Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/aiDUcpz9Z43fkZ6B_hxBJeTAR_I.roa
File: aiDUcpz9Z43fkZ6B_hxBJeTAR_I.roa (raw, json)
Hash identifier: ss9fpLMzWxucg0cTt5H5vVFPuIAsFgFsKud48TW02Uo=
Subject key identifier: 6A:20:D4:72:9C:FD:67:8D:DF:91:9E:81:FE:1C:41:25:E4:C0:47:F2
Certificate issuer: /CN=f826ffe96cdc41efaa8bfb3125862d6594be9827
Certificate serial: 01856FB1173B2C8A8712B338B669807CBC14
Authority key identifier: F8:26:FF:E9:6C:DC:41:EF:AA:8B:FB:31:25:86:2D:65:94:BE:98:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/aiDUcpz9Z43fkZ6B_hxBJeTAR_I.roa
Signing time: Sun 01 Jan 2023 23:35:54 +0000
ROA not before: Sun 01 Jan 2023 23:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 134.76.0.0/16 maxlen: 16
195.12.38.0/24 maxlen: 24
2a06:93c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:17:3b:2c:8a:87:12:b3:38:b6:69:80:7c:bc:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f826ffe96cdc41efaa8bfb3125862d6594be9827
Validity
Not Before: Jan 1 23:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a20d4729cfd678ddf919e81fe1c4125e4c047f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3d:47:76:44:ac:02:2f:8b:d6:af:36:b8:9f:
a0:e4:50:cd:fe:18:56:5a:bc:cc:45:e5:74:26:78:
9b:47:dd:d3:17:2d:61:a7:10:46:19:0d:a5:d1:39:
54:36:c9:c6:f4:92:91:56:a7:e0:8b:b2:ce:c0:c5:
6d:2d:b6:44:f8:b1:7f:17:db:39:28:8f:fd:02:36:
76:7a:4a:93:ab:b9:2e:59:f9:17:d9:0a:6d:c5:ea:
9f:de:f3:23:7a:e0:89:e6:e1:6a:52:ac:1a:9b:e3:
89:71:bb:76:ba:d7:a6:80:93:24:cd:9f:19:a0:fc:
7c:0d:f1:ab:65:f1:72:34:6d:48:8b:39:6d:71:65:
70:b0:b0:4e:cc:2d:00:08:53:2b:2f:a1:04:3a:74:
a6:10:d5:66:45:4a:4b:e1:d6:e2:a7:28:61:2f:ba:
25:e2:ea:ee:b3:31:30:14:92:7b:ae:5b:c7:7b:a1:
40:7e:e2:8b:20:b8:cf:bf:59:1d:8c:11:86:ee:ff:
ed:d3:8a:5a:f3:11:6b:bd:84:ac:c3:7b:8e:90:ed:
14:84:be:2a:8d:ba:57:fe:af:30:b3:37:57:d4:74:
14:23:0e:53:ca:4e:02:bc:21:89:13:08:b5:83:c7:
e9:10:84:e6:2e:fd:1a:eb:9e:f8:54:3c:4c:72:fb:
88:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:20:D4:72:9C:FD:67:8D:DF:91:9E:81:FE:1C:41:25:E4:C0:47:F2
X509v3 Authority Key Identifier:
keyid:F8:26:FF:E9:6C:DC:41:EF:AA:8B:FB:31:25:86:2D:65:94:BE:98:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/aiDUcpz9Z43fkZ6B_hxBJeTAR_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.76.0.0/16
195.12.38.0/24
IPv6:
2a06:93c0::/29
Signature Algorithm: sha256WithRSAEncryption
87:56:00:66:ff:6b:5f:8d:ad:8b:eb:cb:04:6e:ff:a5:3d:6f:
fa:b9:1d:4b:19:1f:0d:0c:fe:91:fd:44:e5:00:d2:98:9f:b8:
67:8d:a6:79:5c:c9:b8:22:78:39:10:e3:f0:0e:a8:7d:f3:67:
c8:fb:b3:8d:73:9d:ab:c3:e0:a1:29:d4:3d:7a:db:b5:07:54:
91:17:a7:00:a2:00:2b:ec:0b:64:ad:64:a9:ca:2e:f3:34:79:
8b:f5:8c:39:b0:08:36:e8:b8:11:63:46:a6:7b:8f:fc:79:c6:
93:62:0f:ef:ae:35:6b:a4:cf:92:da:25:2a:80:05:34:fe:b6:
02:50:33:6d:35:d7:97:60:87:c6:27:8a:8c:28:48:37:af:d4:
3f:e8:99:bd:2c:de:ca:d5:e0:9d:33:e3:2f:6c:f8:9c:4e:7a:
f5:4a:fd:ac:7f:05:03:4a:f5:a0:1d:7f:36:9d:0f:26:b2:e6:
75:e9:5a:d0:98:22:c9:21:61:02:18:fa:66:92:8d:31:ed:08:
e3:e7:b9:e3:d0:7c:3d:80:ec:d1:b2:53:f8:33:2b:fd:94:38:
5f:4b:7b:07:42:37:96:02:46:76:e1:f9:48:cb:df:13:e4:f2:
80:71:93:dd:b7:e7:ec:35:4f:39:2e:20:3f:02:65:74:0f:e0:
8e:1c:b6:01
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVvsRc7LIqHErM4tmmAfLwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjZmZmU5NmNkYzQxZWZhYThiZmIzMTI1ODYyZDY1OTRi
ZTk4MjcwHhcNMjMwMTAxMjMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTIwZDQ3MjljZmQ2NzhkZGY5MTllODFmZTFjNDEyNWU0YzA0N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj1HdkSsAi+L1q82uJ+g5FDN/hhW
WrzMReV0JnibR93TFy1hpxBGGQ2l0TlUNsnG9JKRVqfgi7LOwMVtLbZE+LF/F9s5
KI/9AjZ2ekqTq7kuWfkX2Qptxeqf3vMjeuCJ5uFqUqwam+OJcbt2utemgJMkzZ8Z
oPx8DfGrZfFyNG1IizltcWVwsLBOzC0ACFMrL6EEOnSmENVmRUpL4dbipyhhL7ol
4uruszEwFJJ7rlvHe6FAfuKLILjPv1kdjBGG7v/t04pa8xFrvYSsw3uOkO0UhL4q
jbpX/q8wszdX1HQUIw5Tyk4CvCGJEwi1g8fpEITmLv0a6574VDxMcvuINQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGog1HKc/WeN35Gegf4cQSXkwEfyMB8GA1UdIwQY
MBaAFPgm/+ls3EHvqov7MSWGLWWUvpgnMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DYl82V3pjUWUtcWlfc3hKWVl0WlpTLW1DYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIvNmY2ODI2LTFhYWQtNGMzYy1iZDkx
LWNjYTM3ZTJmMjcyOS8xL2FpRFVjcHo5WjQzZmtaNkJfaHhCSmVUQVJfSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjIvNmY2ODI2LTFhYWQtNGMzYy1iZDkxLWNjYTM3ZTJmMjcy
OS8xLzEtQ2JfNld6Y1FlLXFpX3N4SllZdFpaUy1tQ2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMBEEAgABMAsDAwCGTAME
AMMMJjANBAIAAjAHAwUDKgaTwDANBgkqhkiG9w0BAQsFAAOCAQEAh1YAZv9rX42t
i+vLBG7/pT1v+rkdSxkfDQz+kf1E5QDSmJ+4Z42meVzJuCJ4ORDj8A6offNnyPuz
jXOdq8PgoSnUPXrbtQdUkRenAKIAK+wLZK1kqcou8zR5i/WMObAINui4EWNGpnuP
/HnGk2IP7641a6TPktolKoAFNP62AlAzbTXXl2CHxieKjChIN6/UP+iZvSzeytXg
nTPjL2z4nE569Ur9rH8FA0r1oB1/Np0PJrLmdela0JgiySFhAhj6ZpKNMe0I4+e5
49B8PYDs0bJT+DMr/ZQ4X0t7B0I3lgJGduH5SMvfE+TygHGT3bfn7DVPOS4gPwJl
dA/gjhy2AQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:24:30 2025 by rpki-client