Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/XA3JiqBIpCElOtlHc-YX2XlaYCE.roa
File: XA3JiqBIpCElOtlHc-YX2XlaYCE.roa (raw, json)
Hash identifier: 4ZUvb5mUs1GIEbp3LOyIiTJNe/AqcWD0xEklFjWSksE=
Subject key identifier: 5C:0D:C9:8A:A0:48:A4:21:25:3A:D9:47:73:E6:17:D9:79:5A:60:21
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 35471003
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/XA3JiqBIpCElOtlHc-YX2XlaYCE.roa
Signing time: Sat 01 Jan 2022 06:59:50 +0000
ROA not before: Sat 01 Jan 2022 06:59:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211970
IP address blocks: 2a04:2dc0:18::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893849603 (0x35471003)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 06:59:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c0dc98aa048a421253ad94773e617d9795a6021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:06:13:67:de:ab:e2:05:9b:e6:24:ac:00:be:
72:ac:c0:73:46:5b:d4:2c:05:ef:1e:7e:4d:31:41:
7a:c8:42:d8:9b:df:af:57:0b:7b:88:f2:a0:da:f2:
62:01:4b:32:48:17:7d:8f:17:71:2c:3c:1f:56:ab:
75:3a:5e:4c:b3:6b:c3:75:1c:b0:b6:71:14:45:bc:
c2:4f:bf:8c:4e:6d:eb:3d:42:b9:8d:27:4e:fa:f1:
1b:1b:33:fe:a2:bb:30:44:63:49:f9:0d:59:9d:38:
82:be:3d:44:3c:e6:35:b4:3d:d2:38:39:68:fd:5c:
5e:fd:59:78:ea:c5:0e:33:ed:95:ab:0a:60:ce:f8:
60:36:31:7b:00:a8:49:c1:15:58:e8:19:e2:40:ee:
ca:8b:e1:51:b3:86:4c:61:46:0d:6f:e9:c5:9e:ac:
3f:06:af:8a:8d:94:9e:a7:ef:b7:54:68:d9:c6:81:
c5:19:a2:4e:cb:28:fd:e1:15:e7:f8:ec:ce:86:20:
df:32:8a:3d:7a:95:89:30:b5:7f:26:73:ab:80:f6:
73:71:ab:33:b0:5b:07:1d:a7:ac:27:6c:8a:44:81:
f0:6b:45:03:b5:0b:72:b2:52:00:21:bd:e0:53:ad:
5d:6e:25:d2:30:8b:18:ec:e8:6e:7c:54:d2:0b:31:
2a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0D:C9:8A:A0:48:A4:21:25:3A:D9:47:73:E6:17:D9:79:5A:60:21
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/XA3JiqBIpCElOtlHc-YX2XlaYCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2dc0:18::/48
Signature Algorithm: sha256WithRSAEncryption
b6:04:aa:d1:af:25:76:72:e2:59:01:a2:45:55:fb:44:a3:14:
91:d4:4a:6d:e1:1c:76:6e:5d:3c:87:0f:c4:fe:37:f6:0c:03:
67:b1:d8:52:2f:e1:6a:2a:1e:a8:e6:4c:6a:e4:28:32:a3:94:
0b:20:d8:54:a3:dc:90:12:7e:fb:c1:e5:5e:a9:36:44:59:43:
ca:85:8c:8e:55:1c:33:3d:5a:ae:67:99:da:da:11:74:b9:81:
77:2d:0c:7d:36:a9:dd:a1:fb:d7:5b:ee:37:97:5d:47:70:de:
2e:43:33:a2:05:cf:4e:f0:fc:8e:fd:99:df:4e:69:5b:e9:c2:
75:b3:37:26:f3:c4:ac:43:2e:a8:f4:ae:9a:48:b1:2b:26:52:
4e:e8:54:dd:d4:ba:56:ee:75:cc:17:fd:3c:6c:15:d3:57:34:
9e:e3:44:9e:6e:d3:6e:a7:b4:10:97:e5:f9:b5:eb:dc:f2:f7:
d2:9d:c1:71:9c:49:39:e2:0b:1f:14:fc:94:82:99:80:d7:c7:
92:46:f8:e9:6b:c0:f3:96:86:95:96:b6:5e:d8:23:0d:70:21:
b3:b7:04:1e:54:1f:ca:d7:33:2d:b9:b2:38:5a:a3:01:a3:11:
0b:90:d9:5b:34:41:ac:72:ba:50:d6:1b:01:6f:6f:8d:01:a6:
3e:b8:56:37
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIENUcQAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWNjYmI3MmFhOTg4NGE1YmY4ZDBlNzU3NDA0YTE3ZTVlMjMzMjJjMB4XDTIyMDEw
MTA2NTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMwZGM5OGFhMDQ4
YTQyMTI1M2FkOTQ3NzNlNjE3ZDk3OTVhNjAyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOMGE2feq+IFm+YkrAC+cqzAc0Zb1CwF7x5+TTFBeshC2Jvf
r1cLe4jyoNryYgFLMkgXfY8XcSw8H1ardTpeTLNrw3UcsLZxFEW8wk+/jE5t6z1C
uY0nTvrxGxsz/qK7MERjSfkNWZ04gr49RDzmNbQ90jg5aP1cXv1ZeOrFDjPtlasK
YM74YDYxewCoScEVWOgZ4kDuyovhUbOGTGFGDW/pxZ6sPwavio2Unqfvt1Ro2caB
xRmiTsso/eEV5/jszoYg3zKKPXqViTC1fyZzq4D2c3GrM7BbBx2nrCdsikSB8GtF
A7ULcrJSACG94FOtXW4l0jCLGOzobnxU0gsxKgsCAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBRcDcmKoEikISU62Udz5hfZeVpgITAfBgNVHSMEGDAWgBT6zLtyqpiEpb+N
DnV0BKF+XiMyLDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzUzL2U4Y2I0NC1hOTU0LTQ2NzItYjlhNC1hNDllNWM2NjMzYmQv
MS9YQTNKaXFCSXBDRWxPdGxIYy1ZWDJYbGFZQ0Uucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUz
L2U4Y2I0NC1hOTU0LTQ2NzItYjlhNC1hNDllNWM2NjMzYmQvMS8xLXN5N2NxcVlo
S1dfalE1MWRBU2hmbDRqTWl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgQtwAAYMA0GCSqGSIb3DQEB
CwUAA4IBAQC2BKrRryV2cuJZAaJFVftEoxSR1Ept4Rx2bl08hw/E/jf2DANnsdhS
L+FqKh6o5kxq5Cgyo5QLINhUo9yQEn77weVeqTZEWUPKhYyOVRwzPVquZ5na2hF0
uYF3LQx9NqndofvXW+43l11HcN4uQzOiBc9O8PyO/ZnfTmlb6cJ1szcm88SsQy6o
9K6aSLErJlJO6FTd1LpW7nXMF/08bBXTVzSe40SebtNup7QQl+X5tevc8vfSncFx
nEk54gsfFPyUgpmA18eSRvjpa8DzloaVlrZe2CMNcCGztwQeVB/K1zMtubI4WqMB
oxELkNlbNEGscrpQ1hsBb2+NAaY+uFY3
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:12 2025 by rpki-client