Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/ri99Zlgy_lhagtbZcp5UWWUZ4ps.roa
File: ri99Zlgy_lhagtbZcp5UWWUZ4ps.roa (raw, json)
Hash identifier: ZYpYxoX6Wz9ZffI+8S6buPAEdFzebMDCDKhydDZ7e+A=
Subject key identifier: AE:2F:7D:66:58:32:FE:58:5A:82:D6:D9:72:9E:54:59:65:19:E2:9B
Certificate issuer: /CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Certificate serial: 018571699F4ED8AC83CF00C44495E76D73E2
Authority key identifier: F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/ri99Zlgy_lhagtbZcp5UWWUZ4ps.roa
Signing time: Mon 02 Jan 2023 07:37:05 +0000
ROA not before: Mon 02 Jan 2023 07:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30969
IP address blocks: 2a01:410:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:9f:4e:d8:ac:83:cf:00:c4:44:95:e7:6d:73:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Validity
Not Before: Jan 2 07:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae2f7d665832fe585a82d6d9729e54596519e29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:12:1f:ad:ab:a0:0f:3b:fa:d8:33:7e:f1:27:
c2:19:14:b4:26:3a:7a:09:9e:0f:da:dd:fa:b0:ac:
9b:aa:5a:1c:dc:6c:f1:62:c4:2d:76:44:39:59:eb:
a5:cc:7a:ab:e8:1a:94:6d:49:68:bb:21:c7:4b:fe:
16:a5:5a:df:8d:10:e2:bb:44:fb:04:b9:84:7f:51:
ec:45:26:66:16:72:9f:d7:38:9f:d9:40:21:94:de:
46:c6:0e:79:ea:50:6d:57:e6:eb:a0:2f:98:58:49:
3e:56:8c:2d:84:9f:7c:eb:ec:0b:bc:24:2e:13:67:
61:25:7a:d7:08:56:2a:3e:eb:3d:4f:da:c8:9f:4c:
ba:99:17:24:b7:27:87:d4:5f:db:b5:cf:cc:cd:a7:
3a:3d:13:4c:90:4b:ef:ee:4e:78:88:92:15:af:9a:
31:6d:b0:86:1e:21:31:50:c9:f5:34:15:02:1c:14:
80:fa:3c:92:b5:bf:5a:fe:2b:18:f1:6b:60:f3:e7:
6c:ae:86:25:bf:6e:c4:44:63:f6:71:20:fc:fe:ed:
b6:36:fb:19:28:41:36:be:9f:03:ea:e2:ff:22:ef:
3b:c0:69:a0:74:22:4f:32:27:51:31:a1:39:51:31:
71:76:8f:7f:13:45:3d:f8:5b:ef:b2:c4:a7:a3:bc:
dc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:2F:7D:66:58:32:FE:58:5A:82:D6:D9:72:9E:54:59:65:19:E2:9B
X509v3 Authority Key Identifier:
keyid:F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/ri99Zlgy_lhagtbZcp5UWWUZ4ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/9JdnPHjvrl9r2AolrOPTw3GT54k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:410:100::/40
Signature Algorithm: sha256WithRSAEncryption
90:9f:5e:70:74:0d:05:c5:5d:0a:04:3a:30:50:26:1c:38:59:
f5:17:f7:f5:10:60:c4:de:02:57:1b:60:fe:e4:f9:00:57:bf:
71:aa:f8:f9:2a:ca:6f:9c:46:5e:6a:ca:35:22:76:ed:d5:bf:
1b:a0:3b:b6:6f:69:e9:79:fa:84:d9:dc:95:da:86:11:70:1d:
63:4e:93:05:51:ab:04:5b:19:1a:c0:67:cc:71:95:5e:eb:c0:
53:6f:84:fe:0a:e5:4f:60:ed:d1:81:00:14:8f:1e:eb:e8:44:
a9:40:1a:a4:4f:70:9e:fc:8e:fe:dc:99:45:ff:0f:0d:be:ec:
98:c8:47:4d:a7:bd:c6:16:39:39:e9:4a:39:c6:a9:ed:3c:00:
8b:08:dc:f6:cc:2f:af:64:3f:7b:c2:79:c7:ba:fd:50:1f:41:
7b:d9:0e:78:6f:25:78:99:fd:02:9f:07:57:42:f2:3b:19:4f:
b9:34:65:63:91:43:f7:f3:41:4f:50:53:ca:4c:7c:60:06:26:
4e:2c:ab:07:4c:d1:2a:97:a1:29:bf:f7:92:79:97:08:11:0c:
61:99:24:63:33:0e:8f:d7:9c:f3:46:32:b2:c6:e2:bc:5e:c1:
e8:81:36:24:0b:8d:a0:ee:4a:88:3c:98:f7:dd:85:f0:27:20:
f9:c0:7f:53
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxaZ9O2KyDzwDERJXnbXPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OTc2NzNjNzhlZmFlNWY2YmQ4MGEyNWFjZTNkM2MzNzE5
M2U3ODkwHhcNMjMwMTAyMDczNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTJmN2Q2NjU4MzJmZTU4NWE4MmQ2ZDk3MjllNTQ1OTY1MTllMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRIfraugDzv62DN+8SfCGRS0Jjp6
CZ4P2t36sKybqloc3GzxYsQtdkQ5WeulzHqr6BqUbUlouyHHS/4WpVrfjRDiu0T7
BLmEf1HsRSZmFnKf1zif2UAhlN5Gxg556lBtV+broC+YWEk+VowthJ986+wLvCQu
E2dhJXrXCFYqPus9T9rIn0y6mRcktyeH1F/btc/Mzac6PRNMkEvv7k54iJIVr5ox
bbCGHiExUMn1NBUCHBSA+jyStb9a/isY8Wtg8+dsroYlv27ERGP2cSD8/u22NvsZ
KEE2vp8D6uL/Iu87wGmgdCJPMidRMaE5UTFxdo9/E0U9+FvvssSno7zcowIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFK4vfWZYMv5YWoLW2XKeVFllGeKbMB8GA1UdIwQY
MBaAFPSXZzx4765fa9gKJazj08Nxk+eJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUpkblBIanZybDlyMkFvbHJPUFR3M0dUNTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kMTM2NTgtYWY3ZS00ZDZlLTgyZWYt
NmUwNjk2ZmVlOGU2LzEvcmk5OVpsZ3lfbGhhZ3RiWmNwNVVXV1VaNHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kMTM2NTgtYWY3ZS00ZDZlLTgyZWYtNmUwNjk2ZmVlOGU2
LzEvOUpkblBIanZybDlyMkFvbHJPUFR3M0dUNTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgEEEAEw
DQYJKoZIhvcNAQELBQADggEBAJCfXnB0DQXFXQoEOjBQJhw4WfUX9/UQYMTeAlcb
YP7k+QBXv3Gq+Pkqym+cRl5qyjUidu3VvxugO7Zvael5+oTZ3JXahhFwHWNOkwVR
qwRbGRrAZ8xxlV7rwFNvhP4K5U9g7dGBABSPHuvoRKlAGqRPcJ78jv7cmUX/Dw2+
7JjIR02nvcYWOTnpSjnGqe08AIsI3PbML69kP3vCece6/VAfQXvZDnhvJXiZ/QKf
B1dC8jsZT7k0ZWORQ/fzQU9QU8pMfGAGJk4sqwdM0SqXoSm/95J5lwgRDGGZJGMz
Do/XnPNGMrLG4rxeweiBNiQLjaDuSog8mPfdhfAnIPnAf1M=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:32:54 2025 by rpki-client