Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1-Rt2-vlLgrDL3myfWefPVV8vT8Y.roa
File: 1-Rt2-vlLgrDL3myfWefPVV8vT8Y.roa (raw, json)
Hash identifier: zsSdN85rqNj0QO47oINCjYUENNOfNQZAgxeNiTtIGyM=
Subject key identifier: F9:1B:76:FA:F9:4B:82:B0:CB:DE:6C:9F:59:E7:CF:55:5F:2F:4F:C6
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 0183E5F678FCF86C4898D4DBDCE78E261C8F
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1-Rt2-vlLgrDL3myfWefPVV8vT8Y.roa
Signing time: Mon 17 Oct 2022 12:41:18 +0000
ROA not before: Mon 17 Oct 2022 12:41:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48732
IP address blocks: 2a11:601:f000::/36 maxlen: 36
2a11:600:150::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:f6:78:fc:f8:6c:48:98:d4:db:dc:e7:8e:26:1c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Oct 17 12:41:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f91b76faf94b82b0cbde6c9f59e7cf555f2f4fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f2:bb:cd:61:b8:d7:ee:33:2b:c2:60:80:8c:
2c:e1:78:c5:ef:23:4e:00:56:b8:68:e0:59:a1:89:
08:9f:5a:72:7f:e7:21:e5:31:a7:29:d1:fc:67:ad:
78:70:de:a9:ba:7b:d5:12:e5:f2:8a:6f:79:63:21:
23:61:f9:67:48:39:1e:d4:b1:16:51:8d:a4:43:88:
ec:3e:b1:52:cc:ab:9d:c3:83:27:e8:cb:64:f9:bb:
75:45:9b:88:0a:8b:b4:96:72:3f:3c:6b:c0:13:5d:
ee:17:a6:dc:6c:75:a3:77:8d:41:71:e6:e1:ac:2e:
3c:3d:d1:14:83:33:37:ff:2b:25:c4:38:81:79:53:
a6:60:02:af:7f:04:90:11:28:15:6e:7e:e3:9a:a1:
6a:8a:f4:2a:e5:ab:2a:d5:17:e5:90:d3:f7:7c:7d:
68:42:17:59:21:f3:5e:02:a4:f0:f2:86:fa:17:72:
38:2e:34:41:e1:d5:93:6c:e5:3c:c2:23:7f:92:fa:
23:ed:3a:4a:b9:2d:94:7d:52:e7:f1:2b:36:20:3d:
48:27:ed:db:18:b7:a9:83:4f:48:8c:74:56:59:33:
24:12:85:05:00:29:1c:f2:ab:98:7f:a3:de:84:ca:
03:35:36:f6:71:78:2e:35:71:4c:2e:f1:2d:89:82:
be:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1B:76:FA:F9:4B:82:B0:CB:DE:6C:9F:59:E7:CF:55:5F:2F:4F:C6
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1-Rt2-vlLgrDL3myfWefPVV8vT8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:600:150::/48
2a11:601:f000::/36
Signature Algorithm: sha256WithRSAEncryption
50:10:65:95:d0:f0:42:81:bc:d2:fc:7e:94:79:2b:e2:c4:a9:
55:d1:5b:a8:79:80:e6:0d:08:7b:15:67:00:06:87:d5:15:be:
b0:92:01:04:82:07:7f:32:48:52:5d:94:4f:ef:80:85:77:83:
ed:95:26:3d:93:a8:a1:fc:3a:71:36:bd:da:2a:35:b0:99:72:
cf:e7:61:6c:20:41:6a:f1:aa:6b:9a:fd:63:9c:06:40:b4:74:
5c:5c:0c:e4:98:5e:8c:2b:33:32:2c:07:95:2c:a7:c7:c9:20:
4b:cc:42:29:40:0e:7d:62:94:bf:99:30:20:23:18:42:d0:42:
63:31:e3:c9:60:e8:70:9b:f0:bb:03:e9:97:4b:f7:73:91:84:
a3:03:b9:93:bb:3d:c1:03:4c:cb:a2:1f:cb:28:49:d2:50:28:
33:10:f2:10:34:26:d8:81:b2:35:1e:10:95:b0:35:3d:41:3c:
cd:c1:ce:52:33:73:02:70:9d:8a:91:86:94:ca:74:92:72:9a:
18:32:de:0d:de:43:d5:4a:02:a0:82:aa:35:bd:ef:d5:51:c6:
e3:a4:b9:e5:18:cb:63:44:c2:ca:13:0a:e4:5c:c5:29:70:eb:
18:11:5a:e2:9b:ae:90:f3:bd:3a:91:5e:53:80:0f:aa:b0:88:
c4:74:57:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPl9nj8+GxImNTb3OeOJhyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjIxMDE3MTI0MTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTFiNzZmYWY5NGI4MmIwY2JkZTZjOWY1OWU3Y2Y1NTVmMmY0ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfK7zWG41+4zK8JggIws4XjF7yNO
AFa4aOBZoYkIn1pyf+ch5TGnKdH8Z614cN6punvVEuXyim95YyEjYflnSDke1LEW
UY2kQ4jsPrFSzKudw4Mn6Mtk+bt1RZuICou0lnI/PGvAE13uF6bcbHWjd41Bcebh
rC48PdEUgzM3/yslxDiBeVOmYAKvfwSQESgVbn7jmqFqivQq5asq1RflkNP3fH1o
QhdZIfNeAqTw8ob6F3I4LjRB4dWTbOU8wiN/kvoj7TpKuS2UfVLn8Ss2ID1IJ+3b
GLepg09IjHRWWTMkEoUFACkc8quYf6PehMoDNTb2cXguNXFMLvEtiYK+0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPkbdvr5S4Kwy95sn1nnz1VfL0/GMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvMS1SdDItdmxMZ3JETDNteWZXZWZQVlY4dlQ4WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWEvZDlmOWE4LWRhMDEtNGQzNS04Mjg0LWI2NGViOGQ4MzY1
OC8xLzFUVkRJY0VsUTJBVVhxOGw5cGs0dU44MGV6RS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAqBggrBgEFBQcBBwEB/wQbMBkwFwQCAAIwEQMHACoRBgAB
UAMGBCoRBgHwMA0GCSqGSIb3DQEBCwUAA4IBAQBQEGWV0PBCgbzS/H6UeSvixKlV
0VuoeYDmDQh7FWcABofVFb6wkgEEggd/MkhSXZRP74CFd4PtlSY9k6ih/DpxNr3a
KjWwmXLP52FsIEFq8aprmv1jnAZAtHRcXAzkmF6MKzMyLAeVLKfHySBLzEIpQA59
YpS/mTAgIxhC0EJjMePJYOhwm/C7A+mXS/dzkYSjA7mTuz3BA0zLoh/LKEnSUCgz
EPIQNCbYgbI1HhCVsDU9QTzNwc5SM3MCcJ2KkYaUynSScpoYMt4N3kPVSgKggqo1
ve/VUcbjpLnlGMtjRMLKEwrkXMUpcOsYEVrim66Q8706kV5TgA+qsIjEdFc6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:39 2025 by rpki-client