Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/1f6de8-9e29-4cb3-aa4a-0a2e9336d6d0/1/2x4dw-rdIs_bCthahwUuz-eosPQ.roa
File: 2x4dw-rdIs_bCthahwUuz-eosPQ.roa (raw, json)
Hash identifier: KXcplJkp2QQHEmTTpj9IGr/j1GRmixLYJ7SA72yr+fM=
Subject key identifier: DB:1E:1D:C3:EA:DD:22:CF:DB:0A:D8:5A:87:05:2E:CF:E7:A8:B0:F4
Certificate issuer: /CN=79ad074aface91ac3fdd0a3ebd60fadbc16de4fc
Certificate serial: 0185719E9ABF18F274E4A33DA9E4288BA4E9
Authority key identifier: 79:AD:07:4A:FA:CE:91:AC:3F:DD:0A:3E:BD:60:FA:DB:C1:6D:E4:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ea0HSvrOkaw_3Qo-vWD628Ft5Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/1f6de8-9e29-4cb3-aa4a-0a2e9336d6d0/1/2x4dw-rdIs_bCthahwUuz-eosPQ.roa
Signing time: Mon 02 Jan 2023 08:34:57 +0000
ROA not before: Mon 02 Jan 2023 08:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208633
IP address blocks: 2a0e:1dc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:9a:bf:18:f2:74:e4:a3:3d:a9:e4:28:8b:a4:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79ad074aface91ac3fdd0a3ebd60fadbc16de4fc
Validity
Not Before: Jan 2 08:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db1e1dc3eadd22cfdb0ad85a87052ecfe7a8b0f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:58:b0:09:50:4c:fb:08:05:a6:0c:b9:de:98:
18:ea:48:45:15:cb:88:1c:f6:a6:41:80:38:ac:af:
74:6c:be:e6:b3:ab:72:b7:4d:37:93:6b:ed:ec:fc:
ec:20:80:ff:80:ed:de:97:44:0b:dd:37:01:01:cb:
07:81:f6:f3:91:13:41:29:64:02:2a:8e:2c:8e:57:
67:2f:4c:4c:c8:19:b4:a5:11:66:3b:5c:62:c2:2c:
2c:d4:0a:ec:d7:7d:ac:b4:d8:17:f9:ac:e1:33:6b:
27:cf:b3:9e:70:45:b5:8d:28:b2:04:2b:e9:54:b5:
90:16:1e:1d:c4:df:75:07:40:03:53:3b:ca:16:01:
9b:cc:0a:68:db:b8:23:e2:7c:7c:42:f4:b0:b2:90:
0b:16:e2:eb:c8:bc:a8:b6:a0:57:87:01:b0:b8:a3:
15:62:c0:82:23:ba:08:6e:83:34:7f:0b:2a:99:6e:
c0:9f:03:f0:5e:82:74:48:de:7e:d2:0d:bc:af:f8:
cf:cb:0d:8f:e6:4c:05:f5:cb:99:df:35:ce:29:d7:
be:b9:82:d2:b1:f2:d6:3f:96:30:26:c0:c2:58:7f:
86:c8:4f:94:84:af:7d:ad:fc:2e:dd:ff:85:e8:db:
da:04:93:4e:4b:70:0b:bd:36:10:c1:bf:c9:85:e4:
0e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1E:1D:C3:EA:DD:22:CF:DB:0A:D8:5A:87:05:2E:CF:E7:A8:B0:F4
X509v3 Authority Key Identifier:
keyid:79:AD:07:4A:FA:CE:91:AC:3F:DD:0A:3E:BD:60:FA:DB:C1:6D:E4:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea0HSvrOkaw_3Qo-vWD628Ft5Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/1f6de8-9e29-4cb3-aa4a-0a2e9336d6d0/1/2x4dw-rdIs_bCthahwUuz-eosPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/1f6de8-9e29-4cb3-aa4a-0a2e9336d6d0/1/ea0HSvrOkaw_3Qo-vWD628Ft5Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
96:51:7e:f1:82:64:d1:c7:55:a4:5a:41:b0:64:fa:f4:df:8f:
c3:19:64:19:4e:84:3d:db:da:68:c4:18:a5:18:54:75:85:01:
b9:15:43:23:94:a5:4f:e7:81:45:e3:63:ae:66:17:b7:7f:ee:
51:03:67:5e:e7:d4:93:d0:a0:ee:01:d8:b3:11:a7:b1:99:91:
07:1c:8d:6b:51:2b:46:7b:5b:3f:ee:26:4e:6c:2d:bd:ca:35:
f6:7b:93:d4:1c:f9:20:e8:12:9a:78:79:04:ea:a3:f3:15:af:
87:51:ae:f8:26:7f:e2:32:8b:6a:c4:1c:ec:46:45:80:d0:5a:
be:03:ea:90:ef:fa:42:7d:81:9f:2e:11:83:34:06:de:3d:ea:
8e:79:7e:71:d5:af:ba:16:6d:57:fe:e9:7f:6b:b6:c4:ca:04:
39:67:ac:ee:e9:35:73:d3:4a:82:09:50:38:ce:09:29:61:92:
ac:46:d9:9e:bb:c6:2d:cb:b5:da:5c:ca:81:19:e7:f7:0b:e6:
97:68:10:62:d0:51:ba:f1:6c:73:30:df:60:dc:1b:65:aa:ef:
15:2c:21:d1:85:09:3e:dc:56:17:97:4a:34:2c:77:58:e1:3e:
ce:64:d0:ea:df:3a:57:1f:95:27:f9:e4:78:45:61:38:9d:36:
7f:b5:49:25
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxnpq/GPJ05KM9qeQoi6TpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YWQwNzRhZmFjZTkxYWMzZmRkMGEzZWJkNjBmYWRiYzE2
ZGU0ZmMwHhcNMjMwMTAyMDgzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjFlMWRjM2VhZGQyMmNmZGIwYWQ4NWE4NzA1MmVjZmU3YThiMGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnliwCVBM+wgFpgy53pgY6khFFcuI
HPamQYA4rK90bL7ms6tyt003k2vt7PzsIID/gO3el0QL3TcBAcsHgfbzkRNBKWQC
Ko4sjldnL0xMyBm0pRFmO1xiwiws1Ars132stNgX+azhM2snz7OecEW1jSiyBCvp
VLWQFh4dxN91B0ADUzvKFgGbzApo27gj4nx8QvSwspALFuLryLyotqBXhwGwuKMV
YsCCI7oIboM0fwsqmW7AnwPwXoJ0SN5+0g28r/jPyw2P5kwF9cuZ3zXOKde+uYLS
sfLWP5YwJsDCWH+GyE+UhK99rfwu3f+F6NvaBJNOS3ALvTYQwb/JheQOowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNseHcPq3SLP2wrYWocFLs/nqLD0MB8GA1UdIwQY
MBaAFHmtB0r6zpGsP90KPr1g+tvBbeT8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWEwSFN2ck9rYXdfM1FvLXZXRDYyOEZ0NVB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8xZjZkZTgtOWUyOS00Y2IzLWFhNGEt
MGEyZTkzMzZkNmQwLzEvMng0ZHctcmRJc19iQ3RoYWh3VXV6LWVvc1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8xZjZkZTgtOWUyOS00Y2IzLWFhNGEtMGEyZTkzMzZkNmQw
LzEvZWEwSFN2ck9rYXdfM1FvLXZXRDYyOEZ0NVB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4dwDAN
BgkqhkiG9w0BAQsFAAOCAQEAllF+8YJk0cdVpFpBsGT69N+PwxlkGU6EPdvaaMQY
pRhUdYUBuRVDI5SlT+eBReNjrmYXt3/uUQNnXufUk9Cg7gHYsxGnsZmRBxyNa1Er
RntbP+4mTmwtvco19nuT1Bz5IOgSmnh5BOqj8xWvh1Gu+CZ/4jKLasQc7EZFgNBa
vgPqkO/6Qn2Bny4RgzQG3j3qjnl+cdWvuhZtV/7pf2u2xMoEOWes7uk1c9NKgglQ
OM4JKWGSrEbZnrvGLcu12lzKgRnn9wvml2gQYtBRuvFsczDfYNwbZarvFSwh0YUJ
PtxWF5dKNCx3WOE+zmTQ6t86Vx+VJ/nkeEVhOJ02f7VJJQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:51 2025 by rpki-client