Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/xDG3j6dqeVyJtsJJli7GAdV0lPI.roa
File: xDG3j6dqeVyJtsJJli7GAdV0lPI.roa (raw, json)
Hash identifier: //yjYaX4bUoJH5rBzdrq5ycZdNi2//8lBWKiam3qNNc=
Subject key identifier: C4:31:B7:8F:A7:6A:79:5C:89:B6:C2:49:96:2E:C6:01:D5:74:94:F2
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018571D7BBE401E9B076FE5141DE0E09D704
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/xDG3j6dqeVyJtsJJli7GAdV0lPI.roa
Signing time: Mon 02 Jan 2023 09:37:21 +0000
ROA not before: Mon 02 Jan 2023 09:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1136
IP address blocks: 2a07:3500:1bc0::/48 maxlen: 48
2a07:3500:1b30::/48 maxlen: 48
2a07:3500:1b48::/48 maxlen: 48
2a07:3500:1020::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:bb:e4:01:e9:b0:76:fe:51:41:de:0e:09:d7:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 09:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c431b78fa76a795c89b6c249962ec601d57494f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6f:1a:bc:31:c7:30:d3:b0:de:22:41:64:dd:
45:30:a2:03:8f:a4:39:48:49:e5:83:46:ac:1c:91:
23:8f:42:3d:18:09:75:6c:72:ca:0b:77:a7:e8:8f:
d3:f9:2d:e7:42:b8:81:7b:5e:dd:38:54:41:ea:c0:
6e:3d:1b:8e:06:33:6c:e0:6c:2e:7f:e0:c7:fc:02:
65:d1:76:d3:bb:29:48:4b:d2:35:bd:35:5c:5c:df:
0f:04:aa:27:d3:b6:1c:51:c8:0d:25:6c:05:6e:d4:
bd:b2:c8:72:0a:00:0b:d8:42:5c:94:35:3a:7d:dc:
55:f4:7a:01:67:10:e0:1a:33:5c:96:c7:eb:4c:02:
f8:7a:56:66:8f:17:6f:57:1b:74:df:30:7f:94:ce:
ae:e2:bf:71:8c:44:35:68:20:4b:f0:85:53:2b:a7:
f1:58:81:8a:cb:1c:eb:76:16:3f:87:cb:d6:8c:8a:
20:f9:e6:68:ad:f1:25:f0:4d:91:50:45:61:66:f5:
f4:2b:1b:26:03:85:f5:88:d9:ae:18:f6:79:3d:a2:
05:d2:80:63:e9:eb:de:8e:2f:d7:29:ec:7e:c6:47:
0c:e7:c7:0b:49:8b:5e:2b:80:fb:5c:6d:d7:9d:14:
cd:40:75:53:19:4b:7a:4a:80:1f:85:24:27:d6:11:
8a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:31:B7:8F:A7:6A:79:5C:89:B6:C2:49:96:2E:C6:01:D5:74:94:F2
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/xDG3j6dqeVyJtsJJli7GAdV0lPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1020::/48
2a07:3500:1b30::/48
2a07:3500:1b48::/48
2a07:3500:1bc0::/48
Signature Algorithm: sha256WithRSAEncryption
3c:a7:51:35:13:27:c9:be:85:d2:29:d0:cb:b7:35:56:f4:7f:
bb:4c:4c:4b:ef:4c:95:60:36:a1:ef:9c:8d:a7:e7:5c:e2:c9:
56:75:4c:ac:91:6a:60:7c:2b:76:17:3e:00:64:4b:0f:8a:60:
59:d5:e1:50:6e:82:88:55:03:fa:88:bb:c3:be:37:15:3b:2f:
21:c0:ef:81:48:7f:66:1d:3f:9a:3d:f7:c3:9e:a3:db:3e:5f:
80:0e:d3:2f:de:ad:da:e3:dc:77:42:55:33:b3:00:4c:5b:1f:
59:fd:da:f7:55:6b:7f:ea:dd:90:ed:b6:42:77:ee:25:b0:c7:
41:96:01:3c:22:28:97:52:41:fb:7c:d2:79:5b:be:36:5d:55:
dc:63:71:da:c5:a5:b5:e6:91:ed:d7:71:48:c7:be:48:12:33:
95:59:f8:06:7a:d3:2c:b2:51:a6:b0:3e:6b:17:b5:83:c8:cc:
00:6f:48:5c:7c:be:20:ae:0c:2a:dc:95:dc:ac:f3:ab:a7:96:
f7:2e:25:52:ae:ac:bb:53:20:af:5e:ed:94:88:05:1f:39:7d:
76:24:5c:3b:ee:65:d2:11:ac:87:e1:eb:5e:67:31:f5:a0:53:
9b:ef:ca:f6:57:72:a7:88:0a:79:db:31:1e:b6:89:a1:09:48:
b8:14:32:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVx17vkAemwdv5RQd4OCdcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwMTAyMDkzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDMxYjc4ZmE3NmE3OTVjODliNmMyNDk5NjJlYzYwMWQ1NzQ5NGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz28avDHHMNOw3iJBZN1FMKIDj6Q5
SEnlg0asHJEjj0I9GAl1bHLKC3en6I/T+S3nQriBe17dOFRB6sBuPRuOBjNs4Gwu
f+DH/AJl0XbTuylIS9I1vTVcXN8PBKon07YcUcgNJWwFbtS9sshyCgAL2EJclDU6
fdxV9HoBZxDgGjNclsfrTAL4elZmjxdvVxt03zB/lM6u4r9xjEQ1aCBL8IVTK6fx
WIGKyxzrdhY/h8vWjIog+eZorfEl8E2RUEVhZvX0KxsmA4X1iNmuGPZ5PaIF0oBj
6eveji/XKex+xkcM58cLSYteK4D7XG3XnRTNQHVTGUt6SoAfhSQn1hGK3wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMQxt4+nanlcibbCSZYuxgHVdJTyMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEveERHM2o2ZHFlVnlKdHNKSmxpN0dBZFYwbFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgc1ABAg
AwcAKgc1ABswAwcAKgc1ABtIAwcAKgc1ABvAMA0GCSqGSIb3DQEBCwUAA4IBAQA8
p1E1EyfJvoXSKdDLtzVW9H+7TExL70yVYDah75yNp+dc4slWdUyskWpgfCt2Fz4A
ZEsPimBZ1eFQboKIVQP6iLvDvjcVOy8hwO+BSH9mHT+aPffDnqPbPl+ADtMv3q3a
49x3QlUzswBMWx9Z/dr3VWt/6t2Q7bZCd+4lsMdBlgE8IiiXUkH7fNJ5W742XVXc
Y3HaxaW15pHt13FIx75IEjOVWfgGetMsslGmsD5rF7WDyMwAb0hcfL4grgwq3JXc
rPOrp5b3LiVSrqy7UyCvXu2UiAUfOX12JFw77mXSEayH4eteZzH1oFOb78r2V3Kn
iAp52zEetomhCUi4FDKa
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:53 2025 by rpki-client