Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/PvL3dmGYc9n2yaxuaTpR8vsDYF8.roa
File: PvL3dmGYc9n2yaxuaTpR8vsDYF8.roa (raw, json)
Hash identifier: 5dPD/1TbXmrvs//bBBnqFDnZVYO9P5YQydkWMrnaUfw=
Subject key identifier: 3E:F2:F7:76:61:98:73:D9:F6:C9:AC:6E:69:3A:51:F2:FB:03:60:5F
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 212523C9
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/PvL3dmGYc9n2yaxuaTpR8vsDYF8.roa
Signing time: Sat 01 Jan 2022 13:00:33 +0000
ROA not before: Sat 01 Jan 2022 13:00:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34663
IP address blocks: 2a04:9a01:1000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 556082121 (0x212523c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 1 13:00:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ef2f776619873d9f6c9ac6e693a51f2fb03605f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:88:cf:a0:36:1e:69:3b:9e:2a:5b:12:2c:89:
a2:66:1c:4a:fc:24:c4:dc:23:6c:20:4e:01:89:50:
08:a8:3e:86:cf:8c:fa:c3:8d:f3:1c:d0:c1:7f:7f:
a5:35:e4:bb:69:19:46:bf:2d:be:0a:f6:d2:eb:a6:
c6:8a:d0:bf:a3:2c:59:a7:7d:54:51:0d:ba:c3:4a:
e8:f1:0d:03:6d:0e:8f:ac:5d:66:c9:38:d3:29:3f:
e2:46:8e:ed:45:e7:2e:40:f9:53:7c:4b:07:c7:24:
22:88:dc:6c:c4:2f:00:2e:fd:b7:d5:4c:f7:ea:77:
5a:9e:29:58:95:96:7b:27:40:fb:d8:06:55:5f:54:
ea:1a:c6:8d:c2:e2:62:9e:fa:80:99:f4:9e:7e:35:
6a:10:cc:cd:cf:b2:c0:04:db:f0:fa:27:f1:29:b5:
52:15:c1:7b:09:e3:2e:89:21:4b:e0:e0:63:2f:92:
11:fb:6d:fd:d0:56:1b:64:b9:c6:24:a2:88:86:a0:
3a:fb:ae:43:1a:75:48:34:5f:9f:54:38:15:37:7c:
37:50:55:8c:ab:6f:c6:57:8c:48:d0:9f:9e:d7:9c:
7c:6e:1c:b5:db:b1:04:4b:7a:21:59:59:2e:30:18:
58:63:e0:e9:1c:fd:37:23:bd:3b:43:6b:48:d0:d6:
07:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F2:F7:76:61:98:73:D9:F6:C9:AC:6E:69:3A:51:F2:FB:03:60:5F
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/PvL3dmGYc9n2yaxuaTpR8vsDYF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a01:1000::/36
Signature Algorithm: sha256WithRSAEncryption
64:20:9d:dc:bf:d1:0c:f9:be:51:fb:fb:b9:5a:4b:79:3c:6a:
5a:61:4a:f1:bb:73:3a:7d:85:4f:c4:bd:6d:dd:2b:17:b0:c9:
87:e5:6c:88:4f:51:68:f0:09:3f:18:2d:12:e5:16:95:3c:54:
fa:02:96:2e:43:fb:a0:9e:82:2f:28:b5:d0:a4:9d:75:f5:93:
1e:62:54:d6:cb:4e:3f:7f:1a:f2:4f:01:53:fc:21:0e:c2:3e:
2f:66:db:1a:b6:a1:b6:0e:cc:37:3d:1a:0c:53:36:54:96:67:
e2:7c:97:fb:12:4f:6f:85:0b:8a:69:7d:4c:de:00:c1:b8:33:
12:1e:21:04:07:ab:6c:02:f1:b6:64:b8:79:14:92:f3:f8:61:
85:e1:d4:52:5b:f6:47:67:a9:ef:9a:b1:12:54:23:7c:37:bd:
a0:f1:f9:b2:bf:db:2d:54:1a:25:19:28:33:b7:c4:f7:2b:27:
52:70:e0:e8:1b:1e:f3:59:b3:6c:8a:0b:bd:04:d6:f2:ed:5d:
02:51:72:6b:fa:5a:29:26:61:25:e7:53:3d:79:06:9b:2d:af:
12:17:a8:bd:7a:ed:36:fc:b5:39:c3:7f:67:26:ab:4d:ac:b1:
7b:96:d2:f9:e1:f3:cd:14:2c:b5:b5:40:3c:14:9c:9f:83:81:
f0:8b:4e:b4
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEISUjyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDVkMjhkMTY2MjZiYzVkY2FiZjJlOTE1NDM1NzgyYjk2ZTE0MDcxMB4XDTIyMDEw
MTEzMDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VmMmY3NzY2MTk4
NzNkOWY2YzlhYzZlNjkzYTUxZjJmYjAzNjA1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKiIz6A2Hmk7nipbEiyJomYcSvwkxNwjbCBOAYlQCKg+hs+M
+sON8xzQwX9/pTXku2kZRr8tvgr20uumxorQv6MsWad9VFENusNK6PENA20Oj6xd
Zsk40yk/4kaO7UXnLkD5U3xLB8ckIojcbMQvAC79t9VM9+p3Wp4pWJWWeydA+9gG
VV9U6hrGjcLiYp76gJn0nn41ahDMzc+ywATb8Pon8Sm1UhXBewnjLokhS+DgYy+S
Eftt/dBWG2S5xiSiiIagOvuuQxp1SDRfn1Q4FTd8N1BVjKtvxleMSNCfntecfG4c
tduxBEt6IVlZLjAYWGPg6Rz9NyO9O0NrSNDWB8cCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQ+8vd2YZhz2fbJrG5pOlHy+wNgXzAfBgNVHSMEGDAWgBSwXSjRZia8Xcq/
LpFUNXgrluFAcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGMG8wV1ltdkYzS3Z5NlJWRFY0SzViaFFIRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvYmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8x
L1B2TDNkbUdZYzluMnlheHVhVHBSOHZzRFlGOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
YmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8xL3NGMG8wV1ltdkYz
S3Z5NlJWRFY0SzViaFFIRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoEmgEQMA0GCSqGSIb3DQEBCwUA
A4IBAQBkIJ3cv9EM+b5R+/u5Wkt5PGpaYUrxu3M6fYVPxL1t3SsXsMmH5WyIT1Fo
8Ak/GC0S5RaVPFT6ApYuQ/ugnoIvKLXQpJ119ZMeYlTWy04/fxryTwFT/CEOwj4v
ZtsatqG2Dsw3PRoMUzZUlmfifJf7Ek9vhQuKaX1M3gDBuDMSHiEEB6tsAvG2ZLh5
FJLz+GGF4dRSW/ZHZ6nvmrESVCN8N72g8fmyv9stVBolGSgzt8T3KydScODoGx7z
WbNsigu9BNby7V0CUXJr+lopJmEl51M9eQabLa8SF6i9eu02/LU5w39nJqtNrLF7
ltL54fPNFCy1tUA8FJyfg4Hwi060
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:32 2025 by rpki-client