Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/m5_9-vqOjFGV1d0-mgTKiCnJJng.roa
File: m5_9-vqOjFGV1d0-mgTKiCnJJng.roa (raw, json)
Hash identifier: VJmc4kGl3eWEQHbdGB/+l6m86vva3xSHniK0nNzBsnQ=
Subject key identifier: 9B:9F:FD:FA:FA:8E:8C:51:95:D5:DD:3E:9A:04:CA:88:29:C9:26:78
Certificate issuer: /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial: 01856D018292E1689826FBCC7B5BA8F8E4F9
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/m5_9-vqOjFGV1d0-mgTKiCnJJng.roa
Signing time: Sun 01 Jan 2023 11:04:53 +0000
ROA not before: Sun 01 Jan 2023 11:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:8900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:82:92:e1:68:98:26:fb:cc:7b:5b:a8:f8:e4:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Validity
Not Before: Jan 1 11:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b9ffdfafa8e8c5195d5dd3e9a04ca8829c92678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5f:e8:5c:a4:09:50:0f:07:d5:b6:7b:f9:83:
7b:b4:5b:94:97:9e:b9:e6:92:8e:cb:e4:9a:05:42:
4d:89:b3:02:00:e7:9a:ce:9e:3f:04:3f:52:8c:53:
21:d7:ff:4e:d9:c2:52:10:28:5e:a2:79:57:a6:52:
8a:17:c6:0f:7b:27:3f:a5:9e:c0:d3:00:ff:59:3d:
5b:2b:12:93:dd:8a:3a:68:9a:2c:80:c4:94:c7:d4:
b4:79:a0:06:45:e2:1b:49:19:7f:a8:b0:f5:79:83:
40:86:b7:a7:8e:1f:7e:ec:41:30:82:42:c6:d8:41:
04:24:39:e8:2c:3f:44:67:e1:e6:8a:f8:06:d0:af:
d8:89:ad:ff:07:c9:b3:2c:26:cc:4c:06:1a:3b:86:
0f:7b:cb:8f:8e:d6:6b:b1:09:ef:1f:24:2d:76:8a:
82:14:10:fe:1b:2e:83:97:55:b9:77:19:ff:47:77:
74:48:a3:67:0b:41:5c:8b:fe:28:c3:8e:07:73:a0:
02:c8:9a:c0:4f:de:42:d2:bb:5f:1f:0b:fc:d9:f3:
60:d3:dd:89:81:b9:11:fa:a6:2b:41:47:c6:09:3f:
83:11:02:41:72:50:eb:aa:35:17:6f:93:35:99:f0:
39:77:7e:36:61:ad:21:36:65:e9:b9:b1:83:3c:80:
68:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:9F:FD:FA:FA:8E:8C:51:95:D5:DD:3E:9A:04:CA:88:29:C9:26:78
X509v3 Authority Key Identifier:
keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/m5_9-vqOjFGV1d0-mgTKiCnJJng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8900::/29
Signature Algorithm: sha256WithRSAEncryption
97:72:33:5b:06:5d:90:f7:1a:15:99:4a:a1:6a:db:10:ca:90:
80:be:40:95:d6:54:81:a9:e8:44:cf:8d:3b:16:39:55:8d:ad:
6d:43:dc:4f:99:f1:9e:44:59:3a:a0:6b:f5:79:90:08:30:99:
a3:fe:55:f5:91:ad:36:5c:1e:a9:3f:81:07:f4:16:4f:cb:41:
0f:3c:6f:92:69:90:ca:98:3c:da:d7:c1:67:85:7c:c0:c0:55:
00:45:1d:6e:a7:32:7b:57:5d:29:e6:ad:6a:f4:41:8e:34:97:
43:8e:01:4e:ff:5f:b1:02:b3:7e:77:3a:91:50:4e:1a:1f:ee:
6c:74:35:9b:74:c2:8c:3d:46:b0:33:7f:e2:ca:b9:a8:37:2f:
ee:68:23:88:46:57:05:03:f6:4d:97:5b:9e:ea:3f:c0:bc:b9:
8c:49:b9:26:3b:58:b5:05:b4:74:f4:83:4c:5a:35:1e:36:34:
27:b0:fa:94:07:79:54:a3:d0:31:a3:85:cf:3b:9c:28:f1:40:
9e:8b:d5:db:52:52:61:07:00:ef:5e:3e:d9:1e:88:68:e9:79:
49:1a:bc:88:dd:d8:c3:94:f3:a0:ca:ca:f0:27:20:a0:b1:b4:
53:29:56:64:ca:08:ee:6d:a0:06:e6:65:d5:96:28:6f:2f:31:
27:bc:90:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtAYKS4WiYJvvMe1uo+OT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjA3NmYyN2UxM2QxODAwZTc3ZDE2ZTRiNjBiMjNiNmY1
OGM4MjAwHhcNMjMwMTAxMTEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjlmZmRmYWZhOGU4YzUxOTVkNWRkM2U5YTA0Y2E4ODI5YzkyNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF/oXKQJUA8H1bZ7+YN7tFuUl565
5pKOy+SaBUJNibMCAOeazp4/BD9SjFMh1/9O2cJSECheonlXplKKF8YPeyc/pZ7A
0wD/WT1bKxKT3Yo6aJosgMSUx9S0eaAGReIbSRl/qLD1eYNAhrenjh9+7EEwgkLG
2EEEJDnoLD9EZ+HmivgG0K/Yia3/B8mzLCbMTAYaO4YPe8uPjtZrsQnvHyQtdoqC
FBD+Gy6Dl1W5dxn/R3d0SKNnC0Fci/4ow44Hc6ACyJrAT95C0rtfHwv82fNg092J
gbkR+qYrQUfGCT+DEQJBclDrqjUXb5M1mfA5d342Ya0hNmXpubGDPIBofQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJuf/fr6joxRldXdPpoEyogpySZ4MB8GA1UdIwQY
MBaAFOVgdvJ+E9GADnfRbktgsjtvWMggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgt
NThjZjg5ODg4ZTJhLzEvbTVfOS12cU9qRkdWMWQwLW1nVEtpQ25KSm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgtNThjZjg5ODg4ZTJh
LzEvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGJADAN
BgkqhkiG9w0BAQsFAAOCAQEAl3IzWwZdkPcaFZlKoWrbEMqQgL5AldZUganoRM+N
OxY5VY2tbUPcT5nxnkRZOqBr9XmQCDCZo/5V9ZGtNlweqT+BB/QWT8tBDzxvkmmQ
ypg82tfBZ4V8wMBVAEUdbqcye1ddKeatavRBjjSXQ44BTv9fsQKzfnc6kVBOGh/u
bHQ1m3TCjD1GsDN/4sq5qDcv7mgjiEZXBQP2TZdbnuo/wLy5jEm5JjtYtQW0dPSD
TFo1HjY0J7D6lAd5VKPQMaOFzzucKPFAnovV21JSYQcA714+2R6IaOl5SRq8iN3Y
w5TzoMrK8CcgoLG0UylWZMoI7m2gBuZl1ZYoby8xJ7yQFQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:20:46 2025 by rpki-client