Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/gCxDbz6S6WzziFvF5r0rSSwI-fk.roa
File: gCxDbz6S6WzziFvF5r0rSSwI-fk.roa (raw, json)
Hash identifier: +P0U9tgYfBpGlhB1Mj+5/CQ4Pqp+PFzXUcp9FH/fpqk=
Subject key identifier: 80:2C:43:6F:3E:92:E9:6C:F3:88:5B:C5:E6:BD:2B:49:2C:08:F9:F9
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0AFC9615
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/gCxDbz6S6WzziFvF5r0rSSwI-fk.roa
Signing time: Sat 01 Jan 2022 13:02:47 +0000
ROA not before: Sat 01 Jan 2022 13:02:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42087
IP address blocks: 2a00:1fa2:ba00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184325653 (0xafc9615)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 13:02:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=802c436f3e92e96cf3885bc5e6bd2b492c08f9f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:02:a6:9a:13:4b:7d:c2:7d:b6:d2:66:7d:b9:
78:4f:61:4e:98:46:a1:95:16:fa:85:a1:3e:30:7c:
ea:96:3c:a1:44:f9:ab:3b:02:1d:b7:50:08:fe:c5:
8c:e5:f3:1a:1f:bb:af:04:f4:7e:66:cc:0f:38:7d:
79:a9:84:7e:52:f7:cb:91:d4:b5:db:7b:93:ef:83:
39:e9:2b:32:dc:0e:50:02:c5:28:46:d7:8a:bf:6d:
1d:18:17:06:91:ac:89:9f:a8:d9:d3:4f:47:6e:9d:
a9:e6:bb:98:2b:1a:1a:25:17:07:e6:48:e9:91:db:
34:63:12:f9:74:54:30:d9:34:72:1d:91:e3:d7:5f:
1a:13:e9:12:83:c4:fb:b1:df:bd:fb:b0:7b:6d:a8:
eb:73:c9:9c:ce:3d:b4:75:06:e1:4b:75:64:ec:59:
01:62:fb:19:ad:c7:7c:a0:31:c6:83:b5:80:52:95:
8d:55:fe:d7:93:fe:2b:dc:22:15:35:bd:6a:06:12:
8b:4c:7f:a2:8f:f7:80:ce:75:93:25:bb:dd:f4:e0:
54:c1:21:5b:4a:e7:b8:88:1a:4e:5a:92:11:b0:46:
b2:7e:bf:b6:b8:47:80:e1:a7:f1:45:90:b4:25:0d:
b4:fd:f4:38:e9:a5:ac:c1:59:bb:ad:30:97:3d:c3:
b9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2C:43:6F:3E:92:E9:6C:F3:88:5B:C5:E6:BD:2B:49:2C:08:F9:F9
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/gCxDbz6S6WzziFvF5r0rSSwI-fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1fa2:ba00::/40
Signature Algorithm: sha256WithRSAEncryption
17:04:1d:22:a8:40:80:58:fc:2e:a3:d1:58:01:cc:d7:c1:41:
c3:19:73:ee:9d:7b:49:8f:b2:6c:ad:c4:5c:f1:39:8c:3c:44:
36:ea:a6:a5:1e:34:3d:79:3c:4e:0c:3d:32:dd:29:ee:86:9b:
ec:35:a7:33:16:44:db:a2:24:98:41:ca:6c:2e:51:94:76:24:
93:bd:86:2a:79:ab:49:af:e4:43:0a:b7:cb:7e:ba:63:5c:b2:
d3:ea:25:c5:80:d9:f9:7e:52:1e:19:63:53:07:1b:b2:a1:7c:
17:e4:da:86:a5:bd:64:f7:67:42:a3:d4:77:c5:96:b6:9b:a1:
64:9a:f0:7b:37:7c:73:1a:c9:db:27:89:3d:86:7e:92:01:64:
0e:aa:4c:e7:42:fb:32:f7:07:42:86:eb:b1:af:59:e6:31:77:
f4:3f:c7:74:3f:ac:48:53:7d:f0:42:42:9a:00:8d:4e:0e:ee:
10:2f:13:3e:f9:30:94:37:9c:b5:13:28:b8:3b:73:ee:d0:26:
41:ff:d0:57:99:0b:fa:81:9f:67:d9:a2:7e:99:ca:04:58:02:
7c:38:e4:6c:d2:5c:04:d8:4b:db:1b:b8:ec:e2:86:10:a4:67:
4f:ae:3d:e8:cf:96:13:5f:f3:da:30:cf:49:d3:81:f9:6d:0f:
72:a1:06:9e
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECvyWFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWZlMWM4NTk0MDlhYzVkZTc0MTRjNDhmODY3Mzk5MTNiZTZiN2U1MB4XDTIyMDEw
MTEzMDI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODAyYzQzNmYzZTky
ZTk2Y2YzODg1YmM1ZTZiZDJiNDkyYzA4ZjlmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOECppoTS33CfbbSZn25eE9hTphGoZUW+oWhPjB86pY8oUT5
qzsCHbdQCP7FjOXzGh+7rwT0fmbMDzh9eamEflL3y5HUtdt7k++DOekrMtwOUALF
KEbXir9tHRgXBpGsiZ+o2dNPR26dqea7mCsaGiUXB+ZI6ZHbNGMS+XRUMNk0ch2R
49dfGhPpEoPE+7Hfvfuwe22o63PJnM49tHUG4Ut1ZOxZAWL7Ga3HfKAxxoO1gFKV
jVX+15P+K9wiFTW9agYSi0x/oo/3gM51kyW73fTgVMEhW0rnuIgaTlqSEbBGsn6/
trhHgOGn8UWQtCUNtP30OOmlrMFZu60wlz3DuZECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSALENvPpLpbPOIW8XmvStJLAj5+TAfBgNVHSMEGDAWgBSu/hyFlAmsXedB
TEj4ZzmRO+a35TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J2NGNoWlFKckYzblFVeEktR2M1a1R2bXQtVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvNDUxZjA0LWUzYzktNDRlYS1hNmExLTQyODQ1ODY3OWNlNC8x
L2dDeERiejZTNld6emlGdkY1cjByU1N3SS1may5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
NDUxZjA0LWUzYzktNDRlYS1hNmExLTQyODQ1ODY3OWNlNC8xL3J2NGNoWlFKckYz
blFVeEktR2M1a1R2bXQtVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoAH6K6MA0GCSqGSIb3DQEBCwUA
A4IBAQAXBB0iqECAWPwuo9FYAczXwUHDGXPunXtJj7JsrcRc8TmMPEQ26qalHjQ9
eTxODD0y3SnuhpvsNaczFkTboiSYQcpsLlGUdiSTvYYqeatJr+RDCrfLfrpjXLLT
6iXFgNn5flIeGWNTBxuyoXwX5NqGpb1k92dCo9R3xZa2m6FkmvB7N3xzGsnbJ4k9
hn6SAWQOqkznQvsy9wdChuuxr1nmMXf0P8d0P6xIU33wQkKaAI1ODu4QLxM++TCU
N5y1Eyi4O3Pu0CZB/9BXmQv6gZ9n2aJ+mcoEWAJ8OORs0lwE2EvbG7js4oYQpGdP
rj3oz5YTX/PaMM9J04H5bQ9yoQae
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:31:14 2025 by rpki-client