Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/24bFXV2lf26l2G5BOBPB7gZOm_k.roa
File: 24bFXV2lf26l2G5BOBPB7gZOm_k.roa (raw, json)
Hash identifier: DYozd5rkK45IHi8f+JqK4Sh4nxaV1Ddb+Y7bRDGkTlA=
Subject key identifier: DB:86:C5:5D:5D:A5:7F:6E:A5:D8:6E:41:38:13:C1:EE:06:4E:9B:F9
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018A6041E023933DC5366F04CC9CCB7C68C8
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/24bFXV2lf26l2G5BOBPB7gZOm_k.roa
Signing time: Mon 04 Sep 2023 12:54:04 +0000
ROA not before: Mon 04 Sep 2023 12:54:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39421
IP address blocks: 2a13:c7c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:41:e0:23:93:3d:c5:36:6f:04:cc:9c:cb:7c:68:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Sep 4 12:54:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db86c55d5da57f6ea5d86e413813c1ee064e9bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:83:83:45:21:af:01:6f:c4:57:79:84:9c:be:
4d:37:0a:ad:61:00:a8:f2:7d:f8:32:55:55:d0:83:
02:56:44:8b:ec:63:ed:bb:8f:c4:80:96:0e:40:f9:
cf:37:8f:8c:da:1e:2f:92:d4:3a:a5:26:f6:27:f9:
b0:51:bb:4d:01:bc:0b:a9:ff:94:ee:20:09:6c:ce:
b6:f7:8b:c9:df:6f:c8:3c:e3:a2:8a:bf:c4:06:80:
89:01:6d:ab:00:49:1d:d3:27:d9:2e:60:6d:e1:d4:
6e:fc:69:3a:a8:0a:7c:ce:e5:37:7c:d1:b0:d1:e0:
da:81:9e:94:7f:89:c0:ce:a7:92:81:0f:eb:8e:15:
38:12:45:19:e5:44:f9:bd:0a:c0:04:9e:c3:47:3f:
8c:c3:c9:69:dd:a9:9c:46:9c:17:67:6d:6d:52:5b:
a0:e8:24:fb:d8:78:aa:6e:2a:16:77:83:2d:4d:7d:
a5:62:ac:f2:87:82:4c:ef:42:69:2e:bb:e4:7e:e1:
da:7a:b3:2c:f3:3d:e4:2d:ce:1a:b0:7c:91:f4:d3:
c0:87:71:12:da:73:22:80:bc:8e:2a:35:74:c4:f6:
20:cf:08:6a:37:15:f8:0b:84:75:37:1d:2f:98:3d:
07:f9:9e:c2:74:b6:c2:06:c8:6f:0c:ed:f5:31:d9:
2a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:86:C5:5D:5D:A5:7F:6E:A5:D8:6E:41:38:13:C1:EE:06:4E:9B:F9
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/24bFXV2lf26l2G5BOBPB7gZOm_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
06:08:ed:b6:90:7f:c4:6d:25:ce:25:ef:5a:67:45:c8:cb:c2:
e6:28:9c:8d:f1:5c:bd:ff:b6:cc:c2:2a:ea:b5:2b:c1:e4:82:
00:54:d1:39:c6:af:c5:01:87:03:f7:69:ac:76:6d:71:97:4b:
0c:4b:e5:c0:6d:cf:27:21:ed:ad:fd:f2:e9:ed:ae:62:03:6a:
f6:09:6d:5c:75:9d:73:7b:e2:f1:a5:eb:de:a1:7b:1a:20:b9:
67:6d:4d:c6:53:38:53:21:ff:96:27:a3:60:ef:10:6b:c4:77:
43:6d:c7:9d:56:74:b9:13:6f:43:a6:45:8c:5b:68:1f:3b:af:
b1:02:a6:4f:e3:20:c2:1d:00:0b:c5:8d:96:a8:4f:ec:73:59:
8e:1b:a9:b6:c1:7a:5b:11:db:6a:9d:c1:be:40:e3:74:45:1c:
88:a1:65:04:89:57:3d:de:54:7a:f0:9d:43:51:ee:ee:f8:b4:
60:96:42:e1:6e:96:1c:80:25:10:80:45:a9:32:9d:06:47:35:
0e:aa:f8:81:ea:85:fb:b1:73:1a:be:65:8c:16:6b:5c:65:bd:
1d:35:f0:1c:af:26:c5:54:f2:1b:71:8e:cf:6a:11:b6:c2:1b:
77:8c:2d:d8:4d:68:37:2e:a9:84:ec:cd:bf:64:d3:9a:db:02:
34:4e:1c:be
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYpgQeAjkz3FNm8EzJzLfGjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMwOTA0MTI1NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjg2YzU1ZDVkYTU3ZjZlYTVkODZlNDEzODEzYzFlZTA2NGU5YmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIODRSGvAW/EV3mEnL5NNwqtYQCo
8n34MlVV0IMCVkSL7GPtu4/EgJYOQPnPN4+M2h4vktQ6pSb2J/mwUbtNAbwLqf+U
7iAJbM6294vJ32/IPOOiir/EBoCJAW2rAEkd0yfZLmBt4dRu/Gk6qAp8zuU3fNGw
0eDagZ6Uf4nAzqeSgQ/rjhU4EkUZ5UT5vQrABJ7DRz+Mw8lp3amcRpwXZ21tUlug
6CT72HiqbioWd4MtTX2lYqzyh4JM70JpLrvkfuHaerMs8z3kLc4asHyR9NPAh3ES
2nMigLyOKjV0xPYgzwhqNxX4C4R1Nx0vmD0H+Z7CdLbCBshvDO31MdkqswIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNuGxV1dpX9updhuQTgTwe4GTpv5MB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvMjRiRlhWMmxmMjZsMkc1Qk9CUEI3Z1pPbV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPHwDAN
BgkqhkiG9w0BAQsFAAOCAQEABgjttpB/xG0lziXvWmdFyMvC5iicjfFcvf+2zMIq
6rUrweSCAFTROcavxQGHA/dprHZtcZdLDEvlwG3PJyHtrf3y6e2uYgNq9gltXHWd
c3vi8aXr3qF7GiC5Z21NxlM4UyH/liejYO8Qa8R3Q23HnVZ0uRNvQ6ZFjFtoHzuv
sQKmT+Mgwh0AC8WNlqhP7HNZjhuptsF6WxHbap3BvkDjdEUciKFlBIlXPd5UevCd
Q1Hu7vi0YJZC4W6WHIAlEIBFqTKdBkc1Dqr4geqF+7FzGr5ljBZrXGW9HTXwHK8m
xVTyG3GOz2oRtsIbd4wt2E1oNy6phOzNv2TTmtsCNE4cvg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:14:12 2025 by rpki-client