Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/kxP5pWJsL8CydUl1w7yTnkslNWo.roa
File: kxP5pWJsL8CydUl1w7yTnkslNWo.roa (raw, json)
Hash identifier: oRFd4gw2+n6+2qthvEu69vBfeX1ct4JdohgLkhkAp6s=
Subject key identifier: 93:13:F9:A5:62:6C:2F:C0:B2:75:49:75:C3:BC:93:9E:4B:25:35:6A
Certificate issuer: /CN=82e39681c5aaefb35e54f4ad8afa428d4ffde06a
Certificate serial: 018C7DE8ECFE6C473D7420AA987384D9C120
Authority key identifier: 82:E3:96:81:C5:AA:EF:B3:5E:54:F4:AD:8A:FA:42:8D:4F:FD:E0:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/kxP5pWJsL8CydUl1w7yTnkslNWo.roa
Signing time: Mon 18 Dec 2023 17:11:06 +0000
ROA not before: Mon 18 Dec 2023 17:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44286
IP address blocks: 2a02:2410::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:e8:ec:fe:6c:47:3d:74:20:aa:98:73:84:d9:c1:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e39681c5aaefb35e54f4ad8afa428d4ffde06a
Validity
Not Before: Dec 18 17:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9313f9a5626c2fc0b2754975c3bc939e4b25356a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:01:9f:59:e1:dd:2a:6c:dc:fa:20:77:14:60:
5d:a6:1c:24:24:40:b6:3f:7c:4b:93:14:e4:c4:b7:
61:cd:7f:60:e5:16:31:af:54:09:0e:6e:3d:70:01:
ce:ce:35:05:82:bb:6c:3b:fd:c6:10:5b:d6:20:60:
60:24:b9:6a:69:8f:99:99:f1:bd:a0:59:9e:58:92:
31:6d:91:25:30:97:47:33:bb:5b:be:10:de:a8:58:
5d:33:14:2d:b1:74:f2:9a:d9:56:e5:39:4f:07:35:
cf:0d:54:56:08:e7:19:ab:3d:43:d1:5d:af:90:b3:
02:d0:0d:48:b3:f5:a2:73:40:97:cf:5f:f5:5e:d5:
32:1a:18:3a:bb:e5:c0:ef:45:5a:14:c0:d8:37:58:
14:ae:97:ff:6d:e7:b2:9e:01:d7:33:30:c1:0b:67:
1e:c1:e8:ed:bb:d7:ee:0c:63:65:9d:45:2c:fb:3d:
d9:8f:31:84:8d:ac:e8:53:c2:94:9c:eb:d0:40:eb:
c5:77:2f:5d:05:59:04:cc:62:bf:a8:22:45:49:5b:
62:f5:1b:87:62:92:aa:8a:36:b3:e8:2d:7c:fc:1a:
b9:81:6e:91:ce:87:17:6d:8b:b5:1b:ef:fc:9a:70:
ac:83:39:de:84:f8:de:b3:08:7c:bf:9e:c0:e5:3d:
c8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:13:F9:A5:62:6C:2F:C0:B2:75:49:75:C3:BC:93:9E:4B:25:35:6A
X509v3 Authority Key Identifier:
keyid:82:E3:96:81:C5:AA:EF:B3:5E:54:F4:AD:8A:FA:42:8D:4F:FD:E0:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/kxP5pWJsL8CydUl1w7yTnkslNWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/guOWgcWq77NeVPStivpCjU_94Go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2410::/32
Signature Algorithm: sha256WithRSAEncryption
83:4c:94:93:a2:14:13:4b:dc:4c:a0:78:c9:3a:4b:91:24:78:
34:e0:d0:98:12:75:03:ec:5e:08:74:6d:a4:02:71:06:d6:ff:
49:2a:da:2f:35:ae:0a:30:4f:d6:50:06:33:53:ca:5f:3d:45:
64:d9:37:91:fb:74:a0:55:f6:0e:91:42:a5:ed:28:b2:27:a0:
15:d4:91:41:7f:3c:36:ae:ee:83:7e:91:82:74:ad:27:61:54:
53:01:d9:90:58:99:a5:5a:0d:39:d8:51:32:79:b5:07:29:50:
08:8c:fd:2b:69:82:0c:86:fe:46:45:cf:53:7d:f4:63:16:83:
26:71:2c:2d:5e:46:c1:7f:8b:93:95:92:ae:88:09:c5:e1:34:
e0:81:55:33:1e:c8:db:e4:b1:11:fd:5f:84:20:0e:ef:fe:fd:
22:70:b1:5b:43:36:30:80:a2:72:cd:91:8f:ad:90:be:ec:f7:
ab:db:05:4f:36:82:83:a6:2e:a2:fb:4e:48:6a:ca:a1:84:98:
b6:1b:56:65:ed:ae:8a:a7:50:1e:d5:c8:b2:c4:8b:fb:d2:f6:
fb:01:1d:1f:eb:2b:c8:0b:8f:17:ce:1c:94:2b:d0:47:48:a1:
bf:4b:b6:a2:52:95:de:e0:f3:c1:92:98:9e:3c:b1:a3:a9:40:
5c:ce:4a:42
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYx96Oz+bEc9dCCqmHOE2cEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTM5NjgxYzVhYWVmYjM1ZTU0ZjRhZDhhZmE0MjhkNGZm
ZGUwNmEwHhcNMjMxMjE4MTcxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzEzZjlhNTYyNmMyZmMwYjI3NTQ5NzVjM2JjOTM5ZTRiMjUzNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwGfWeHdKmzc+iB3FGBdphwkJEC2
P3xLkxTkxLdhzX9g5RYxr1QJDm49cAHOzjUFgrtsO/3GEFvWIGBgJLlqaY+ZmfG9
oFmeWJIxbZElMJdHM7tbvhDeqFhdMxQtsXTymtlW5TlPBzXPDVRWCOcZqz1D0V2v
kLMC0A1Is/Wic0CXz1/1XtUyGhg6u+XA70VaFMDYN1gUrpf/beeyngHXMzDBC2ce
wejtu9fuDGNlnUUs+z3ZjzGEjazoU8KUnOvQQOvFdy9dBVkEzGK/qCJFSVti9RuH
YpKqijaz6C18/Bq5gW6RzocXbYu1G+/8mnCsgznehPjeswh8v57A5T3ILwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJMT+aVibC/AsnVJdcO8k55LJTVqMB8GA1UdIwQY
MBaAFILjloHFqu+zXlT0rYr6Qo1P/eBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VPV2djV3E3N05lVlBTdGl2cENqVV85NEdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81N2I1M2UtMzAwMy00NmE2LTljZTgt
ZmFmZDE0OTZhZTU5LzEva3hQNXBXSnNMOEN5ZFVsMXc3eVRua3NsTldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81N2I1M2UtMzAwMy00NmE2LTljZTgtZmFmZDE0OTZhZTU5
LzEvZ3VPV2djV3E3N05lVlBTdGl2cENqVV85NEdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIkEDAN
BgkqhkiG9w0BAQsFAAOCAQEAg0yUk6IUE0vcTKB4yTpLkSR4NODQmBJ1A+xeCHRt
pAJxBtb/SSraLzWuCjBP1lAGM1PKXz1FZNk3kft0oFX2DpFCpe0osiegFdSRQX88
Nq7ug36RgnStJ2FUUwHZkFiZpVoNOdhRMnm1BylQCIz9K2mCDIb+RkXPU330YxaD
JnEsLV5GwX+Lk5WSrogJxeE04IFVMx7I2+SxEf1fhCAO7/79InCxW0M2MICics2R
j62Qvuz3q9sFTzaCg6YuovtOSGrKoYSYthtWZe2uiqdQHtXIssSL+9L2+wEdH+sr
yAuPF84clCvQR0ihv0u2olKV3uDzwZKYnjyxo6lAXM5KQg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:22 2025 by rpki-client