Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/teXDJT3Y4L0kgc6jc5yuNUbWKxg.roa
File: teXDJT3Y4L0kgc6jc5yuNUbWKxg.roa (raw, json)
Hash identifier: qwaZMklb4izGmpAqGNZqqwcH5SbXah/HQaH8dEWIN28=
Subject key identifier: B5:E5:C3:25:3D:D8:E0:BD:24:81:CE:A3:73:9C:AE:35:46:D6:2B:18
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018906121F163AFD2454533F7C654E9AA36E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/teXDJT3Y4L0kgc6jc5yuNUbWKxg.roa
Signing time: Thu 29 Jun 2023 07:33:18 +0000
ROA not before: Thu 29 Jun 2023 07:33:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 2a01:280:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:12:1f:16:3a:fd:24:54:53:3f:7c:65:4e:9a:a3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jun 29 07:33:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5e5c3253dd8e0bd2481cea3739cae3546d62b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e4:ff:5e:4a:dd:92:ea:dc:fc:04:21:eb:0b:
c4:64:d3:15:3c:7e:ac:a1:03:b0:db:c5:20:a0:63:
49:d4:7a:88:0e:f3:af:b4:33:ff:11:5d:c1:41:8e:
cc:78:7a:84:fa:4f:34:fd:0b:db:ef:b2:fc:e1:64:
06:de:36:c9:cf:60:22:92:7f:5e:21:76:9a:7f:70:
6c:89:04:01:0d:fc:dc:3b:15:8c:5f:07:29:ed:a3:
aa:af:01:99:83:54:59:67:40:d6:ad:3b:47:1b:38:
80:a8:9b:0f:db:82:4b:b1:b1:ad:2d:06:8d:6c:66:
c1:ce:b6:6e:d0:9e:9a:53:c1:fb:f8:88:22:1b:21:
54:a4:ae:d4:98:0c:9f:80:72:aa:3b:ea:b0:d5:e5:
21:8c:62:14:3d:83:2b:8c:5e:58:7a:e8:40:f9:3d:
24:9c:67:be:89:69:5f:2e:a5:39:2b:67:9f:6a:7c:
f7:96:3b:7d:31:d5:70:45:1f:5e:a9:41:94:98:7d:
83:06:3c:18:f6:1a:b2:25:1b:3f:ff:63:01:5c:78:
9f:f2:fe:ac:c1:ae:a0:28:b2:dd:c2:e2:86:13:e9:
87:e4:78:d4:d1:a7:2c:d2:60:f4:ea:e6:6b:06:cb:
36:6d:1b:ef:f0:ea:28:30:f3:0b:ef:22:35:d7:96:
1a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:E5:C3:25:3D:D8:E0:BD:24:81:CE:A3:73:9C:AE:35:46:D6:2B:18
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/teXDJT3Y4L0kgc6jc5yuNUbWKxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:280:200::/40
Signature Algorithm: sha256WithRSAEncryption
32:a4:25:01:13:33:ba:31:0d:7d:d9:9e:47:96:3c:34:56:76:
22:99:dd:3f:a5:4c:20:be:61:c6:1d:e8:38:15:5e:18:b0:53:
d5:d0:ec:84:2b:8a:c9:2a:3d:dc:d3:0e:eb:e7:a4:ad:7b:0b:
fd:05:4a:0a:6f:8f:ec:95:11:75:0b:96:49:a0:ff:fa:ef:10:
53:3b:e2:dc:84:b8:f7:5c:f5:bb:be:a0:b0:da:af:e8:b6:80:
35:c2:95:90:1e:c4:28:76:d5:b8:4d:43:8f:5d:24:06:fa:93:
ee:4f:59:61:db:e3:36:bc:00:e8:65:6a:a9:22:55:b8:c3:f2:
80:25:bc:7e:4c:5f:a4:76:0d:2d:11:14:7a:d0:e1:fa:0b:aa:
64:91:b5:54:01:62:93:f5:da:7a:57:c2:bf:8f:a9:00:9b:92:
d4:64:15:80:6e:2e:4c:fe:5b:34:a2:0d:d7:4a:1f:ed:09:03:
10:25:d9:5b:85:fa:dc:32:a0:54:79:8d:2a:aa:6e:ef:fa:01:
06:f3:b4:64:b0:66:6c:97:ed:8e:65:b0:48:d6:e7:31:84:8a:
6d:f5:04:81:b4:7b:0a:04:bb:bb:1a:36:3e:85:9c:2c:5b:b5:
4c:da:b4:3a:f4:60:f8:53:4b:fd:4d:65:07:34:dd:fb:a8:ac:
42:74:cc:cb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYkGEh8WOv0kVFM/fGVOmqNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwNjI5MDczMzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWU1YzMyNTNkZDhlMGJkMjQ4MWNlYTM3MzljYWUzNTQ2ZDYyYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+T/Xkrdkurc/AQh6wvEZNMVPH6s
oQOw28UgoGNJ1HqIDvOvtDP/EV3BQY7MeHqE+k80/Qvb77L84WQG3jbJz2Aikn9e
IXaaf3BsiQQBDfzcOxWMXwcp7aOqrwGZg1RZZ0DWrTtHGziAqJsP24JLsbGtLQaN
bGbBzrZu0J6aU8H7+IgiGyFUpK7UmAyfgHKqO+qw1eUhjGIUPYMrjF5YeuhA+T0k
nGe+iWlfLqU5K2efanz3ljt9MdVwRR9eqUGUmH2DBjwY9hqyJRs//2MBXHif8v6s
wa6gKLLdwuKGE+mH5HjU0acs0mD06uZrBss2bRvv8OooMPML7yI115YavQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLXlwyU92OC9JIHOo3OcrjVG1isYMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdGVYREpUM1k0TDBrZ2M2amM1eXVOVWJXS3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgECgAIw
DQYJKoZIhvcNAQELBQADggEBADKkJQETM7oxDX3ZnkeWPDRWdiKZ3T+lTCC+YcYd
6DgVXhiwU9XQ7IQriskqPdzTDuvnpK17C/0FSgpvj+yVEXULlkmg//rvEFM74tyE
uPdc9bu+oLDar+i2gDXClZAexCh21bhNQ49dJAb6k+5PWWHb4za8AOhlaqkiVbjD
8oAlvH5MX6R2DS0RFHrQ4foLqmSRtVQBYpP12npXwr+PqQCbktRkFYBuLkz+WzSi
DddKH+0JAxAl2VuF+twyoFR5jSqqbu/6AQbztGSwZmyX7Y5lsEjW5zGEim31BIG0
ewoEu7saNj6FnCxbtUzatDr0YPhTS/1NZQc03fuorEJ0zMs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:24 2025 by rpki-client