Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/_ZHbmfotROyVnXlwXME2AUPaH0s.roa
File: _ZHbmfotROyVnXlwXME2AUPaH0s.roa (raw, json)
Hash identifier: p0KeGU77wZblgaVmgctyBN2YGYNQiCB6qHCCAAIfZLQ=
Subject key identifier: FD:91:DB:99:FA:2D:44:EC:95:9D:79:70:5C:C1:36:01:43:DA:1F:4B
Certificate issuer: /CN=2bb330942298f75823cbb980c8eb2acf0b7c0c1b
Certificate serial: 018848E3BCCF1F3FF59A055D1250B1581843
Authority key identifier: 2B:B3:30:94:22:98:F7:58:23:CB:B9:80:C8:EB:2A:CF:0B:7C:0C:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7MwlCKY91gjy7mAyOsqzwt8DBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/_ZHbmfotROyVnXlwXME2AUPaH0s.roa
Signing time: Tue 23 May 2023 13:54:24 +0000
ROA not before: Tue 23 May 2023 13:54:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198552
IP address blocks: 2a00:c0a0:4000::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:e3:bc:cf:1f:3f:f5:9a:05:5d:12:50:b1:58:18:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bb330942298f75823cbb980c8eb2acf0b7c0c1b
Validity
Not Before: May 23 13:54:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd91db99fa2d44ec959d79705cc1360143da1f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:17:56:b3:e7:9f:81:26:75:a3:ef:bf:fe:29:
8d:f8:09:1a:22:44:e1:67:4c:38:14:59:53:b9:65:
b5:dd:52:45:09:7d:4c:ef:b6:31:e5:e3:63:b9:1d:
7f:42:01:bd:1a:00:4b:f2:c7:c3:5b:90:79:db:18:
df:4d:0c:98:1b:f1:c6:11:3b:5e:32:12:8a:ca:8f:
09:37:09:a3:a0:e8:a6:ff:9a:67:00:84:38:02:84:
a8:e2:4c:9f:6a:d8:a4:ff:93:ca:a5:df:07:8c:f2:
e7:54:d8:dd:e3:36:3c:e6:96:a3:25:5a:62:cb:7f:
c3:b7:7e:e5:06:38:f0:64:06:02:4a:55:de:5a:ce:
62:0d:1f:5d:11:ee:02:54:9f:52:66:e1:e3:ef:8e:
5c:ac:61:0b:43:1e:01:c2:6e:4c:5a:8a:4a:e9:77:
d8:8a:06:80:82:dd:a0:72:17:6f:be:f3:99:f0:16:
5b:0c:5c:2c:bc:1f:07:5d:dc:b1:26:60:b6:05:27:
da:b4:0a:2e:4e:96:85:31:8f:cb:64:a9:7f:39:cd:
19:bd:02:44:59:55:9a:de:37:e1:43:35:bc:b1:4c:
56:db:33:91:1c:fc:43:8a:44:bf:34:e8:45:83:9d:
8f:10:2b:78:04:b9:40:e7:25:ee:35:56:7e:dc:70:
ec:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:91:DB:99:FA:2D:44:EC:95:9D:79:70:5C:C1:36:01:43:DA:1F:4B
X509v3 Authority Key Identifier:
keyid:2B:B3:30:94:22:98:F7:58:23:CB:B9:80:C8:EB:2A:CF:0B:7C:0C:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7MwlCKY91gjy7mAyOsqzwt8DBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/_ZHbmfotROyVnXlwXME2AUPaH0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/K7MwlCKY91gjy7mAyOsqzwt8DBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:c0a0:4000::/34
Signature Algorithm: sha256WithRSAEncryption
80:70:b6:33:91:de:52:2d:6e:87:45:8b:4d:0a:91:fd:30:01:
a7:9e:b1:dc:b8:17:5c:a9:4b:94:96:41:fc:01:ee:13:14:ea:
d9:6d:45:99:ef:f9:03:3e:57:d3:d2:d7:3e:dc:ff:14:8c:97:
4a:d4:54:cb:0d:b7:7e:d1:e4:12:3b:71:d5:c2:b6:bb:7f:d0:
80:e3:3b:bf:f6:6e:94:e4:30:82:35:6c:76:31:1b:5e:8a:c9:
1e:d7:3c:5c:02:f7:db:a7:72:16:99:96:40:90:41:0e:84:d9:
b8:24:08:76:38:a2:e6:60:f1:e9:2b:69:19:08:05:4a:2c:6b:
47:cd:03:64:6f:49:49:17:4b:cb:4e:e7:52:64:47:a7:2d:a9:
ba:15:37:49:82:75:25:32:26:0e:6f:b9:ca:4a:37:2b:fb:7a:
e5:60:a9:90:c8:1b:3b:ea:cc:ac:50:75:f9:8a:9a:4c:a7:46:
cf:3d:58:37:40:fd:81:13:35:fc:0b:67:f3:d9:11:d9:a6:b4:
1d:6a:e3:dc:1a:8b:fd:ba:9c:ec:dd:73:3c:c4:7e:31:b5:a9:
28:23:ae:af:08:2f:d3:04:03:59:3a:4b:04:58:24:d0:66:2d:
e3:c0:18:fe:5a:6d:9a:ba:35:5a:ce:6e:48:b6:e6:83:e9:d0:
3b:c9:51:30
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYhI47zPHz/1mgVdElCxWBhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYjMzMDk0MjI5OGY3NTgyM2NiYjk4MGM4ZWIyYWNmMGI3
YzBjMWIwHhcNMjMwNTIzMTM1NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDkxZGI5OWZhMmQ0NGVjOTU5ZDc5NzA1Y2MxMzYwMTQzZGExZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRdWs+efgSZ1o++//imN+AkaIkTh
Z0w4FFlTuWW13VJFCX1M77Yx5eNjuR1/QgG9GgBL8sfDW5B52xjfTQyYG/HGETte
MhKKyo8JNwmjoOim/5pnAIQ4AoSo4kyfatik/5PKpd8HjPLnVNjd4zY85pajJVpi
y3/Dt37lBjjwZAYCSlXeWs5iDR9dEe4CVJ9SZuHj745crGELQx4Bwm5MWopK6XfY
igaAgt2gchdvvvOZ8BZbDFwsvB8HXdyxJmC2BSfatAouTpaFMY/LZKl/Oc0ZvQJE
WVWa3jfhQzW8sUxW2zORHPxDikS/NOhFg52PECt4BLlA5yXuNVZ+3HDsLQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFP2R25n6LUTslZ15cFzBNgFD2h9LMB8GA1UdIwQY
MBaAFCuzMJQimPdYI8u5gMjrKs8LfAwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzdNd2xDS1k5MWdqeTdtQXlPc3F6d3Q4REJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85OTA3NDctMzQ1NC00NDEyLThmMDYt
NmIzYTQ3NjY3Y2E4LzEvX1pIYm1mb3RST3lWblhsd1hNRTJBVVBhSDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85OTA3NDctMzQ1NC00NDEyLThmMDYtNmIzYTQ3NjY3Y2E4
LzEvSzdNd2xDS1k5MWdqeTdtQXlPc3F6d3Q4REJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGKgDAoEAw
DQYJKoZIhvcNAQELBQADggEBAIBwtjOR3lItbodFi00Kkf0wAaeesdy4F1ypS5SW
QfwB7hMU6tltRZnv+QM+V9PS1z7c/xSMl0rUVMsNt37R5BI7cdXCtrt/0IDjO7/2
bpTkMII1bHYxG16KyR7XPFwC99unchaZlkCQQQ6E2bgkCHY4ouZg8ekraRkIBUos
a0fNA2RvSUkXS8tO51JkR6ctqboVN0mCdSUyJg5vucpKNyv7euVgqZDIGzvqzKxQ
dfmKmkynRs89WDdA/YETNfwLZ/PZEdmmtB1q49wai/26nOzdczzEfjG1qSgjrq8I
L9MEA1k6SwRYJNBmLePAGP5abZq6NVrObki25oPp0DvJUTA=
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:58:16 2025 by rpki-client