Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/ed3cOV90oswza1nnpvA7Ga0n4Yw.roa
File: ed3cOV90oswza1nnpvA7Ga0n4Yw.roa (raw, json)
Hash identifier: vx7s+cim9h5c5mO6UebR968aU8WY9i8sQJWNim4N64w=
Subject key identifier: 79:DD:DC:39:5F:74:A2:CC:33:6B:59:E7:A6:F0:3B:19:AD:27:E1:8C
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 0188BFB6BB08710E1F709762BF607A4B14C0
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/ed3cOV90oswza1nnpvA7Ga0n4Yw.roa
Signing time: Thu 15 Jun 2023 15:40:03 +0000
ROA not before: Thu 15 Jun 2023 15:40:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48732
IP address blocks: 2a11:601:f000::/36 maxlen: 36
2a11:601:d000::/36 maxlen: 36
2a11:600:150::/48 maxlen: 48
2a11:600:78::/48 maxlen: 48
2a11:600:151::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:b6:bb:08:71:0e:1f:70:97:62:bf:60:7a:4b:14:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Jun 15 15:40:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79dddc395f74a2cc336b59e7a6f03b19ad27e18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6e:f7:2b:4b:0f:f2:1b:49:5a:cd:6c:8b:eb:
5a:af:ce:fe:03:0b:f7:ad:e7:75:b3:c9:91:90:34:
c0:54:df:37:49:e6:84:4c:9f:79:69:79:bb:6a:c4:
4e:19:ab:0c:40:91:c1:ef:49:0b:51:40:72:47:7d:
80:46:18:86:e1:fc:b9:67:7c:41:bb:16:3f:15:44:
c5:af:88:94:fe:a3:88:72:d2:93:e0:94:2f:9b:40:
af:8a:ff:aa:74:e6:ee:2c:b5:a9:71:bd:84:b8:e3:
4f:28:06:13:0a:9a:5f:ef:6d:69:77:1c:1e:24:74:
61:95:a7:d9:70:af:04:3b:f4:1e:73:1a:c1:18:36:
be:db:cd:b6:57:10:6a:aa:03:2d:a8:c6:83:be:02:
e8:01:cf:ef:20:92:a9:c2:be:16:63:78:6f:6f:c9:
12:d0:22:27:1e:ce:d1:61:58:2f:e1:b5:e5:c8:af:
a5:74:38:fa:8d:46:e4:25:8f:87:41:1d:f0:a9:1c:
df:f9:c6:cb:ba:e0:b7:57:1d:df:29:70:b0:a5:50:
69:a4:bd:be:ad:63:d9:dd:82:5a:05:3a:83:7c:b2:
4b:fd:86:ce:6c:d7:7c:02:7a:1e:91:b9:89:2f:d9:
8b:9f:e5:f8:11:6e:f5:3a:15:f4:45:b4:f7:43:16:
88:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:DD:DC:39:5F:74:A2:CC:33:6B:59:E7:A6:F0:3B:19:AD:27:E1:8C
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/ed3cOV90oswza1nnpvA7Ga0n4Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:600:78::/48
2a11:600:150::/47
2a11:601:d000::/36
2a11:601:f000::/36
Signature Algorithm: sha256WithRSAEncryption
3c:5a:fc:f8:31:2e:2c:36:5e:09:a4:a1:d7:62:f1:4e:b3:17:
8f:d0:9f:1e:5b:2d:c4:3f:1e:aa:f1:79:64:01:40:eb:b7:f9:
5e:3c:9f:ab:22:14:63:0f:20:96:a7:3b:b5:c0:ce:00:21:c0:
2c:2c:93:7f:b2:bc:5d:22:90:ae:3b:41:51:c5:b3:cc:a0:c2:
3e:eb:fc:1f:07:b8:39:08:8e:6a:82:69:e7:18:33:b4:f7:d0:
97:0f:c4:38:56:dc:c9:19:08:e5:df:db:a4:ec:52:ba:48:23:
24:03:c2:29:f1:b0:2e:db:a1:03:8f:21:41:ea:b5:b5:5b:b2:
75:f9:af:4b:03:ad:d1:a5:00:9d:46:3b:67:9a:6f:f6:ba:d2:
df:25:0a:1d:db:40:82:15:6e:5e:90:a6:34:c3:ed:11:e5:be:
3e:86:3f:45:7b:f0:35:f1:bc:04:80:c6:9f:9a:93:a7:74:c1:
d6:08:79:11:da:19:43:b1:4c:ef:9f:81:51:d8:c2:83:d6:7d:
dd:89:a8:45:44:a7:1d:d5:9c:4b:50:e7:89:79:84:43:9d:d7:
1f:cb:21:9a:f9:ba:76:76:e8:5f:56:6f:f6:67:a7:7a:0a:e0:
41:e3:7f:40:62:bc:6d:ee:d5:93:ee:5c:8b:c2:74:14:80:70:
20:f7:21:48
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYi/trsIcQ4fcJdiv2B6SxTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjMwNjE1MTU0MDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWRkZGMzOTVmNzRhMmNjMzM2YjU5ZTdhNmYwM2IxOWFkMjdlMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW73K0sP8htJWs1si+tar87+Awv3
red1s8mRkDTAVN83SeaETJ95aXm7asROGasMQJHB70kLUUByR32ARhiG4fy5Z3xB
uxY/FUTFr4iU/qOIctKT4JQvm0Cviv+qdObuLLWpcb2EuONPKAYTCppf721pdxwe
JHRhlafZcK8EO/QecxrBGDa+2822VxBqqgMtqMaDvgLoAc/vIJKpwr4WY3hvb8kS
0CInHs7RYVgv4bXlyK+ldDj6jUbkJY+HQR3wqRzf+cbLuuC3Vx3fKXCwpVBppL2+
rWPZ3YJaBTqDfLJL/YbObNd8AnoekbmJL9mLn+X4EW71OhX0RbT3QxaIiQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHnd3DlfdKLMM2tZ56bwOxmtJ+GMMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvZWQzY09WOTBvc3d6YTFubnB2QTdHYTBuNFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwcAKhEGAAB4
AwcBKhEGAAFQAwYEKhEGAdADBgQqEQYB8DANBgkqhkiG9w0BAQsFAAOCAQEAPFr8
+DEuLDZeCaSh12LxTrMXj9CfHlstxD8eqvF5ZAFA67f5XjyfqyIUYw8glqc7tcDO
ACHALCyTf7K8XSKQrjtBUcWzzKDCPuv8Hwe4OQiOaoJp5xgztPfQlw/EOFbcyRkI
5d/bpOxSukgjJAPCKfGwLtuhA48hQeq1tVuydfmvSwOt0aUAnUY7Z5pv9rrS3yUK
HdtAghVuXpCmNMPtEeW+PoY/RXvwNfG8BIDGn5qTp3TB1gh5EdoZQ7FM75+BUdjC
g9Z93YmoRUSnHdWcS1DniXmEQ53XH8shmvm6dnboX1Zv9menegrgQeN/QGK8be7V
k+5ci8J0FIBwIPchSA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:01 2025 by rpki-client