Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/3b150inBbJH86k3JYB8g6zFvqfE.roa
File: 3b150inBbJH86k3JYB8g6zFvqfE.roa (raw, json)
Hash identifier: KPwsaiXTbZjp+Ea9CLr9HjcSPOi6azh41JOkXPnFBWE=
Subject key identifier: DD:BD:79:D2:29:C1:6C:91:FC:EA:4D:C9:60:1F:20:EB:31:6F:A9:F1
Certificate issuer: /CN=56ad9b2c227b413c505813294faadb6dbbc2dd66
Certificate serial: 018438DA209A0F4CA232704182E2EECC7D6B
Authority key identifier: 56:AD:9B:2C:22:7B:41:3C:50:58:13:29:4F:AA:DB:6D:BB:C2:DD:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/3b150inBbJH86k3JYB8g6zFvqfE.roa
Signing time: Wed 02 Nov 2022 14:58:50 +0000
ROA not before: Wed 02 Nov 2022 14:58:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 2a13:14c0::/32 maxlen: 48
2a13:14c1::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:38:da:20:9a:0f:4c:a2:32:70:41:82:e2:ee:cc:7d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56ad9b2c227b413c505813294faadb6dbbc2dd66
Validity
Not Before: Nov 2 14:58:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddbd79d229c16c91fcea4dc9601f20eb316fa9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:94:1e:34:9a:f5:4e:e1:c4:e4:e8:9b:ca:d7:
cd:66:84:6f:d9:4e:c6:49:38:5f:7f:3d:da:ab:80:
9f:37:b6:7c:ba:91:44:ce:ec:cd:7a:08:2a:85:0b:
5d:2c:84:ee:3b:29:0a:7c:9e:93:2e:06:61:44:13:
e5:ef:2b:5c:68:64:c7:52:be:a5:ed:9b:39:72:e6:
5e:4c:f2:bf:cc:de:f3:60:65:f2:8a:1b:5f:2d:9e:
1f:69:29:c4:e1:ff:98:17:a7:9e:de:d3:db:20:76:
da:d7:d5:a5:33:a5:bf:84:f7:ed:c5:13:69:70:46:
8c:23:bc:a8:1c:11:9e:1b:e7:f8:2a:d6:01:b5:da:
06:02:53:f6:02:9d:82:63:69:49:8e:ed:7a:f4:0e:
1d:19:56:29:17:a1:ac:7f:d1:cd:8e:a9:d4:b5:ab:
5c:28:7f:77:19:78:7f:02:f8:b8:c1:04:af:bc:33:
92:53:d1:c4:db:4e:e7:48:c4:96:fd:b0:c4:fa:33:
a0:4d:b4:7a:f9:94:d9:b9:96:ed:5d:be:66:bf:24:
34:1b:a3:50:c3:26:3d:8f:98:92:6d:1a:9f:9b:a9:
8f:5f:12:dd:0b:93:0b:ac:b0:42:b2:cc:fe:4a:17:
9c:3b:2e:99:cf:75:f9:81:2f:70:94:95:c5:cf:5b:
e2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BD:79:D2:29:C1:6C:91:FC:EA:4D:C9:60:1F:20:EB:31:6F:A9:F1
X509v3 Authority Key Identifier:
keyid:56:AD:9B:2C:22:7B:41:3C:50:58:13:29:4F:AA:DB:6D:BB:C2:DD:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/3b150inBbJH86k3JYB8g6zFvqfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:14c0::/31
Signature Algorithm: sha256WithRSAEncryption
5f:b2:f3:63:4e:8e:0b:3b:0f:12:1a:44:b4:a8:59:52:1f:8d:
16:89:6b:8d:46:24:d5:d4:fb:af:90:2f:6e:a9:c2:23:dd:4d:
e7:7a:c3:31:04:4a:c8:47:ab:5f:7b:5b:71:3f:b1:bd:37:84:
fb:49:1f:19:ad:e8:32:9b:4e:92:e5:52:d2:f2:ec:91:2f:5d:
0d:68:e9:ad:aa:07:33:40:86:37:af:45:a8:a5:e7:cd:3c:17:
79:05:6f:d3:77:32:2b:75:d7:05:99:0d:ad:06:5d:d4:b2:e6:
09:6b:46:27:a5:54:72:99:e2:e5:83:65:0d:07:7d:0e:66:85:
24:7f:82:c2:14:8f:22:c5:4b:1c:cf:95:63:f6:ee:1b:86:ca:
ed:6b:61:0e:89:97:28:19:5d:71:29:52:0c:81:e3:6b:c4:4c:
38:84:33:f2:43:4e:84:5a:1a:be:b9:da:cf:04:b3:88:45:e3:
28:1b:b2:f5:c4:92:62:32:b8:5d:24:7c:35:40:d9:6a:09:52:
37:8b:23:93:87:cf:69:bc:b4:c1:98:39:98:19:b7:b8:3c:02:
fc:58:92:d4:f0:c1:ee:fd:65:b5:b1:fa:ff:00:aa:20:a6:64:
73:df:6b:2b:e0:f3:fe:d8:f2:f7:86:96:dc:2f:17:5f:f6:1f:
5f:93:e0:7c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQ42iCaD0yiMnBBguLuzH1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWQ5YjJjMjI3YjQxM2M1MDU4MTMyOTRmYWFkYjZkYmJj
MmRkNjYwHhcNMjIxMTAyMTQ1ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGJkNzlkMjI5YzE2YzkxZmNlYTRkYzk2MDFmMjBlYjMxNmZhOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZQeNJr1TuHE5OibytfNZoRv2U7G
SThffz3aq4CfN7Z8upFEzuzNeggqhQtdLITuOykKfJ6TLgZhRBPl7ytcaGTHUr6l
7Zs5cuZeTPK/zN7zYGXyihtfLZ4faSnE4f+YF6ee3tPbIHba19WlM6W/hPftxRNp
cEaMI7yoHBGeG+f4KtYBtdoGAlP2Ap2CY2lJju169A4dGVYpF6Gsf9HNjqnUtatc
KH93GXh/Avi4wQSvvDOSU9HE207nSMSW/bDE+jOgTbR6+ZTZuZbtXb5mvyQ0G6NQ
wyY9j5iSbRqfm6mPXxLdC5MLrLBCssz+ShecOy6Zz3X5gS9wlJXFz1vibQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN29edIpwWyR/OpNyWAfIOsxb6nxMB8GA1UdIwQY
MBaAFFatmywie0E8UFgTKU+q2227wt1mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnEyYkxDSjdRVHhRV0JNcFQ2cmJiYnZDM1dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mZGZmZTMtMDEwZi00YzZhLWJkOTYt
NzE4YjhjN2M5MzM1LzEvM2IxNTBpbkJiSkg4NmszSllCOGc2ekZ2cWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mZGZmZTMtMDEwZi00YzZhLWJkOTYtNzE4YjhjN2M5MzM1
LzEvVnEyYkxDSjdRVHhRV0JNcFQ2cmJiYnZDM1dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhMUwDAN
BgkqhkiG9w0BAQsFAAOCAQEAX7LzY06OCzsPEhpEtKhZUh+NFolrjUYk1dT7r5Av
bqnCI91N53rDMQRKyEerX3tbcT+xvTeE+0kfGa3oMptOkuVS0vLskS9dDWjpraoH
M0CGN69FqKXnzTwXeQVv03cyK3XXBZkNrQZd1LLmCWtGJ6VUcpni5YNlDQd9DmaF
JH+CwhSPIsVLHM+VY/buG4bK7WthDomXKBldcSlSDIHja8RMOIQz8kNOhFoavrna
zwSziEXjKBuy9cSSYjK4XSR8NUDZaglSN4sjk4fPaby0wZg5mBm3uDwC/FiS1PDB
7v1ltbH6/wCqIKZkc99rK+Dz/tjy94aW3C8XX/YfX5PgfA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:49 2025 by rpki-client