Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/9ookHn0BdWvVEI8SH8DDVbdWQKk.roa
File: 9ookHn0BdWvVEI8SH8DDVbdWQKk.roa (raw, json)
Hash identifier: ARWeIHsyoFGRibiGR41CRJgwNvkJUGstBMUkF4HDask=
Subject key identifier: F6:8A:24:1E:7D:01:75:6B:D5:10:8F:12:1F:C0:C3:55:B7:56:40:A9
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018320E10F31B9D9ED42E053BEA96E584CFD
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/9ookHn0BdWvVEI8SH8DDVbdWQKk.roa
Signing time: Fri 09 Sep 2022 06:12:43 +0000
ROA not before: Fri 09 Sep 2022 06:12:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 2a04:9a04::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:20:e1:0f:31:b9:d9:ed:42:e0:53:be:a9:6e:58:4c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Sep 9 06:12:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f68a241e7d01756bd5108f121fc0c355b75640a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f9:55:49:49:db:59:62:68:9e:b8:53:3c:f3:
d7:f6:83:ad:6d:36:19:6e:ad:bd:62:d2:21:7f:21:
07:54:08:16:49:fe:81:84:81:85:22:63:bb:18:8b:
25:09:b4:44:78:dd:ea:88:6d:a0:64:eb:c1:71:1c:
2a:39:94:0a:41:83:3c:3c:7d:fb:59:21:7f:ed:5a:
70:d0:7a:7d:51:86:78:6a:a8:fc:46:82:9f:09:cf:
fa:4a:46:e2:28:64:10:3b:e3:a3:ca:48:2b:39:c1:
ea:fc:0b:0b:19:93:29:cb:40:db:8b:a9:6b:ea:94:
e6:78:56:30:bc:6f:8b:55:93:6c:30:73:8f:c1:89:
78:8c:a4:73:7e:a2:b3:12:14:a4:ee:c1:73:e3:dd:
ff:d5:85:21:06:2a:2e:e4:d1:a6:eb:7f:e8:71:1d:
b3:eb:e2:dc:e4:1e:e4:9c:31:ae:74:5e:55:0d:71:
94:ab:f2:1a:78:0d:80:13:73:33:d7:c2:26:e7:33:
ed:18:26:83:a1:d0:81:c1:d3:d0:12:4e:e9:a2:d7:
c7:9d:21:b1:96:a1:1e:d7:15:37:02:31:b2:99:8d:
e1:b6:13:13:17:06:fe:32:8c:31:47:09:7b:65:13:
9a:2e:1b:87:01:fe:43:a8:b3:3c:f9:3f:68:e7:d8:
44:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:8A:24:1E:7D:01:75:6B:D5:10:8F:12:1F:C0:C3:55:B7:56:40:A9
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/9ookHn0BdWvVEI8SH8DDVbdWQKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a04::/32
Signature Algorithm: sha256WithRSAEncryption
b2:cb:a9:c5:f6:97:87:1c:c2:a4:b2:d7:d4:85:31:e9:9f:2f:
63:6c:6b:6e:b7:d2:82:f1:70:5a:01:b1:6c:12:da:08:14:54:
75:e9:8a:98:a1:09:1a:08:dc:1e:80:22:94:d5:c6:85:ce:d4:
27:29:6c:a7:cd:2a:00:15:0a:86:c1:07:e1:46:35:47:33:d3:
72:69:74:bd:b8:5c:a4:3d:f9:97:9f:ba:89:fd:7b:7a:15:cc:
0c:6f:99:a1:ce:fc:69:ce:49:8e:65:70:22:aa:a3:0a:b4:52:
c9:a4:62:dc:f3:75:c2:fd:0c:b6:1e:78:e9:e0:9d:5a:a4:7b:
54:0e:99:32:05:1e:b3:1d:03:2e:9b:c1:63:55:be:1c:67:ca:
ff:d2:99:c3:f2:56:7b:02:cd:d9:f0:52:3b:cb:e8:06:79:a0:
97:61:61:2e:e4:d6:ec:c9:8c:22:39:b5:35:11:58:1c:af:58:
08:cb:d1:da:c4:ec:ad:b1:6d:35:87:59:58:9d:c3:9e:5c:b6:
23:07:f8:23:43:b5:25:2a:73:b0:a1:47:0e:e7:11:8e:08:54:
cd:8a:5e:d9:e0:56:5b:88:12:6d:d7:51:6c:5c:b7:49:13:33:
0c:29:3f:27:09:14:99:54:b4:21:46:0f:9c:cf:13:f1:de:ca:
31:9e:e8:da
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYMg4Q8xudntQuBTvqluWEz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjIwOTA5MDYxMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjhhMjQxZTdkMDE3NTZiZDUxMDhmMTIxZmMwYzM1NWI3NTY0MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPlVSUnbWWJonrhTPPPX9oOtbTYZ
bq29YtIhfyEHVAgWSf6BhIGFImO7GIslCbREeN3qiG2gZOvBcRwqOZQKQYM8PH37
WSF/7Vpw0Hp9UYZ4aqj8RoKfCc/6SkbiKGQQO+OjykgrOcHq/AsLGZMpy0Dbi6lr
6pTmeFYwvG+LVZNsMHOPwYl4jKRzfqKzEhSk7sFz493/1YUhBiou5NGm63/ocR2z
6+Lc5B7knDGudF5VDXGUq/IaeA2AE3Mz18Im5zPtGCaDodCBwdPQEk7potfHnSGx
lqEe1xU3AjGymY3hthMTFwb+MowxRwl7ZROaLhuHAf5DqLM8+T9o59hE9QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPaKJB59AXVr1RCPEh/Aw1W3VkCpMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvOW9va0huMEJkV3ZWRUk4U0g4RERWYmRXUUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgSaBDAN
BgkqhkiG9w0BAQsFAAOCAQEAssupxfaXhxzCpLLX1IUx6Z8vY2xrbrfSgvFwWgGx
bBLaCBRUdemKmKEJGgjcHoAilNXGhc7UJylsp80qABUKhsEH4UY1RzPTcml0vbhc
pD35l5+6if17ehXMDG+Zoc78ac5JjmVwIqqjCrRSyaRi3PN1wv0Mth546eCdWqR7
VA6ZMgUesx0DLpvBY1W+HGfK/9KZw/JWewLN2fBSO8voBnmgl2FhLuTW7MmMIjm1
NRFYHK9YCMvR2sTsrbFtNYdZWJ3Dnly2Iwf4I0O1JSpzsKFHDucRjghUzYpe2eBW
W4gSbddRbFy3SRMzDCk/JwkUmVS0IUYPnM8T8d7KMZ7o2g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:35 2025 by rpki-client