Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/xn_G1-4f_vBaki5h6Tyk-Ge6Sdg.roa
File: xn_G1-4f_vBaki5h6Tyk-Ge6Sdg.roa (raw, json)
Hash identifier: uxuMbfZuQj+ywuavZREEGod/rPwt+8Ct2dmmKnsXoT4=
Subject key identifier: C6:7F:C6:D7:EE:1F:FE:F0:5A:92:2E:61:E9:3C:A4:F8:67:BA:49:D8
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 3E243CAD
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/xn_G1-4f_vBaki5h6Tyk-Ge6Sdg.roa
Signing time: Wed 30 Mar 2022 09:01:48 +0000
ROA not before: Wed 30 Mar 2022 09:01:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398106
IP address blocks: 2a01:488:bb1a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1042562221 (0x3e243cad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Mar 30 09:01:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c67fc6d7ee1ffef05a922e61e93ca4f867ba49d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:8f:aa:bc:07:1b:27:34:26:6c:45:f7:a8:21:
4f:f9:ee:d9:69:2f:9a:7c:d1:39:68:a3:78:8a:07:
58:2a:20:10:8a:a0:6e:bd:27:88:02:a8:64:7a:88:
54:53:ad:bf:d6:bc:5e:94:39:f0:6b:7e:cf:bd:5f:
41:bf:4d:22:20:eb:31:01:77:ef:15:24:d4:43:cd:
3f:71:f5:09:62:67:d3:e5:b6:84:4d:17:c8:01:43:
15:51:4a:fe:22:70:c1:bb:ce:cc:ce:7c:9b:bf:32:
28:a0:9f:af:3a:8e:0c:0e:0b:43:62:10:8f:80:1b:
83:70:91:3a:19:0a:99:6e:1b:a6:ac:43:43:d5:77:
3d:fe:3b:8a:68:6e:77:d5:6b:b8:a3:bd:7e:11:98:
a8:7c:62:34:86:1b:49:bb:4c:22:00:67:01:5e:24:
46:44:f6:96:27:f5:61:12:23:e7:97:e9:3c:f4:dc:
2e:f0:a4:82:c2:8b:d7:13:a7:dd:ab:0f:11:b5:14:
98:71:17:f6:64:8d:a7:48:7e:a7:ab:88:8a:0a:2d:
8d:e5:85:1e:f1:f3:2b:76:e8:b3:de:aa:d2:01:fe:
15:94:4e:cc:ae:10:d3:1e:01:57:90:48:fd:fe:f8:
c4:f7:03:f4:d7:23:9a:0a:ba:be:6a:c2:7e:dd:3c:
41:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:7F:C6:D7:EE:1F:FE:F0:5A:92:2E:61:E9:3C:A4:F8:67:BA:49:D8
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/xn_G1-4f_vBaki5h6Tyk-Ge6Sdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb1a::/48
Signature Algorithm: sha256WithRSAEncryption
5a:1e:e8:4a:51:a0:82:55:b7:41:9a:c4:ac:5a:c1:dd:d3:30:
57:c8:8b:bf:7f:8a:7a:c6:6c:a2:bb:96:da:d2:45:34:d1:e6:
a4:02:3b:fd:43:96:02:a4:1b:c3:44:ce:ef:64:ea:1b:14:6d:
28:46:8f:4f:6f:12:29:10:ec:73:c2:9d:9c:21:f1:e5:53:7a:
af:38:89:82:59:46:65:21:22:7c:92:11:6f:75:60:c0:a2:79:
ca:c2:79:1b:6e:8a:46:16:a6:11:2e:50:0f:31:fc:25:b8:88:
fb:9d:4f:31:32:31:11:a6:d9:28:0c:55:87:df:fc:30:5a:f6:
e1:fa:70:3d:85:b8:76:02:6b:3b:48:4d:6b:48:0e:12:f5:e1:
ec:bf:f6:f9:2e:6b:87:74:36:2d:98:53:f5:23:92:68:da:26:
c7:19:6b:f4:43:b6:7e:0a:19:21:18:b6:12:ea:3f:c6:55:03:
8c:6a:94:4b:3e:d8:0b:4c:a0:91:a3:b6:b2:11:e8:c5:f0:91:
58:23:e9:06:fc:58:45:17:5a:d4:7a:dd:ba:77:3b:aa:29:98:
ac:06:39:74:62:03:38:59:d4:10:7b:46:97:76:95:38:74:00:
dd:48:ba:a4:0c:2b:a7:47:e6:40:86:57:6a:95:93:9a:13:d2:
b5:d8:02:7c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEPiQ8rTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTZlZDBmYjdiMzIwODMyYWMxNTgwNTM0YzdiMjYzZjMwNGU5ODFiMB4XDTIyMDMz
MDA5MDE0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY3ZmM2ZDdlZTFm
ZmVmMDVhOTIyZTYxZTkzY2E0Zjg2N2JhNDlkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOuPqrwHGyc0JmxF96ghT/nu2WkvmnzROWijeIoHWCogEIqg
br0niAKoZHqIVFOtv9a8XpQ58Gt+z71fQb9NIiDrMQF37xUk1EPNP3H1CWJn0+W2
hE0XyAFDFVFK/iJwwbvOzM58m78yKKCfrzqODA4LQ2IQj4Abg3CROhkKmW4bpqxD
Q9V3Pf47imhud9VruKO9fhGYqHxiNIYbSbtMIgBnAV4kRkT2lif1YRIj55fpPPTc
LvCkgsKL1xOn3asPEbUUmHEX9mSNp0h+p6uIigotjeWFHvHzK3bos96q0gH+FZRO
zK4Q0x4BV5BI/f74xPcD9Ncjmgq6vmrCft08Qd0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTGf8bX7h/+8FqSLmHpPKT4Z7pJ2DAfBgNVHSMEGDAWgBS6btD7ezIIMqwV
gFNMeyY/ME6YGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtN1EtM3N5Q0RLc0ZZQlRUSHNtUHpCT21Ccy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvNDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8x
L3huX0cxLTRmX3ZCYWtpNWg2VHlrLUdlNlNkZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
NDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8xL3VtN1EtM3N5Q0RL
c0ZZQlRUSHNtUHpCT21Ccy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBIi7GjANBgkqhkiG9w0BAQsF
AAOCAQEAWh7oSlGgglW3QZrErFrB3dMwV8iLv3+KesZsoruW2tJFNNHmpAI7/UOW
AqQbw0TO72TqGxRtKEaPT28SKRDsc8KdnCHx5VN6rziJgllGZSEifJIRb3VgwKJ5
ysJ5G26KRhamES5QDzH8JbiI+51PMTIxEabZKAxVh9/8MFr24fpwPYW4dgJrO0hN
a0gOEvXh7L/2+S5rh3Q2LZhT9SOSaNomxxlr9EO2fgoZIRi2Euo/xlUDjGqUSz7Y
C0ygkaO2shHoxfCRWCPpBvxYRRda1Hrdunc7qimYrAY5dGIDOFnUEHtGl3aVOHQA
3Ui6pAwrp0fmQIZXapWTmhPStdgCfA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:34 2025 by rpki-client