Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/S8QDUe7Un-h-gJu5QONZiJw0SfM.roa
File: S8QDUe7Un-h-gJu5QONZiJw0SfM.roa (raw, json)
Hash identifier: FmPScxcch/7vwVAh3J2x/oYxcyCWBr9pQrCeyYovW/Y=
Subject key identifier: 4B:C4:03:51:EE:D4:9F:E8:7E:80:9B:B9:40:E3:59:88:9C:34:49:F3
Certificate issuer: /CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Certificate serial: 02E5EE55
Authority key identifier: 4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/S8QDUe7Un-h-gJu5QONZiJw0SfM.roa
Signing time: Sat 01 Jan 2022 04:55:22 +0000
ROA not before: Sat 01 Jan 2022 04:55:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16347
IP address blocks: 2a0b:95c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48623189 (0x2e5ee55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Validity
Not Before: Jan 1 04:55:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bc40351eed49fe87e809bb940e359889c3449f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8c:73:62:2a:8d:b9:e7:24:3b:fd:44:2b:af:
c1:05:c5:50:d1:db:b2:37:0d:34:29:8f:a0:90:6e:
9e:31:57:60:05:71:d2:8d:7e:e7:c6:3f:af:de:52:
9c:7c:0f:fb:b1:5e:02:cd:71:95:67:d3:36:10:ac:
f6:8d:da:b6:0d:bd:32:f3:51:ff:5b:97:82:17:11:
f9:1e:93:5a:6f:f8:6e:91:21:4b:77:42:c3:3b:f2:
7b:24:ef:c0:71:96:9c:9b:45:37:5e:5d:16:70:8f:
1e:03:93:44:f9:07:4d:0e:83:d1:e8:71:13:ba:85:
1d:f3:ff:e2:2d:a7:cc:83:9a:70:3e:fe:7c:7f:a2:
6a:27:47:ea:84:f1:6b:ee:d0:c9:b4:00:7d:7f:5c:
b4:03:c3:43:00:8e:b4:3e:7d:6d:65:55:c9:c9:f1:
96:91:61:18:49:e7:b5:5c:95:ef:51:02:ff:81:c1:
dd:d1:23:3c:1e:2a:1a:92:54:10:78:28:72:4d:88:
22:dc:e6:d7:c9:65:ed:49:e5:25:48:e1:42:96:8b:
91:aa:4c:b9:f6:5f:d6:4d:3a:99:ae:9d:d3:d2:d8:
79:d4:6a:da:7f:38:52:62:2b:95:a8:d9:db:50:91:
3b:2d:c7:ab:3d:cd:5a:13:4c:e3:1b:fb:1d:f5:5e:
5b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C4:03:51:EE:D4:9F:E8:7E:80:9B:B9:40:E3:59:88:9C:34:49:F3
X509v3 Authority Key Identifier:
keyid:4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/S8QDUe7Un-h-gJu5QONZiJw0SfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:95c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
4a:cd:5d:45:55:62:74:be:bc:ef:34:e1:02:89:4d:ea:d0:3f:
39:95:65:b3:7c:65:4c:9f:13:6d:89:e2:02:e2:27:03:ee:ec:
9a:01:a8:ed:3c:f6:8d:3f:d1:15:9c:a2:c1:8f:1a:31:d2:24:
e7:74:00:2a:63:c5:13:3c:80:e9:3f:51:9b:3c:f6:41:ba:20:
aa:1a:45:b2:06:a7:42:fa:dd:71:da:28:cb:70:a3:96:65:c9:
1f:e8:57:86:15:fc:81:22:29:0f:ac:fb:1e:62:8c:0f:b9:60:
12:6b:02:67:e0:a5:a8:5c:24:a5:e8:a5:1b:54:c8:6f:70:6c:
b6:f8:cd:a2:4d:e7:24:fb:c1:2c:2d:2d:eb:a3:ad:0f:df:04:
aa:12:a3:fd:e2:8a:94:37:2c:dc:ce:09:fc:30:ec:48:f1:00:
d3:bf:ef:5b:43:05:49:26:23:48:6b:2e:79:9a:40:b8:5f:09:
8a:18:14:c1:73:eb:64:96:2b:49:ca:21:0b:bd:ea:5a:8a:43:
de:86:5e:7f:36:24:c5:e4:b6:99:d6:f2:b5:b4:77:8a:a7:7c:
53:6f:60:c9:08:40:0a:ee:aa:9a:27:b4:9b:87:b0:af:8e:5b:
16:63:8d:1a:c3:12:4d:7d:9a:a0:6a:6d:11:52:f8:95:a8:df:
1a:83:a3:1a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAuXuVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTIxYzkxYjYzYmJiZGE4ODA0YTc0OWYzZDYxMGU4YjIxN2Y5YjczMB4XDTIyMDEw
MTA0NTUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJjNDAzNTFlZWQ0
OWZlODdlODA5YmI5NDBlMzU5ODg5YzM0NDlmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqMc2IqjbnnJDv9RCuvwQXFUNHbsjcNNCmPoJBunjFXYAVx
0o1+58Y/r95SnHwP+7FeAs1xlWfTNhCs9o3atg29MvNR/1uXghcR+R6TWm/4bpEh
S3dCwzvyeyTvwHGWnJtFN15dFnCPHgOTRPkHTQ6D0ehxE7qFHfP/4i2nzIOacD7+
fH+iaidH6oTxa+7QybQAfX9ctAPDQwCOtD59bWVVycnxlpFhGEnntVyV71EC/4HB
3dEjPB4qGpJUEHgock2IItzm18ll7UnlJUjhQpaLkapMufZf1k06ma6d09LYedRq
2n84UmIrlajZ21CROy3Hqz3NWhNM4xv7HfVeW28CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRLxANR7tSf6H6Am7lA41mInDRJ8zAfBgNVHSMEGDAWgBRKIckbY7u9qIBK
dJ89YQ6LIX+bczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NpSEpHMk83dmFpQVNuU2ZQV0VPaXlGX20zTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvNmU4Y2EwLWNkNDAtNDZmZC04ZWU0LTQ3ZmJlNGM0YTRmZC8x
L1M4UURVZTdVbi1oLWdKdTVRT05aaUp3MFNmTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
NmU4Y2EwLWNkNDAtNDZmZC04ZWU0LTQ3ZmJlNGM0YTRmZC8xL1NpSEpHMk83dmFp
QVNuU2ZQV0VPaXlGX20zTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLlcAAATANBgkqhkiG9w0BAQsF
AAOCAQEASs1dRVVidL687zThAolN6tA/OZVls3xlTJ8TbYniAuInA+7smgGo7Tz2
jT/RFZyiwY8aMdIk53QAKmPFEzyA6T9Rmzz2QbogqhpFsganQvrdcdooy3CjlmXJ
H+hXhhX8gSIpD6z7HmKMD7lgEmsCZ+ClqFwkpeilG1TIb3BstvjNok3nJPvBLC0t
66OtD98EqhKj/eKKlDcs3M4J/DDsSPEA07/vW0MFSSYjSGsueZpAuF8JihgUwXPr
ZJYrScohC73qWopD3oZefzYkxeS2mdbytbR3iqd8U29gyQhACu6qmie0m4ewr45b
FmONGsMSTX2aoGptEVL4lajfGoOjGg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:59:49 2025 by rpki-client