Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/538tEMv0N-zAxdoAe9T4qeeYav4.roa
File: 538tEMv0N-zAxdoAe9T4qeeYav4.roa (raw, json)
Hash identifier: hPCmgOaNwMILoiBeRmQzUdvxGep591S3ieCC8tD/794=
Subject key identifier: E7:7F:2D:10:CB:F4:37:EC:C0:C5:DA:00:7B:D4:F8:A9:E7:98:6A:FE
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 07E0F163
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/538tEMv0N-zAxdoAe9T4qeeYav4.roa
Signing time: Sat 01 Jan 2022 01:55:50 +0000
ROA not before: Sat 01 Jan 2022 01:55:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206731
IP address blocks: 2a04:ff00:300::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132182371 (0x7e0f163)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Jan 1 01:55:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e77f2d10cbf437ecc0c5da007bd4f8a9e7986afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d5:da:67:f8:23:21:97:34:5b:3f:51:df:23:
08:ce:2e:c7:5e:13:b1:ea:a0:31:cf:ab:33:fe:d2:
bb:22:d8:49:2b:87:91:1f:38:50:7a:de:c8:28:ec:
ec:fb:38:58:77:a1:00:7b:3c:a8:d3:e2:93:7b:9f:
ea:e4:ae:a3:47:fc:6c:08:11:b3:dd:34:9e:ea:79:
5f:9c:e6:ea:bd:d8:71:27:eb:22:fe:80:c2:f9:7c:
f1:da:0d:01:d0:a2:96:01:59:e5:3a:93:f6:b9:0a:
4e:1a:51:4c:d2:41:15:fd:fc:56:16:2a:6c:64:32:
02:27:a2:a7:a9:bb:48:94:6e:ce:c0:94:1a:3e:b2:
d0:7d:93:4a:d4:45:23:46:b3:47:2f:1c:c6:2b:42:
74:ca:3d:87:74:cf:a2:ab:77:ff:f1:ed:dc:72:18:
09:68:fb:72:41:15:65:30:19:e8:cf:ae:78:ab:56:
e8:81:d0:0d:e3:87:e1:32:4d:7b:dd:94:9c:4c:3e:
44:38:8d:dc:2b:f8:fc:3e:ef:68:68:87:a3:d2:b4:
7e:5e:60:81:59:88:cf:8c:8c:43:62:67:8e:e4:09:
a9:6f:af:54:eb:cf:ea:d8:e5:36:63:68:fa:39:ab:
f7:58:6d:c4:70:cb:5a:d1:de:fe:87:5f:59:c9:05:
4a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:7F:2D:10:CB:F4:37:EC:C0:C5:DA:00:7B:D4:F8:A9:E7:98:6A:FE
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/538tEMv0N-zAxdoAe9T4qeeYav4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ff00:300::/40
Signature Algorithm: sha256WithRSAEncryption
68:a5:13:6f:fb:f3:a9:38:10:22:b1:af:3c:af:38:42:d8:47:
c9:6f:15:55:e6:37:13:7d:d1:c6:46:b1:8d:b6:f5:74:89:fc:
d5:79:ef:f7:e6:a8:0f:6c:40:39:c1:1b:79:b1:bc:55:5a:aa:
92:68:75:67:0e:88:3f:61:a9:03:23:56:0f:d5:94:11:39:48:
d9:1c:cd:1d:af:07:73:77:fa:07:0b:be:b5:bb:92:bc:f8:62:
b6:33:7d:78:dc:48:da:a9:ab:b1:57:40:92:07:f9:05:97:44:
2a:b5:b1:d6:8e:40:8b:32:7e:6c:8d:4e:3f:cf:ca:a4:67:60:
89:d5:8e:e9:53:b7:9f:38:78:e3:78:63:dd:2a:9b:f2:03:cd:
06:01:f6:08:21:6a:83:40:17:4f:cd:97:c3:01:de:19:ed:f5:
23:c3:bc:e5:6a:91:45:bf:32:e6:5d:5b:47:4f:16:eb:6e:c4:
38:95:56:cf:30:18:f2:00:ec:68:26:c5:04:e9:1b:48:c6:b9:
83:5d:e0:87:0f:78:a4:22:fa:36:27:1d:c1:2e:6f:62:03:7e:
f6:dc:91:e2:96:27:5b:58:b8:ee:54:34:7d:fe:a1:c4:83:8e:
48:e8:56:02:15:f1:54:48:42:6b:8f:59:ca:e8:0e:ca:7a:36:
30:18:36:4c
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEB+DxYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA0YzI1YzJmOGI0N2U1ZGFmNTJkMWM0YzVhNTA5OTlkZDBhMGE5MB4XDTIyMDEw
MTAxNTU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTc3ZjJkMTBjYmY0
MzdlY2MwYzVkYTAwN2JkNGY4YTllNzk4NmFmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDV2mf4IyGXNFs/Ud8jCM4ux14TseqgMc+rM/7SuyLYSSuH
kR84UHreyCjs7Ps4WHehAHs8qNPik3uf6uSuo0f8bAgRs900nup5X5zm6r3YcSfr
Iv6Awvl88doNAdCilgFZ5TqT9rkKThpRTNJBFf38VhYqbGQyAieip6m7SJRuzsCU
Gj6y0H2TStRFI0azRy8cxitCdMo9h3TPoqt3//Ht3HIYCWj7ckEVZTAZ6M+ueKtW
6IHQDeOH4TJNe92UnEw+RDiN3Cv4/D7vaGiHo9K0fl5ggVmIz4yMQ2JnjuQJqW+v
VOvP6tjlNmNo+jmr91htxHDLWtHe/odfWckFStECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTnfy0Qy/Q37MDF2gB71Pip55hq/jAfBgNVHSMEGDAWgBR9BMJcL4tH5dr1
LRxMWlCZndCgqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRVENYQy1MUi1YYTlTMGNURnBRbVozUW9Lay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvOTcxY2M0LTU0ZDUtNGMyOC1hMWMzLWU2M2U5NGNiYTA5Zi8x
LzUzOHRFTXYwTi16QXhkb0FlOVQ0cWVlWWF2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
OTcxY2M0LTU0ZDUtNGMyOC1hMWMzLWU2M2U5NGNiYTA5Zi8xL2ZRVENYQy1MUi1Y
YTlTMGNURnBRbVozUW9Lay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoE/wADMA0GCSqGSIb3DQEBCwUA
A4IBAQBopRNv+/OpOBAisa88rzhC2EfJbxVV5jcTfdHGRrGNtvV0ifzVee/35qgP
bEA5wRt5sbxVWqqSaHVnDog/YakDI1YP1ZQROUjZHM0drwdzd/oHC761u5K8+GK2
M3143EjaqauxV0CSB/kFl0QqtbHWjkCLMn5sjU4/z8qkZ2CJ1Y7pU7efOHjjeGPd
KpvyA80GAfYIIWqDQBdPzZfDAd4Z7fUjw7zlapFFvzLmXVtHTxbrbsQ4lVbPMBjy
AOxoJsUE6RtIxrmDXeCHD3ikIvo2Jx3BLm9iA3723JHilidbWLjuVDR9/qHEg45I
6FYCFfFUSEJrj1nK6A7KejYwGDZM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:24 2025 by rpki-client