Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/1FhE8JNaTP2uB4lAMsz9mpqyd4E.roa
File: 1FhE8JNaTP2uB4lAMsz9mpqyd4E.roa (raw, json)
Hash identifier: dXC5M1ZTV9xPgo5xmBVXzh3wQrPzgbdmiy7ALBD16+4=
Subject key identifier: D4:58:44:F0:93:5A:4C:FD:AE:07:89:40:32:CC:FD:9A:9A:B2:77:81
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 0184E25FB1532143BF7AF3DCEBBA11B887F5
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/1FhE8JNaTP2uB4lAMsz9mpqyd4E.roa
Signing time: Mon 05 Dec 2022 13:00:32 +0000
ROA not before: Mon 05 Dec 2022 13:00:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33915
IP address blocks: 2a07:3500:15c0::/48 maxlen: 48
2a07:3502:11a0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:5f:b1:53:21:43:bf:7a:f3:dc:eb:ba:11:b8:87:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Dec 5 13:00:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d45844f0935a4cfdae07894032ccfd9a9ab27781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6a:9a:78:ef:7a:28:de:42:4a:a3:24:47:e2:
b3:ef:3a:74:f2:55:6e:43:6a:03:53:2d:d2:de:77:
be:93:dd:a3:06:79:a0:eb:24:d4:dc:d4:4a:e9:2a:
08:a5:31:38:5a:12:dd:98:99:08:14:09:17:f9:a9:
b0:58:51:47:fa:75:18:18:7e:82:79:8d:6d:7a:d0:
d5:cc:f3:73:62:29:52:7e:93:76:7f:fa:56:c9:4a:
0a:c0:a9:25:00:2d:c5:ea:40:cb:8a:8e:66:e7:27:
1c:a2:e1:3b:91:e9:eb:1a:32:4a:e3:c9:38:6a:8b:
d0:c5:14:88:dd:0d:a2:ac:d4:b8:a2:f0:f1:2d:63:
5c:ed:77:b1:65:4e:f8:4d:2a:da:d9:70:4b:6f:99:
0a:03:ba:15:4d:3c:be:2d:79:17:a4:8e:1e:66:b2:
1c:48:24:f1:78:14:38:ac:85:f2:78:74:e1:af:1b:
82:ae:f3:0e:34:ee:3e:cc:17:55:fc:cd:58:53:c2:
62:35:b9:af:b2:53:95:0d:0c:47:9b:06:11:c9:26:
3d:d5:fb:5e:e3:a0:d4:0e:e3:2f:0f:14:cb:49:6e:
ae:80:e6:9b:f6:ea:98:37:86:08:04:75:3e:4a:ba:
d3:f3:c3:bb:bd:50:10:70:f2:8b:a0:ee:bd:a3:a1:
8e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:58:44:F0:93:5A:4C:FD:AE:07:89:40:32:CC:FD:9A:9A:B2:77:81
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/1FhE8JNaTP2uB4lAMsz9mpqyd4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:15c0::/48
2a07:3502:11a0::/46
Signature Algorithm: sha256WithRSAEncryption
1c:ac:8a:b6:9a:4a:99:90:3f:9b:b3:85:e3:a5:61:00:92:d1:
a5:7c:60:c4:96:8a:48:6e:d6:3e:97:4d:56:ed:f1:be:d1:d6:
9f:99:be:b0:6c:74:42:13:93:f6:8d:74:5f:06:2b:aa:7b:e1:
5c:14:2e:1f:83:7d:e1:75:8c:32:fe:9a:8b:04:c5:a8:6b:54:
0b:9b:23:f8:d2:87:df:6d:ad:42:26:81:ad:be:15:9f:fb:0e:
af:5e:38:16:ee:59:8f:4b:95:8a:3b:6c:6d:64:42:3d:fc:37:
5d:77:96:66:9a:83:bc:09:62:e2:a8:e3:d3:e5:c1:6e:b5:f9:
19:54:4a:12:d8:21:53:31:e6:dd:ec:e6:3d:bb:34:d6:e3:b0:
bb:9f:a0:88:fa:98:69:be:50:1d:d1:9d:21:03:25:25:88:2d:
a4:6e:b4:c4:e7:3b:a2:8d:ea:cc:94:80:16:5c:e1:6f:a0:99:
b8:8e:4f:ce:0d:0d:b4:2f:f2:fe:ea:bb:7c:84:0f:55:ab:c7:
38:ad:5b:e5:f9:19:1e:ff:5c:bb:92:4f:73:c9:17:c7:b7:2d:
88:9d:91:45:b6:75:03:56:d0:b5:f1:f5:c8:72:40:18:77:fa:
e4:d1:f7:cb:f8:29:de:29:b0:65:96:ac:36:c0:5e:eb:68:2d:
b6:d6:2d:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTiX7FTIUO/evPc67oRuIf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjIxMjA1MTMwMDMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDU4NDRmMDkzNWE0Y2ZkYWUwNzg5NDAzMmNjZmQ5YTlhYjI3NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmqaeO96KN5CSqMkR+Kz7zp08lVu
Q2oDUy3S3ne+k92jBnmg6yTU3NRK6SoIpTE4WhLdmJkIFAkX+amwWFFH+nUYGH6C
eY1tetDVzPNzYilSfpN2f/pWyUoKwKklAC3F6kDLio5m5yccouE7kenrGjJK48k4
aovQxRSI3Q2irNS4ovDxLWNc7XexZU74TSra2XBLb5kKA7oVTTy+LXkXpI4eZrIc
SCTxeBQ4rIXyeHThrxuCrvMONO4+zBdV/M1YU8JiNbmvslOVDQxHmwYRySY91fte
46DUDuMvDxTLSW6ugOab9uqYN4YIBHU+SrrT88O7vVAQcPKLoO69o6GO6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNRYRPCTWkz9rgeJQDLM/ZqasneBMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvMUZoRThKTmFUUDJ1QjRsQU1zejltcHF5ZDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgc1ABXA
AwcCKgc1AhGgMA0GCSqGSIb3DQEBCwUAA4IBAQAcrIq2mkqZkD+bs4XjpWEAktGl
fGDElopIbtY+l01W7fG+0dafmb6wbHRCE5P2jXRfBiuqe+FcFC4fg33hdYwy/pqL
BMWoa1QLmyP40offba1CJoGtvhWf+w6vXjgW7lmPS5WKO2xtZEI9/Dddd5ZmmoO8
CWLiqOPT5cFutfkZVEoS2CFTMebd7OY9uzTW47C7n6CI+phpvlAd0Z0hAyUliC2k
brTE5zuijerMlIAWXOFvoJm4jk/ODQ20L/L+6rt8hA9Vq8c4rVvl+Rke/1y7kk9z
yRfHty2InZFFtnUDVtC18fXIckAYd/rk0ffL+CneKbBllqw2wF7raC221i0x
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:54 2025 by rpki-client