Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/5b73d7-f1f5-4e8f-a4b6-cdf89683540e/1/xQ4VCOPYhxMgxT_sbe-9wBPwpk4.roa
File: xQ4VCOPYhxMgxT_sbe-9wBPwpk4.roa (raw, json)
Hash identifier: vBlbFZBhMHJ9QR2ckSRTd2pt/Ur/zFh05iYOVh0tbt8=
Subject key identifier: C5:0E:15:08:E3:D8:87:13:20:C5:3F:EC:6D:EF:BD:C0:13:F0:A6:4E
Certificate issuer: /CN=17bbd60374bc23ed07d01c24e7cfd9178b8fed21
Certificate serial: 018828A36A95AA3F975300B2181B6A841F54
Authority key identifier: 17:BB:D6:03:74:BC:23:ED:07:D0:1C:24:E7:CF:D9:17:8B:8F:ED:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7vWA3S8I-0H0Bwk58_ZF4uP7SE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/5b73d7-f1f5-4e8f-a4b6-cdf89683540e/1/xQ4VCOPYhxMgxT_sbe-9wBPwpk4.roa
Signing time: Wed 17 May 2023 07:36:18 +0000
ROA not before: Wed 17 May 2023 07:36:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202044
IP address blocks: 2a13:af04::/30 maxlen: 30
2a13:af00::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:28:a3:6a:95:aa:3f:97:53:00:b2:18:1b:6a:84:1f:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17bbd60374bc23ed07d01c24e7cfd9178b8fed21
Validity
Not Before: May 17 07:36:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c50e1508e3d8871320c53fec6defbdc013f0a64e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:de:1b:9b:9c:a9:11:f2:de:a1:50:32:d9:67:
40:33:7c:d8:92:a7:f0:03:89:fe:d7:95:c4:58:58:
0e:be:06:9a:a4:77:01:76:fb:0f:78:20:9e:5e:63:
ce:5a:46:1d:f4:4a:9d:80:be:ba:f3:9d:61:e5:9a:
93:ef:6a:01:9c:a8:dc:0b:33:db:76:44:2a:6c:17:
13:1a:87:6d:0c:61:9c:82:47:2f:62:90:c0:77:87:
96:c0:f5:4e:30:bc:96:29:eb:f1:2a:a3:7a:f8:84:
86:3a:c9:9b:12:7e:04:24:bd:0f:e3:c6:c4:9f:f8:
81:54:60:71:98:cb:dc:28:9d:28:3a:7c:f5:2c:da:
e3:b1:20:22:ed:48:30:1c:5c:c4:98:ee:67:b8:36:
af:5d:6d:cf:b3:4e:81:0d:03:0a:91:7c:92:17:0d:
c7:e2:ae:7e:0a:2b:3d:1f:45:4b:55:66:00:70:15:
c8:04:75:1c:9a:ec:a5:ce:3a:8a:b1:5f:96:9b:cd:
4d:ae:72:7f:9c:db:9d:c9:d6:eb:96:c2:fd:a3:45:
fa:19:4b:d4:90:62:f5:cd:80:21:be:49:59:eb:84:
f6:cc:cd:8a:45:65:17:64:3c:c2:f8:1c:b3:cf:3e:
e1:66:1e:c7:13:68:ce:cf:e9:ca:dc:72:76:cc:09:
f6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:0E:15:08:E3:D8:87:13:20:C5:3F:EC:6D:EF:BD:C0:13:F0:A6:4E
X509v3 Authority Key Identifier:
keyid:17:BB:D6:03:74:BC:23:ED:07:D0:1C:24:E7:CF:D9:17:8B:8F:ED:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7vWA3S8I-0H0Bwk58_ZF4uP7SE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b73d7-f1f5-4e8f-a4b6-cdf89683540e/1/xQ4VCOPYhxMgxT_sbe-9wBPwpk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b73d7-f1f5-4e8f-a4b6-cdf89683540e/1/F7vWA3S8I-0H0Bwk58_ZF4uP7SE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:af00::/29
Signature Algorithm: sha256WithRSAEncryption
a1:c8:49:91:bf:3c:cd:3b:b6:36:52:d8:b7:a1:4c:24:c4:9b:
3f:a5:d5:77:a7:7e:6c:5e:4a:ca:a4:0c:a5:07:9f:7a:2d:2b:
6e:12:70:d1:68:af:56:81:ce:7b:39:db:14:4c:8c:bc:39:28:
46:27:e0:ce:3e:c6:33:49:b4:fc:32:d4:3c:a1:c2:4c:43:f8:
85:dc:db:0b:a6:71:e4:2a:73:3a:09:f1:d1:74:4c:2c:d9:3d:
b8:94:a4:83:d0:88:35:24:f1:0d:19:a2:a5:50:ba:35:cf:43:
97:9f:c8:3a:69:36:f4:f6:a3:6f:15:be:cf:f5:70:b6:53:48:
17:23:32:60:38:74:53:8c:ea:b1:4e:85:d0:b1:0b:94:f6:bd:
96:8f:c6:3e:f4:66:b6:51:75:ed:12:3e:90:4e:e3:fd:0e:3f:
86:4d:97:d7:6d:a4:59:c0:24:0f:50:71:f3:fc:63:26:cc:2c:
37:ef:02:22:4d:c1:e8:4a:62:66:3a:61:28:3c:44:20:62:34:
3c:4b:a0:e9:6c:a4:cd:b9:2f:26:6e:8a:8b:76:9b:96:6a:25:
fa:cd:ba:f4:86:71:88:89:3b:0e:b8:26:82:21:16:0e:ea:15:
c2:2d:aa:07:15:bd:70:f1:3b:98:f9:45:69:b3:51:02:bd:97:
48:54:66:9e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYgoo2qVqj+XUwCyGBtqhB9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YmJkNjAzNzRiYzIzZWQwN2QwMWMyNGU3Y2ZkOTE3OGI4
ZmVkMjEwHhcNMjMwNTE3MDczNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTBlMTUwOGUzZDg4NzEzMjBjNTNmZWM2ZGVmYmRjMDEzZjBhNjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzN4bm5ypEfLeoVAy2WdAM3zYkqfw
A4n+15XEWFgOvgaapHcBdvsPeCCeXmPOWkYd9EqdgL66851h5ZqT72oBnKjcCzPb
dkQqbBcTGodtDGGcgkcvYpDAd4eWwPVOMLyWKevxKqN6+ISGOsmbEn4EJL0P48bE
n/iBVGBxmMvcKJ0oOnz1LNrjsSAi7UgwHFzEmO5nuDavXW3Ps06BDQMKkXySFw3H
4q5+Cis9H0VLVWYAcBXIBHUcmuylzjqKsV+Wm81NrnJ/nNudydbrlsL9o0X6GUvU
kGL1zYAhvklZ64T2zM2KRWUXZDzC+Byzzz7hZh7HE2jOz+nK3HJ2zAn2DQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMUOFQjj2IcTIMU/7G3vvcAT8KZOMB8GA1UdIwQY
MBaAFBe71gN0vCPtB9AcJOfP2ReLj+0hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjd2V0EzUzhJLTBIMEJ3azU4X1pGNHVQN1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81YjczZDctZjFmNS00ZThmLWE0YjYt
Y2RmODk2ODM1NDBlLzEveFE0VkNPUFloeE1neFRfc2JlLTl3QlB3cGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81YjczZDctZjFmNS00ZThmLWE0YjYtY2RmODk2ODM1NDBl
LzEvRjd2V0EzUzhJLTBIMEJ3azU4X1pGNHVQN1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOvADAN
BgkqhkiG9w0BAQsFAAOCAQEAochJkb88zTu2NlLYt6FMJMSbP6XVd6d+bF5KyqQM
pQefei0rbhJw0WivVoHOeznbFEyMvDkoRifgzj7GM0m0/DLUPKHCTEP4hdzbC6Zx
5CpzOgnx0XRMLNk9uJSkg9CINSTxDRmipVC6Nc9Dl5/IOmk29PajbxW+z/VwtlNI
FyMyYDh0U4zqsU6F0LELlPa9lo/GPvRmtlF17RI+kE7j/Q4/hk2X122kWcAkD1Bx
8/xjJswsN+8CIk3B6EpiZjphKDxEIGI0PEug6WykzbkvJm6Ki3ablmol+s269IZx
iIk7DrgmgiEWDuoVwi2qBxW9cPE7mPlFabNRAr2XSFRmng==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:02 2025 by rpki-client