Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/0z9N9BHuxNubyK4_nKbaFZ4sXRw.roa
File: 0z9N9BHuxNubyK4_nKbaFZ4sXRw.roa (raw, json)
Hash identifier: huVuibnKfK4yPYETEJdDAOxA81J4btIJKRq/QRVMlbI=
Subject key identifier: D3:3F:4D:F4:11:EE:C4:DB:9B:C8:AE:3F:9C:A6:DA:15:9E:2C:5D:1C
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 018392A06780ED389A20BC0A0E672A607AB5
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/0z9N9BHuxNubyK4_nKbaFZ4sXRw.roa
Signing time: Sat 01 Oct 2022 08:18:49 +0000
ROA not before: Sat 01 Oct 2022 08:18:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201364
IP address blocks: 2a05:88c5::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a10:3302::/32 maxlen: 32
2a10:3305::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a10:3301::/32 maxlen: 32
2a05:88c2::/32 maxlen: 32
2a10:3304::/32 maxlen: 32
2a10:3307::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a10:3306::/32 maxlen: 32
2a05:88c0::/32 maxlen: 32
2a10:3303::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
2a10:3300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:92:a0:67:80:ed:38:9a:20:bc:0a:0e:67:2a:60:7a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Oct 1 08:18:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d33f4df411eec4db9bc8ae3f9ca6da159e2c5d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5f:fa:8b:7e:cf:9a:ee:de:82:e0:d4:8c:1e:
69:12:a4:08:ea:20:a5:09:82:16:ae:fa:28:c8:e7:
c3:18:7c:b8:41:29:95:38:6b:ba:07:48:cc:48:ac:
ce:6f:e5:f2:43:37:ff:19:73:6b:f2:50:8b:95:5f:
b1:47:c3:8c:7a:42:fb:0d:36:c8:19:01:4b:96:86:
6a:28:45:c3:35:a8:8e:a2:23:8c:5a:c8:af:91:8e:
06:e9:a1:56:cf:fd:1d:66:f2:e7:16:be:a0:ba:c4:
b1:2d:b7:ab:95:0e:b6:f5:c6:5d:cb:8f:65:63:8d:
90:68:30:e5:4c:7c:4b:2c:c3:16:9a:2a:20:32:46:
a3:20:94:dd:29:5f:91:19:1d:6d:cd:67:ba:36:03:
9a:dd:78:6d:7d:61:28:97:02:1c:7b:e3:a7:4c:2b:
2a:dd:af:fd:e6:aa:a0:57:51:64:37:13:75:f5:b5:
4e:0a:80:4c:08:e0:d9:66:21:f2:d7:91:32:d6:f5:
57:60:a4:72:bc:c5:9f:13:37:fc:75:31:4e:55:7f:
08:a3:93:45:1b:0b:3c:d5:86:0e:ef:d7:bd:35:eb:
82:a6:5d:fd:8d:f9:2f:6f:11:69:c9:23:46:6f:3e:
0f:ff:12:ff:43:b0:da:02:a6:c4:40:23:a1:f2:1a:
b8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3F:4D:F4:11:EE:C4:DB:9B:C8:AE:3F:9C:A6:DA:15:9E:2C:5D:1C
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/0z9N9BHuxNubyK4_nKbaFZ4sXRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:88c0::/29
2a10:3300::/29
Signature Algorithm: sha256WithRSAEncryption
0f:1b:7c:7f:ca:0c:ef:96:cf:f8:00:45:f8:ae:32:17:fa:bf:
d1:bb:da:4f:b6:69:00:6c:85:6f:f5:bd:90:5a:a7:19:a2:55:
e9:d7:3b:2d:4d:27:bd:78:15:5c:91:88:b6:13:0b:8e:8e:1b:
cf:7e:6b:9e:c0:25:36:3b:11:cb:ce:cf:0b:ce:19:b5:d1:a3:
ed:4e:4b:e4:8a:06:38:66:15:65:3b:26:84:50:ba:df:19:0c:
7e:08:c3:dd:a4:fd:bd:3b:0d:a2:b7:74:9e:b0:be:0f:f8:64:
d9:81:8e:f0:a8:6c:01:31:ec:88:b3:07:54:91:be:24:a6:7b:
c4:a8:4b:1a:39:08:93:de:eb:a7:02:51:ce:c3:a3:e6:93:ba:
7e:ed:bd:5b:55:89:0e:b7:a1:44:e8:84:55:86:64:06:e7:33:
28:b9:15:fa:0b:d7:36:da:17:6b:2a:b4:96:97:dd:29:39:09:
1a:97:f1:25:99:04:d9:d6:f2:86:87:4e:38:d7:d4:2d:e2:05:
ea:7f:44:3b:5c:27:2d:cf:29:d4:95:8f:79:2a:92:5a:11:0b:
24:95:77:10:17:62:1d:e0:ce:db:c9:ec:d3:cc:68:7b:bb:f8:
75:8b:d0:c1:a2:bf:4b:1f:2f:d8:98:5a:de:7b:61:58:65:95:
8b:89:0e:af
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYOSoGeA7TiaILwKDmcqYHq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjIxMDAxMDgxODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNmNGRmNDExZWVjNGRiOWJjOGFlM2Y5Y2E2ZGExNTllMmM1ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApV/6i37Pmu7eguDUjB5pEqQI6iCl
CYIWrvooyOfDGHy4QSmVOGu6B0jMSKzOb+XyQzf/GXNr8lCLlV+xR8OMekL7DTbI
GQFLloZqKEXDNaiOoiOMWsivkY4G6aFWz/0dZvLnFr6gusSxLberlQ629cZdy49l
Y42QaDDlTHxLLMMWmiogMkajIJTdKV+RGR1tzWe6NgOa3XhtfWEolwIce+OnTCsq
3a/95qqgV1FkNxN19bVOCoBMCODZZiHy15Ey1vVXYKRyvMWfEzf8dTFOVX8Io5NF
Gws81YYO79e9NeuCpl39jfkvbxFpySNGbz4P/xL/Q7DaAqbEQCOh8hq4AQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNM/TfQR7sTbm8iuP5ym2hWeLF0cMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvMHo5TjlCSHV4TnVieUs0X25LYmFGWjRzWFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgWIwAMF
AyoQMwAwDQYJKoZIhvcNAQELBQADggEBAA8bfH/KDO+Wz/gARfiuMhf6v9G72k+2
aQBshW/1vZBapxmiVenXOy1NJ714FVyRiLYTC46OG89+a57AJTY7EcvOzwvOGbXR
o+1OS+SKBjhmFWU7JoRQut8ZDH4Iw92k/b07DaK3dJ6wvg/4ZNmBjvCobAEx7Iiz
B1SRviSme8SoSxo5CJPe66cCUc7Do+aTun7tvVtViQ63oUTohFWGZAbnMyi5FfoL
1zbaF2sqtJaX3Sk5CRqX8SWZBNnW8oaHTjjX1C3iBep/RDtcJy3PKdSVj3kqkloR
CySVdxAXYh3gztvJ7NPMaHu7+HWL0MGiv0sfL9iYWt57YVhllYuJDq8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:49:43 2025 by rpki-client