Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/Py-tJdSkvIbJXLfmqtB-hXZMqz4.roa
File: Py-tJdSkvIbJXLfmqtB-hXZMqz4.roa (raw, json)
Hash identifier: n/lXUSeyIogbH89YywAkpDhoyZz82MDYdLl2oI8YZg4=
Subject key identifier: 3F:2F:AD:25:D4:A4:BC:86:C9:5C:B7:E6:AA:D0:7E:85:76:4C:AB:3E
Certificate issuer: /CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Certificate serial: 018573039E081F42B7A9688E01B695240D9C
Authority key identifier: 29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/Py-tJdSkvIbJXLfmqtB-hXZMqz4.roa
Signing time: Mon 02 Jan 2023 15:04:54 +0000
ROA not before: Mon 02 Jan 2023 15:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202590
IP address blocks: 2a04:5d00:70::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:9e:08:1f:42:b7:a9:68:8e:01:b6:95:24:0d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Validity
Not Before: Jan 2 15:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f2fad25d4a4bc86c95cb7e6aad07e85764cab3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ce:99:89:a2:c6:b2:82:13:64:7b:f2:d8:f7:
cc:af:1f:51:dc:a8:19:0f:d7:d1:fe:57:09:c9:4f:
ff:7d:7a:31:d6:50:3c:64:ae:6e:98:fc:3e:8d:d1:
08:5f:69:04:e7:35:72:79:78:7f:bd:9d:68:8c:dd:
7e:75:95:0f:f2:12:6b:72:75:d9:73:1f:67:06:4c:
19:9a:2e:e4:9c:48:05:59:ed:40:bb:66:67:91:db:
0b:ae:c9:cf:1c:e1:6d:1d:09:42:ec:09:99:72:f7:
4b:07:b1:fc:a7:e2:96:78:c5:b6:13:35:9d:0e:f7:
c5:83:57:33:25:cc:49:08:1d:55:83:39:c8:9a:52:
2d:71:59:59:8d:37:a6:02:1c:91:eb:fc:8b:c9:98:
da:70:de:8b:d5:90:0c:8c:66:5c:6c:9c:32:7a:e5:
a9:93:88:88:0e:d9:a6:85:b3:e5:27:43:a6:46:12:
f8:05:10:a4:9c:56:6a:07:33:56:67:8e:d1:c1:a9:
c8:69:f9:16:8c:89:6d:7f:42:f8:9c:9d:c3:84:9c:
f1:42:17:6d:0a:31:f5:6d:88:8c:d3:ff:27:f5:7e:
6f:17:5e:24:54:94:17:29:dc:4f:87:a6:68:ea:0e:
59:dd:1a:3e:90:c3:65:4e:6e:c6:b6:8f:07:3d:98:
81:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:2F:AD:25:D4:A4:BC:86:C9:5C:B7:E6:AA:D0:7E:85:76:4C:AB:3E
X509v3 Authority Key Identifier:
keyid:29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/Py-tJdSkvIbJXLfmqtB-hXZMqz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5d00:70::/48
Signature Algorithm: sha256WithRSAEncryption
8c:f4:49:c6:bf:f1:d0:30:35:b1:35:ef:00:14:81:1a:88:5f:
de:a2:02:ed:37:76:b3:6f:5e:1d:64:63:78:3e:6a:d5:80:ee:
4a:5b:8c:19:f5:0b:15:7f:19:08:01:03:bd:9b:2f:9c:37:c2:
5e:ce:8e:9e:ab:2c:7b:8f:1f:40:3e:a0:a8:b9:75:1f:ce:b4:
1b:31:be:93:39:65:e7:e7:67:4f:2d:0c:2f:4c:0c:76:70:dc:
c2:c8:ab:8e:f2:05:21:4c:9b:45:d8:e7:7c:53:75:43:28:51:
76:c4:b1:57:7e:f9:44:16:24:65:95:25:23:41:9c:4e:a6:ca:
2d:9c:4f:03:98:b8:88:48:d5:8e:3c:73:5b:34:bc:ed:20:e8:
d2:57:ab:0d:50:1f:61:e3:5c:b7:c0:d2:6a:f1:c1:55:a1:57:
23:e2:e6:5c:12:f1:49:ba:8b:b6:85:92:c7:91:b8:6e:95:b9:
3c:79:9a:fa:da:44:a5:c6:c6:da:fd:88:23:c8:ae:d9:e8:b4:
7b:7a:91:43:7b:66:f3:ba:ad:02:f6:0d:19:55:a3:bc:a0:27:
da:d4:01:4e:e9:f9:82:70:d1:fc:4e:77:ef:4c:81:50:ad:d1:
2e:8c:68:97:3b:15:4b:69:39:03:5f:67:97:3d:98:ab:f2:f1:
b9:d5:50:5a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzA54IH0K3qWiOAbaVJA2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MWYwYjczZTY3ZDYzYzVhNGM5MDQ2ODE0MTY2YTllMjE2
MjVmMjgwHhcNMjMwMTAyMTUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjJmYWQyNWQ0YTRiYzg2Yzk1Y2I3ZTZhYWQwN2U4NTc2NGNhYjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc6ZiaLGsoITZHvy2PfMrx9R3KgZ
D9fR/lcJyU//fXox1lA8ZK5umPw+jdEIX2kE5zVyeXh/vZ1ojN1+dZUP8hJrcnXZ
cx9nBkwZmi7knEgFWe1Au2ZnkdsLrsnPHOFtHQlC7AmZcvdLB7H8p+KWeMW2EzWd
DvfFg1czJcxJCB1VgznImlItcVlZjTemAhyR6/yLyZjacN6L1ZAMjGZcbJwyeuWp
k4iIDtmmhbPlJ0OmRhL4BRCknFZqBzNWZ47RwanIafkWjIltf0L4nJ3DhJzxQhdt
CjH1bYiM0/8n9X5vF14kVJQXKdxPh6Zo6g5Z3Ro+kMNlTm7Gto8HPZiBXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD8vrSXUpLyGyVy35qrQfoV2TKs+MB8GA1UdIwQY
MBaAFCkfC3PmfWPFpMkEaBQWap4hYl8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQt
MzhlZThmZDY0ZTdkLzEvUHktdEpkU2t2SWJKWExmbXF0Qi1oWFpNcXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQtMzhlZThmZDY0ZTdk
LzEvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgRdAABw
MA0GCSqGSIb3DQEBCwUAA4IBAQCM9EnGv/HQMDWxNe8AFIEaiF/eogLtN3azb14d
ZGN4PmrVgO5KW4wZ9QsVfxkIAQO9my+cN8Jezo6eqyx7jx9APqCouXUfzrQbMb6T
OWXn52dPLQwvTAx2cNzCyKuO8gUhTJtF2Od8U3VDKFF2xLFXfvlEFiRllSUjQZxO
psotnE8DmLiISNWOPHNbNLztIOjSV6sNUB9h41y3wNJq8cFVoVcj4uZcEvFJuou2
hZLHkbhulbk8eZr62kSlxsba/YgjyK7Z6LR7epFDe2bzuq0C9g0ZVaO8oCfa1AFO
6fmCcNH8TnfvTIFQrdEujGiXOxVLaTkDX2eXPZir8vG51VBa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:44 2025 by rpki-client