Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/4QirwOgnboqCSdVTZnpLdyh6X2U.roa
File: 4QirwOgnboqCSdVTZnpLdyh6X2U.roa (raw, json)
Hash identifier: icJCu4ji5xyTHWg1LNmflAKb0oZRc2J0wYiGgVcqhB8=
Subject key identifier: E1:08:AB:C0:E8:27:6E:8A:82:49:D5:53:66:7A:4B:77:28:7A:5F:65
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018570B064795603109521F1DF4DF7EF582C
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/4QirwOgnboqCSdVTZnpLdyh6X2U.roa
Signing time: Mon 02 Jan 2023 04:14:46 +0000
ROA not before: Mon 02 Jan 2023 04:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203531
IP address blocks: 2a05:b0c6:1000::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:64:79:56:03:10:95:21:f1:df:4d:f7:ef:58:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 04:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e108abc0e8276e8a8249d553667a4b77287a5f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2e:9f:cf:07:66:c3:40:b1:5a:b8:d6:29:91:
19:b3:51:6f:70:4f:07:93:74:1a:28:5a:d1:66:00:
2d:e0:ea:b6:b4:33:9d:aa:f2:da:8d:52:51:c1:22:
cf:6d:8d:52:5e:98:9b:65:c8:2d:8f:2e:47:28:81:
b6:2b:60:2a:db:17:a0:28:12:2c:2d:dd:76:ba:35:
5a:a1:43:63:08:90:9f:2c:d9:77:32:be:a0:23:be:
8e:60:4c:0b:47:62:c1:5f:05:d7:d1:d3:c4:3a:9c:
fb:7e:c3:82:a2:9b:65:08:2d:03:b5:dd:74:6e:2b:
8e:72:ef:be:6c:59:0d:e0:7d:d9:ca:d3:90:61:6e:
4b:20:12:2f:14:8a:54:e5:d5:b6:5a:0f:3c:75:24:
63:7b:0a:f1:6d:8e:3a:5c:f1:c0:28:52:a8:ba:b7:
26:da:48:83:b3:68:29:93:8f:8c:45:03:a7:f2:20:
11:a8:c9:b1:62:37:59:50:fa:77:26:1d:f9:29:29:
2b:33:1e:29:80:bc:26:df:d1:f6:68:05:d5:64:4b:
3f:1e:19:e5:8b:4e:f6:32:6e:26:68:f9:ff:21:72:
be:93:9b:d6:7d:c7:dd:cb:80:fc:09:e0:d8:2f:a8:
38:98:13:11:72:4a:53:80:9b:d8:72:57:66:b8:39:
40:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:08:AB:C0:E8:27:6E:8A:82:49:D5:53:66:7A:4B:77:28:7A:5F:65
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/4QirwOgnboqCSdVTZnpLdyh6X2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:1000::/44
Signature Algorithm: sha256WithRSAEncryption
17:49:64:0e:31:63:46:30:d5:72:20:1e:4f:53:d5:22:7e:77:
c6:ff:f0:e0:8d:cf:7a:51:9f:8e:c8:74:01:9b:78:bf:3f:28:
60:f4:92:a6:f7:f0:8d:38:3e:a2:4d:1f:5a:9a:2f:42:9e:81:
4a:79:7a:67:61:ae:67:21:4f:70:0c:23:cc:d0:42:09:20:d5:
60:da:38:77:bb:cb:3b:c1:f1:ad:d2:89:ea:7f:04:f1:7f:39:
a6:7a:32:d2:78:f8:ef:df:c4:3b:96:12:6e:87:d0:de:3e:bb:
d8:df:68:1e:0a:20:4d:e6:6a:59:ba:9e:02:07:55:9a:46:53:
70:9c:e8:dc:ee:df:f0:e2:a6:23:75:49:82:6b:b5:ec:b0:5a:
d8:86:33:5d:ef:8f:9c:cb:33:31:b7:4c:d6:78:4a:50:84:f7:
57:af:55:ee:63:de:68:a4:89:e4:31:4c:f5:50:88:b5:6f:8f:
06:bb:bf:33:1b:81:1c:18:05:64:63:aa:1b:12:bf:2c:35:4a:
ef:e5:ad:c4:d1:3a:77:35:cf:5f:28:62:4c:4d:8f:83:ca:8b:
c0:8e:ce:2e:21:fe:1d:17:af:00:70:dc:11:6d:47:3f:81:c7:
d7:c3:30:2a:24:56:37:b2:1d:2c:c6:9b:07:da:0b:91:93:41:
2f:ba:89:eb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwsGR5VgMQlSHx303371gsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjMwMTAyMDQxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTA4YWJjMGU4Mjc2ZThhODI0OWQ1NTM2NjdhNGI3NzI4N2E1ZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkS6fzwdmw0CxWrjWKZEZs1FvcE8H
k3QaKFrRZgAt4Oq2tDOdqvLajVJRwSLPbY1SXpibZcgtjy5HKIG2K2Aq2xegKBIs
Ld12ujVaoUNjCJCfLNl3Mr6gI76OYEwLR2LBXwXX0dPEOpz7fsOCoptlCC0Dtd10
biuOcu++bFkN4H3ZytOQYW5LIBIvFIpU5dW2Wg88dSRjewrxbY46XPHAKFKourcm
2kiDs2gpk4+MRQOn8iARqMmxYjdZUPp3Jh35KSkrMx4pgLwm39H2aAXVZEs/Hhnl
i072Mm4maPn/IXK+k5vWfcfdy4D8CeDYL6g4mBMRckpTgJvYcldmuDlAEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOEIq8DoJ26KgknVU2Z6S3coel9lMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvNFFpcndPZ25ib3FDU2RWVFpucExkeWg2WDJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgWwxhAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAXSWQOMWNGMNVyIB5PU9UifnfG//Dgjc96UZ+O
yHQBm3i/Pyhg9JKm9/CNOD6iTR9ami9CnoFKeXpnYa5nIU9wDCPM0EIJINVg2jh3
u8s7wfGt0onqfwTxfzmmejLSePjv38Q7lhJuh9DePrvY32geCiBN5mpZup4CB1Wa
RlNwnOjc7t/w4qYjdUmCa7XssFrYhjNd74+cyzMxt0zWeEpQhPdXr1XuY95opInk
MUz1UIi1b48Gu78zG4EcGAVkY6obEr8sNUrv5a3E0Tp3Nc9fKGJMTY+DyovAjs4u
If4dF68AcNwRbUc/gcfXwzAqJFY3sh0sxpsH2guRk0Evuonr
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:30:47 2025 by rpki-client