Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/pIWqn1UPUJtrLAOVhQ5sxFC2TgI.roa
File: pIWqn1UPUJtrLAOVhQ5sxFC2TgI.roa (raw, json)
Hash identifier: vlgYnSzf4grP57ObEc61U3jA7ZvaARvEsuodQyWoQRw=
Subject key identifier: A4:85:AA:9F:55:0F:50:9B:6B:2C:03:95:85:0E:6C:C4:50:B6:4E:02
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018C36128EABCE7B9E9EEA2ACC193D0883F9
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/pIWqn1UPUJtrLAOVhQ5sxFC2TgI.roa
Signing time: Mon 04 Dec 2023 18:23:55 +0000
ROA not before: Mon 04 Dec 2023 18:23:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 2a11:5a43::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:36:12:8e:ab:ce:7b:9e:9e:ea:2a:cc:19:3d:08:83:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Dec 4 18:23:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a485aa9f550f509b6b2c0395850e6cc450b64e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1b:ff:89:ff:1d:45:81:e0:28:c0:18:a2:02:
e3:d7:43:ee:43:9c:61:34:52:73:11:fd:a4:3b:86:
8a:a7:b4:19:b6:b3:3b:bf:b9:ec:ea:3d:31:8e:7e:
21:d2:7f:fc:e6:d6:69:9f:1d:5f:e2:32:13:48:9f:
b2:be:a4:7c:b1:97:ce:c7:4e:f0:ed:f7:cc:dc:a4:
31:89:30:0d:32:24:1f:b0:5f:13:4c:30:c3:93:6e:
b6:54:cd:95:5f:9a:19:91:66:8a:8f:df:5e:e4:a5:
5e:18:3e:af:f1:db:b9:e7:96:23:fe:5a:44:af:fe:
08:f1:02:c5:c1:f4:f9:4a:da:91:9c:2d:e4:8d:5e:
16:31:d9:62:84:fc:24:67:b3:9f:13:b3:0c:fa:be:
60:72:c3:36:b9:f0:3b:d2:ae:5e:d9:44:34:f8:59:
5c:58:65:6c:d4:17:bd:6a:c0:7b:a9:24:c0:e1:1c:
85:ef:fa:0e:22:bc:cb:3b:2f:8f:38:81:3c:05:64:
ff:84:31:db:4d:58:fc:fe:43:85:80:65:2a:3f:53:
5d:b0:f8:fb:59:7b:d2:3d:9e:21:36:f4:af:79:4e:
c7:0d:0b:42:fa:8d:6f:8a:b5:1f:f0:d5:d9:9c:1c:
d9:f0:28:9a:f1:ae:8c:ea:32:74:87:de:bc:c0:4b:
35:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:85:AA:9F:55:0F:50:9B:6B:2C:03:95:85:0E:6C:C4:50:B6:4E:02
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/pIWqn1UPUJtrLAOVhQ5sxFC2TgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5a43::/32
Signature Algorithm: sha256WithRSAEncryption
70:50:64:63:d8:d8:be:45:ca:da:dd:a7:d8:c8:c6:b2:b1:93:
b7:a4:56:c8:7c:30:28:de:66:ce:b3:7f:f2:b7:39:c4:7c:e7:
6d:ab:c7:2b:c4:17:e3:9a:54:93:1d:82:e0:7e:0a:f5:90:ac:
9b:11:c8:8c:ab:b8:45:48:34:d1:fc:5e:56:56:4b:80:f7:53:
b8:ea:5a:8e:7c:bc:05:40:84:26:e6:2b:ed:87:d5:99:49:01:
10:57:0c:4e:ee:d2:b5:37:59:91:ee:c8:fe:6b:69:bf:f5:fb:
86:0d:a6:73:bf:c9:4c:5a:aa:dd:ef:81:47:a5:c2:dd:3c:b2:
f5:b1:ac:63:18:66:da:c0:e3:8b:14:1c:61:88:b4:04:a5:b6:
3f:c6:2c:d1:a9:9a:04:6f:50:05:29:2d:8f:54:4d:28:96:b1:
21:17:1f:d2:a8:6a:d6:77:e3:26:79:17:80:9b:cb:a5:e2:b7:
05:a9:e2:12:c0:0d:6a:fa:bf:33:ce:22:06:df:d5:da:5e:fb:
d0:b5:21:87:fd:f1:7e:28:e3:55:19:44:e9:34:c2:cc:dc:59:
4c:a5:b2:d6:87:82:e6:c2:5d:11:2a:b2:d9:08:e7:f9:56:a6:
a0:9d:30:2a:1b:78:de:03:b1:24:b4:1d:1e:dc:29:cf:f4:67:
25:f6:d5:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYw2Eo6rznuenuoqzBk9CIP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjMxMjA0MTgyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDg1YWE5ZjU1MGY1MDliNmIyYzAzOTU4NTBlNmNjNDUwYjY0ZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxv/if8dRYHgKMAYogLj10PuQ5xh
NFJzEf2kO4aKp7QZtrM7v7ns6j0xjn4h0n/85tZpnx1f4jITSJ+yvqR8sZfOx07w
7ffM3KQxiTANMiQfsF8TTDDDk262VM2VX5oZkWaKj99e5KVeGD6v8du555Yj/lpE
r/4I8QLFwfT5StqRnC3kjV4WMdlihPwkZ7OfE7MM+r5gcsM2ufA70q5e2UQ0+Flc
WGVs1Be9asB7qSTA4RyF7/oOIrzLOy+POIE8BWT/hDHbTVj8/kOFgGUqP1NdsPj7
WXvSPZ4hNvSveU7HDQtC+o1virUf8NXZnBzZ8Cia8a6M6jJ0h968wEs1cQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKSFqp9VD1CbaywDlYUObMRQtk4CMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvcElXcW4xVVBVSnRyTEFPVmhRNXN4RkMyVGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFaQzAN
BgkqhkiG9w0BAQsFAAOCAQEAcFBkY9jYvkXK2t2n2MjGsrGTt6RWyHwwKN5mzrN/
8rc5xHznbavHK8QX45pUkx2C4H4K9ZCsmxHIjKu4RUg00fxeVlZLgPdTuOpajny8
BUCEJuYr7YfVmUkBEFcMTu7StTdZke7I/mtpv/X7hg2mc7/JTFqq3e+BR6XC3Tyy
9bGsYxhm2sDjixQcYYi0BKW2P8Ys0amaBG9QBSktj1RNKJaxIRcf0qhq1nfjJnkX
gJvLpeK3BaniEsANavq/M84iBt/V2l770LUhh/3xfijjVRlE6TTCzNxZTKWy1oeC
5sJdESqy2Qjn+VamoJ0wKht43gOxJLQdHtwpz/RnJfbVMQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:48:19 2025 by rpki-client