Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/4lExii-lbplfhUm7s0SzQwnieBw.roa
File: 4lExii-lbplfhUm7s0SzQwnieBw.roa (raw, json)
Hash identifier: NzuK4NFnQbl6S3pfjne7/8fMNO9Rs7Lr78faDJFVesc=
Subject key identifier: E2:51:31:8A:2F:A5:6E:99:5F:85:49:BB:B3:44:B3:43:09:E2:78:1C
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 018C9245D1D9D1557F8DFF43CC505A180724
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/4lExii-lbplfhUm7s0SzQwnieBw.roa
Signing time: Fri 22 Dec 2023 16:04:58 +0000
ROA not before: Fri 22 Dec 2023 16:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215889
IP address blocks: 2a11:a580::/32 maxlen: 32
2a09:a740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:92:45:d1:d9:d1:55:7f:8d:ff:43:cc:50:5a:18:07:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Dec 22 16:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e251318a2fa56e995f8549bbb344b34309e2781c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d3:b3:fa:d1:86:3d:17:84:a8:c0:e1:dd:8c:
91:2d:26:65:dd:b5:45:06:d8:d7:7c:d7:6f:06:5e:
07:8e:93:87:2e:48:29:83:ce:df:d0:f5:39:b5:32:
60:aa:cb:45:5b:d8:eb:81:b0:4d:93:7b:86:e7:77:
a1:10:b3:07:8e:a1:9c:f1:d9:a7:1a:36:1d:29:33:
ed:7b:a6:51:a3:e5:8c:af:8c:2c:0f:cb:ed:97:be:
0d:6e:56:b4:74:62:c7:96:6e:c1:c3:19:d4:9f:cc:
7e:02:99:42:c6:65:bf:d8:5a:ed:8b:4b:77:81:01:
00:eb:22:d0:67:d3:87:7a:e1:f4:61:48:3c:4e:8a:
be:1f:f9:8f:2f:a3:2f:4e:59:55:dc:7e:3d:40:6f:
05:16:4f:13:ca:0e:7f:90:38:7f:bf:36:9c:55:a2:
86:c9:18:61:49:92:64:51:b8:d1:1c:af:63:c4:c4:
f0:49:db:c1:a7:71:b6:bb:b2:31:f4:fc:eb:7a:2a:
26:32:73:4c:ee:fd:2f:ae:dd:28:af:ae:7a:e1:f6:
ba:e5:63:24:0c:69:c6:02:e9:88:63:d9:2a:41:64:
ba:f6:3e:da:7d:fb:33:42:83:cc:28:ad:8a:2b:ca:
f6:4f:f8:34:b6:57:61:e6:59:43:4e:7d:1e:48:f8:
ca:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:51:31:8A:2F:A5:6E:99:5F:85:49:BB:B3:44:B3:43:09:E2:78:1C
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/4lExii-lbplfhUm7s0SzQwnieBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a740::/32
2a11:a580::/32
Signature Algorithm: sha256WithRSAEncryption
4e:fc:fb:43:bf:d3:d7:8e:38:7b:94:96:8d:31:ac:09:76:d2:
26:6e:bd:54:8e:fd:b2:00:a7:e6:17:01:f6:c9:3f:78:01:04:
09:e2:bb:17:64:fd:91:27:05:46:d5:94:9e:02:95:0b:d9:ed:
2f:2c:2c:34:45:b8:b4:44:33:5d:34:8c:b7:74:4f:47:e3:0d:
72:f3:5d:86:37:58:12:f5:a8:6c:68:c4:c6:c4:41:e7:c0:76:
7a:2b:0a:20:e4:76:6b:d0:39:ab:7c:6b:de:17:57:f6:77:44:
d2:03:3f:1a:c1:2a:b3:b9:ca:61:15:13:1d:22:a0:9f:92:16:
cf:9f:5d:9d:eb:e8:8f:13:8b:32:8d:03:e7:6c:fd:d1:1c:03:
94:dd:84:c7:e7:cc:fd:70:2a:20:b8:ca:57:00:7d:b3:26:2a:
17:20:91:9f:1b:31:f4:88:70:9e:b8:97:c2:8f:e8:17:57:65:
c4:da:9e:9e:18:8b:95:3d:21:68:0d:e9:24:9a:23:fb:89:f0:
a4:09:c7:85:05:33:c3:21:40:8b:21:d2:70:7d:a6:e1:8e:b2:
50:63:65:44:d8:51:81:4a:8b:98:d6:13:63:89:72:8d:51:12:
2b:ab:c7:25:f4:71:e3:89:41:f0:45:18:d2:61:92:72:70:30:
da:57:68:62
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYySRdHZ0VV/jf9DzFBaGAckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjMxMjIyMTYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjUxMzE4YTJmYTU2ZTk5NWY4NTQ5YmJiMzQ0YjM0MzA5ZTI3ODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNOz+tGGPReEqMDh3YyRLSZl3bVF
BtjXfNdvBl4HjpOHLkgpg87f0PU5tTJgqstFW9jrgbBNk3uG53ehELMHjqGc8dmn
GjYdKTPte6ZRo+WMr4wsD8vtl74Nbla0dGLHlm7BwxnUn8x+AplCxmW/2Frti0t3
gQEA6yLQZ9OHeuH0YUg8Toq+H/mPL6MvTllV3H49QG8FFk8Tyg5/kDh/vzacVaKG
yRhhSZJkUbjRHK9jxMTwSdvBp3G2u7Ix9PzreiomMnNM7v0vrt0or6564fa65WMk
DGnGAumIY9kqQWS69j7affszQoPMKK2KK8r2T/g0tldh5llDTn0eSPjKDQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOJRMYovpW6ZX4VJu7NEs0MJ4ngcMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvNGxFeGlpLWxicGxmaFVtN3MwU3pRd25pZUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgmnQAMF
ACoRpYAwDQYJKoZIhvcNAQELBQADggEBAE78+0O/09eOOHuUlo0xrAl20iZuvVSO
/bIAp+YXAfbJP3gBBAniuxdk/ZEnBUbVlJ4ClQvZ7S8sLDRFuLREM100jLd0T0fj
DXLzXYY3WBL1qGxoxMbEQefAdnorCiDkdmvQOat8a94XV/Z3RNIDPxrBKrO5ymEV
Ex0ioJ+SFs+fXZ3r6I8TizKNA+ds/dEcA5TdhMfnzP1wKiC4ylcAfbMmKhcgkZ8b
MfSIcJ64l8KP6BdXZcTanp4Yi5U9IWgN6SSaI/uJ8KQJx4UFM8MhQIsh0nB9puGO
slBjZUTYUYFKi5jWE2OJco1REiurxyX0ceOJQfBFGNJhknJwMNpXaGI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:35 2025 by rpki-client