Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/3RVUTMSHLlxZRraINx873WWmgB4.roa
File: 3RVUTMSHLlxZRraINx873WWmgB4.roa (raw, json)
Hash identifier: PJxHs3en7+tWmAVouXYRmD/Q110kzfSusbh9cSEHMOw=
Subject key identifier: DD:15:54:4C:C4:87:2E:5C:59:46:B6:88:37:1F:3B:DD:65:A6:80:1E
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246E8F77913B62E68FDC17A90EA177D
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/3RVUTMSHLlxZRraINx873WWmgB4.roa
Signing time: Mon 02 Jan 2023 11:38:47 +0000
ROA not before: Mon 02 Jan 2023 11:38:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213234
IP address blocks: 2a0c:9a40:8a00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:e8:f7:79:13:b6:2e:68:fd:c1:7a:90:ea:17:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd15544cc4872e5c5946b688371f3bdd65a6801e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e7:c2:0a:ca:1f:05:52:89:7d:45:d1:89:31:
ae:52:20:b1:c1:77:cb:bc:6d:90:23:e9:64:0a:17:
97:af:ad:63:29:6b:46:6d:38:bb:2a:39:42:14:34:
9b:b8:cd:49:64:d8:2a:f4:dd:8e:40:9b:f4:80:64:
ba:0a:21:b0:66:2f:4c:5a:90:93:f9:84:ee:4b:24:
2d:98:ef:b7:10:4f:e9:b6:22:12:16:25:60:1e:48:
63:41:ed:60:1c:70:5a:06:aa:9a:6c:cd:e9:ea:5c:
4a:13:32:48:e9:39:9b:f5:82:41:24:06:04:3e:5e:
1b:4f:72:fe:a1:67:5e:1d:04:03:28:1e:f8:3e:07:
23:c2:66:58:05:cb:1f:35:e1:1a:a4:7e:47:b2:f6:
ca:71:a8:3f:09:9b:fc:59:3c:5a:be:49:0e:a4:fa:
35:4f:f8:49:b4:6a:c6:c8:fd:2a:9e:70:e6:56:f8:
75:36:2d:17:0e:85:a0:95:ed:99:26:dd:08:93:e9:
54:df:27:1f:7c:c9:40:8d:0c:6c:34:36:1d:a9:18:
34:4c:4f:60:9a:67:7d:f2:db:d5:fd:94:c9:d8:cc:
48:d2:79:3f:0a:9f:04:46:2d:3f:ac:93:4d:a2:70:
06:53:2d:67:6a:c3:cb:bd:dc:1c:f1:5f:e9:79:f6:
f0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:15:54:4C:C4:87:2E:5C:59:46:B6:88:37:1F:3B:DD:65:A6:80:1E
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/3RVUTMSHLlxZRraINx873WWmgB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8a00::/48
Signature Algorithm: sha256WithRSAEncryption
27:e6:02:cf:86:a1:2b:86:93:00:d7:ac:03:c7:43:97:d0:77:
51:8c:83:29:70:0a:2f:62:99:6d:e2:8d:ef:a9:4d:d0:2a:76:
87:59:3e:db:a6:01:89:ea:b1:3b:db:ce:2a:36:07:46:07:8b:
45:bd:22:8c:35:9c:d7:fb:6c:b1:1f:5a:1e:99:ff:d5:57:84:
7d:29:b6:43:98:a3:bd:91:7e:b2:e1:5d:e8:07:ad:32:a2:d9:
50:86:34:1a:b9:b0:68:f1:4c:4d:b1:15:cf:41:bc:20:17:8e:
aa:35:ab:b9:47:e3:f8:de:16:7c:ee:0b:96:17:c3:6b:71:b0:
3c:9d:c1:f7:55:0b:45:4d:ce:a5:5e:c8:4a:16:68:c3:3d:59:
bd:0e:3d:c3:ae:eb:a9:4b:55:d8:ba:b5:98:8f:40:c5:09:b1:
d2:53:f5:8c:ff:c8:03:3a:b8:30:0a:b7:22:c4:29:12:32:4d:
dc:e5:28:d9:3a:2e:91:20:bc:d3:09:74:7f:26:78:e5:a3:74:
31:6a:7a:90:89:ab:fe:e8:7a:bc:53:5b:6c:e8:38:89:79:69:
91:7c:17:8a:de:08:dd:66:03:5d:9b:f0:ff:33:05:73:91:6c:
d2:fb:56:d0:84:38:81:3d:42:51:7c:7d:41:3b:2d:ad:03:0e:
32:79:9d:59
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRuj3eRO2Lmj9wXqQ6hd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDE1NTQ0Y2M0ODcyZTVjNTk0NmI2ODgzNzFmM2JkZDY1YTY4MDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+fCCsofBVKJfUXRiTGuUiCxwXfL
vG2QI+lkCheXr61jKWtGbTi7KjlCFDSbuM1JZNgq9N2OQJv0gGS6CiGwZi9MWpCT
+YTuSyQtmO+3EE/ptiISFiVgHkhjQe1gHHBaBqqabM3p6lxKEzJI6Tmb9YJBJAYE
Pl4bT3L+oWdeHQQDKB74PgcjwmZYBcsfNeEapH5HsvbKcag/CZv8WTxavkkOpPo1
T/hJtGrGyP0qnnDmVvh1Ni0XDoWgle2ZJt0Ik+lU3ycffMlAjQxsNDYdqRg0TE9g
mmd98tvV/ZTJ2MxI0nk/Cp8ERi0/rJNNonAGUy1nasPLvdwc8V/pefbwZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN0VVEzEhy5cWUa2iDcfO91lpoAeMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvM1JWVVRNU0hMbHhaUnJhSU54ODczV1dtZ0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIoA
MA0GCSqGSIb3DQEBCwUAA4IBAQAn5gLPhqErhpMA16wDx0OX0HdRjIMpcAovYplt
4o3vqU3QKnaHWT7bpgGJ6rE7284qNgdGB4tFvSKMNZzX+2yxH1oemf/VV4R9KbZD
mKO9kX6y4V3oB60yotlQhjQaubBo8UxNsRXPQbwgF46qNau5R+P43hZ87guWF8Nr
cbA8ncH3VQtFTc6lXshKFmjDPVm9Dj3DruupS1XYurWYj0DFCbHSU/WM/8gDOrgw
CrcixCkSMk3c5SjZOi6RILzTCXR/Jnjlo3QxanqQiav+6Hq8U1ts6DiJeWmRfBeK
3gjdZgNdm/D/MwVzkWzS+1bQhDiBPUJRfH1BOy2tAw4yeZ1Z
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:57:46 2025 by rpki-client