Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/RdnmsRgDOLBQbQoWRcd2qqlnseY.roa
File: RdnmsRgDOLBQbQoWRcd2qqlnseY.roa (raw, json)
Hash identifier: dJQsEaQLr5BRxefWNSSXGxTAF8soKdiOKTNSlWB/dR8=
Subject key identifier: 45:D9:E6:B1:18:03:38:B0:50:6D:0A:16:45:C7:76:AA:A9:67:B1:E6
Certificate issuer: /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial: 118AFF05
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/RdnmsRgDOLBQbQoWRcd2qqlnseY.roa
Signing time: Sat 01 Jan 2022 11:04:06 +0000
ROA not before: Sat 01 Jan 2022 11:04:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60404
IP address blocks: 2a0b:b600:1000::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 294321925 (0x118aff05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Validity
Not Before: Jan 1 11:04:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=45d9e6b1180338b0506d0a1645c776aaa967b1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d7:d4:a7:92:05:0a:21:59:1b:cf:08:50:09:
46:29:a4:23:d6:3c:76:a9:51:a0:1c:0e:21:02:ff:
89:cf:c5:75:65:70:a5:ad:f4:d9:d3:c2:83:d9:9e:
36:ff:bd:c3:94:71:1e:77:66:d9:db:fa:4f:15:3f:
0a:e0:0d:86:f4:fb:bc:fc:10:f0:4d:3e:60:00:49:
aa:b2:f3:c3:46:00:6a:ad:e6:2d:88:4c:cd:c0:2a:
fe:f5:cf:84:1a:9e:58:3e:67:f7:1e:ad:33:2e:a5:
96:32:75:6d:cc:c6:66:fe:9d:ec:eb:9b:5c:ee:35:
75:58:9d:0f:24:76:b2:e5:a9:ce:a7:94:7b:d2:f9:
6f:2a:a8:64:f1:c9:17:fd:7b:55:9b:7f:76:7c:31:
3b:3c:2e:9c:8d:f8:ea:91:27:d6:7d:f2:87:95:b8:
6e:21:0a:19:22:d6:3e:e4:d4:c5:2a:51:5e:7c:34:
a0:a7:48:9d:23:06:73:26:ba:ee:cb:f2:af:ea:0b:
e1:66:51:ad:fe:c0:ed:56:eb:9a:bc:51:e9:b6:ed:
e5:38:0d:20:54:7c:7a:01:2c:c2:6b:73:3e:03:56:
2d:44:e9:6e:1b:fa:51:8e:43:67:76:03:f9:d4:2f:
8d:1d:58:dc:19:30:2b:b3:5c:43:f2:b0:60:00:fb:
6a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D9:E6:B1:18:03:38:B0:50:6D:0A:16:45:C7:76:AA:A9:67:B1:E6
X509v3 Authority Key Identifier:
keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/RdnmsRgDOLBQbQoWRcd2qqlnseY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b600:1000::/38
Signature Algorithm: sha256WithRSAEncryption
49:18:ec:fa:65:55:74:6b:ed:17:95:87:b5:8b:0a:53:cc:bd:
fd:17:98:e8:db:51:3f:bd:4c:4e:e9:ba:19:64:45:f4:95:ac:
d1:8d:54:e0:e5:4d:9a:75:cc:44:1d:41:e5:a6:fa:f8:81:e9:
14:de:17:de:5c:b9:0f:f6:08:49:9e:d7:7c:6c:23:cc:cd:ce:
49:90:58:5c:0a:99:88:ed:6b:0c:b6:a3:f3:b0:19:93:a5:7c:
8b:69:fb:48:a0:b7:64:39:c1:4b:42:40:a0:98:37:b3:f7:dc:
a7:fe:7a:06:1c:b9:fa:d8:81:ea:90:ef:a5:bc:38:04:66:33:
9b:2d:c7:cf:1f:9a:5f:50:fd:43:f1:ce:cf:a1:eb:89:46:39:
d8:b5:a5:62:55:c5:98:84:d3:f0:40:43:67:cb:0f:0e:9d:88:
e5:d1:ba:ae:b4:7a:7e:c2:33:b2:62:c5:6f:09:7e:a3:5c:50:
c0:d3:91:1e:36:e8:a1:f6:22:c8:cd:33:85:b3:c1:53:18:e1:
c3:eb:8d:15:94:71:01:57:44:18:dc:2a:4b:18:63:20:8c:b9:
e3:b2:fe:7e:d7:36:96:0d:5e:36:3a:44:a8:1a:c9:90:6a:bb:
05:f3:89:24:9a:ef:b3:11:b8:48:46:48:cf:db:f2:82:73:2d:
47:f5:ee:31
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEYr/BTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2Y5ODZjNzcwNWJkODA4YzFiMDJlYmQ3NTRmYmZhOTE4MDdlOWI2MB4XDTIyMDEw
MTExMDQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDVkOWU2YjExODAz
MzhiMDUwNmQwYTE2NDVjNzc2YWFhOTY3YjFlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjX1KeSBQohWRvPCFAJRimkI9Y8dqlRoBwOIQL/ic/FdWVw
pa302dPCg9meNv+9w5RxHndm2dv6TxU/CuANhvT7vPwQ8E0+YABJqrLzw0YAaq3m
LYhMzcAq/vXPhBqeWD5n9x6tMy6lljJ1bczGZv6d7OubXO41dVidDyR2suWpzqeU
e9L5byqoZPHJF/17VZt/dnwxOzwunI346pEn1n3yh5W4biEKGSLWPuTUxSpRXnw0
oKdInSMGcya67svyr+oL4WZRrf7A7VbrmrxR6bbt5TgNIFR8egEswmtzPgNWLUTp
bhv6UY5DZ3YD+dQvjR1Y3BkwK7NcQ/KwYAD7ancCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRF2eaxGAM4sFBtChZFx3aqqWex5jAfBgNVHSMEGDAWgBRz+YbHcFvYCMGw
Lr11T7+pGAfptjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NfbUd4M0JiMkFqQnNDNjlkVS1fcVJnSDZiWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvZGIxYWNhLTI2NTktNDJhMy1hNjMxLTlhMTI5NWYwMmYyZS8x
L1Jkbm1zUmdET0xCUWJRb1dSY2QycXFsbnNlWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
ZGIxYWNhLTI2NTktNDJhMy1hNjMxLTlhMTI5NWYwMmYyZS8xL2NfbUd4M0JiMkFq
QnNDNjlkVS1fcVJnSDZiWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioLtgAQMA0GCSqGSIb3DQEBCwUA
A4IBAQBJGOz6ZVV0a+0XlYe1iwpTzL39F5jo21E/vUxO6boZZEX0lazRjVTg5U2a
dcxEHUHlpvr4gekU3hfeXLkP9ghJntd8bCPMzc5JkFhcCpmI7WsMtqPzsBmTpXyL
aftIoLdkOcFLQkCgmDez99yn/noGHLn62IHqkO+lvDgEZjObLcfPH5pfUP1D8c7P
oeuJRjnYtaViVcWYhNPwQENnyw8OnYjl0bqutHp+wjOyYsVvCX6jXFDA05EeNuih
9iLIzTOFs8FTGOHD640VlHEBV0QY3CpLGGMgjLnjsv5+1zaWDV42OkSoGsmQarsF
84kkmu+zEbhIRkjP2/KCcy1H9e4x
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:30:29 2025 by rpki-client