Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/rZbnPxX9AbMfsgL163ZWcHK1Udg.roa
File: rZbnPxX9AbMfsgL163ZWcHK1Udg.roa (raw, json)
Hash identifier: /jXMrlnQs9/cN6yzAdJSE3tHdebvjoqk6A9/Yps9Ze4=
Subject key identifier: AD:96:E7:3F:15:FD:01:B3:1F:B2:02:F5:EB:76:56:70:72:B5:51:D8
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01856E8B26F00F7A1986FC7E748A5EF21F2F
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/rZbnPxX9AbMfsgL163ZWcHK1Udg.roa
Signing time: Sun 01 Jan 2023 18:14:51 +0000
ROA not before: Sun 01 Jan 2023 18:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203728
IP address blocks: 2a09:ff00:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:26:f0:0f:7a:19:86:fc:7e:74:8a:5e:f2:1f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 18:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad96e73f15fd01b31fb202f5eb76567072b551d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ca:2b:e9:5a:51:cf:e9:d8:da:45:74:69:ff:
66:44:39:f4:19:21:31:72:f2:8a:b7:32:25:c4:39:
e2:a2:94:14:29:d4:50:a6:8a:8f:a1:84:32:8d:62:
18:01:fa:ee:0d:3d:07:a9:82:90:d5:08:79:36:65:
6f:04:db:64:74:5a:28:b1:2a:ea:95:6a:fb:e9:41:
25:ca:ec:43:96:28:41:b7:81:e0:a8:9f:ef:66:25:
77:5b:c6:cc:77:81:2e:dd:98:1e:11:cf:ca:f0:c2:
bb:2b:d2:f3:ab:f3:6e:21:a2:2b:9d:0e:06:3c:41:
07:98:b4:a1:34:8e:19:28:03:51:6f:5e:84:c5:dd:
80:0c:54:aa:30:2b:13:23:dc:cf:96:ed:37:1b:87:
57:e3:16:af:23:49:22:62:d8:8a:d4:d2:0a:24:51:
92:3e:72:2a:c7:7a:e4:69:0e:3e:e3:43:8e:48:e1:
0e:bd:4a:f4:16:55:8f:b9:3d:67:e0:6b:cf:59:06:
77:aa:95:48:b0:b1:84:0e:e0:33:87:27:0c:53:87:
fd:45:68:86:d8:1d:d0:d0:93:c2:46:47:e5:08:e1:
2a:0d:6f:b9:0e:ff:3e:6b:59:ea:a3:3b:61:11:59:
52:15:9d:ad:f0:57:4a:49:e0:bf:70:b2:14:42:89:
97:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:96:E7:3F:15:FD:01:B3:1F:B2:02:F5:EB:76:56:70:72:B5:51:D8
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/rZbnPxX9AbMfsgL163ZWcHK1Udg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:ff00:100::/48
Signature Algorithm: sha256WithRSAEncryption
57:29:8e:4e:f0:f7:6d:32:ac:e2:23:c8:96:63:20:98:e2:a1:
f5:5a:6b:d9:60:c6:c0:41:37:f7:55:57:77:3b:d9:0f:02:48:
a5:92:d1:c5:bb:16:43:5b:3a:0f:e5:df:19:2d:47:ef:c5:25:
5c:f6:98:6d:fc:18:fa:18:3c:c9:eb:dc:26:f5:fe:bb:8f:ea:
84:c1:2d:a1:5c:46:b5:e9:56:87:55:fc:a6:ff:bf:f7:b0:44:
dc:f6:e4:60:e8:66:ff:db:8d:61:d3:19:4f:18:66:82:3c:a4:
ab:98:88:5f:37:1c:87:56:e8:1e:46:f0:e7:7b:69:37:5a:a6:
1f:94:9f:6b:8f:50:38:b1:3a:86:c1:8e:21:dc:e3:32:8f:02:
10:e9:ae:32:d6:b1:f5:e9:6a:a9:4f:b6:f0:0c:b2:d3:e8:d0:
1a:9e:9a:b1:64:4a:05:b7:d5:92:c8:71:c8:a2:e4:4b:7a:4f:
07:1f:71:b1:69:61:38:7e:68:e3:96:bd:3d:c4:c6:6c:a7:48:
1c:04:ff:56:fa:79:8a:0e:d1:3b:a5:5d:a3:c6:07:c5:d5:e2:
87:33:f4:26:d8:6a:a2:4a:6b:16:08:11:07:1d:df:81:60:99:
c9:f7:83:4f:b3:09:f1:35:46:13:81:61:cc:7a:7e:45:23:e7:
85:37:49:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuiybwD3oZhvx+dIpe8h8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwMTAxMTgxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk2ZTczZjE1ZmQwMWIzMWZiMjAyZjVlYjc2NTY3MDcyYjU1MWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucor6VpRz+nY2kV0af9mRDn0GSEx
cvKKtzIlxDniopQUKdRQpoqPoYQyjWIYAfruDT0HqYKQ1Qh5NmVvBNtkdFoosSrq
lWr76UElyuxDlihBt4HgqJ/vZiV3W8bMd4Eu3ZgeEc/K8MK7K9Lzq/NuIaIrnQ4G
PEEHmLShNI4ZKANRb16Exd2ADFSqMCsTI9zPlu03G4dX4xavI0kiYtiK1NIKJFGS
PnIqx3rkaQ4+40OOSOEOvUr0FlWPuT1n4GvPWQZ3qpVIsLGEDuAzhycMU4f9RWiG
2B3Q0JPCRkflCOEqDW+5Dv8+a1nqozthEVlSFZ2t8FdKSeC/cLIUQomXJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK2W5z8V/QGzH7IC9et2VnBytVHYMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvclpiblB4WDlBYk1mc2dMMTYzWldjSEsxVWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgn/AAEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXKY5O8PdtMqziI8iWYyCY4qH1WmvZYMbAQTf3
VVd3O9kPAkilktHFuxZDWzoP5d8ZLUfvxSVc9pht/Bj6GDzJ69wm9f67j+qEwS2h
XEa16VaHVfym/7/3sETc9uRg6Gb/241h0xlPGGaCPKSrmIhfNxyHVugeRvDne2k3
WqYflJ9rj1A4sTqGwY4h3OMyjwIQ6a4y1rH16WqpT7bwDLLT6NAanpqxZEoFt9WS
yHHIouRLek8HH3GxaWE4fmjjlr09xMZsp0gcBP9W+nmKDtE7pV2jxgfF1eKHM/Qm
2GqiSmsWCBEHHd+BYJnJ94NPswnxNUYTgWHMen5FI+eFN0kn
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:47:15 2025 by rpki-client