Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/kAZRiwqZT1BlzoPbLB0FtK89FFg.roa
File: kAZRiwqZT1BlzoPbLB0FtK89FFg.roa (raw, json)
Hash identifier: viiOUCFNKhl5potAoJ1HEQafXK9ZJei2IUYyomnuWT4=
Subject key identifier: 90:06:51:8B:0A:99:4F:50:65:CE:83:DB:2C:1D:05:B4:AF:3D:14:58
Certificate issuer: /CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Certificate serial: 11B812D4
Authority key identifier: DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/kAZRiwqZT1BlzoPbLB0FtK89FFg.roa
Signing time: Sat 01 Jan 2022 08:02:20 +0000
ROA not before: Sat 01 Jan 2022 08:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208073
IP address blocks: 2a03:1b20:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297276116 (0x11b812d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Validity
Not Before: Jan 1 08:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9006518b0a994f5065ce83db2c1d05b4af3d1458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:67:be:7b:70:eb:a4:11:4f:5c:da:bd:65:b7:
cd:6e:cb:af:8a:2f:6c:0a:08:eb:b3:a8:56:ed:30:
66:e7:e9:fd:47:02:e4:05:79:7d:72:88:90:1a:5b:
74:96:31:48:88:d2:51:64:63:ef:5f:15:e3:0e:0c:
74:62:d3:52:16:b0:2d:8c:92:2f:99:0d:ef:06:2c:
dc:fa:24:39:2c:22:9f:5e:66:0a:cf:41:12:e3:60:
bf:98:73:6e:a8:19:37:61:f7:f5:71:a0:b9:c4:34:
b1:b2:cd:0e:5c:de:64:26:38:40:62:65:f5:c1:90:
d5:93:09:4e:d5:f8:a3:3d:96:3c:5c:ec:81:6f:ce:
47:66:68:45:31:9c:b1:de:4c:cc:fe:69:36:db:39:
29:4c:8c:23:f1:ee:9a:bc:eb:5f:2c:2b:c1:4b:bd:
be:de:9c:7d:a1:a1:5d:13:50:e5:45:b9:75:52:2d:
49:08:00:5f:e8:47:b7:f3:eb:23:e0:8e:b6:46:a1:
35:1b:7e:20:e1:39:84:2c:4a:e6:69:0f:52:cf:13:
ef:4d:43:dc:17:68:b7:34:00:ed:db:3a:b9:e9:d5:
64:da:4a:f7:7e:78:27:4d:3f:f2:30:35:6d:95:09:
d7:b8:15:d0:5b:0c:ec:89:ac:c3:fa:2d:cc:a2:c4:
45:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:06:51:8B:0A:99:4F:50:65:CE:83:DB:2C:1D:05:B4:AF:3D:14:58
X509v3 Authority Key Identifier:
keyid:DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/kAZRiwqZT1BlzoPbLB0FtK89FFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:1b20:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
8a:65:07:f5:7e:47:ec:96:63:34:55:23:2b:7c:57:57:d4:01:
00:21:d4:86:53:45:5b:0f:ce:8b:01:74:47:df:43:aa:b5:4f:
09:57:78:1d:68:65:53:84:32:0b:52:1b:72:3b:c1:bb:ae:06:
6f:4a:e7:54:7c:20:34:05:66:e8:d8:7a:b8:c5:32:1a:f9:77:
2b:11:2e:4f:a9:d2:14:7c:c1:23:7a:78:f2:b7:70:b6:81:5b:
e4:9c:a1:03:ac:0d:5e:6a:56:89:fb:0c:67:a8:5c:55:3b:fe:
b0:59:04:35:56:8e:9f:6b:d0:bf:d5:bd:d2:d1:c3:bb:bd:df:
ab:26:c5:d1:ba:aa:06:ba:d2:d4:ca:1e:18:97:ad:d4:07:70:
61:f7:82:d4:e7:92:35:ab:a1:1c:00:74:51:e1:aa:19:48:29:
55:5e:32:fa:e4:3c:61:6a:79:3f:e0:a1:ed:94:91:0b:41:e2:
99:34:d2:02:6e:89:24:7f:84:59:e0:fd:6e:8a:02:1c:8c:ff:
c1:72:e5:1b:83:68:29:fd:c6:24:66:cc:fe:24:83:b6:f5:26:
df:64:5d:da:f5:32:b2:5c:4a:36:d0:68:9b:e7:6e:54:90:79:
26:8d:a7:5d:a9:20:4a:45:e2:1d:73:51:bd:21:f0:d5:5f:b8:
a6:95:5f:44
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEbgS1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTJlOTE3MzE1ZjBhODc4YjIxZmMxMzlkNDlhODIxYWFkZGMzYzk3MB4XDTIyMDEw
MTA4MDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAwNjUxOGIwYTk5
NGY1MDY1Y2U4M2RiMmMxZDA1YjRhZjNkMTQ1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9nvntw66QRT1zavWW3zW7Lr4ovbAoI67OoVu0wZufp/UcC
5AV5fXKIkBpbdJYxSIjSUWRj718V4w4MdGLTUhawLYySL5kN7wYs3PokOSwin15m
Cs9BEuNgv5hzbqgZN2H39XGgucQ0sbLNDlzeZCY4QGJl9cGQ1ZMJTtX4oz2WPFzs
gW/OR2ZoRTGcsd5MzP5pNts5KUyMI/HumrzrXywrwUu9vt6cfaGhXRNQ5UW5dVIt
SQgAX+hHt/PrI+COtkahNRt+IOE5hCxK5mkPUs8T701D3BdotzQA7ds6uenVZNpK
9354J00/8jA1bZUJ17gV0FsM7Imsw/otzKLERVMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSQBlGLCplPUGXOg9ssHQW0rz0UWDAfBgNVHSMEGDAWgBTeLpFzFfCoeLIf
wTnUmoIardw8lzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNpNlJjeFh3cUhpeUg4RTUxSnFDR3EzY1BKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMmQ1YmM4LTVkOTMtNGIwYS1hOGI2LWY4ZDY1Yzk4Mzc0NC8x
L2tBWlJpd3FaVDFCbHpvUGJMQjBGdEs4OUZGZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MmQ1YmM4LTVkOTMtNGIwYS1hOGI2LWY4ZDY1Yzk4Mzc0NC8xLzNpNlJjeFh3cUhp
eUg4RTUxSnFDR3EzY1BKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDGyD//zANBgkqhkiG9w0BAQsF
AAOCAQEAimUH9X5H7JZjNFUjK3xXV9QBACHUhlNFWw/OiwF0R99DqrVPCVd4HWhl
U4QyC1IbcjvBu64Gb0rnVHwgNAVm6Nh6uMUyGvl3KxEuT6nSFHzBI3p48rdwtoFb
5JyhA6wNXmpWifsMZ6hcVTv+sFkENVaOn2vQv9W90tHDu73fqybF0bqqBrrS1Moe
GJet1AdwYfeC1OeSNauhHAB0UeGqGUgpVV4y+uQ8YWp5P+Ch7ZSRC0HimTTSAm6J
JH+EWeD9booCHIz/wXLlG4NoKf3GJGbM/iSDtvUm32Rd2vUyslxKNtBom+duVJB5
Jo2nXakgSkXiHXNRvSHw1V+4ppVfRA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:55 2025 by rpki-client