Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/647a4a-d2fd-43e0-8f3b-44108162e492/1/xRcCaY_9yHaTO0_75MykvbDhZSI.roa
File: xRcCaY_9yHaTO0_75MykvbDhZSI.roa (raw, json)
Hash identifier: nfyswg/pcno8/Rk2XC+Y7M9rplVjLr5I/biIS6EYzQo=
Subject key identifier: C5:17:02:69:8F:FD:C8:76:93:3B:4F:FB:E4:CC:A4:BD:B0:E1:65:22
Certificate issuer: /CN=5708661c6aeecacd9b71176a72de96c9b4509439
Certificate serial: 01856FF94EA13AE7FFFD43694F232E29C0CF
Authority key identifier: 57:08:66:1C:6A:EE:CA:CD:9B:71:17:6A:72:DE:96:C9:B4:50:94:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VwhmHGruys2bcRdqct6WybRQlDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/647a4a-d2fd-43e0-8f3b-44108162e492/1/xRcCaY_9yHaTO0_75MykvbDhZSI.roa
Signing time: Mon 02 Jan 2023 00:54:47 +0000
ROA not before: Mon 02 Jan 2023 00:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25182
IP address blocks: 2a02:458::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:4e:a1:3a:e7:ff:fd:43:69:4f:23:2e:29:c0:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5708661c6aeecacd9b71176a72de96c9b4509439
Validity
Not Before: Jan 2 00:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c51702698ffdc876933b4ffbe4cca4bdb0e16522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c5:d7:b5:e1:5e:8a:78:c9:10:0e:b5:2c:74:
d0:9e:c6:ba:7f:61:b3:34:f3:d9:61:6b:6a:9b:8f:
66:c6:80:60:d0:5b:27:07:7e:ed:fc:69:db:74:08:
59:2d:ca:6b:b1:d1:e7:06:05:db:f6:a0:ac:85:a3:
e6:3b:e5:4e:6c:3b:68:65:30:47:be:32:14:58:68:
8c:9b:2a:d4:bc:7a:4b:28:f7:58:99:5f:95:ca:29:
fd:a3:fa:fc:74:58:ac:49:d2:6b:66:54:70:35:ce:
70:47:ae:a2:a6:f3:12:05:9f:eb:8d:2a:ce:7f:3e:
31:03:e1:77:fb:03:50:cd:3b:10:3e:d0:1f:91:b2:
ec:6a:fd:b1:f1:f2:dc:8e:4c:cb:00:c1:4f:a7:05:
3d:a5:64:2a:40:66:72:b6:b2:f1:94:06:4e:42:2c:
b2:4c:e0:14:b7:14:ae:82:75:f4:04:fb:83:56:45:
36:d3:81:55:50:0f:50:e6:ac:fd:3a:e1:45:21:eb:
7d:43:52:7a:d1:dd:e8:d7:7c:04:ea:8c:82:6f:07:
db:0e:0c:98:70:ba:76:90:aa:59:ea:a1:9f:0e:ce:
e4:e3:90:45:79:25:3f:16:96:c8:dd:9a:d1:8f:f1:
77:fa:90:98:84:25:b5:3c:8b:e6:73:89:8c:cd:18:
ab:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:17:02:69:8F:FD:C8:76:93:3B:4F:FB:E4:CC:A4:BD:B0:E1:65:22
X509v3 Authority Key Identifier:
keyid:57:08:66:1C:6A:EE:CA:CD:9B:71:17:6A:72:DE:96:C9:B4:50:94:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VwhmHGruys2bcRdqct6WybRQlDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/647a4a-d2fd-43e0-8f3b-44108162e492/1/xRcCaY_9yHaTO0_75MykvbDhZSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/647a4a-d2fd-43e0-8f3b-44108162e492/1/VwhmHGruys2bcRdqct6WybRQlDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:458::/32
Signature Algorithm: sha256WithRSAEncryption
1e:dc:3b:6c:ee:41:63:c4:17:c9:eb:dc:8c:88:d9:e0:dd:b5:
98:43:8c:45:bb:63:27:8f:36:7d:93:27:5f:3f:57:d3:69:dd:
34:7c:d9:3b:e2:f1:48:03:50:7a:f4:0b:17:ae:af:10:2d:b5:
02:51:8d:2b:87:b2:21:29:06:76:18:33:51:95:08:f0:77:b1:
41:58:1b:cf:29:c9:56:62:a0:d1:1f:63:6e:df:b2:fe:da:e9:
76:7d:d3:b9:26:c1:11:2c:a8:35:81:a5:c9:56:f8:0e:37:e2:
0d:c5:72:49:a6:c0:48:1e:1e:4d:18:63:57:53:58:d3:4a:2b:
82:3e:d0:aa:14:75:95:5c:ec:15:9a:fa:ac:ad:c6:75:07:ed:
93:2d:0b:98:2b:b4:20:60:a6:6e:4a:48:5f:3e:df:cd:c5:b8:
4c:61:45:7d:07:f9:a4:c8:bd:d2:76:46:95:b4:bf:dd:88:c6:
ed:e4:e0:9c:42:9a:3c:a7:49:82:11:0f:be:57:5d:dd:87:aa:
1f:8c:97:71:b9:b6:1e:11:5b:7a:80:31:75:48:c3:b5:d5:f6:
bb:77:c6:84:34:63:f2:69:51:e4:6b:dd:a6:49:e8:63:c8:60:
99:e9:b9:02:57:04:05:1b:62:78:98:1b:68:88:7f:65:b8:91:
6c:c4:a4:b8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVv+U6hOuf//UNpTyMuKcDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MDg2NjFjNmFlZWNhY2Q5YjcxMTc2YTcyZGU5NmM5YjQ1
MDk0MzkwHhcNMjMwMTAyMDA1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTE3MDI2OThmZmRjODc2OTMzYjRmZmJlNGNjYTRiZGIwZTE2NTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MXXteFeinjJEA61LHTQnsa6f2Gz
NPPZYWtqm49mxoBg0FsnB37t/GnbdAhZLcprsdHnBgXb9qCshaPmO+VObDtoZTBH
vjIUWGiMmyrUvHpLKPdYmV+Vyin9o/r8dFisSdJrZlRwNc5wR66ipvMSBZ/rjSrO
fz4xA+F3+wNQzTsQPtAfkbLsav2x8fLcjkzLAMFPpwU9pWQqQGZytrLxlAZOQiyy
TOAUtxSugnX0BPuDVkU204FVUA9Q5qz9OuFFIet9Q1J60d3o13wE6oyCbwfbDgyY
cLp2kKpZ6qGfDs7k45BFeSU/FpbI3ZrRj/F3+pCYhCW1PIvmc4mMzRirKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMUXAmmP/ch2kztP++TMpL2w4WUiMB8GA1UdIwQY
MBaAFFcIZhxq7srNm3EXanLelsm0UJQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVndobUhHcnV5czJiY1JkcWN0Nld5YlJRbERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82NDdhNGEtZDJmZC00M2UwLThmM2It
NDQxMDgxNjJlNDkyLzEveFJjQ2FZXzl5SGFUTzBfNzVNeWt2YkRoWlNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82NDdhNGEtZDJmZC00M2UwLThmM2ItNDQxMDgxNjJlNDky
LzEvVndobUhHcnV5czJiY1JkcWN0Nld5YlJRbERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIEWDAN
BgkqhkiG9w0BAQsFAAOCAQEAHtw7bO5BY8QXyevcjIjZ4N21mEOMRbtjJ482fZMn
Xz9X02ndNHzZO+LxSANQevQLF66vEC21AlGNK4eyISkGdhgzUZUI8HexQVgbzynJ
VmKg0R9jbt+y/trpdn3TuSbBESyoNYGlyVb4DjfiDcVySabASB4eTRhjV1NY00or
gj7QqhR1lVzsFZr6rK3GdQftky0LmCu0IGCmbkpIXz7fzcW4TGFFfQf5pMi90nZG
lbS/3YjG7eTgnEKaPKdJghEPvldd3YeqH4yXcbm2HhFbeoAxdUjDtdX2u3fGhDRj
8mlR5GvdpknoY8hgmem5AlcEBRtieJgbaIh/ZbiRbMSkuA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:30:40 2025 by rpki-client