Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9f5223-a56c-465b-ac65-fd152a6a0587/1/SD4jFdys-mRQiuJUC_KVpm5ozqY.roa
File: SD4jFdys-mRQiuJUC_KVpm5ozqY.roa (raw, json)
Hash identifier: 3NJelGJ22SMGgr/0J1s10UIHydPeydtyz5L7Q3KzCLw=
Subject key identifier: 48:3E:23:15:DC:AC:FA:64:50:8A:E2:54:0B:F2:95:A6:6E:68:CE:A6
Certificate issuer: /CN=e5aaf76d27ba812e0d5ce2305f17c53188c2580c
Certificate serial: 0188E19EBB55E429F3CB818E8B6FFD9EFA0F
Authority key identifier: E5:AA:F7:6D:27:BA:81:2E:0D:5C:E2:30:5F:17:C5:31:88:C2:58:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5ar3bSe6gS4NXOIwXxfFMYjCWAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9f5223-a56c-465b-ac65-fd152a6a0587/1/SD4jFdys-mRQiuJUC_KVpm5ozqY.roa
Signing time: Thu 22 Jun 2023 05:40:56 +0000
ROA not before: Thu 22 Jun 2023 05:40:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35773
IP address blocks: 2a13:d880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e1:9e:bb:55:e4:29:f3:cb:81:8e:8b:6f:fd:9e:fa:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5aaf76d27ba812e0d5ce2305f17c53188c2580c
Validity
Not Before: Jun 22 05:40:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=483e2315dcacfa64508ae2540bf295a66e68cea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fc:55:93:61:63:dd:3a:b5:ef:c2:ba:35:7a:
db:e6:d3:f5:db:1f:cc:1d:c2:2c:3c:37:02:fc:4c:
dd:b5:80:92:13:60:c0:b5:9f:a7:a2:af:16:fc:54:
5b:09:f7:3a:09:fa:59:25:d6:9e:20:f4:05:dc:44:
6b:9b:7c:44:ca:02:21:87:cd:fc:4d:7f:a5:3a:b2:
3d:6f:b5:65:80:5d:45:1a:51:cd:03:fb:94:4d:32:
f2:b9:d5:2f:3c:7e:0d:73:8d:9c:52:6c:d7:50:84:
63:69:ef:ab:07:c7:20:af:6c:0c:db:61:69:49:35:
a4:2a:b4:45:b7:e7:dc:de:4d:5d:37:4a:d5:c6:a3:
08:08:a8:29:47:01:57:81:74:db:7b:13:8a:83:21:
61:fc:07:e9:54:dc:63:91:88:de:94:75:23:c9:59:
35:12:88:01:75:7e:57:1e:29:29:0d:89:b8:26:8b:
a2:bb:c0:8c:76:29:42:2e:e6:a5:98:cd:ab:22:9c:
15:d2:6e:6c:d6:98:97:60:62:10:f5:be:72:e1:d6:
c1:98:0b:ac:f3:0e:ec:a0:c4:ee:6c:d7:e0:bd:2f:
e2:8d:b3:3b:d0:84:49:27:d0:f6:a2:05:8a:a5:51:
22:8a:a0:3a:7b:74:e8:4a:3d:89:b6:c3:66:e9:8d:
74:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3E:23:15:DC:AC:FA:64:50:8A:E2:54:0B:F2:95:A6:6E:68:CE:A6
X509v3 Authority Key Identifier:
keyid:E5:AA:F7:6D:27:BA:81:2E:0D:5C:E2:30:5F:17:C5:31:88:C2:58:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5ar3bSe6gS4NXOIwXxfFMYjCWAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9f5223-a56c-465b-ac65-fd152a6a0587/1/SD4jFdys-mRQiuJUC_KVpm5ozqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9f5223-a56c-465b-ac65-fd152a6a0587/1/5ar3bSe6gS4NXOIwXxfFMYjCWAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d880::/29
Signature Algorithm: sha256WithRSAEncryption
22:61:e2:ae:a9:5e:45:3d:b3:14:3f:a4:61:a2:86:80:0e:5b:
3f:10:64:2c:92:cf:60:8b:db:bc:12:aa:08:59:50:12:12:36:
ec:11:35:ca:40:4f:5e:23:79:0d:2f:53:12:9f:e6:60:7b:de:
07:24:67:e6:7c:c3:3f:b4:cf:f0:ea:f8:58:c4:5f:64:c6:be:
94:65:9e:41:f7:f6:5b:ff:93:ba:d8:35:73:1d:99:d9:04:54:
f0:52:8a:c8:99:b6:d6:29:63:e5:4a:20:2f:b2:98:1d:7a:d3:
e5:86:b8:2c:4f:22:ff:75:d2:e2:12:48:e6:bc:ac:04:25:c5:
26:16:eb:c3:94:80:8c:8b:3b:65:ca:04:ef:b4:7f:05:e7:b6:
b3:9a:52:34:75:bd:19:13:5b:aa:b7:71:b5:30:3b:8b:af:b8:
b5:3d:06:77:ce:83:36:3d:bf:f6:61:22:72:b5:16:9f:49:0e:
15:8f:c0:c9:83:13:1f:37:12:34:0e:ef:f2:a8:d2:38:e1:bb:
40:36:f4:46:79:30:a5:4c:f4:80:f6:e9:e7:59:f0:ca:fd:1e:
44:49:35:63:b6:d7:50:83:95:4a:df:33:e4:90:19:c0:16:ba:
fd:d2:ab:21:cc:ed:b5:c1:a1:12:7b:09:7e:65:fc:9b:79:5b:
81:ec:69:3c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYjhnrtV5Cnzy4GOi2/9nvoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YWFmNzZkMjdiYTgxMmUwZDVjZTIzMDVmMTdjNTMxODhj
MjU4MGMwHhcNMjMwNjIyMDU0MDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODNlMjMxNWRjYWNmYTY0NTA4YWUyNTQwYmYyOTVhNjZlNjhjZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfxVk2Fj3Tq178K6NXrb5tP12x/M
HcIsPDcC/EzdtYCSE2DAtZ+noq8W/FRbCfc6CfpZJdaeIPQF3ERrm3xEygIhh838
TX+lOrI9b7VlgF1FGlHNA/uUTTLyudUvPH4Nc42cUmzXUIRjae+rB8cgr2wM22Fp
STWkKrRFt+fc3k1dN0rVxqMICKgpRwFXgXTbexOKgyFh/AfpVNxjkYjelHUjyVk1
EogBdX5XHikpDYm4Jouiu8CMdilCLualmM2rIpwV0m5s1piXYGIQ9b5y4dbBmAus
8w7soMTubNfgvS/ijbM70IRJJ9D2ogWKpVEiiqA6e3ToSj2JtsNm6Y10fQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEg+IxXcrPpkUIriVAvylaZuaM6mMB8GA1UdIwQY
MBaAFOWq920nuoEuDVziMF8XxTGIwlgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFyM2JTZTZnUzROWE9Jd1h4ZkZNWWpDV0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85ZjUyMjMtYTU2Yy00NjViLWFjNjUt
ZmQxNTJhNmEwNTg3LzEvU0Q0akZkeXMtbVJRaXVKVUNfS1ZwbTVvenFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85ZjUyMjMtYTU2Yy00NjViLWFjNjUtZmQxNTJhNmEwNTg3
LzEvNWFyM2JTZTZnUzROWE9Jd1h4ZkZNWWpDV0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPYgDAN
BgkqhkiG9w0BAQsFAAOCAQEAImHirqleRT2zFD+kYaKGgA5bPxBkLJLPYIvbvBKq
CFlQEhI27BE1ykBPXiN5DS9TEp/mYHveByRn5nzDP7TP8Or4WMRfZMa+lGWeQff2
W/+Tutg1cx2Z2QRU8FKKyJm21ilj5UogL7KYHXrT5Ya4LE8i/3XS4hJI5rysBCXF
Jhbrw5SAjIs7ZcoE77R/Bee2s5pSNHW9GRNbqrdxtTA7i6+4tT0Gd86DNj2/9mEi
crUWn0kOFY/AyYMTHzcSNA7v8qjSOOG7QDb0RnkwpUz0gPbp51nwyv0eREk1Y7bX
UIOVSt8z5JAZwBa6/dKrIczttcGhEnsJfmX8m3lbgexpPA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:58:12 2025 by rpki-client