:6E:2D:14:4F:6F:1A:24:B8:90
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 01826E893B3EA1E14875DAAF1F0501A10A81
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/RSYU8zBAeU9xDW1uLRRPbxokuJA.roa
Signing time: Fri 05 Aug 2022 15:04:23 +0000
ROA not before: Fri 05 Aug 2022 15:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35402
IP address blocks: 2a01:5c8:800::/48 maxlen: 48
2a01:5c8:803::/48 maxlen: 48
2a01:5c8:801::/48 maxlen: 48
2a01:5c8:804::/48 maxlen: 48
2a01:5c8:805::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6e:89:3b:3e:a1:e1:48:75:da:af:1f:05:01:a1:0a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Aug 5 15:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=452614f33040794f710d6d6e2d144f6f1a24b890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:aa:a3:b3:7b:ee:9f:ac:56:62:a9:b0:84:95:
3d:ee:57:df:ec:3a:40:69:12:7e:35:40:64:91:6b:
de:37:52:95:db:d6:ab:b7:5a:16:d3:3d:3f:1b:5d:
f9:e0:be:b7:82:f7:2c:7c:f6:4a:47:2e:8c:c5:a4:
47:3c:f1:87:68:7e:40:63:cb:6f:10:fd:dd:c4:cf:
3c:0f:3f:f0:ba:55:1c:a0:42:f7:84:d9:3c:b1:95:
52:5b:b1:57:18:f0:87:4c:14:1c:7c:c8:86:f4:e5:
51:c2:b1:70:10:fa:d0:f7:8d:37:d6:95:cc:3c:31:
bf:9e:e1:76:b1:44:ee:1c:c7:18:b4:71:97:56:7f:
9d:5c:6d:c8:d1:b9:5f:ce:6a:25:15:9a:db:d3:78:
c2:96:5a:b4:b2:bc:a1:ca:56:2c:54:9e:ed:63:de:
e0:16:f1:d0:9b:96:33:77:30:80:43:09:de:93:bf:
70:fe:ee:9d:d5:84:d1:dd:6b:0a:98:5d:7e:ca:30:
02:53:68:fe:c3:da:b0:8b:06:64:c7:af:7e:96:b2:
0b:98:98:c3:04:37:94:19:48:ce:da:74:29:37:b7:
0c:68:ca:a2:1b:3a:d7:e2:46:1e:3f:77:aa:3d:bc:
d5:49:b3:5b:09:01:e2:76:37:dc:fa:ab:18:a8:b4:
c7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:26:14:F3:30:40:79:4F:71:0D:6D:6E:2D:14:4F:6F:1A:24:B8:90
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/RSYU8zBAeU9xDW1uLRRPbxokuJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:5c8:800::/47
2a01:5c8:803::-2a01:5c8:805:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
45:1f:78:87:47:a6:2d:ce:8a:29:78:27:46:9e:30:7e:fe:8b:
cc:1d:fb:10:71:b0:bc:65:36:da:9e:ee:3a:98:26:f4:53:4d:
60:de:9c:a6:56:c8:36:f4:ae:a5:9a:c9:52:6d:f0:09:3a:c1:
bd:c9:f5:8d:10:82:81:a0:47:c5:ea:41:09:64:20:a4:64:de:
58:eb:00:44:29:b1:2b:c6:70:3c:2c:bc:0f:7d:82:f7:37:06:
60:f2:ef:51:0a:bc:37:83:7a:23:27:fd:d4:62:89:ed:7a:6a:
88:de:13:3a:3a:7b:2b:73:63:93:8d:35:b0:9e:b9:bb:f3:b5:
67:c7:bf:17:d9:8d:b1:2e:39:e7:00:06:06:ae:61:88:39:61:
6e:ee:d4:65:fd:f2:ca:14:f8:e0:a7:7b:62:48:4c:a0:ae:73:
5c:13:17:23:9e:8c:a9:33:8d:3e:df:08:6c:6a:7f:df:78:93:
b0:c0:1d:06:43:5c:33:a8:a4:62:d5:90:24:23:85:a5:47:4f:
b4:90:4b:d5:e0:fc:df:f4:1c:de:95:ef:09:ff:f3:da:af:e6:
31:0c:79:8f:42:66:02:33:c6:a1:39:6c:67:2f:1e:68:73:43:
fe:60:0c:b6:d6:fe:47:0c:b6:cb:bf:63:07:dd:a9:34:de:7a:
53:85:10:df
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYJuiTs+oeFIddqvHwUBoQqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjIwODA1MTUwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTI2MTRmMzMwNDA3OTRmNzEwZDZkNmUyZDE0NGY2ZjFhMjRiODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKqjs3vun6xWYqmwhJU97lff7DpA
aRJ+NUBkkWveN1KV29art1oW0z0/G1354L63gvcsfPZKRy6MxaRHPPGHaH5AY8tv
EP3dxM88Dz/wulUcoEL3hNk8sZVSW7FXGPCHTBQcfMiG9OVRwrFwEPrQ94031pXM
PDG/nuF2sUTuHMcYtHGXVn+dXG3I0blfzmolFZrb03jCllq0sryhylYsVJ7tY97g
FvHQm5YzdzCAQwnek79w/u6d1YTR3WsKmF1+yjACU2j+w9qwiwZkx69+lrILmJjD
BDeUGUjO2nQpN7cMaMqiGzrX4kYeP3eqPbzVSbNbCQHidjfc+qsYqLTHFQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEUmFPMwQHlPcQ1tbi0UT28aJLiQMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvUlNZVTh6QkFlVTl4RFcxdUxSUlBieG9rdUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcBKgEFyAgA
MBIDBwAqAQXICAMDBwEqAQXICAQwDQYJKoZIhvcNAQELBQADggEBAEUfeIdHpi3O
iil4J0aeMH7+i8wd+xBxsLxlNtqe7jqYJvRTTWDenKZWyDb0rqWayVJt8Ak6wb3J
9Y0QgoGgR8XqQQlkIKRk3ljrAEQpsSvGcDwsvA99gvc3BmDy71EKvDeDeiMn/dRi
ie16aojeEzo6eytzY5ONNbCeubvztWfHvxfZjbEuOecABgauYYg5YW7u1GX98soU
+OCne2JITKCuc1wTFyOejKkzjT7fCGxqf994k7DAHQZDXDOopGLVkCQjhaVHT7SQ
S9Xg/N/0HN6V7wn/89qv5jEMeY9CZgIzxqE5bGcvHmhzQ/5gDLbW/kcMtsu/Ywfd
qTTeelOFEN8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:17 2025 by rpki-client