Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/AQog5a5MP3lScbrTLq7PQ4JKLkw.roa
File: AQog5a5MP3lScbrTLq7PQ4JKLkw.roa (raw, json)
Hash identifier: B6TljLClBbhY4Qxny5hnNKjaXj+1BKU8inpgiDApHrY=
Subject key identifier: 01:0A:20:E5:AE:4C:3F:79:52:71:BA:D3:2E:AE:CF:43:82:4A:2E:4C
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 0188E884C9CDB051EF6D4E414A93CDB0624C
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/AQog5a5MP3lScbrTLq7PQ4JKLkw.roa
Signing time: Fri 23 Jun 2023 13:49:56 +0000
ROA not before: Fri 23 Jun 2023 13:49:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198015
IP address blocks: 2a0f:7803:ff80::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:84:c9:cd:b0:51:ef:6d:4e:41:4a:93:cd:b0:62:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jun 23 13:49:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=010a20e5ae4c3f795271bad32eaecf43824a2e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b7:9f:ec:44:af:05:0e:fe:9c:02:f3:e3:c5:
12:c6:65:11:57:fe:1b:ea:90:d2:ab:b0:d7:7c:12:
72:da:41:c8:55:fb:1e:77:2b:2c:e4:a4:03:6a:f2:
fb:c0:c0:f7:92:55:b9:09:ee:9b:7b:7a:a0:31:e0:
bd:64:06:90:b9:bf:c7:15:c9:05:f6:5d:62:21:fe:
19:30:86:31:8d:d7:5b:d7:fd:0b:39:1b:6b:05:de:
1e:00:3d:c9:18:8f:35:a9:9b:1b:67:f9:19:37:85:
40:eb:39:99:06:3e:2a:b0:3a:44:cc:24:c5:a4:b7:
fb:09:00:12:9f:3c:13:61:95:7b:8b:0d:2f:35:1d:
03:38:dc:78:2c:4b:7f:49:f2:04:f8:3f:f4:08:72:
bf:a0:b0:42:89:f3:10:8d:54:d1:9e:91:2e:85:a0:
25:60:a8:d2:a3:6b:56:ea:99:12:eb:10:1c:83:ef:
1c:3d:1c:03:f4:0e:9b:23:e8:a8:71:1d:dc:01:7f:
fd:96:64:fd:fb:2d:c6:a6:f3:f3:fb:c3:20:08:5e:
6d:e5:a4:c5:c2:8e:b4:20:31:36:65:4f:19:84:45:
de:fa:c1:c2:d4:bd:a2:65:27:0e:ba:bf:5d:e5:37:
ec:69:ba:2c:72:f4:62:d7:59:97:aa:f4:89:2a:44:
5f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:0A:20:E5:AE:4C:3F:79:52:71:BA:D3:2E:AE:CF:43:82:4A:2E:4C
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/AQog5a5MP3lScbrTLq7PQ4JKLkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:ff80::/44
Signature Algorithm: sha256WithRSAEncryption
78:7d:d2:a2:c9:e0:b4:b3:4d:67:e6:40:a1:e2:2c:cd:3f:c2:
35:56:42:1b:a5:40:d7:65:52:38:41:12:81:c8:a6:e1:bd:bf:
42:7f:d3:af:bd:9f:61:b1:dc:65:7e:c3:df:38:72:96:9d:25:
c7:d4:4b:90:2a:9c:d0:7b:15:8c:40:e9:94:98:30:b5:8a:a6:
e8:99:34:9b:ed:20:61:e0:dc:92:ea:54:07:5e:10:5f:99:ab:
07:40:bc:fd:da:da:86:38:a7:28:1b:3f:4e:80:f7:81:9a:6d:
ad:42:8c:4f:12:c4:f4:61:a8:f4:3d:75:4b:80:1e:fb:76:1f:
92:13:cb:b2:6d:9c:4a:77:8d:83:00:e3:88:11:22:3c:4a:55:
55:c5:56:ff:6f:09:5f:cb:40:79:f2:40:b5:6c:7b:96:e1:ff:
f9:42:2b:ae:3f:7a:47:26:19:74:be:c9:b9:97:4b:4b:8a:fc:
83:ed:df:6a:b3:1e:94:a5:4b:99:4c:0c:f5:e9:ab:e8:de:0d:
63:00:4a:14:f2:35:72:20:1d:81:35:2d:d3:00:1b:04:d4:83:
93:80:f2:f1:b2:e8:56:b9:40:82:5b:88:42:cb:6a:b0:07:39:
34:94:1e:f7:2e:61:b6:dc:37:d9:fa:d5:47:89:b8:5b:02:78:
cb:85:2d:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjohMnNsFHvbU5BSpPNsGJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjMwNjIzMTM0OTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTBhMjBlNWFlNGMzZjc5NTI3MWJhZDMyZWFlY2Y0MzgyNGEyZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLef7ESvBQ7+nALz48USxmURV/4b
6pDSq7DXfBJy2kHIVfsedyss5KQDavL7wMD3klW5Ce6be3qgMeC9ZAaQub/HFckF
9l1iIf4ZMIYxjddb1/0LORtrBd4eAD3JGI81qZsbZ/kZN4VA6zmZBj4qsDpEzCTF
pLf7CQASnzwTYZV7iw0vNR0DONx4LEt/SfIE+D/0CHK/oLBCifMQjVTRnpEuhaAl
YKjSo2tW6pkS6xAcg+8cPRwD9A6bI+iocR3cAX/9lmT9+y3GpvPz+8MgCF5t5aTF
wo60IDE2ZU8ZhEXe+sHC1L2iZScOur9d5TfsaboscvRi11mXqvSJKkRfpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAEKIOWuTD95UnG60y6uz0OCSi5MMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvQVFvZzVhNU1QM2xTY2JyVExxN1BRNEpLTGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/+A
MA0GCSqGSIb3DQEBCwUAA4IBAQB4fdKiyeC0s01n5kCh4izNP8I1VkIbpUDXZVI4
QRKByKbhvb9Cf9OvvZ9hsdxlfsPfOHKWnSXH1EuQKpzQexWMQOmUmDC1iqbomTSb
7SBh4NyS6lQHXhBfmasHQLz92tqGOKcoGz9OgPeBmm2tQoxPEsT0Yaj0PXVLgB77
dh+SE8uybZxKd42DAOOIESI8SlVVxVb/bwlfy0B58kC1bHuW4f/5QiuuP3pHJhl0
vsm5l0tLivyD7d9qsx6UpUuZTAz16avo3g1jAEoU8jVyIB2BNS3TABsE1IOTgPLx
suhWuUCCW4hCy2qwBzk0lB73LmG23DfZ+tVHibhbAnjLhS1T
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:09 2025 by rpki-client