Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/rF3sy3BVye6-ubTmOJH-_zyUXNU.roa
File: rF3sy3BVye6-ubTmOJH-_zyUXNU.roa (raw, json)
Hash identifier: qP6Bivjh1sB1qjCtZpkyPw+rkF4BhoKN4NP9PNGcHRQ=
Subject key identifier: AC:5D:EC:CB:70:55:C9:EE:BE:B9:B4:E6:38:91:FE:FF:3C:94:5C:D5
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246DEF128CB77FFB888E081B50EDA8B
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/rF3sy3BVye6-ubTmOJH-_zyUXNU.roa
Signing time: Mon 02 Jan 2023 11:38:44 +0000
ROA not before: Mon 02 Jan 2023 11:38:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210445
IP address blocks: 2a0c:9a40:821a::/48 maxlen: 48
2a0c:9a40:8210::/44 maxlen: 48
2a0c:9a40:9300::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:de:f1:28:cb:77:ff:b8:88:e0:81:b5:0e:da:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac5deccb7055c9eebeb9b4e63891feff3c945cd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c6:c1:b9:5b:0a:a3:6e:c0:aa:6f:79:11:46:
70:af:b5:50:5b:dd:32:62:da:cf:c5:ce:ab:c4:30:
84:96:8f:7c:a5:20:57:e1:77:b0:70:04:56:33:be:
b0:d0:35:48:4e:a1:84:11:dc:86:1f:2b:ca:9c:4f:
52:85:ad:ac:35:f9:04:ee:f9:0f:86:09:54:d6:14:
6d:ea:05:30:6d:1c:1c:07:10:a4:e3:c7:c4:45:a0:
83:0b:f1:4e:7d:fa:11:68:7d:62:59:73:6c:46:5e:
ec:58:c0:53:e5:fa:75:49:53:37:84:f6:60:2f:e5:
9a:55:33:47:a5:9b:b1:b1:1e:85:6c:d5:fd:a5:4e:
b4:2a:9b:04:3c:a8:f2:75:d0:23:90:27:16:2c:b2:
15:0b:ca:f7:16:fb:29:79:21:e5:cd:bd:59:e1:00:
d7:aa:01:23:93:8d:81:4c:ae:4f:a7:b2:fa:40:f5:
0b:61:ea:55:b1:53:f0:6a:2f:56:ad:67:89:a9:69:
5b:7e:22:09:6f:5f:ba:e9:35:5b:bc:65:91:de:cd:
23:a3:39:a6:19:b3:94:e2:7a:bc:b2:42:bd:37:cb:
34:36:ef:61:04:3b:72:39:08:0c:35:06:0e:39:91:
50:a5:cc:a1:fe:fb:ee:1c:74:3f:a6:13:8e:dd:94:
f0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:5D:EC:CB:70:55:C9:EE:BE:B9:B4:E6:38:91:FE:FF:3C:94:5C:D5
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/rF3sy3BVye6-ubTmOJH-_zyUXNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8210::/44
2a0c:9a40:9300::/40
Signature Algorithm: sha256WithRSAEncryption
9d:6a:6d:a2:57:0d:d1:cf:02:c4:67:6e:9b:be:3b:70:37:80:
29:88:64:a2:c5:f2:b1:3e:ef:42:9d:0c:12:19:1b:04:f2:b7:
a1:4c:6d:81:1f:90:31:91:65:2d:83:fa:f9:be:f8:2f:9d:b0:
a0:9d:9a:c3:9a:78:71:60:54:d7:4b:6c:c3:50:05:ba:78:19:
64:fe:b8:4e:16:dc:0e:4b:b4:75:3e:31:7b:bf:08:b3:b5:69:
34:ce:e1:b0:3d:ea:c4:bb:9d:30:3c:a2:e1:4a:f8:73:b2:54:
0a:f7:b7:f6:ff:e5:84:62:49:48:dd:39:58:b9:30:10:72:04:
f7:9e:09:78:b5:12:97:d0:a3:cb:c0:9a:f4:9f:f8:5e:5b:ea:
37:14:8e:96:ea:eb:e6:df:90:63:26:81:a1:f6:20:a4:61:47:
fd:d1:62:3a:79:39:bf:a5:c5:1c:9f:58:8f:7c:e4:4c:cf:06:
de:14:d4:d0:bc:27:67:dd:05:df:02:4c:4e:c1:bc:f8:19:83:
54:5f:5a:45:0a:75:59:33:80:79:34:e9:53:e5:df:d1:45:f8:
9f:f9:06:ac:a6:87:d6:1a:a0:e0:6f:5d:a9:d7:48:2f:a9:85:
8a:b5:c7:41:70:e5:ef:a5:cc:a9:63:18:c6:d1:44:c9:ef:7e:
84:28:b3:41
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVyRt7xKMt3/7iI4IG1DtqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzVkZWNjYjcwNTVjOWVlYmViOWI0ZTYzODkxZmVmZjNjOTQ1Y2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisbBuVsKo27Aqm95EUZwr7VQW90y
YtrPxc6rxDCElo98pSBX4XewcARWM76w0DVITqGEEdyGHyvKnE9Sha2sNfkE7vkP
hglU1hRt6gUwbRwcBxCk48fERaCDC/FOffoRaH1iWXNsRl7sWMBT5fp1SVM3hPZg
L+WaVTNHpZuxsR6FbNX9pU60KpsEPKjyddAjkCcWLLIVC8r3FvspeSHlzb1Z4QDX
qgEjk42BTK5Pp7L6QPULYepVsVPwai9WrWeJqWlbfiIJb1+66TVbvGWR3s0jozmm
GbOU4nq8skK9N8s0Nu9hBDtyOQgMNQYOOZFQpcyh/vvuHHQ/phOO3ZTwTwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFKxd7MtwVcnuvrm05jiR/v88lFzVMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvckYzc3kzQlZ5ZTYtdWJUbU9KSC1fenlVWE5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKgyaQIIQ
AwYAKgyaQJMwDQYJKoZIhvcNAQELBQADggEBAJ1qbaJXDdHPAsRnbpu+O3A3gCmI
ZKLF8rE+70KdDBIZGwTyt6FMbYEfkDGRZS2D+vm++C+dsKCdmsOaeHFgVNdLbMNQ
Bbp4GWT+uE4W3A5LtHU+MXu/CLO1aTTO4bA96sS7nTA8ouFK+HOyVAr3t/b/5YRi
SUjdOVi5MBByBPeeCXi1EpfQo8vAmvSf+F5b6jcUjpbq6+bfkGMmgaH2IKRhR/3R
Yjp5Ob+lxRyfWI985EzPBt4U1NC8J2fdBd8CTE7BvPgZg1RfWkUKdVkzgHk06VPl
39FF+J/5Bqymh9YaoOBvXanXSC+phYq1x0Fw5e+lzKljGMbRRMnvfoQos0E=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:15:58 2025 by rpki-client