Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0BKI0WlXAGMjHLq9eTtN5bl5eg4.roa
File: 0BKI0WlXAGMjHLq9eTtN5bl5eg4.roa (raw, json)
Hash identifier: KlWe04Ev015Me8eH+HY5tzZ+ImdN6dZQwoqncOQNtNo=
Subject key identifier: D0:12:88:D1:69:57:00:63:23:1C:BA:BD:79:3B:4D:E5:B9:79:7A:0E
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018AABAD361F02AB5C626B7E11E197AD3EFD
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0BKI0WlXAGMjHLq9eTtN5bl5eg4.roa
Signing time: Tue 19 Sep 2023 04:22:50 +0000
ROA not before: Tue 19 Sep 2023 04:22:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44812
IP address blocks: 2a12:a346::/32 maxlen: 32
2a11:4b40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ab:ad:36:1f:02:ab:5c:62:6b:7e:11:e1:97:ad:3e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 19 04:22:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d01288d169570063231cbabd793b4de5b9797a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7d:0c:f2:f9:a1:31:34:56:8a:32:7e:0d:4b:
c6:ff:33:e9:37:ed:14:e0:04:36:19:7e:fb:e4:75:
7a:0e:a8:71:d9:03:8b:88:77:89:af:27:6a:70:85:
ca:6a:06:de:5d:7e:f6:28:b2:d3:cb:ac:f9:68:d9:
fa:60:a0:87:02:af:27:0b:4f:65:98:d9:f3:65:06:
ce:cd:cb:a3:90:b9:3a:f6:bf:46:aa:0a:41:d0:ba:
74:5f:04:de:fe:fa:61:a0:f7:ee:0b:3b:ce:67:21:
0c:9e:39:7f:a0:4f:ae:6d:51:2e:b5:f4:bf:8e:e4:
50:e7:59:9c:7e:64:fc:1d:77:01:dd:95:db:9f:57:
21:cb:9f:07:8e:bf:15:8f:3a:9b:63:fc:3e:47:ea:
14:2f:41:8f:b1:8d:e8:57:37:10:7e:82:33:8b:1f:
cd:86:d0:ae:f1:d2:79:da:06:ca:be:34:f0:64:12:
16:28:ea:a0:08:63:bc:8a:49:12:cc:4d:7d:1b:5d:
ba:b7:9e:7d:c8:af:5e:38:20:b3:ab:48:be:e4:a1:
b8:cd:5e:80:a5:ff:d0:3c:60:ea:7f:c7:5f:fc:52:
8e:4f:44:ae:b8:65:41:0e:ef:4c:73:ac:b0:fb:73:
22:ba:73:42:89:30:f7:6f:7d:7a:1d:d5:4b:55:15:
74:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:12:88:D1:69:57:00:63:23:1C:BA:BD:79:3B:4D:E5:B9:79:7A:0E
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0BKI0WlXAGMjHLq9eTtN5bl5eg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b40::/32
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
02:06:f9:5f:53:06:62:61:6d:b6:64:14:31:06:d9:49:8d:22:
06:ea:88:9b:38:a3:f4:9c:f8:be:24:b5:2e:4e:d4:c5:ac:3c:
e5:67:2a:0f:0f:8b:ca:dc:90:24:06:74:f6:0c:72:bf:76:93:
40:87:ae:2a:99:70:a9:82:c0:37:5e:e5:0a:23:9a:3b:85:c6:
0a:0a:4b:92:6b:ff:10:ae:6f:99:c4:14:cb:e6:6d:2a:98:f0:
98:0b:18:4c:6f:aa:f9:28:be:36:10:f7:0c:b2:56:3a:36:c4:
7b:33:4d:d8:e2:f8:57:35:16:cf:fc:be:73:7d:67:ba:04:6c:
eb:0a:f4:36:3b:b4:44:4d:cd:25:98:77:16:bc:e8:31:f9:85:
f6:21:25:3e:e7:d7:60:88:16:ae:b6:9a:c9:7c:16:57:2f:54:
37:b2:04:1c:8a:3a:62:3b:c1:9e:86:93:f2:99:e3:8e:d9:80:
87:68:6e:c1:11:f6:58:3a:80:56:cc:15:57:53:f5:60:30:37:
4a:f2:2e:d0:2f:91:90:e5:e4:f9:99:4b:08:be:c5:8a:ef:a5:
5c:66:4b:ac:51:02:e0:61:f3:50:7f:31:f8:00:df:15:26:07:
be:72:da:f4:2a:b4:3c:88:88:22:71:84:9c:1b:cd:d2:f0:97:
f7:0e:b4:cc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYqrrTYfAqtcYmt+EeGXrT79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwOTE5MDQyMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDEyODhkMTY5NTcwMDYzMjMxY2JhYmQ3OTNiNGRlNWI5Nzk3YTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh30M8vmhMTRWijJ+DUvG/zPpN+0U
4AQ2GX775HV6Dqhx2QOLiHeJrydqcIXKagbeXX72KLLTy6z5aNn6YKCHAq8nC09l
mNnzZQbOzcujkLk69r9GqgpB0Lp0XwTe/vphoPfuCzvOZyEMnjl/oE+ubVEutfS/
juRQ51mcfmT8HXcB3ZXbn1chy58Hjr8VjzqbY/w+R+oUL0GPsY3oVzcQfoIzix/N
htCu8dJ52gbKvjTwZBIWKOqgCGO8ikkSzE19G126t559yK9eOCCzq0i+5KG4zV6A
pf/QPGDqf8df/FKOT0SuuGVBDu9Mc6yw+3MiunNCiTD3b316HdVLVRV0swIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNASiNFpVwBjIxy6vXk7TeW5eXoOMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMEJLSTBXbFhBR01qSExxOWVUdE41Ymw1ZWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhFLQAMF
ACoSo0YwDQYJKoZIhvcNAQELBQADggEBAAIG+V9TBmJhbbZkFDEG2UmNIgbqiJs4
o/Sc+L4ktS5O1MWsPOVnKg8Pi8rckCQGdPYMcr92k0CHriqZcKmCwDde5QojmjuF
xgoKS5Jr/xCub5nEFMvmbSqY8JgLGExvqvkovjYQ9wyyVjo2xHszTdji+Fc1Fs/8
vnN9Z7oEbOsK9DY7tERNzSWYdxa86DH5hfYhJT7n12CIFq62msl8FlcvVDeyBByK
OmI7wZ6Gk/KZ447ZgIdobsER9lg6gFbMFVdT9WAwN0ryLtAvkZDl5PmZSwi+xYrv
pVxmS6xRAuBh81B/MfgA3xUmB75y2vQqtDyIiCJxhJwbzdLwl/cOtMw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:26 2025 by rpki-client