Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/5oa7wDQzpD6PdocZ9koD8yyWRx4.roa
File: 5oa7wDQzpD6PdocZ9koD8yyWRx4.roa (raw, json)
Hash identifier: ceintWeWyivJpJSFGVGlXFla2vXbNfXHNpopvIgGUxE=
Subject key identifier: E6:86:BB:C0:34:33:A4:3E:8F:76:87:19:F6:4A:03:F3:2C:96:47:1E
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 018A8405D8792DB8FD19FD2F43641A737DBD
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/5oa7wDQzpD6PdocZ9koD8yyWRx4.roa
Signing time: Mon 11 Sep 2023 11:34:50 +0000
ROA not before: Mon 11 Sep 2023 11:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398549
IP address blocks: 2a13:d8c0::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c5::/32 maxlen: 32
2a13:d8c2::/32 maxlen: 32
2a13:d8c1::/32 maxlen: 32
2a13:d8c3::/32 maxlen: 32
2a13:d8c4::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:05:d8:79:2d:b8:fd:19:fd:2f:43:64:1a:73:7d:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Sep 11 11:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e686bbc03433a43e8f768719f64a03f32c96471e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a6:fd:81:ab:3f:86:bc:95:0f:31:f5:1d:a3:
12:b5:18:b9:8e:1e:66:b9:5c:f9:12:cb:f9:00:e4:
48:28:eb:ff:1c:bf:23:18:58:79:fd:1d:9b:79:47:
44:c9:2d:86:7f:d3:df:ad:19:27:a2:6b:31:2a:34:
f2:6e:c0:8e:e8:b9:3b:5f:4c:2c:0a:b1:18:b9:0d:
33:da:53:a4:86:3e:40:1e:b5:16:8e:34:e2:6a:fa:
ea:4e:06:95:ca:29:81:15:49:49:55:b1:59:18:43:
17:1d:24:2f:66:f4:13:89:dd:17:98:6e:09:86:42:
af:64:f2:d1:6d:2f:c3:84:33:aa:75:95:44:a0:05:
50:49:49:eb:3d:4f:5e:92:b6:91:01:4e:e8:09:2c:
69:d0:40:a0:78:62:d4:b8:29:9d:d1:d3:32:74:57:
61:7e:e4:bf:4f:d3:c2:53:5d:da:e9:60:ef:65:90:
4d:30:ce:2c:4e:ad:aa:27:0d:19:6a:34:47:30:34:
8e:b9:24:16:ed:23:9d:8e:68:6f:d3:4b:a9:78:27:
ac:f6:fa:f2:1f:35:64:88:2d:7b:ac:d4:6b:be:6b:
05:1f:88:d5:40:90:6d:00:e4:1a:68:1d:83:58:96:
51:c5:e1:85:ed:c4:b6:e0:8a:ff:9e:ad:cd:69:5d:
da:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:86:BB:C0:34:33:A4:3E:8F:76:87:19:F6:4A:03:F3:2C:96:47:1E
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/5oa7wDQzpD6PdocZ9koD8yyWRx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
41:6a:3a:d8:b5:32:50:e2:bc:02:19:83:1b:2b:a2:2b:4f:85:
fe:65:18:54:64:d0:bf:41:e8:31:f9:1c:34:fa:1f:a7:ee:f3:
42:4d:9f:2d:a7:d5:87:1f:46:86:9b:0e:c5:a8:86:4a:17:70:
eb:c2:04:0b:e6:f7:2b:5d:68:c4:71:38:0d:6d:81:81:98:0c:
8e:4f:13:fc:bf:81:9c:9b:c4:1b:35:55:59:af:1a:b4:8d:8c:
eb:08:87:e5:0b:66:5e:ac:cc:51:47:c6:4c:da:b4:4c:5a:e2:
14:2e:ee:cc:45:9a:07:03:e3:47:71:4d:ee:77:43:cc:a5:3a:
74:be:06:0f:a9:24:c0:d3:57:3b:53:85:f3:3c:97:f7:88:cd:
ba:aa:d1:34:12:93:37:93:50:85:c3:50:c1:af:eb:cd:c4:7e:
20:24:fd:fa:d1:30:d1:f5:b5:8b:09:1f:55:4b:3c:f6:77:2b:
2f:07:e5:f2:40:c4:99:ec:f0:fd:13:3e:51:93:55:34:62:9b:
9e:aa:1e:fc:c4:4c:28:11:4b:be:25:4a:e3:fa:33:4c:72:45:
fb:f1:3b:3a:30:b8:2c:ab:e0:01:6a:e5:70:14:54:8d:26:d0:
5b:b5:4e:dd:9d:9c:a4:a9:e2:2b:9d:5a:6b:bd:4d:d0:9c:0d:
9e:3e:40:07
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqEBdh5Lbj9Gf0vQ2Qac329MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjMwOTExMTEzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjg2YmJjMDM0MzNhNDNlOGY3Njg3MTlmNjRhMDNmMzJjOTY0NzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKb9gas/hryVDzH1HaMStRi5jh5m
uVz5Esv5AORIKOv/HL8jGFh5/R2beUdEyS2Gf9PfrRknomsxKjTybsCO6Lk7X0ws
CrEYuQ0z2lOkhj5AHrUWjjTiavrqTgaVyimBFUlJVbFZGEMXHSQvZvQTid0XmG4J
hkKvZPLRbS/DhDOqdZVEoAVQSUnrPU9ekraRAU7oCSxp0ECgeGLUuCmd0dMydFdh
fuS/T9PCU13a6WDvZZBNMM4sTq2qJw0ZajRHMDSOuSQW7SOdjmhv00upeCes9vry
HzVkiC17rNRrvmsFH4jVQJBtAOQaaB2DWJZRxeGF7cS24Ir/nq3NaV3aNwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOaGu8A0M6Q+j3aHGfZKA/MslkceMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvNW9hN3dEUXpwRDZQZG9jWjlrb0Q4eXlXUng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPYwDAN
BgkqhkiG9w0BAQsFAAOCAQEAQWo62LUyUOK8AhmDGyuiK0+F/mUYVGTQv0HoMfkc
NPofp+7zQk2fLafVhx9GhpsOxaiGShdw68IEC+b3K11oxHE4DW2BgZgMjk8T/L+B
nJvEGzVVWa8atI2M6wiH5QtmXqzMUUfGTNq0TFriFC7uzEWaBwPjR3FN7ndDzKU6
dL4GD6kkwNNXO1OF8zyX94jNuqrRNBKTN5NQhcNQwa/rzcR+ICT9+tEw0fW1iwkf
VUs89ncrLwfl8kDEmezw/RM+UZNVNGKbnqoe/MRMKBFLviVK4/ozTHJF+/E7OjC4
LKvgAWrlcBRUjSbQW7VO3Z2cpKniK51aa71N0JwNnj5ABw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:12:56 2025 by rpki-client