Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/vD7v0LH1E-HB6eQ94vmWtKFe3IA.roa
File: vD7v0LH1E-HB6eQ94vmWtKFe3IA.roa (raw, json)
Hash identifier: 6uWhKzHhgkuSV12tqNUwKGJD53sWYgCoQ127CHzo2Vk=
Subject key identifier: BC:3E:EF:D0:B1:F5:13:E1:C1:E9:E4:3D:E2:F9:96:B4:A1:5E:DC:80
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 01857079735A0D2758B620C4281BF20DCBF7
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/vD7v0LH1E-HB6eQ94vmWtKFe3IA.roa
Signing time: Mon 02 Jan 2023 03:14:45 +0000
ROA not before: Mon 02 Jan 2023 03:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203125
IP address blocks: 2a05:4741:9::/48 maxlen: 48
2a05:4741:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:73:5a:0d:27:58:b6:20:c4:28:1b:f2:0d:cb:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Jan 2 03:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc3eefd0b1f513e1c1e9e43de2f996b4a15edc80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c6:29:b1:39:b0:ba:aa:a6:f1:10:05:cb:08:
66:af:24:4e:d0:ee:66:06:c9:57:84:68:cc:ab:bc:
ad:85:00:33:f6:1b:c0:ad:7f:b5:a5:ab:86:ac:e9:
bf:1a:07:ac:6e:cd:2b:f8:5b:a1:0c:33:09:d2:58:
71:8c:9d:02:5a:04:d6:e1:f7:43:b3:5a:62:20:11:
b6:4a:a0:0b:3f:97:1b:b8:39:dd:b4:96:83:3f:89:
c6:c1:4b:56:40:42:a8:a9:6a:77:84:c6:8b:da:75:
0f:f4:9b:d4:6b:f1:ab:d7:d3:4f:e0:40:cf:e5:f5:
04:6c:46:82:2e:68:81:6c:0d:cc:96:b8:f9:e1:01:
a2:97:8f:82:3d:15:7d:c4:65:5f:14:98:c0:a1:c1:
64:6d:45:cf:2b:b2:93:b8:af:8d:03:bd:f8:a1:a0:
76:33:d5:ba:e4:c7:f6:72:f6:0e:90:a3:bc:9b:26:
f3:bb:8f:d0:1c:47:27:a1:98:0a:fa:af:db:71:53:
3a:d0:04:cf:9a:03:9f:38:41:1e:53:28:04:28:4c:
5d:f3:8b:1a:25:f7:4e:2a:ec:55:76:70:29:a5:97:
98:97:81:75:3e:11:a1:57:41:ea:8d:ed:ab:bc:71:
94:a3:65:37:d7:94:30:ff:af:13:8e:2e:c8:1a:77:
30:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3E:EF:D0:B1:F5:13:E1:C1:E9:E4:3D:E2:F9:96:B4:A1:5E:DC:80
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/vD7v0LH1E-HB6eQ94vmWtKFe3IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4741:1::/48
2a05:4741:9::/48
Signature Algorithm: sha256WithRSAEncryption
35:a6:fd:c4:ed:6e:96:7f:fe:e2:de:ee:fa:7a:96:b4:b0:71:
26:45:f3:8f:b0:18:33:55:2e:ec:73:92:77:cf:ef:c2:fb:93:
56:2a:14:ef:a0:ed:ed:9e:c7:46:79:45:f8:45:5a:e1:68:d8:
97:18:4b:02:28:d3:b0:d4:6c:cb:a9:87:6c:f5:ac:e4:66:17:
3d:73:c7:34:40:8f:20:71:2e:95:88:cc:aa:3a:f6:30:eb:6c:
d8:0d:7b:96:74:8e:ac:05:09:fc:58:18:ce:21:d0:25:31:43:
60:4b:f2:88:fd:0f:fe:c1:23:cb:d8:0a:8f:e8:ec:ac:6b:39:
52:eb:8f:7b:35:04:f0:08:64:6d:7d:c3:01:2e:cb:aa:1c:a0:
27:7d:03:3a:22:85:9d:99:20:0c:69:a3:f0:84:14:39:f7:9a:
1f:45:03:38:ca:a9:ae:53:37:bf:8a:e7:18:42:d3:60:bf:8f:
8b:82:80:b6:9d:74:c9:af:7b:f3:3a:50:d9:d2:fb:23:79:a0:
45:8d:5b:87:7a:76:c3:dc:d1:e3:12:75:b2:f9:ef:eb:63:91:
a9:8e:03:8c:ec:c6:02:20:48:76:6c:37:28:87:e0:89:82:e5:
e5:f9:df:7c:39:bf:2b:fa:a9:06:1e:6a:69:f0:ac:6c:6d:46:
ed:72:75:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVweXNaDSdYtiDEKBvyDcv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjMwMTAyMDMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzNlZWZkMGIxZjUxM2UxYzFlOWU0M2RlMmY5OTZiNGExNWVkYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8YpsTmwuqqm8RAFywhmryRO0O5m
BslXhGjMq7ythQAz9hvArX+1pauGrOm/Ggesbs0r+FuhDDMJ0lhxjJ0CWgTW4fdD
s1piIBG2SqALP5cbuDndtJaDP4nGwUtWQEKoqWp3hMaL2nUP9JvUa/Gr19NP4EDP
5fUEbEaCLmiBbA3Mlrj54QGil4+CPRV9xGVfFJjAocFkbUXPK7KTuK+NA734oaB2
M9W65Mf2cvYOkKO8mybzu4/QHEcnoZgK+q/bcVM60ATPmgOfOEEeUygEKExd84sa
JfdOKuxVdnAppZeYl4F1PhGhV0Hqje2rvHGUo2U315Qw/68Tji7IGncwBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLw+79Cx9RPhwenkPeL5lrShXtyAMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvdkQ3djBMSDFFLUhCNmVROTR2bVd0S0ZlM0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgVHQQAB
AwcAKgVHQQAJMA0GCSqGSIb3DQEBCwUAA4IBAQA1pv3E7W6Wf/7i3u76epa0sHEm
RfOPsBgzVS7sc5J3z+/C+5NWKhTvoO3tnsdGeUX4RVrhaNiXGEsCKNOw1GzLqYds
9azkZhc9c8c0QI8gcS6ViMyqOvYw62zYDXuWdI6sBQn8WBjOIdAlMUNgS/KI/Q/+
wSPL2AqP6OysazlS6497NQTwCGRtfcMBLsuqHKAnfQM6IoWdmSAMaaPwhBQ595of
RQM4yqmuUze/iucYQtNgv4+LgoC2nXTJr3vzOlDZ0vsjeaBFjVuHenbD3NHjEnWy
+e/rY5GpjgOM7MYCIEh2bDcoh+CJguXl+d98Ob8r+qkGHmpp8KxsbUbtcnUZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:17 2025 by rpki-client