Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/7AJplYwUf_d_mAtrQw4ZAkxGDYs.roa
File: 7AJplYwUf_d_mAtrQw4ZAkxGDYs.roa (raw, json)
Hash identifier: QeIGDctXrLbaWRh4n2Yge81nAZPNoZvk+jqDZiCIlu0=
Subject key identifier: EC:02:69:95:8C:14:7F:F7:7F:98:0B:6B:43:0E:19:02:4C:46:0D:8B
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018C33C0C94E14A9212F823185AD2EA00D31
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/7AJplYwUf_d_mAtrQw4ZAkxGDYs.roa
Signing time: Mon 04 Dec 2023 07:35:21 +0000
ROA not before: Mon 04 Dec 2023 07:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31477
IP address blocks: 2a07:3501:1020::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:33:c0:c9:4e:14:a9:21:2f:82:31:85:ad:2e:a0:0d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Dec 4 07:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec0269958c147ff77f980b6b430e19024c460d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c4:e7:f4:6a:6b:94:3f:1a:b3:ea:01:1b:14:
ca:0c:54:c9:67:ec:2b:13:79:97:58:01:11:32:77:
06:c6:20:0c:c2:9f:c2:8e:24:9b:cf:27:b9:d0:c3:
09:24:62:89:10:9e:fc:6d:0f:2a:10:eb:91:6d:70:
66:40:28:3a:11:63:b9:8d:b8:72:3c:73:dd:58:4b:
d8:28:f1:bc:98:9d:86:4f:63:40:7f:e6:57:07:06:
f1:cd:19:15:09:d0:40:9e:9e:00:af:a0:60:6d:a7:
fa:09:73:63:5f:3f:14:84:83:0e:cd:77:5e:84:a4:
e1:9a:5c:2d:82:41:53:83:b5:5e:9a:35:5a:2b:ff:
33:30:ee:66:71:97:2d:8d:1a:7b:0f:2e:a2:16:00:
62:e7:71:1b:4a:e6:d4:7c:4e:43:a0:97:d1:9b:a5:
12:89:65:df:e6:a8:05:a5:fa:c7:fa:7a:af:fe:d0:
72:12:8c:6d:d3:54:a0:de:40:0a:48:24:ca:8a:28:
f5:92:94:50:34:34:bf:23:3f:ba:71:17:5e:7e:f8:
f4:31:0c:3b:3d:e4:aa:c2:db:19:d5:89:c5:7a:ef:
b8:80:8e:95:ef:68:b8:f8:71:66:90:51:4f:64:55:
1c:1d:47:1e:c9:e5:5d:ec:8c:14:01:42:d2:4d:5e:
3e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:02:69:95:8C:14:7F:F7:7F:98:0B:6B:43:0E:19:02:4C:46:0D:8B
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/7AJplYwUf_d_mAtrQw4ZAkxGDYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3501:1020::/48
Signature Algorithm: sha256WithRSAEncryption
8e:5c:29:c5:2a:da:d1:82:47:0f:7a:80:e7:60:a6:e5:84:93:
d3:61:ad:ca:75:06:b9:84:2d:e0:9b:f8:71:6d:ec:a0:c8:e2:
da:c1:87:88:e3:31:f7:c3:40:7a:76:4e:ad:57:f9:48:e5:d8:
4b:9d:56:e1:c8:2b:97:bb:ad:57:52:a4:b2:7e:df:eb:dd:03:
a0:64:27:7e:a4:99:d7:ad:31:83:37:fb:a3:39:30:51:57:45:
9f:09:bd:82:60:a9:5a:c8:3b:ba:d2:07:34:05:bf:b2:bd:c1:
85:7f:3e:eb:3b:df:57:c9:a1:7f:d4:4c:c4:e4:e1:85:27:a1:
2f:67:82:1d:2f:ba:14:93:93:1b:92:86:38:71:a1:30:3a:bf:
98:b2:2c:75:82:21:92:d3:2b:6c:87:a2:df:b3:7d:b5:36:2a:
af:b0:0d:be:67:53:7a:70:49:d7:ad:12:c2:42:3a:3b:e5:8a:
b9:53:1c:64:ce:ca:64:04:ec:6d:cd:34:70:61:58:43:de:0d:
da:bb:fb:4f:6a:25:44:07:a2:a0:16:5f:11:69:dd:69:c3:30:
d9:6e:1a:aa:38:6c:ba:ae:cd:e7:64:dc:50:c0:b7:31:57:35:
5b:19:a3:ca:48:50:f9:f9:e9:48:81:5c:d1:0c:9a:e0:7b:30:
45:87:5a:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwzwMlOFKkhL4Ixha0uoA0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMxMjA0MDczNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzAyNjk5NThjMTQ3ZmY3N2Y5ODBiNmI0MzBlMTkwMjRjNDYwZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysTn9GprlD8as+oBGxTKDFTJZ+wr
E3mXWAERMncGxiAMwp/CjiSbzye50MMJJGKJEJ78bQ8qEOuRbXBmQCg6EWO5jbhy
PHPdWEvYKPG8mJ2GT2NAf+ZXBwbxzRkVCdBAnp4Ar6Bgbaf6CXNjXz8UhIMOzXde
hKThmlwtgkFTg7VemjVaK/8zMO5mcZctjRp7Dy6iFgBi53EbSubUfE5DoJfRm6US
iWXf5qgFpfrH+nqv/tByEoxt01Sg3kAKSCTKiij1kpRQNDS/Iz+6cRdefvj0MQw7
PeSqwtsZ1YnFeu+4gI6V72i4+HFmkFFPZFUcHUceyeVd7IwUAULSTV4+rwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOwCaZWMFH/3f5gLa0MOGQJMRg2LMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvN0FKcGxZd1VmX2RfbUF0clF3NFpBa3hHRFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgc1ARAg
MA0GCSqGSIb3DQEBCwUAA4IBAQCOXCnFKtrRgkcPeoDnYKblhJPTYa3KdQa5hC3g
m/hxbeygyOLawYeI4zH3w0B6dk6tV/lI5dhLnVbhyCuXu61XUqSyft/r3QOgZCd+
pJnXrTGDN/ujOTBRV0WfCb2CYKlayDu60gc0Bb+yvcGFfz7rO99XyaF/1EzE5OGF
J6EvZ4IdL7oUk5MbkoY4caEwOr+Ysix1giGS0ytsh6Lfs321NiqvsA2+Z1N6cEnX
rRLCQjo75Yq5UxxkzspkBOxtzTRwYVhD3g3au/tPaiVEB6KgFl8Rad1pwzDZbhqq
OGy6rs3nZNxQwLcxVzVbGaPKSFD5+elIgVzRDJrgezBFh1rX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:56 2025 by rpki-client