Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/WByFlbRiVd206rjOOEibxg2qkkk.roa
File: WByFlbRiVd206rjOOEibxg2qkkk.roa (raw, json)
Hash identifier: PBKdim3pbuVuYx/Ut0SzgvyBtmwOaKJx/Wl0JX9wVYU=
Subject key identifier: 58:1C:85:95:B4:62:55:DD:B4:EA:B8:CE:38:48:9B:C6:0D:AA:92:49
Certificate issuer: /CN=3b80edd425050865eafba8089db9da3f3519b334
Certificate serial: 01856E6F8E0DB9328B7EBEDFDD891D70909E
Authority key identifier: 3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/WByFlbRiVd206rjOOEibxg2qkkk.roa
Signing time: Sun 01 Jan 2023 17:44:42 +0000
ROA not before: Sun 01 Jan 2023 17:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1759
IP address blocks: 2a12:b440:100::/48 maxlen: 64
2a12:b440:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:8e:0d:b9:32:8b:7e:be:df:dd:89:1d:70:90:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b80edd425050865eafba8089db9da3f3519b334
Validity
Not Before: Jan 1 17:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=581c8595b46255ddb4eab8ce38489bc60daa9249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2a:35:76:69:31:e1:db:e5:b5:1f:37:70:ce:
bf:08:f1:3b:1e:e0:ab:54:ed:e0:6c:d6:cf:8a:18:
1e:71:d8:11:e6:40:29:10:14:d7:91:0d:fc:64:91:
c0:a0:32:5c:3b:40:be:0c:61:8b:09:c3:5f:8c:34:
77:20:0c:53:8d:ac:33:fd:40:30:19:f5:f4:e0:0d:
83:5e:84:0b:ce:10:eb:71:79:f3:df:a9:3a:27:78:
7f:a7:5d:84:55:bd:d1:c3:23:a4:7e:c8:07:64:61:
25:26:47:d9:99:fc:2a:e1:67:53:c4:52:6f:a9:8b:
41:64:37:6b:2c:b0:91:cc:1a:4d:8f:9e:f2:db:ce:
4b:d4:d1:96:3d:78:84:7d:7b:70:ed:87:24:13:6e:
07:13:5b:e2:90:1c:d0:3f:d6:59:9a:e4:02:ed:32:
6c:44:d9:7c:2c:cd:6e:03:9c:e9:27:57:bd:01:15:
a6:07:20:d0:eb:38:88:f4:02:01:9f:e8:c5:38:fe:
cf:81:2b:2e:ff:ad:e2:f0:75:37:39:62:ec:be:12:
d8:73:1d:da:8f:89:1c:f0:d0:00:1d:a8:99:9f:09:
4e:de:95:7d:b3:06:cb:3b:3e:87:5c:e6:31:75:1a:
fb:01:d3:67:61:4b:47:f1:de:09:e3:a9:b2:5a:04:
f2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:1C:85:95:B4:62:55:DD:B4:EA:B8:CE:38:48:9B:C6:0D:AA:92:49
X509v3 Authority Key Identifier:
keyid:3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/WByFlbRiVd206rjOOEibxg2qkkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:b440:1::/48
2a12:b440:100::/48
Signature Algorithm: sha256WithRSAEncryption
67:3b:46:b5:7c:25:0d:2e:44:6e:5b:9d:5a:9f:bc:d6:e7:a4:
c0:6b:4c:01:3c:21:7a:b9:d7:2f:d8:61:40:70:0d:eb:7a:ee:
25:f2:89:9c:7e:af:bd:1c:a9:03:e1:d2:60:cc:4e:00:9b:39:
71:3a:57:6c:b7:96:34:d4:75:95:18:41:b7:65:b2:d9:d4:3c:
ff:d4:1e:b9:cc:97:94:3e:1a:ea:e9:7c:01:2b:8f:a1:15:ec:
2d:de:43:30:d2:94:00:86:d5:c4:f1:59:46:f1:28:d4:25:4c:
a3:c3:03:8b:e0:2b:2c:85:2e:6e:a1:ff:0a:e1:6b:1f:ce:48:
de:c6:14:64:e0:4b:97:55:37:6e:09:38:0d:74:30:61:be:3f:
64:45:10:ad:35:3b:c0:b5:a0:f5:7d:3c:cd:6e:a6:f8:b3:3e:
72:b6:a8:f5:49:45:71:25:26:f5:d2:fb:2a:b3:6c:63:fc:9f:
16:52:e2:d9:4f:6d:aa:e1:39:ce:a9:d1:e5:e1:36:c1:22:8f:
c3:ec:e9:e5:ee:2b:ba:a0:c2:3a:e9:c2:ce:44:c8:18:cc:d6:
ca:c3:64:63:01:d6:c1:1f:d2:a2:e7:20:b6:6c:2b:1c:dc:59:
11:c8:e9:92:dd:c5:c2:cd:88:4d:e3:07:35:af:ea:bd:8a:3e:
4d:c3:dd:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVub44NuTKLfr7f3YkdcJCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODBlZGQ0MjUwNTA4NjVlYWZiYTgwODlkYjlkYTNmMzUx
OWIzMzQwHhcNMjMwMTAxMTc0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODFjODU5NWI0NjI1NWRkYjRlYWI4Y2UzODQ4OWJjNjBkYWE5MjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyo1dmkx4dvltR83cM6/CPE7HuCr
VO3gbNbPihgecdgR5kApEBTXkQ38ZJHAoDJcO0C+DGGLCcNfjDR3IAxTjawz/UAw
GfX04A2DXoQLzhDrcXnz36k6J3h/p12EVb3RwyOkfsgHZGElJkfZmfwq4WdTxFJv
qYtBZDdrLLCRzBpNj57y285L1NGWPXiEfXtw7YckE24HE1vikBzQP9ZZmuQC7TJs
RNl8LM1uA5zpJ1e9ARWmByDQ6ziI9AIBn+jFOP7PgSsu/63i8HU3OWLsvhLYcx3a
j4kc8NAAHaiZnwlO3pV9swbLOz6HXOYxdRr7AdNnYUtH8d4J46myWgTyiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFgchZW0YlXdtOq4zjhIm8YNqpJJMB8GA1UdIwQY
MBaAFDuA7dQlBQhl6vuoCJ252j81GbM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMt
YzcxNjFkYzVjMDg3LzEvV0J5RmxiUmlWZDIwNnJqT09FaWJ4ZzJxa2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMtYzcxNjFkYzVjMDg3
LzEvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhK0QAAB
AwcAKhK0QAEAMA0GCSqGSIb3DQEBCwUAA4IBAQBnO0a1fCUNLkRuW51an7zW56TA
a0wBPCF6udcv2GFAcA3reu4l8omcfq+9HKkD4dJgzE4AmzlxOldst5Y01HWVGEG3
ZbLZ1Dz/1B65zJeUPhrq6XwBK4+hFewt3kMw0pQAhtXE8VlG8SjUJUyjwwOL4Css
hS5uof8K4WsfzkjexhRk4EuXVTduCTgNdDBhvj9kRRCtNTvAtaD1fTzNbqb4sz5y
tqj1SUVxJSb10vsqs2xj/J8WUuLZT22q4TnOqdHl4TbBIo/D7Onl7iu6oMI66cLO
RMgYzNbKw2RjAdbBH9Ki5yC2bCsc3FkRyOmS3cXCzYhN4wc1r+q9ij5Nw90+
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:03:17 2025 by rpki-client