Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/XIDv0xlPwX4bQSH3_FycKW9jPu0.roa
File: XIDv0xlPwX4bQSH3_FycKW9jPu0.roa (raw, json)
Hash identifier: GZu8yC60JWcU0fFvGWx64XfR01GB7MjsTyYTbb+iSps=
Subject key identifier: 5C:80:EF:D3:19:4F:C1:7E:1B:41:21:F7:FC:5C:9C:29:6F:63:3E:ED
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018A4AA38388C1BCA8508BEF7D46D791AD1A
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/XIDv0xlPwX4bQSH3_FycKW9jPu0.roa
Signing time: Thu 31 Aug 2023 08:09:04 +0000
ROA not before: Thu 31 Aug 2023 08:09:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38915
IP address blocks: 2a07:3500:19a0::/48 maxlen: 48
2a07:3500:19e0::/48 maxlen: 48
2a07:3500:19b0::/48 maxlen: 48
2a07:3500:19d8::/48 maxlen: 48
2a07:3500:1998::/48 maxlen: 48
2a07:3500:1200::/48 maxlen: 48
2a07:3500:19a8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:a3:83:88:c1:bc:a8:50:8b:ef:7d:46:d7:91:ad:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Aug 31 08:09:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c80efd3194fc17e1b4121f7fc5c9c296f633eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:33:7c:d6:e0:dc:14:d5:87:7c:f3:93:b6:91:
7b:4a:e6:15:16:00:2e:8d:b4:5d:ee:d7:cb:81:e9:
8b:52:5c:dd:2d:fe:f1:43:4f:c9:79:f0:2a:80:93:
d7:70:60:d7:c0:49:89:d6:a8:f9:36:14:7a:cc:45:
01:5c:1a:25:20:74:70:fb:54:84:49:ea:81:9e:95:
06:df:bf:e7:08:d4:ec:f6:a5:cf:30:04:40:5f:20:
7a:8d:1c:fe:5a:69:96:c1:f6:f5:06:41:46:bc:76:
8f:ee:e4:e2:d0:b0:e2:d9:9b:d0:82:53:11:4e:f7:
ae:3f:d0:eb:30:f7:ce:b6:9e:40:d0:3a:c4:b0:b1:
d9:e8:98:87:d0:52:5f:4d:da:3f:c1:36:41:39:f3:
db:ee:18:62:1b:f9:3e:37:82:9c:f3:82:8f:c2:17:
19:d4:68:d2:c5:40:47:37:3c:f0:58:f9:63:98:89:
32:3d:b3:84:4a:f9:15:92:ed:a1:c8:06:e1:55:99:
2e:43:00:75:9d:03:67:f6:5b:cd:cd:ae:a2:20:e9:
b2:e3:04:9d:67:d9:cf:3e:89:f9:99:e8:bc:06:84:
b7:66:8c:44:b3:8a:b2:c1:15:ed:12:b5:37:f0:51:
ce:d4:87:c8:6f:46:bb:4a:83:29:33:c4:1f:11:7d:
75:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:80:EF:D3:19:4F:C1:7E:1B:41:21:F7:FC:5C:9C:29:6F:63:3E:ED
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/XIDv0xlPwX4bQSH3_FycKW9jPu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1200::/48
2a07:3500:1998::/48
2a07:3500:19a0::/48
2a07:3500:19a8::/48
2a07:3500:19b0::/48
2a07:3500:19d8::/48
2a07:3500:19e0::/48
Signature Algorithm: sha256WithRSAEncryption
c8:cc:ba:53:c0:7a:20:e0:90:80:09:66:a0:37:da:df:5b:17:
9e:6d:89:d2:76:cc:a5:f3:68:e8:2e:2b:ff:9c:95:8e:03:de:
f9:cc:f1:51:a6:4b:df:bf:15:15:62:f9:be:62:74:f5:6e:d4:
16:50:14:b3:fd:38:bf:1d:24:24:30:66:c7:23:37:f2:b4:fd:
0f:c1:be:43:14:7e:fb:41:c7:74:bb:5e:53:09:92:25:cf:cc:
a5:b1:8d:50:95:23:95:a3:c0:ae:ac:d3:9c:63:6a:00:57:8d:
2e:11:02:52:0b:60:a0:4f:2e:07:72:5e:fc:d2:ad:b0:2f:9c:
62:7c:e8:72:d1:e6:b7:2d:11:e9:63:79:17:51:ca:a7:43:92:
db:a6:59:0f:07:9d:e6:17:a1:8c:98:cf:a7:f1:10:8e:ed:11:
df:e9:9e:4f:9e:e6:cc:f7:74:4f:76:f6:0b:a1:e8:1c:fc:1a:
97:c2:a5:ff:36:37:8c:14:4c:05:d3:b9:11:fe:72:7a:b1:40:
25:28:94:e2:da:66:b9:06:5c:61:31:e6:13:7e:d1:eb:78:9d:
0e:be:bd:87:bf:f3:82:a9:df:87:2d:1e:8d:b4:5f:bf:86:3f:
c6:4b:29:67:ce:62:22:de:57:17:f5:9e:47:f0:0d:2c:25:cd:
03:ba:5d:a7
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYpKo4OIwbyoUIvvfUbXka0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwODMxMDgwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzgwZWZkMzE5NGZjMTdlMWI0MTIxZjdmYzVjOWMyOTZmNjMzZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTN81uDcFNWHfPOTtpF7SuYVFgAu
jbRd7tfLgemLUlzdLf7xQ0/JefAqgJPXcGDXwEmJ1qj5NhR6zEUBXBolIHRw+1SE
SeqBnpUG37/nCNTs9qXPMARAXyB6jRz+WmmWwfb1BkFGvHaP7uTi0LDi2ZvQglMR
TveuP9DrMPfOtp5A0DrEsLHZ6JiH0FJfTdo/wTZBOfPb7hhiG/k+N4Kc84KPwhcZ
1GjSxUBHNzzwWPljmIkyPbOESvkVku2hyAbhVZkuQwB1nQNn9lvNza6iIOmy4wSd
Z9nPPon5mei8BoS3ZoxEs4qywRXtErU38FHO1IfIb0a7SoMpM8QfEX112QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFFyA79MZT8F+G0Eh9/xcnClvYz7tMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvWElEdjB4bFB3WDRiUVNIM19GeWNLVzlqUHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKgc1ABIA
AwcAKgc1ABmYAwcAKgc1ABmgAwcAKgc1ABmoAwcAKgc1ABmwAwcAKgc1ABnYAwcA
Kgc1ABngMA0GCSqGSIb3DQEBCwUAA4IBAQDIzLpTwHog4JCACWagN9rfWxeebYnS
dsyl82joLiv/nJWOA975zPFRpkvfvxUVYvm+YnT1btQWUBSz/Ti/HSQkMGbHIzfy
tP0Pwb5DFH77Qcd0u15TCZIlz8ylsY1QlSOVo8CurNOcY2oAV40uEQJSC2CgTy4H
cl780q2wL5xifOhy0ea3LRHpY3kXUcqnQ5LbplkPB53mF6GMmM+n8RCO7RHf6Z5P
nubM93RPdvYLoegc/BqXwqX/NjeMFEwF07kR/nJ6sUAlKJTi2ma5BlxhMeYTftHr
eJ0Ovr2Hv/OCqd+HLR6NtF+/hj/GSylnzmIi3lcX9Z5H8A0sJc0Dul2n
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:31 2025 by rpki-client