Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/wrc3ozVntu5-hyhInQ7teEWTkxE.roa
File: wrc3ozVntu5-hyhInQ7teEWTkxE.roa (raw, json)
Hash identifier: GKLb+jNnDCkZDcGkcc1lnYeovxSAmwmu1SYssl8pH2o=
Subject key identifier: C2:B7:37:A3:35:67:B6:EE:7E:87:28:48:9D:0E:ED:78:45:93:93:11
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 275A5F42
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/wrc3ozVntu5-hyhInQ7teEWTkxE.roa
Signing time: Sat 01 Jan 2022 14:02:22 +0000
ROA not before: Sat 01 Jan 2022 14:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48011
IP address blocks: 2a01:4ac0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 660234050 (0x275a5f42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jan 1 14:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2b737a33567b6ee7e8728489d0eed7845939311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:08:76:89:f4:45:0e:c3:b3:24:71:dd:7f:0c:
57:5d:32:33:d4:93:31:0e:31:1b:92:af:20:70:a4:
d7:08:11:99:4d:81:ee:46:a6:ca:a0:59:5b:cf:de:
3f:f7:fb:0f:7c:18:8c:7e:3f:1d:d2:ce:25:7d:1a:
88:c8:fb:4e:8d:cf:e3:b2:65:f3:61:76:65:5d:5f:
01:70:be:57:46:c3:24:d0:d9:1c:fb:15:a3:30:a3:
49:d2:2f:9a:75:31:e1:9f:e7:f1:6c:84:14:5f:6e:
6c:5a:b7:2e:c4:6b:54:a0:22:20:7d:61:59:78:95:
de:a2:0b:3d:54:8e:97:e8:a9:7a:7c:79:5b:66:99:
ec:58:9e:1c:74:e9:5e:44:05:5f:1c:48:7f:8c:e9:
d9:d2:47:56:f6:d3:8b:8a:8f:5d:ff:a7:0a:08:00:
d3:78:79:3e:3d:2d:50:68:51:a9:d7:65:0f:f8:2b:
85:7d:66:b5:45:d8:ab:48:09:85:5d:c6:64:fc:29:
f6:c3:86:7e:bc:5e:4e:f0:eb:1c:41:d4:3f:ad:0b:
5a:25:0f:0f:00:40:5a:6e:69:7d:08:9c:66:a6:fb:
6a:c6:79:50:7c:45:59:f0:a3:1b:ea:3c:24:23:a7:
32:a3:a8:b1:83:7f:98:5f:dd:9e:ea:7d:5a:f8:85:
60:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B7:37:A3:35:67:B6:EE:7E:87:28:48:9D:0E:ED:78:45:93:93:11
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/wrc3ozVntu5-hyhInQ7teEWTkxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:4ac0::/48
Signature Algorithm: sha256WithRSAEncryption
5e:de:de:ef:3d:88:45:46:fc:6e:62:ef:05:31:4a:9e:43:42:
17:4c:16:21:c3:56:6b:cd:41:5d:05:b0:0d:5f:85:c8:b1:4e:
09:19:21:25:32:53:77:a8:c2:bf:0e:51:3a:2a:c1:81:a4:0f:
d0:e6:6a:87:e3:db:c9:78:37:ea:3b:32:28:39:81:72:e3:46:
dc:04:70:82:43:6b:4d:e3:13:a4:c5:0f:3a:d2:1e:6c:bb:45:
6d:0a:12:90:bc:d4:93:cd:03:35:dc:5f:39:ef:f4:bc:de:d0:
5e:77:fe:fc:c6:8a:6d:21:d1:fb:08:e0:55:4e:66:f6:f9:51:
fa:38:f7:05:22:d2:d2:b7:af:57:a9:1e:f1:f9:b2:27:7b:4d:
d3:1f:ed:03:76:55:5a:bc:0b:08:df:c5:db:8b:0d:f2:26:ae:
b8:aa:92:55:da:8b:4d:61:8d:bb:27:70:3a:b3:82:a7:e9:72:
93:80:11:a5:cf:e7:f8:96:2d:2a:7e:a0:33:1b:d6:23:ea:6b:
79:88:cc:d2:b6:35:ce:a0:fe:ac:84:2a:8b:73:f8:e1:d4:30:
65:23:80:d2:cb:1d:99:49:93:3e:0c:ab:e7:ec:32:d2:e9:d7:
6d:ac:b7:8a:10:be:85:ec:e4:d7:4b:5f:6f:38:88:7d:19:fd:
5f:a2:3b:b6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEJ1pfQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NmMxNjdkZmE5ODgyYjJhYThmODQ1OTVmNThhOTdjMzA1Y2E0M2M1MB4XDTIyMDEw
MTE0MDIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJiNzM3YTMzNTY3
YjZlZTdlODcyODQ4OWQwZWVkNzg0NTkzOTMxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8Idon0RQ7DsyRx3X8MV10yM9STMQ4xG5KvIHCk1wgRmU2B
7kamyqBZW8/eP/f7D3wYjH4/HdLOJX0aiMj7To3P47Jl82F2ZV1fAXC+V0bDJNDZ
HPsVozCjSdIvmnUx4Z/n8WyEFF9ubFq3LsRrVKAiIH1hWXiV3qILPVSOl+ipenx5
W2aZ7FieHHTpXkQFXxxIf4zp2dJHVvbTi4qPXf+nCggA03h5Pj0tUGhRqddlD/gr
hX1mtUXYq0gJhV3GZPwp9sOGfrxeTvDrHEHUP60LWiUPDwBAWm5pfQicZqb7asZ5
UHxFWfCjG+o8JCOnMqOosYN/mF/dnup9WviFYAsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTCtzejNWe27n6HKEidDu14RZOTETAfBgNVHSMEGDAWgBS2wWffqYgrKqj4
RZX1ipfDBcpDxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RzRm4zNm1JS3lxby1FV1Y5WXFYd3dYS1E4VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvNzNiZWViLTZhMDUtNGNjYS04NmJlLWFjZmMzZDJjMjUyMi8x
L3dyYzNvelZudHU1LWh5aEluUTd0ZUVXVGt4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
NzNiZWViLTZhMDUtNGNjYS04NmJlLWFjZmMzZDJjMjUyMi8xL3RzRm4zNm1JS3lx
by1FV1Y5WXFYd3dYS1E4VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBSsAAADANBgkqhkiG9w0BAQsF
AAOCAQEAXt7e7z2IRUb8bmLvBTFKnkNCF0wWIcNWa81BXQWwDV+FyLFOCRkhJTJT
d6jCvw5ROirBgaQP0OZqh+PbyXg36jsyKDmBcuNG3ARwgkNrTeMTpMUPOtIebLtF
bQoSkLzUk80DNdxfOe/0vN7QXnf+/MaKbSHR+wjgVU5m9vlR+jj3BSLS0revV6ke
8fmyJ3tN0x/tA3ZVWrwLCN/F24sN8iauuKqSVdqLTWGNuydwOrOCp+lyk4ARpc/n
+JYtKn6gMxvWI+preYjM0rY1zqD+rIQqi3P44dQwZSOA0ssdmUmTPgyr5+wy0unX
bay3ihC+hezk10tfbziIfRn9X6I7tg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:05 2025 by rpki-client