Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/C88OsXxoUp92JxY2wwF0H6zXXV8.roa
File: C88OsXxoUp92JxY2wwF0H6zXXV8.roa (raw, json)
Hash identifier: ndATULS496C35j/aakgUa7KHjvRY+VR7OiBSnuozHuI=
Subject key identifier: 0B:CF:0E:B1:7C:68:52:9F:76:27:16:36:C3:01:74:1F:AC:D7:5D:5F
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 0FC11E0A
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/C88OsXxoUp92JxY2wwF0H6zXXV8.roa
Signing time: Sat 01 Jan 2022 09:57:07 +0000
ROA not before: Sat 01 Jan 2022 09:57:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203638
IP address blocks: 2a05:b0c6:500::/48 maxlen: 48
2a05:b0c6:5ec::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 264314378 (0xfc11e0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 09:57:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bcf0eb17c68529f76271636c301741facd75d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:41:1f:f4:26:02:ef:c1:1e:ca:3a:3f:8b:c8:
ff:9e:75:47:45:e7:4e:48:ef:41:a3:da:13:6f:97:
d1:54:82:9a:b4:dc:7c:cd:ae:40:c9:d0:45:bf:32:
cb:d2:85:1b:c0:70:e8:9e:68:52:f2:0c:b5:43:5e:
c6:35:a7:5a:b1:7b:94:14:be:ac:69:d6:bc:94:9e:
96:16:a9:e8:ea:c8:36:5d:c4:69:39:ce:c2:3a:45:
76:32:9d:86:96:21:0c:14:92:87:97:9a:a4:c2:32:
ae:88:b3:9b:31:78:79:17:58:8f:8e:41:47:88:8c:
05:10:2e:3d:2e:26:ac:ca:6c:c7:82:94:65:be:03:
fb:5f:94:1e:40:5b:23:91:38:10:60:47:87:c6:29:
76:bd:5f:6a:58:69:21:bc:ef:49:bc:c1:02:c4:9f:
8d:97:a9:8c:b4:71:c3:90:ab:92:b2:83:6d:02:47:
50:dc:62:0c:e5:5f:1e:33:fb:d0:f0:c1:f2:ed:b4:
5f:3b:48:94:00:c2:47:7e:08:27:5d:f2:51:5d:6e:
20:ba:0e:d0:61:6b:b8:b5:96:38:9d:0e:aa:29:4a:
1b:b1:ab:47:6f:de:be:5e:cf:03:41:70:d3:bb:b1:
f8:56:74:7c:fc:62:5a:2f:8f:40:e7:a1:dd:e0:f2:
99:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:CF:0E:B1:7C:68:52:9F:76:27:16:36:C3:01:74:1F:AC:D7:5D:5F
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/C88OsXxoUp92JxY2wwF0H6zXXV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:500::/48
2a05:b0c6:5ec::/48
Signature Algorithm: sha256WithRSAEncryption
0f:a3:10:33:e6:4b:9e:db:f2:c0:15:ba:19:19:8d:81:c6:92:
4f:08:94:a0:0d:14:97:ea:b4:90:b3:b7:52:fa:b0:b2:e0:8d:
9c:6d:84:63:14:13:92:d3:80:e7:f9:ff:49:d8:d3:39:e1:ed:
1d:2c:97:2f:d4:d1:9c:29:a0:d5:ee:36:70:70:b9:6e:e9:35:
1f:05:84:fb:f6:bd:fb:07:38:07:1a:20:27:02:e9:a8:4e:29:
2c:a2:3b:69:a9:67:da:81:1e:4c:4e:14:37:06:79:1c:3e:90:
03:51:86:e1:97:f1:ca:87:11:1e:a2:b2:18:df:78:f8:23:55:
43:81:f4:2d:49:33:07:8d:b1:13:60:bc:8e:82:19:44:2d:85:
22:83:07:2f:87:4d:a5:8d:b1:94:ea:8e:89:a1:aa:75:d2:52:
f2:66:a0:ca:4f:89:2f:0a:2a:fc:27:b1:d5:a1:4e:35:93:d6:
3b:ce:0f:2f:9f:1e:28:c4:c5:de:3a:c1:4f:e8:e1:20:b2:38:
dd:27:b0:e8:83:e8:5d:2c:44:90:df:3b:bb:04:5d:75:1c:f6:
1b:f9:b1:45:50:d2:f7:43:1a:3d:b3:49:ef:f2:1a:83:21:04:
44:22:17:1d:02:a4:27:35:61:51:a1:5b:95:3f:e5:45:af:8d:
df:a8:2d:9b
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIED8EeCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MjI4MzQ4ZTkwNTQ5NzNkN2E1ZjgxOTNiZDRlNWM0NGY2NzM5OWUxMB4XDTIyMDEw
MTA5NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJjZjBlYjE3YzY4
NTI5Zjc2MjcxNjM2YzMwMTc0MWZhY2Q3NWQ1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN5BH/QmAu/BHso6P4vI/551R0XnTkjvQaPaE2+X0VSCmrTc
fM2uQMnQRb8yy9KFG8Bw6J5oUvIMtUNexjWnWrF7lBS+rGnWvJSelhap6OrINl3E
aTnOwjpFdjKdhpYhDBSSh5eapMIyroizmzF4eRdYj45BR4iMBRAuPS4mrMpsx4KU
Zb4D+1+UHkBbI5E4EGBHh8Ypdr1falhpIbzvSbzBAsSfjZepjLRxw5CrkrKDbQJH
UNxiDOVfHjP70PDB8u20XztIlADCR34IJ13yUV1uILoO0GFruLWWOJ0OqilKG7Gr
R2/evl7PA0Fw07ux+FZ0fPxiWi+PQOeh3eDymQ0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQLzw6xfGhSn3YnFjbDAXQfrNddXzAfBgNVHSMEGDAWgBTCKDSOkFSXPXpf
gZO9TlxE9nOZ4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dpZzBqcEJVbHoxNlg0R1R2VTVjUlBaem1lRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvZjE2Nzk0LTkxYWQtNDk4NC05YzZjLWU4OGZmZjgyZDU1My8x
L0M4OE9zWHhvVXA5Mkp4WTJ3d0YwSDZ6WFhWOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
ZjE2Nzk0LTkxYWQtNDk4NC05YzZjLWU4OGZmZjgyZDU1My8xL3dpZzBqcEJVbHox
Nlg0R1R2VTVjUlBaem1lRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoFsMYFAAMHACoFsMYF7DANBgkq
hkiG9w0BAQsFAAOCAQEAD6MQM+ZLntvywBW6GRmNgcaSTwiUoA0Ul+q0kLO3Uvqw
suCNnG2EYxQTktOA5/n/SdjTOeHtHSyXL9TRnCmg1e42cHC5buk1HwWE+/a9+wc4
BxogJwLpqE4pLKI7aaln2oEeTE4UNwZ5HD6QA1GG4ZfxyocRHqKyGN94+CNVQ4H0
LUkzB42xE2C8joIZRC2FIoMHL4dNpY2xlOqOiaGqddJS8magyk+JLwoq/Cex1aFO
NZPWO84PL58eKMTF3jrBT+jhILI43Sew6IPoXSxEkN87uwRddRz2G/mxRVDS90Ma
PbNJ7/IagyEERCIXHQKkJzVhUaFblT/lRa+N36gtmw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:27:46 2025 by rpki-client