Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/21cd77-1eca-46b9-9aba-f74cccc4e0a1/1/aOnIPrm9Et03qFmHxtnUZkdqj3A.roa
File: aOnIPrm9Et03qFmHxtnUZkdqj3A.roa (raw, json)
Hash identifier: 8voVmhUf+mBensa6EFeoG3KO84+/fa4pTGjBVrvWf2s=
Subject key identifier: 68:E9:C8:3E:B9:BD:12:DD:37:A8:59:87:C6:D9:D4:66:47:6A:8F:70
Certificate issuer: /CN=ea846006cf8b9e388f31451358092502cecc1136
Certificate serial: 1F40C1
Authority key identifier: EA:84:60:06:CF:8B:9E:38:8F:31:45:13:58:09:25:02:CE:CC:11:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6oRgBs-LnjiPMUUTWAklAs7METY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/21cd77-1eca-46b9-9aba-f74cccc4e0a1/1/aOnIPrm9Et03qFmHxtnUZkdqj3A.roa
Signing time: Fri 04 Feb 2022 11:28:47 +0000
ROA not before: Fri 04 Feb 2022 11:28:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44486
IP address blocks: 2a06:8ac0::/45 maxlen: 45
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2048193 (0x1f40c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea846006cf8b9e388f31451358092502cecc1136
Validity
Not Before: Feb 4 11:28:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68e9c83eb9bd12dd37a85987c6d9d466476a8f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3b:f0:88:e4:1e:e0:47:ae:d2:4c:0e:a0:fc:
5b:bb:39:e0:e2:ac:dc:db:05:4b:57:20:f1:fb:3a:
31:3f:10:ec:65:16:8c:99:87:15:5c:be:92:ab:bb:
f7:26:83:fa:f2:ae:31:61:24:f7:3e:77:d1:e3:25:
c1:c1:85:80:08:d7:98:5a:fa:17:a3:f7:a6:c0:10:
8d:e7:a9:5e:22:68:33:5d:fe:42:26:a7:6e:83:e5:
b1:1e:24:e0:0c:49:26:b7:be:2b:f2:a9:84:d6:f9:
94:34:ea:30:26:87:13:29:d0:2d:93:f6:8a:a1:48:
df:db:2a:8f:1c:60:5f:8e:6a:c8:f4:bc:8b:d9:1c:
c0:a4:57:2d:00:04:e7:55:35:45:78:c0:2c:bb:cb:
3c:2f:72:f7:fc:73:50:cf:5b:f1:f6:72:51:49:79:
7f:77:73:4a:ed:e3:9e:73:69:c9:20:88:69:03:08:
e2:c5:45:52:1f:40:30:e0:38:a0:8f:9f:fc:1e:39:
b3:e9:ec:7d:f9:ce:31:31:d7:3a:d6:5e:06:e2:2d:
07:35:a2:f3:54:f2:14:5e:ef:b5:45:b7:98:83:82:
d8:bc:6b:c0:79:a7:20:3e:1c:e0:aa:62:9b:f2:f7:
f3:d4:23:95:ee:aa:9a:87:5a:bd:28:b5:4b:5c:69:
70:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E9:C8:3E:B9:BD:12:DD:37:A8:59:87:C6:D9:D4:66:47:6A:8F:70
X509v3 Authority Key Identifier:
keyid:EA:84:60:06:CF:8B:9E:38:8F:31:45:13:58:09:25:02:CE:CC:11:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6oRgBs-LnjiPMUUTWAklAs7METY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/21cd77-1eca-46b9-9aba-f74cccc4e0a1/1/aOnIPrm9Et03qFmHxtnUZkdqj3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/21cd77-1eca-46b9-9aba-f74cccc4e0a1/1/6oRgBs-LnjiPMUUTWAklAs7METY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:8ac0::/45
Signature Algorithm: sha256WithRSAEncryption
3d:da:eb:2e:02:3e:16:2f:5d:10:92:46:2a:ba:7b:9f:5e:1a:
c5:44:62:8a:a4:22:bc:38:8c:a1:2e:55:42:24:03:82:2f:69:
52:ca:e0:7b:e9:c5:c6:33:dd:74:fe:2e:f8:ee:e5:be:62:df:
82:44:fb:4c:a4:32:7e:f4:06:6c:20:99:58:5a:4d:7c:55:49:
9a:14:3f:9e:5d:8c:b8:d6:94:6e:71:05:c6:74:02:d2:e8:b7:
75:bc:b5:3d:71:98:b3:23:21:a2:4d:c7:34:86:b9:0c:57:3a:
59:06:9a:15:6d:d0:03:d5:fb:c3:52:f9:4f:e6:bb:c6:07:4e:
88:58:2e:d0:64:63:70:8d:be:d2:7f:f4:bb:34:a2:db:cb:4f:
ee:f1:57:45:fa:6a:b1:fd:e8:31:38:74:9c:86:f7:96:78:45:
a2:4d:c7:07:b0:61:33:77:54:cf:f5:7e:1b:16:7c:5c:d8:fa:
ed:9d:15:f3:e2:5b:f8:49:43:39:d2:31:e4:88:82:43:a5:86:
2f:7d:d4:43:00:4f:ee:e2:15:eb:f8:bc:11:e6:7e:ea:fd:72:
12:3f:ce:61:6e:ba:2f:93:77:d3:00:80:13:66:90:40:8f:5f:
38:f4:d9:ca:87:f6:4d:53:63:2f:32:6c:77:96:dd:4e:14:8a:
c4:ed:d1:0c
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDH0DBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVh
ODQ2MDA2Y2Y4YjllMzg4ZjMxNDUxMzU4MDkyNTAyY2VjYzExMzYwHhcNMjIwMjA0
MTEyODQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2OGU5YzgzZWI5YmQx
MmRkMzdhODU5ODdjNmQ5ZDQ2NjQ3NmE4ZjcwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2jvwiOQe4Eeu0kwOoPxbuzng4qzc2wVLVyDx+zoxPxDsZRaM
mYcVXL6Sq7v3JoP68q4xYST3PnfR4yXBwYWACNeYWvoXo/emwBCN56leImgzXf5C
Jqdug+WxHiTgDEkmt74r8qmE1vmUNOowJocTKdAtk/aKoUjf2yqPHGBfjmrI9LyL
2RzApFctAATnVTVFeMAsu8s8L3L3/HNQz1vx9nJRSXl/d3NK7eOec2nJIIhpAwji
xUVSH0Aw4Digj5/8Hjmz6ex9+c4xMdc61l4G4i0HNaLzVPIUXu+1RbeYg4LYvGvA
eacgPhzgqmKb8vfz1COV7qqah1q9KLVLXGlwyQIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFGjpyD65vRLdN6hZh8bZ1GZHao9wMB8GA1UdIwQYMBaAFOqEYAbPi544jzFF
E1gJJQLOzBE2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Nm9SZ0JzLUxuamlQTVVVVFdBa2xBczdNRVRZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wMi8yMWNkNzctMWVjYS00NmI5LTlhYmEtZjc0Y2NjYzRlMGExLzEv
YU9uSVBybTlFdDAzcUZtSHh0blVaa2RxajNBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8y
MWNkNzctMWVjYS00NmI5LTlhYmEtZjc0Y2NjYzRlMGExLzEvNm9SZ0JzLUxuamlQ
TVVVVFdBa2xBczdNRVRZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKgaKwAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQA92usuAj4WL10QkkYqunufXhrFRGKKpCK8OIyhLlVCJAOCL2lSyuB76cXG
M910/i747uW+Yt+CRPtMpDJ+9AZsIJlYWk18VUmaFD+eXYy41pRucQXGdALS6Ld1
vLU9cZizIyGiTcc0hrkMVzpZBpoVbdAD1fvDUvlP5rvGB06IWC7QZGNwjb7Sf/S7
NKLby0/u8VdF+mqx/egxOHSchveWeEWiTccHsGEzd1TP9X4bFnxc2PrtnRXz4lv4
SUM50jHkiIJDpYYvfdRDAE/u4hXr+LwR5n7q/XISP85hbrovk3fTAIATZpBAj184
9NnKh/ZNU2MvMmx3lt1OFIrE7dEM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:14 2025 by rpki-client