Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/pOx8_w5mKcBw3h8gTiiL-4PKiY4.roa
File: pOx8_w5mKcBw3h8gTiiL-4PKiY4.roa (raw, json)
Hash identifier: 3fQN5CoPcuW6VfXizqG3w49IAR8wxq4Dx3cHKpg0mv8=
Subject key identifier: A4:EC:7C:FF:0E:66:29:C0:70:DE:1F:20:4E:28:8B:FB:83:CA:89:8E
Certificate issuer: /CN=cb952f9c339cabd14234d00c84a252d7ec71a2a2
Certificate serial: 01856E78D8D8D2FE5A07B0AB074750BA9D15
Authority key identifier: CB:95:2F:9C:33:9C:AB:D1:42:34:D0:0C:84:A2:52:D7:EC:71:A2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/pOx8_w5mKcBw3h8gTiiL-4PKiY4.roa
Signing time: Sun 01 Jan 2023 17:54:51 +0000
ROA not before: Sun 01 Jan 2023 17:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59749
IP address blocks: 2a01:73e0:e030::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:d8:d8:d2:fe:5a:07:b0:ab:07:47:50:ba:9d:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb952f9c339cabd14234d00c84a252d7ec71a2a2
Validity
Not Before: Jan 1 17:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4ec7cff0e6629c070de1f204e288bfb83ca898e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:66:02:33:14:d4:ae:14:9f:d8:87:9a:5a:67:
8f:d6:d2:a0:f9:6d:f4:56:8a:fa:d5:9e:3b:90:a0:
05:f2:02:16:d2:1d:28:f4:45:f4:09:62:13:07:35:
83:0b:03:6c:dd:0c:cf:7b:6c:43:b4:46:d6:14:91:
3b:fd:70:f8:c3:33:d9:e3:f8:24:98:2e:ad:67:8e:
0e:66:f9:db:ae:3b:05:80:8c:13:34:a6:72:c8:e4:
4e:ba:52:d9:24:4f:9b:db:c8:21:5a:5a:98:ab:36:
f9:11:c7:22:9e:ed:ea:9a:50:3f:f3:04:72:e0:37:
85:7c:44:ae:ee:91:e0:25:88:97:9b:62:76:b0:e9:
79:25:bc:32:39:85:30:ba:c5:18:e1:0c:79:93:5d:
8e:ff:0a:85:9e:aa:73:69:e5:e1:c9:88:f4:f6:5c:
42:93:a7:45:8c:94:d6:2f:3d:c3:9a:b6:67:5a:13:
13:49:1c:ce:2a:a4:0c:26:1b:dc:ad:c5:6f:1f:e7:
e5:70:db:1f:dc:31:52:ee:ee:34:c4:68:e5:71:2a:
1b:32:f7:7f:97:d6:5e:75:3c:6b:94:d7:84:16:e1:
ac:2c:66:15:d8:93:35:ff:92:4a:12:b5:11:5e:51:
36:0f:14:02:7a:80:c8:06:3a:88:3b:5d:9f:ad:2f:
e7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EC:7C:FF:0E:66:29:C0:70:DE:1F:20:4E:28:8B:FB:83:CA:89:8E
X509v3 Authority Key Identifier:
keyid:CB:95:2F:9C:33:9C:AB:D1:42:34:D0:0C:84:A2:52:D7:EC:71:A2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/pOx8_w5mKcBw3h8gTiiL-4PKiY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/y5UvnDOcq9FCNNAMhKJS1-xxoqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:73e0:e030::/48
Signature Algorithm: sha256WithRSAEncryption
78:d3:76:72:e9:0a:fa:35:fd:48:a4:b7:3f:2b:30:91:d9:16:
89:97:04:cd:b1:93:14:52:59:d8:c6:f5:9a:dc:71:b6:6e:15:
6b:fb:a6:e7:5f:9f:62:f6:4d:c6:ba:6b:89:a0:6e:6c:c5:37:
c6:29:85:fb:0f:20:65:9c:55:a4:50:c8:bb:81:d9:bb:77:82:
9d:a4:cb:85:a5:ea:07:ca:60:dc:50:4e:6c:d4:1e:8d:e5:5b:
e6:93:80:5c:5d:ae:b2:8a:66:d2:87:46:09:6d:0a:f0:7a:6d:
bc:0d:ee:3e:ee:8c:86:d2:dc:07:8f:66:47:6e:21:a7:c7:d2:
4d:58:45:2a:48:80:bb:24:5d:71:da:be:3a:c8:74:59:89:70:
bf:93:ea:c5:d1:05:98:2c:57:94:87:5c:cf:32:22:8c:a5:6c:
20:5a:04:84:9f:cc:2f:5d:c1:5e:8f:55:9e:ae:bf:f3:81:f0:
11:26:be:0f:c6:a6:fb:4a:9b:ca:35:83:ed:b5:1b:08:19:d8:
9a:a7:ed:a4:6a:f8:7c:2d:44:82:de:02:05:ff:56:31:a2:de:
ab:cc:55:fb:82:a9:f5:86:5c:97:57:ab:48:b8:f4:79:ff:0d:
b5:4a:f2:27:30:74:f7:4c:ad:89:26:6e:55:23:2e:a3:c6:89:
b7:1e:bc:59
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVueNjY0v5aB7CrB0dQup0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOTUyZjljMzM5Y2FiZDE0MjM0ZDAwYzg0YTI1MmQ3ZWM3
MWEyYTIwHhcNMjMwMTAxMTc1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGVjN2NmZjBlNjYyOWMwNzBkZTFmMjA0ZTI4OGJmYjgzY2E4OThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWYCMxTUrhSf2IeaWmeP1tKg+W30
Vor61Z47kKAF8gIW0h0o9EX0CWITBzWDCwNs3QzPe2xDtEbWFJE7/XD4wzPZ4/gk
mC6tZ44OZvnbrjsFgIwTNKZyyOROulLZJE+b28ghWlqYqzb5Eccinu3qmlA/8wRy
4DeFfESu7pHgJYiXm2J2sOl5JbwyOYUwusUY4Qx5k12O/wqFnqpzaeXhyYj09lxC
k6dFjJTWLz3DmrZnWhMTSRzOKqQMJhvcrcVvH+flcNsf3DFS7u40xGjlcSobMvd/
l9ZedTxrlNeEFuGsLGYV2JM1/5JKErURXlE2DxQCeoDIBjqIO12frS/nsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKTsfP8OZinAcN4fIE4oi/uDyomOMB8GA1UdIwQY
MBaAFMuVL5wznKvRQjTQDISiUtfscaKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVVdm5ET2NxOUZDTk5BTWhLSlMxLXh4b3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS85MDk4ZmQtN2RjMy00ZTEyLWI4OTMt
ZmQyMmRmM2I1N2Y2LzEvcE94OF93NW1LY0J3M2g4Z1RpaUwtNFBLaVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS85MDk4ZmQtN2RjMy00ZTEyLWI4OTMtZmQyMmRmM2I1N2Y2
LzEveTVVdm5ET2NxOUZDTk5BTWhLSlMxLXh4b3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgFz4OAw
MA0GCSqGSIb3DQEBCwUAA4IBAQB403Zy6Qr6Nf1IpLc/KzCR2RaJlwTNsZMUUlnY
xvWa3HG2bhVr+6bnX59i9k3GumuJoG5sxTfGKYX7DyBlnFWkUMi7gdm7d4KdpMuF
peoHymDcUE5s1B6N5Vvmk4BcXa6yimbSh0YJbQrwem28De4+7oyG0twHj2ZHbiGn
x9JNWEUqSIC7JF1x2r46yHRZiXC/k+rF0QWYLFeUh1zPMiKMpWwgWgSEn8wvXcFe
j1Werr/zgfARJr4Pxqb7SpvKNYPttRsIGdiap+2kavh8LUSC3gIF/1Yxot6rzFX7
gqn1hlyXV6tIuPR5/w21SvInMHT3TK2JJm5VIy6jxom3HrxZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:30 2025 by rpki-client