Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/dII5Qu22gVN_NQdK0M4rzgxLSLs.roa
File: dII5Qu22gVN_NQdK0M4rzgxLSLs.roa (raw, json)
Hash identifier: xkO4AqcLImHeHPkitFEBLRTCAerFy6w7a70QeKp0cMg=
Subject key identifier: 74:82:39:42:ED:B6:81:53:7F:35:07:4A:D0:CE:2B:CE:0C:4B:48:BB
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 01872C8CFB15985FE8E65907E4C96FD9AACD
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/dII5Qu22gVN_NQdK0M4rzgxLSLs.roa
Signing time: Wed 29 Mar 2023 08:47:29 +0000
ROA not before: Wed 29 Mar 2023 08:47:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 2a07:3502:1060::/48 maxlen: 48
2a07:3500:15c0::/48 maxlen: 48
2a07:3502:11a0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:8c:fb:15:98:5f:e8:e6:59:07:e4:c9:6f:d9:aa:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Mar 29 08:47:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74823942edb681537f35074ad0ce2bce0c4b48bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c8:25:f5:4b:52:b0:66:2d:46:4c:ab:67:7e:
7b:c1:fc:7b:09:22:ef:c6:57:6b:3e:d5:d6:a8:63:
de:14:61:ab:8f:bc:56:0b:e4:95:23:86:67:41:d7:
b6:65:2b:49:c3:af:eb:c2:8b:2f:9f:9d:39:65:dd:
97:1e:d8:f2:6c:14:08:a6:de:47:94:e2:2d:6d:22:
b8:8a:9d:8d:51:0d:4d:f0:2f:5b:49:f0:29:7c:d7:
65:74:6e:3d:cd:32:e2:8b:f6:44:07:c4:ba:b2:32:
7c:5b:81:72:aa:a0:91:ad:71:8a:0a:74:c6:43:50:
00:1b:0e:40:41:40:9a:1e:08:0b:cf:2c:f0:c4:5c:
b6:82:43:f3:74:4c:ed:91:3d:99:9d:ac:90:67:38:
be:b2:69:1d:b2:50:a7:4a:3f:58:52:f9:cb:9e:97:
8a:4d:77:84:14:f9:01:01:8f:e6:3f:ea:ab:63:01:
4c:e5:43:d7:a1:c3:01:5d:f2:45:fb:a4:19:50:eb:
de:e0:7a:5f:8d:9c:a8:27:e6:59:c7:61:e7:a7:a0:
90:47:91:fc:3b:dd:90:b4:71:ea:0a:d6:dd:d8:43:
fc:ed:93:5d:63:f4:68:bd:1e:1b:c6:3c:45:09:c2:
f1:a4:88:3d:60:f0:66:0d:52:97:51:9b:eb:09:a5:
2b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:82:39:42:ED:B6:81:53:7F:35:07:4A:D0:CE:2B:CE:0C:4B:48:BB
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/dII5Qu22gVN_NQdK0M4rzgxLSLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:15c0::/48
2a07:3502:1060::/48
2a07:3502:11a0::/46
Signature Algorithm: sha256WithRSAEncryption
a8:27:bf:c7:16:ca:aa:c0:a6:6c:07:76:10:9c:0d:67:3f:4b:
7e:97:ab:ee:23:19:ce:38:cc:7f:0c:bd:c4:29:9b:c7:4d:2c:
16:89:13:be:20:23:5f:df:80:6b:31:70:24:89:c4:00:53:7d:
a3:51:c5:4e:63:63:df:5b:02:08:08:34:8e:28:2d:7c:7f:83:
2e:d6:9b:9e:14:80:51:d3:cd:ab:d7:9d:fa:76:d4:2f:21:3c:
56:63:f7:01:8c:a3:19:69:2d:18:bf:1c:fc:82:d3:a8:d9:5e:
ee:af:ee:5c:53:79:15:39:86:71:de:aa:d4:96:c4:cb:0c:39:
36:26:ba:18:b7:5d:aa:e8:69:a4:35:19:62:34:41:83:7b:93:
05:13:1e:44:cb:ad:d0:33:27:2f:ac:6c:69:31:66:ab:5a:92:
66:96:13:d9:c1:a4:f7:c7:86:e3:d8:7e:ce:73:5c:00:cb:5f:
a0:cd:7d:02:1e:a2:18:10:06:d8:8b:5b:e1:70:66:1f:62:a0:
67:03:49:63:bc:dc:cd:e5:e9:e0:be:69:a1:65:e4:88:44:68:
91:5a:aa:69:ac:34:56:63:a9:7c:16:e3:3d:52:27:2e:fc:ed:
56:71:b0:2c:73:45:a8:e0:25:99:93:63:bb:bd:62:d7:02:3e:
ee:fd:7b:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcsjPsVmF/o5lkH5Mlv2arNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwMzI5MDg0NzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDgyMzk0MmVkYjY4MTUzN2YzNTA3NGFkMGNlMmJjZTBjNGI0OGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8gl9UtSsGYtRkyrZ357wfx7CSLv
xldrPtXWqGPeFGGrj7xWC+SVI4ZnQde2ZStJw6/rwosvn505Zd2XHtjybBQIpt5H
lOItbSK4ip2NUQ1N8C9bSfApfNdldG49zTLii/ZEB8S6sjJ8W4FyqqCRrXGKCnTG
Q1AAGw5AQUCaHggLzyzwxFy2gkPzdEztkT2ZnayQZzi+smkdslCnSj9YUvnLnpeK
TXeEFPkBAY/mP+qrYwFM5UPXocMBXfJF+6QZUOve4HpfjZyoJ+ZZx2Hnp6CQR5H8
O92QtHHqCtbd2EP87ZNdY/RovR4bxjxFCcLxpIg9YPBmDVKXUZvrCaUrKwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHSCOULttoFTfzUHStDOK84MS0i7MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvZElJNVF1MjJnVk5fTlFkSzBNNHJ6Z3hMU0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgc1ABXA
AwcAKgc1AhBgAwcCKgc1AhGgMA0GCSqGSIb3DQEBCwUAA4IBAQCoJ7/HFsqqwKZs
B3YQnA1nP0t+l6vuIxnOOMx/DL3EKZvHTSwWiRO+ICNf34BrMXAkicQAU32jUcVO
Y2PfWwIICDSOKC18f4Mu1pueFIBR082r1536dtQvITxWY/cBjKMZaS0Yvxz8gtOo
2V7ur+5cU3kVOYZx3qrUlsTLDDk2JroYt12q6GmkNRliNEGDe5MFEx5Ey63QMycv
rGxpMWarWpJmlhPZwaT3x4bj2H7Oc1wAy1+gzX0CHqIYEAbYi1vhcGYfYqBnA0lj
vNzN5engvmmhZeSIRGiRWqpprDRWY6l8FuM9Uicu/O1WcbAsc0Wo4CWZk2O7vWLX
Aj7u/Xtn
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:34 2025 by rpki-client